Scanning pom.xml with SonarQube (MuleSoft Code)

I am using SonarQube v9.3 Community Edition and installed this plugin to scan mulesoft code.
GitHub - mulesoft-catalyst/mule-sonarqube-plugin: The Mule SonarQube Plugin provides the capability to do code inspecting and taking project metrics from a mule project using SonarQube.

I would like to scan the pom.xml in SonarQube.
The analysis scope is set as the project root folder.
The scan is triggered by running the below maven command.

 mvn sonar:sonar \
  -Dsonar.projectKey=<PROJECT_KEY> \
  -Dsonar.host.url=<HOST> \
-Dsonar.login=<LOGIN> -Dsonar.sources=.

However, pom.xml is not included in the scan result. How can I scan the pom.xml file?

1 Like

Hey there.

Is your goal really to analyze the pom.xml file, or the Mulesoft configuration files that plugin is supposed to analyze?

My goal is to analyse the pom.xml file, like checking the mule version mentioned in the pom.xml file is as expected.

1 Like

Hi all, is there any update on this? I have the same requirements. In my case I need to get artifactId or application name so I can create custom validation rules (using xpath). I have tried with sonar.sources=pom.xml sonar.sources=. and also sonar.inclusions=pom.xml but it is not working for me.
Thanks,

Hi Goran,
Did you find the solution?
Or a work around.

Iā€™m facing the same problem currently.