New Install of Sonarqube does not appear to be scanning java code

Must-share information (formatted with Markdown):

  • which versions are you using (SonarQube, Scanner, Plugin, and any relevant extension)
  • what are you trying to achieve
  • what have you tried so far to achieve this

I have recently stood up a sonarqube instance (7.9.4) on docker pointing to a postgres db(13).
The instance works fine - as in it will scan a project no problem. My problem is it is only scanning xml and not the additional java code that I am actually trying to scan. I cannot figure out how to initiate the java scanner.

As a comparison the same code is being scanned just fine on my old instance which is sonarqube 7.6 running on a windows server talking to a postgres db as well

I am initiating the scan the same way on both systems from the same code base using the following

mvn sonar:sonar -Dsonar.projectKey=com.tdkc.udop.tycho:com.tdkc.udop.tycho.root -Dsonar.login=6c51cd8177bfe0fb7b84cea2a2a759a03ebf820b

The only thing that changes in the above is the host name to point to the new docker instance.

The scan kicks off fine but it only runs the scan against the pom.xml file and nothing else.

I am fairly new to sonarqube and scoured the configuration to see if I could see a difference between the two environments but could not find anything.

So I guess my question is how do I “enable” the java scanner so that it will scan my javacode?

Thank you in advance


Welcome to the community!

There’s no need to enable Java analysis, particularly from a Maven build. Perhaps you can share your code-formatted (``` on the line before and on the line after) build/analysis log?


That is what I had figured as I did not have to configure anything in the old version I set up. This is baffling to me - I am not sure what you are asking for but would be happy to provide it once I know where to find it.
I am still very new with sonar.


When you launch the analysis command - whether that’s in a terminal or via something like Jenkins - there should be a running report of analysis progress. That’s what I’m looking for.


Hi there
Please find attached a zip with the capture of the running log. two files one showing a valid working scan the other the failed scan.
Same code base, same command line execution only difference is one points to the older install the other points to the new install so had different host values, project name and key
Thank you so much for looking at this for me - its had me baffled (272.9 KB)


There is a huge difference between these two logs. Analysis starts at line 12,334 in the 7.9 log versus starting at line 888 in the 7.4 log. So… I think there’s a bigger difference between the two than just the version on SonarQube involved.

That said, I’ve just refreshed myself on your OP and I’m reminded that your 7.9 instance is on Docker. I suspect there’s something hinky about how the plugins directory is set up. From the docs:

Make sure you’re using volumes as shown with the above commands, and not bind mounts. Using bind mounts prevents plugins and languages from populating correctly.

Could that be it?


I am using volumes for the docker instance.
The observation you have made is what is confusing to me as well. Both runs are against the exact same code base. I execute the maven goals in the same base directory. However the docker based run instance is ignoring the /components directory which is where the code lies, and this is a huge code base. This is why I posted because when I set up the previous instance of sonar it just worked right out of the gate.

The following are my volume declarations in my compose file. Do you see anythign out of whack there?
- SonarConf:/opt/sonarqube/conf
- SonarData:/opt/sonarqube/data
- SonarExt:/opt/sonarqube/extensions
- SonarLogs:/opt/sonarqube/logs
- SonarPlug:/opt/sonarqube/lib/bundled-plugins


Are they in the same environment (E.G. same build machine)? Your logs don’t show your analysis commands. Are they exactly the same?


HI Ann
Happy monday and thank you fo ryour perseverance on this.
I will try and articulate as clearly as possible the environment I am executing this in.

The build system is my laptop.
The source being processed is the same for example c:_dev\source is where my source is located.
The sonarqube servers are separate.
Server 1: Windows 10 VM running Qube 7.6 -> local Postgres DB
Server 2: Linux Hosted Docker Image running Qube 7.9.4 -> Docker Image Postgres DB

Code analysis is run against the same directory using the same command but passing different values for the host and project key. See Below - please note I have removed the actual host name below to protect our systems.

Command used to analyze against the docker imaged Qube
mvn clean install sonar:sonar -Dsonar.projectKey=com.tdkc.udop.tycho:com.tdkc.udop.tycho.root -Dsonar.login=4967aa97d42ade6e916edab1cf366c636564e05c

Command used to analyze against the windows Qube
mvn clean install sonar:sonar -Dsonar.projectKey=com.tdkc.udop.tycho:com.tdkc.udop.tycho.root -Dsonar.login=6c51cd8177bfe0fb7b84cea2a2a759a03ebf820b

Both commands are run in the same directory as mentioned above c:_dev\source

Whats crazy is all the connectivity works and the analysis is performed because I see the results in the server consoles for the projects. The only difference is the analysis against the docker image ignores all java code and only analyzes the pom.xml file lol. It does not make any sense.


Okay, to sum up: both runs are from your laptop & so with exactly the same environment. Only difference is the analysis properties on the command line.

So… even though the build part of the command is exactly the same, that’s where the most notable differences in the logs come from (IIRC - there has been a weekend in between :smile:). So I’d like to eliminate that by trying this:

mvn clean install
mvn sonar:sonar -Dsonar.projectKey=com.tdkc.udop.tycho:com.tdkc.udop.tycho.root -Dsonar.login=4967aa97d42ade6e916edab1cf366c636564e05c
mvn sonar:sonar -Dsonar.projectKey=com.tdkc.udop.tycho:com.tdkc.udop.tycho.root -Dsonar.login=4967aa97d42ade6e916edab1cf366c636564e05c

Ideally, you’ll segregate the logs from those 3 commands so we can easily diff the 2 analysis logs. I almost added a pipe-to-file at the end, but then saw that you’re on Windows. :slight_smile:

Also, could you provide a screenshot of the Languages list in the Rules page of your docker instance? That’s one of the easiest ways to see the full list. E.G.:


Sorry for the delay but attached is a zip with the logs included
Also the screen shot of the languages from the rules

No attachment…?

Oops my bad (268.3 KB)

A couple of screen shots
This one is from the analysis that is not working

This is from the working analysis - you can see the components directory that is being processed where the code resides.

Hi @ganncamp
I was wondering if you had any other thoughts on this?

I am still having this issue I was wondering if anyone might have any further thoughts on this. @ganncamp had started to dig but we did not get anywhere, unfortunately.

Could you send the logs of the scanner with debug enabled, of the non-working case?
It will show more details about what files are indexed (i.e. ‘seen’ by the scanner).

Sorry for the delayed response I would be happy to - would it be different than the ones I uploaded to the thread already?