Scanning C code as part of a Maven project that is primarily Java

jcurley · June 25, 2021, 6:24pm

SonarQube v 8.9.1, SonarScanner v 4.2.0

I’m working on a project that is mostly Java and uses the Sonar plugin as part of a Maven build process. This works great for the Java code, but then there is a small part of the project that is written in C that does not get scanned by the Sonar Maven plugin. I have read the documentation on scanning C, involving the Build Wrapper and reading from the Build Wrapper output directory during the scan, and was wondering if there is a best practice for incorporating this into the Maven build we already use to compile both the Java and the C code. We are able to run separate scans, one for the Java through the Maven plugin and one for the C from the command line, but we would like this to all be packaged up into the Maven build.

TL;DR: What is the best way to scan both Java and C code from one Maven configuration?

mpaladin · June 28, 2021, 7:31am

Hi @jcurley ,

you can do it by doing something like:

# wrap the build of both java and c++ with build-wrapper
build-wrapper --out-dir cfamily-compdb mvn clean build

# launch maven sonar scanner
mvn sonar:sonar -Dsonar.cfamily.build-wrapper-output=cfamily-compdb

jcurley · June 28, 2021, 2:59pm

Hi @mpaladin ,

Thanks for the response! Works as advertised.

system · July 5, 2021, 3:00pm

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.