Sonar Maven Plugin

De EjnTricks
Révision de 20 août 2015 à 22:39 par Etienne (discussion | contributions)

(diff) ← Version précédente | Voir la version courante (diff) | Version suivante → (diff)

Le plugin sonar-maven-plugin permet d'exécuter les rapports Sonar sur les projets Maven.

Adresse officielle: http://mojo.codehaus.org/sonar-maven-plugin

Hand-icon.png Votre avis

Current user rating: 84/100 (1 votes)

 You need to enable JavaScript to vote


System-Install-icon.png Modification pom.xml

Deux dépendances doivent être ajoutées dans les fichiers pom.xml.

<build>
	<plugins>
		<plugin>
			<groupId>org.codehaus.sonar</groupId>
			<artifactId>sonar-maven-plugin</artifactId>
			<version>${org.codehaus.sonar.sonar-maven-plugin.version}</version>
		</plugin>
	</plugins>
</build>

Où ${org.codehaus.sonar.sonar-maven-plugin.version} doit être remplacé par le numéro de version de la dépendance.

Icon-Configuration-Settings.png Configuration

Configuration numéro de version dans fichier settings.xml

La version du plugin doit être en corrélation avec la version de Sonar cible. Or dans lorsque le nombre de projet devient important, il est fastidieux de modifier tous les fichiers pom.xml. Or Maven possède une configuration globale qui peut s'appliquer à l'ensemble des builds.

Après plusieurs migration de Sonar, cette technique a été mise en place. Pour cela, il faut modifier le fichier settings.xml, dans le sous-répertoire conf de l'installation de Maven, par exemple /var/opt/maven/conf.

Dans ce fichier, il est possible de définir des profiles dans la balise profiles. Le profile confSonarPlugin est donc ajouté afin de mettre en place la variable org.codehaus.sonar.sonar-maven-plugin.version.

  <profiles>
    <!-- profile
     | Specifies a set of introductions to the build process, to be activated using one or more of the
     | mechanisms described above. For inheritance purposes, and to activate profiles via <activatedProfiles/>
     | or the command line, profiles have to have an ID that is unique.
     |
     | An encouraged best practice for profile identification is to use a consistent naming convention
     | for profiles, such as 'env-dev', 'env-test', 'env-production', 'user-jdcasey', 'user-brett', etc.
     | This will make it more intuitive to understand what the set of introduced profiles is attempting
     | to accomplish, particularly when you only have a list of profile id's for debug.
     |
     | This profile example uses the JDK version to trigger activation, and provides a JDK-specific repo.
    <profile>
      <id>jdk-1.4</id>

      <activation>
        <jdk>1.4</jdk>
      </activation>

      <repositories>
        <repository>
          <id>jdk14</id>
          <name>Repository for JDK 1.4 builds</name>
          <url>http://www.myhost.com/maven/jdk14</url>
          <layout>default</layout>
          <snapshotPolicy>always</snapshotPolicy>
        </repository>
      </repositories>
    </profile>
    -->

    <!--
     | Here is another profile, activated by the system property 'target-env' with a value of 'dev',
     | which provides a specific path to the Tomcat instance. To use this, your plugin configuration
     | might hypothetically look like:
     |
     | ...
     | <plugin>
     |   <groupId>org.myco.myplugins</groupId>
     |   <artifactId>myplugin</artifactId>
     |
     |   <configuration>
     |     <tomcatLocation>${tomcatPath}</tomcatLocation>
     |   </configuration>
     | </plugin>
     | ...
     |
     | NOTE: If you just wanted to inject this configuration whenever someone set 'target-env' to
     |       anything, you could just leave off the <value/> inside the activation-property.
     |
    <profile>
      <id>env-dev</id>

      <activation>
        <property>
          <name>target-env</name>
          <value>dev</value>
        </property>
      </activation>

      <properties>
        <tomcatPath>/path/to/tomcat/instance</tomcatPath>
      </properties>
    </profile>
    -->
    <profile>
      <id>confSonarPlugin</id>

      <properties>
        <org.codehaus.sonar.sonar-maven-plugin.version>2.13</org.codehaus.sonar.sonar-maven-plugin.version>
      </properties>
    </profile>
  </profiles>


Il faut ensuite l'activer pour tous les build en activant la balie activeProfiles.

  <!-- activeProfiles
   | List of profiles that are active for all builds.
   |
  <activeProfiles>
    <activeProfile>alwaysActiveProfile</activeProfile>
    <activeProfile>anotherAlwaysActiveProfile</activeProfile>
  </activeProfiles>
  -->

  <activeProfiles>
    <activeProfile>confSonarPlugin</activeProfile>
  </activeProfiles>

Ainsi, seule la variable devra être modifiée lors de la mise à jour de Sonar.

Utilisation de org.codehaus.mojo.sonar-maven-plugin, solution préférée

Ce plugin va permettre de résoudre ce problème de numéro de version de Sonar et le plugin Maven à utiliser. Ainsi, quelque soit la version de Sonar déployée, le plugin est capable de l'identifier pour récupérer la version du plugin org.codehaus.sonar.sonar-maven-plugin à utiliser.

Attention, dans le cadre de l'utilisation de la version 2.2 de Maven, la version 1.0 doit être utilisée.

<build>
	<plugins>
		<plugin>
			<groupId>org.codehaus.mojo</groupId>
			<artifactId>sonar-maven-plugin</artifactId>
			<version>1.0</version>
		</plugin>
	</plugins>
</build>

Son bon fonctionnement peut être observé lors de la construction d'un build sous Jenkins par exemple, et suite à une mise à jour de Sonar. Dans le cadre de cette trace, la version de Sonar est identifiée à 3.0.

