I’m new to sonarqube and I’m not a java developer. We are developing some automation around onboarding to sonarqube and I had some general questions around maven projects which will be used by many different teams within the organization.
The tool tip says:
Your project key is a unique identifier for your project. If you are using Maven, make sure the key matches the “groupId:artifactId” format.
I assume this means it has to match what you have in the maven POM file and not just anything that conforms to that “format” - is this correct?
If it has to match the groupId:artifactId from a maven project, what options are available if there is conflict between two different projects that share the same groupId:artifactId? Can you include additional metadata in the project key? Is there a recommended way to handle this situation?
You’re correct that the groupId:artifactId values are expected to be pulled from your project’s top-level pom. If you have two projects with the same group and key (why???) then you can override the project’s default key either by adding a <sonar.projectKey>overrideValue</sonar.projectKey> in a <properties> section, or by passing -Dsonar.projectKey=overrideValue on the analysis command line.
Thanks for the clarification. As to “why” that is a long answer
Correct me if i’m wrong but it also seems like these settings will enable creating a project key that does not conform to groupId:artifactId e.g: “foo” whilst allowing the user to leverage the settings above such as <sonar.projectKey>foo</sonar.projectKey> to scan the project, is this correct?