We are using the out of the box bitbucket pipelines to check our multi-module spring boot 3.4 project with java 21.
It appears to work, but there are some anomalies.
We notice that the pipeline definition generated by sonar has:
artifacts:
- target/**
However, our targets directories are under the module name, e.g.
service-module/target/*
- Does this matter?
- What is sonar doing with the targets? Presumably it should be ignoring them and only analyzing the source code.
- do we need to change it, or is it correct?
- Why are artifacts in the pipeline?
image: maven:3-amazoncorretto-21
clone:
depth: full # SonarQube Cloud scanner needs the full history to assign issues properly
definitions:
caches:
sonar: ~/.sonar/cache # Caching SonarQube Cloud artifacts will speed up your build
steps:
- step: &build-test-sonarcloud
name: Build, test and analyze on SonarQube Cloud
caches:
- maven
- sonar
script:
- mvn -B verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar
artifacts:
- target/**
pipelines:
branches:
develop:
- step: *build-test-sonarcloud
pull-requests:
'**':
- step: *build-test-sonarcloud
In our parent module pom we have:
<properties>
<sonar.organization>ourOrg</sonar.organization>
<sonar.host.url>https://sonarcloud.io</sonar.host.url>
</properties>