I am trying to run my java maven project for sonar analysis. We have multiple projects with their own pom.xml and a central server settings.xml to run all those maven builds. Is there a way to configure just the settings.xml to pick sonar scanner during build and help run sonar analysis depending on the properties passed during run time. We don't want to introduce that plugin in each of the pom.xml for this. Just trying to look for an easy way to run our sonar analysis by just configuring the settings.xml.

  • What are you trying to achieve? Do you have a parent pom that all your projects inherit? And maybe describe a bit more the environment... are you using a build server? – Augusto Jun 12 at 15:04
  • Sure Augusto. We have single pom project, not modular. What i need is to set up sonar automation for all the different repositories in github (separate projects with their own pom) using jenkins that has its own server settings xml. So i don't want to edit for each repo pom to incorporate maven-sonar-plugib rather have sonar configuration configured on the settings xml end so that i need to do it once in a single central settings.xml and then any job that does sonar analysis for any of those repos just works fine – Ashley Jun 12 at 15:30
  • In settings.xml you can't configure a plugin..you have to do that in your pipeline/build setup in jenkins and call directly like mvn org.sonarsource.scanner.maven: -D...... – khmarbaise Jun 12 at 16:47
  • If i look at the link docs.sonarqube.org/display/SCAN/…, it says we can do that in settings.xml. Is that not true. If so what all need to be done to achieve what i am looking for. Just want to get the correct understanding to test this out – Ashley Jun 12 at 17:07

Now it's a bit more clear.

You can do it by following the instructions in the link you posted. That first step (Initial Setup) configures the properties, but won't tell maven when to run it, as there's no plugin configuration to bind the plugin to a phase.

On the following section of that page (Analyzing a Maven Project), it says that to actually run the analysis, you have to manually run execute it. And gives 3 options:

mvn clean verify sonar:sonar

# In some situation you may want to run sonar:sonar goal as a dedicated step.
# Be sure to use install as first step for multi-module projects
mvn clean install
mvn sonar:sonar

# Specify the version of sonar-maven-plugin instead of using the latest. 
#See also 'How to Fix Version of Maven Plugin' below.
mvn org.sonarsource.scanner.maven:sonar-maven-plugin:

There are many other options, the above is just the most common approach.

So you'll need to amend you Jenkins jobs to run the analysis, either by adding the extra settings and mvn goals; or by using the Jenkins Maven Plugin, but you'll still need to configure the Jenkins plugin and add an extra step in all of your builds.

  • Thanks Augusto. So to just confirm, all i need to run sonar analysis of my maven project is to edit the settings.xml exactly as it says in the link and then run mvn sonar****** just like any maven command would do and nothing to do in the pom.xml, right. btw we already have maven integration plugin. – Ashley Jun 13 at 12:55
  • Yes, those would be the steps. Adding the config in settings.xml and then run mvn sonar:sonar, but only after an maven command that triggers an install (as it says on the page). Sorry that I'm repeating this so often, but it's an important and sometimes ignored point :D. – Augusto Jun 14 at 6:51

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service, privacy policy and cookie policy

Not the answer you're looking for? Browse other questions tagged or ask your own question.