[INFO] Sonar host: http://www.jouvinio.net/sonar
[INFO] Sonar version: 3.0
[INFO] Execute: org.codehaus.sonar:sonar-maven-plugin:3.0:sonar
Downloading: http://localhost/nexus/content/groups/public/org/codehaus/sonar/sonar-maven-plugin/3.0/sonar-maven-plugin-3.0.pom
1K downloaded  (sonar-maven-plugin-3.0.pom)
Downloading: http://localhost/nexus/content/groups/public/org/codehaus/sonar/sonar/3.0/sonar-3.0.pom
42K downloaded  (sonar-3.0.pom)
Downloading: http://localhost/nexus/content/groups/public/org/codehaus/sonar/sonar-maven-plugin/3.0/sonar-maven-plugin-3.0.jar
6K downloaded  (sonar-maven-plugin-3.0.jar)
Downloading: http://localhost/nexus/content/groups/public/org/codehaus/sonar/sonar-batch/3.0/sonar-batch-3.0.pom
2K downloaded  (sonar-batch-3.0.pom)
Downloading: http://localhost/nexus/content/groups/public/org/codehaus/sonar/sonar-core/3.0/sonar-core-3.0.pom
5K downloaded  (sonar-core-3.0.pom)
Downloading: http://localhost/nexus/content/groups/public/org/codehaus/sonar/sonar-plugin-api/3.0/sonar-plugin-api-3.0.pom
5K downloaded  (sonar-plugin-api-3.0.pom)
Downloading: http://localhost/nexus/content/groups/public/org/codehaus/sonar/sonar-check-api/3.0/sonar-check-api-3.0.pom
736b downloaded  (sonar-check-api-3.0.pom)
Downloading: http://localhost/nexus/content/groups/public/org/codehaus/sonar/sonar-colorizer/3.0/sonar-colorizer-3.0.pom
1K downloaded  (sonar-colorizer-3.0.pom)
Downloading: http://localhost/nexus/content/groups/public/org/codehaus/sonar/sonar-channel/3.0/sonar-channel-3.0.pom
1K downloaded  (sonar-channel-3.0.pom)
Downloading: http://localhost/nexus/content/groups/public/org/codehaus/sonar/sonar-duplications/3.0/sonar-duplications-3.0.pom
1K downloaded  (sonar-duplications-3.0.pom)
Downloading: http://localhost/nexus/content/groups/public/org/codehaus/sonar/sonar-graph/3.0/sonar-graph-3.0.pom
1K downloaded  (sonar-graph-3.0.pom)
Downloading: http://localhost/nexus/content/groups/public/org/codehaus/sonar/sonar-squid/3.0/sonar-squid-3.0.pom
2K downloaded  (sonar-squid-3.0.pom)
Downloading: http://localhost/nexus/content/groups/public/org/codehaus/sonar/sonar-deprecated/3.0/sonar-deprecated-3.0.pom
1K downloaded  (sonar-deprecated-3.0.pom)
Downloading: http://localhost/nexus/content/groups/public/org/codehaus/sonar/sonar-java-api/3.0/sonar-java-api-3.0.pom
839b downloaded  (sonar-java-api-3.0.pom)
Downloading: http://localhost/nexus/content/groups/public/org/codehaus/sonar/sonar-batch/3.0/sonar-batch-3.0.jar
149K downloaded  (sonar-batch-3.0.jar)
Downloading: http://localhost/nexus/content/groups/public/org/codehaus/sonar/sonar-core/3.0/sonar-core-3.0.jar
168K downloaded  (sonar-core-3.0.jar)
Downloading: http://localhost/nexus/content/groups/public/org/codehaus/sonar/sonar-plugin-api/3.0/sonar-plugin-api-3.0.jar
367K downloaded  (sonar-plugin-api-3.0.jar)
Downloading: http://localhost/nexus/content/groups/public/org/codehaus/sonar/sonar-check-api/3.0/sonar-check-api-3.0.jar
6K downloaded  (sonar-check-api-3.0.jar)
Downloading: http://localhost/nexus/content/groups/public/org/codehaus/sonar/sonar-colorizer/3.0/sonar-colorizer-3.0.jar
32K downloaded  (sonar-colorizer-3.0.jar)
Downloading: http://localhost/nexus/content/groups/public/org/codehaus/sonar/sonar-channel/3.0/sonar-channel-3.0.jar
16K downloaded  (sonar-channel-3.0.jar)
Downloading: http://localhost/nexus/content/groups/public/org/codehaus/sonar/sonar-duplications/3.0/sonar-duplications-3.0.jar
106K downloaded  (sonar-duplications-3.0.jar)
Downloading: http://localhost/nexus/content/groups/public/org/codehaus/sonar/sonar-graph/3.0/sonar-graph-3.0.jar
27K downloaded  (sonar-graph-3.0.jar)
Downloading: http://localhost/nexus/content/groups/public/org/codehaus/sonar/sonar-squid/3.0/sonar-squid-3.0.jar
60K downloaded  (sonar-squid-3.0.jar)
Downloading: http://localhost/nexus/content/groups/public/org/codehaus/sonar/sonar-deprecated/3.0/sonar-deprecated-3.0.jar
6K downloaded  (sonar-deprecated-3.0.jar)
Downloading: http://localhost/nexus/content/groups/public/org/codehaus/sonar/sonar-java-api/3.0/sonar-java-api-3.0.jar
8K downloaded  (sonar-java-api-3.0.jar)
[INFO] [sonar:sonar {execution: default-sonar}]

Cette solution semble donc être la meilleure, car elle n'a une empreinte que limitée dans la définition du projet.