My company uses SonarQube as part of our CI build. I don’t know what the version is, I’m not sure where to find it on our installation.
I am using the sonar-maven-plugin:188.8.131.526:sonar plugin.
I followed the instructions at:
My goal is to have the results of SonarQube’s analysis appear in my console and for my local build to fail if SQ finds issues.
mvn sonar:sonar always succeeds, and doesn’t report anything useful.
What am I missing?
Welcome to the community!
You’re not missing anything; this is the way analysis works. The process of analysis is succeeding.
… Okay, maybe you are missing something here. What happens when you run
mvn sonar:sonar is that an analysis report is generated and submitted to the server for asynchronous processing. Once the report is successfully submitted to the server, the local process ends. At this point, the QG status has not yet been calculated. It is only once the report is popped off the queue and processed server-side that the QG status is (maybe) updated. When you’re running analysis in a CI/CD context, there are ways to make it pause until the SonarQube sends a webhook notification that processing is complete, and the status of the CI/CD job can be updated based on the QG. But you’re not going to get that functionality in a local, Maven build.
As a developer, I want to be able to replicate the CI build on my local box, so that I can know that my code changes will not break the build before I commit them.
What is the maven command line equivalent?
For that you should be looking at SonarLint and/or PR analysis($).
I’ve tried SonarLint, but it brings my IDE to its knees.
Does PR analysis($) work with maven?
Yes, PR analysis is scanner-agnostic.
This is an interesting feedback for us. We are eager to improve that. Could you please share a bit more context in a new thread:
- your IDE
- JVM version
- version of SonarLint
- source of slowness if you can find (CPU or memory pressure)
- is it slow for all files, or only some particular files/project (big, legacy code, …)
That would be very useful!