Skip to end of metadata
Go to start of metadata

Table of Contents

Once SonarQube has been installed, and you have installed an analyzer you are ready to run analyses on your projects. 

Scope of Analysis: Types of Files and Data

SonarQube can perform analysis on 20+ different languages. The outcome of this analysis will be quality measures and issues (instances where coding rules were broken). However, what gets analyzed will vary depending on the language:

  • On all languages, "blame" data will automatically be imported from supported SCM providers. Git and SVN are supported automatically. Other providers require additional plugins.
  • On all languages, a static analysis of source code is performed (Java files, COBOL programs, etc.)
  • A static analysis of compiled code can be performed for certain languages (.class files or jars in Java, .dll files in C#, etc.)
  • A dynamic analysis of code can be performed on certain languages (execution of unit tests in Java, C#, etc.)

Unrecognized files

By default, only files that are recognized by a language plugin are loaded into the project during analysis. For example if your SonarQube instance has the Java and JavaScript plugins on board, all .java and .js files will be loaded, but .xml files will be ignored. However, it is possible to import all text files in the analysis encoding in a project by setting Settings > Exclusions > Files > Import unknown files to true. 

Scope of Analysis: Which Files, and What's Saved

There are three different paradigms for SonarQube analysis: full analysis (or just plain "analysis"), preview analysis, and incremental analysis. You switch among the three modes using the sonar.analysis.mode analysis parameter with one of these three values:

  • analysis - this is the default. This mode analyzes everything that's analyze-able for the language in question and saves the results to the database.
  • preview - is typically used to determine whether code changes are good enough to move forward with, E.G. merge into the Git master.
  • incremental - is used on the developer's localhost to examine changed files for added technical debt before checking them in.

Analysis Mode

Analysis mode performs a full analysis on the entire code base and saves the results to the database. Assuming code changes, you will ideally analyze once a day in this mode - typically over night. Use this mode to update the central server and keep the team at large abreast of your current code quality.

If you're using continuous integration, you don't want to add full analysis to your CI job. Doing so would cause needless churn in the SonarQube metrics and make the "Since previous analysis" differential nearly useless for most people. Instead, you'll want to set up a separate analysis job that polls your SCM on a nightly basis.

If you're not using continuous integration, but only building intermittently or at most daily, then by all means include SonarQube analysis in your regular build job.

Preview Mode

Preview mode performs a full analysis on the entire code base and does not save the results to the database. Typically this mode is used on the continuous integration server as part of the continuous integration job. To take full advantage of preview mode in this scenario, you'll want to install the Build Breaker Plugin, and set up a quality gate. Together, these two mechanisms allow you to automatically mark the build broken when the quality of newly checked in code is not up to standard. 

Incremental Mode

Incremental mode performs a fully analysis only on changed code, and does not save the results to the database. It is used on the developer's machine to check the quality of code changes before checking them in. It is the default in the Eclipse plugin. If you're not using Eclipse, you can still take advantage of incremental mode using a local installation of sonar runner and the Issues Report Plugin. In either case (Eclipse or Issues Report), you'll be able to see the issues on the code in question, with any issues introduced since the last full analysis highlighted for immediate attention.

During Analysis

During analysis, data is requested from the server, the files provided to the analysis are analyzed, and the resulting data is sent back to the server.

Most of these interactions happen synchronously. However, some updates are saved to the end of analysis, sent to the server in a batch file, and processed asynchronously. Those batch files are queued, and processed sequentially, so it is quite possible that for a brief period after your analysis log shows completion, the updated values are not visible in your SonarQube project.

Running Analysis

First, you should install the plugin(s) for the language(s) of the project to be analyzed, either by a direct download or through the update center.

Then, you need to choose an analysis method. The following are available:

For more information

See also:

  • No labels