Thigpen
(Hank Hughes)
July 12, 2019, 12:08am
1
Hey all,
I’m trying to resolve an issue:
In the project results … on the “Activity” tab … I’m seeing project version as “not provided”.
According the to the documentation:
https://docs.sonarqube.org/latest/analysis/analysis-parameters/
sonar.projectVersion | The project version | <version> for Maven projects, otherwise “not provided”
From that I assume the scanner will discover and set project.version= from pom.xml?
This project is a Maven product. In fact, it’s your example product:
GitHub - SonarSource/sonar-scanning-examples: Shows how to use the Scanners
In Jenkins, I’m using a Pipeline (somewhat) like the following:
node {
def mvnHome
def sonarqube_props
stage('Preparation') {
mvnHome = tool 'Maven-X'
sonarqube_props = "-Dsonar.projectKey=sonar-scanning-examples -Dsonar.java.binaries=**/target/classes"
}
stage('SCM') {
git 'https://github.com/SonarSource/sonar-scanning-examples.git'
}
stage('Build') {
// Run the maven build
withEnv(["MVN_HOME=$mvnHome"]) {
if (isUnix()) {
sh '"$MVN_HOME/bin/mvn" -f sonarqube-scanner-maven/pom.xml -Dmaven.test.failure.ignore clean package'
} else {
bat(/"%MVN_HOME%\bin\mvn" -f sonarqube-scanner-maven\pom.xml -Dmaven.test.failure.ignore clean package/)
}
}
}
// Display build artifacts on Job Status page ...
stage('Results') {
junit '**/target/surefire-reports/TEST-*.xml'
archiveArtifacts '**/target/*.jar'
}
stage('SonarQube Analysis') {
def scannerHome = tool 'Scanner-X';
withSonarQubeEnv('Server-X') {
sh "${scannerHome}/bin/sonar-scanner $sonarqube_props"
}
}
}
… where the following are defined in Jenkins configuration:
Maven-X
Server-X
Scanner-X
I’ll try to dig into some verbosity output, but I wanted to ask the question here.
I noticed two similar requests were are still open:
Thanks in advance,
-'ank
felipebz
(Felipe Zorzo)
July 12, 2019, 12:40am
2
Hi!
I noticed that you’re running the SonarScanner manually (the “sonar-scanner” executable). For Maven projects the easiest way to run an analysis is using SonarScanner for Maven .
Your pipeline could be simplified to:
node {
def mvnHome
stage('Preparation') {
mvnHome = tool 'Maven'
}
stage('SCM') {
git 'https://github.com/SonarSource/sonar-scanning-examples.git'
}
stage('Build') {
// Run the maven build
withSonarQubeEnv('SonarQube') {
withEnv(["MVN_HOME=$mvnHome"]) {
if (isUnix()) {
sh '"$MVN_HOME/bin/mvn" -f sonarqube-scanner-maven/pom.xml -Dmaven.test.failure.ignore clean package sonar:sonar'
} else {
bat(/"%MVN_HOME%\bin\mvn" -f sonarqube-scanner-maven\pom.xml -Dmaven.test.failure.ignore clean package sonar:sonar/)
}
}
}
}
// Display build artifacts on Job Status page ...
stage('Results') {
junit '**/target/surefire-reports/TEST-*.xml'
archiveArtifacts '**/target/*.jar'
}
}
Note that I added the withSonarQubeEnv
in the build stage and added the sonar:sonar
goal in the Maven command.
Of course, you can run the SonarQube analysis in a different stage if you prefer, just calling mvn sonar:sonar
inside a withSonarQubeEnv
.
1 Like
Thigpen
(Hank Hughes)
July 12, 2019, 4:57pm
3
Thanks for this! I need to try this out!
My only concern with using sonar:sonar … this initiated the need for a sonar.properties defining a server that is not localhost:9000.
My logic and understanding is a little muddled as I’m progressing but I thought there are two approaches to scanning
Scanner client
Maven plugin
I was steering towards the scanner client in the hopes of consolidating redundant details at the Jenkins server, like host config and authentication. Alternatively, the plugin command appeared to require these details in the Jenkins/SCM workspace as a (somewhat redundant) properties file across all build products.
I realize there’s still a need to make a unique project.key definition … somewhere. =)
Thanks again!
Thigpen
(Hank Hughes)
July 12, 2019, 5:16pm
4
I’ve confirmed your solution.
It makes sense that the maven plugin implementation can discover the . =)
Thanks again!
felipebz
(Felipe Zorzo)
July 12, 2019, 5:16pm
5
I don’t understand why you need a sonar.properties file. The SonarQube server is configured in Jenkins and is “injected” using withSonarQubeEnv.
This is exactly what the SonarScanner for Jenkins does. You can configure all these details in Jenkins itself.
Using SonarScanner for Maven the project key will be defined automatically using groupId:artifactId
from the pom.xml file.
felipebz
(Felipe Zorzo)
July 12, 2019, 5:18pm
6
Ha! We replied at the same time. I’m glad it helped.
1 Like