Skip to end of metadata
Go to start of metadata

Table of Contents

The Gradle SonarQube plugin provides an easy way to start SonarQube analysis of a Gradle project.

Users of Gradle Sonar or Sonar Runner Plugins ?

The existing Gradle Sonar Runner and Gradle Sonar plugins, which are part of the Gradle distribution, should no longer be used (See this official note from the Gradleware team). The use of the Gradle SonarQube plugin is recommended instead.

Getting started

Once SonarQube has been installed, and you have installed and configured Gradle Sonar Plugin, you are ready to run analyses on your projects. 

1 - Activate the SonarQube plugin in your build

For Gradle 2.1+:

 

build.gradle
plugins {
  id "org.sonarqube" version "1.0"
}

 

More details on https://plugins.gradle.org/plugin/org.sonarqube

Assuming a local SonarQube server with out-of-the-box settings is up and running, no further mandatory configuration is required.

2 - Run analysis

Execute gradle sonarqube and wait until the build has completed, then open the web page indicated at the bottom of the console output. You should now be able to browse the analysis results.

Configure analysis properties

The SonarQube plugin leverages information contained in Gradle's object model to provide smart defaults for many of the standard SonarQube properties. The defaults are summarized in the tables below.

 

Gradle defaults for standard SonarQube properties

 

PropertyGradle default
sonar.projectKey
“$project.group:$project.name
sonar.projectName
project.name
sonar.projectDescription
project.description
sonar.projectVersion
project.version
sonar.projectBaseDir
project.projectDir
sonar.working.directory
“$project.buildDir/sonar”
Notice that additional defaults are provided for projects that have the java-base or java plugin applied:

 

Additional defaults when java-base plugin is applied

 

PropertyGradle default
sonar.java.source
project.sourceCompatibility
sonar.java.target
project.targetCompatibility

 

Additional defaults when java plugin is applied

 

PropertyGradle default
sonar.sources
sourceSets.main.allSource.srcDirs (filtered to only include existing directories)
sonar.tests
sourceSets.test.allSource.srcDirs (filtered to only include existing directories)
sonar.java.binaries/sonar.binaries
sourceSets.main.runtimeClasspath (filtered to only include directories)
sonar.java.libraries/sonar.libraries
sourceSets.main.runtimeClasspath (filtering to only include files; rt.jar added if necessary)
sonar.java.test.binaries
sourceSets.test.runtimeClasspath (filtered to only include directories)
sonar.java.test.libraries
sourceSets.test.runtimeClasspath (filtering to only include files; rt.jar added if necessary)
sonar.surefire.reportsPath
test.testResultsDir (if the directory exists)
sonar.junit.reportsPath
test.testResultsDir (if the directory exists)

 

Additional defaults when jacoco plugin is applied

 

PropertyGradle default
sonar.jacoco.reportPath
jacoco.destinationFile

 

The SonaQube plugin adds a SonarQubeExtension extension to project and its subprojects, which allows you to configure/override the analysis properties.

build.gradle
sonarqube {
    properties {
        property "sonar.exclusions", "**/*Generated.java"
    }
}

Alternatively, SonarQube properties can be set from the command line. See "Configuring properties from the command line" for more information.

 

Analyzing Multi-Project Builds

To analyze a project hierarchy, apply the SonarQube plugin to the root project of the hierarchy. Typically (but not necessarily) this will be the root project of the Gradle build. Information pertaining to the analysis as a whole has to be configured in the sonarqube block of this project. Any properties set on the command line also apply to this project.

Global configuration settings

build.gradle
sonarqube {
    properties {
        property "sonar.sourceEncoding", "UTF-8"
    }
}

 

Shared configuration settings

Configuration shared between subprojects can be configured in a subprojects block.

build.gradle
subprojects {
    sonarqube {
        properties {
            property "sonar.sources", "src"
        }
    }
}

 

Individual configuration settings

Project-specific information is configured in the sonarqube block of the corresponding project.

 

build.gradle
project(":project1") {
    sonarqube {
        properties {
            property "sonar.exclusions", "src/main/java/com/foo/Foo.java"
        }
    }}

 

Skipping analysis of a project

To skip SonarQube analysis for a particular subproject, set sonarqube.skipProject to true.

 

build.gradle
project(":project2") {
    sonarqube {
        skipProject = true
    }
}

 

Analyzing Custom Source Sets

By default, the SonarQube plugin passes on the project's main source set as production sources, and the project's test source set as test sources. This works regardless of the project's source directory layout. Additional source sets can be added as needed.

Analyzing custom source sets

build.gradle
sonarqube {
    properties {
        properties["sonar.sources"] += sourceSets.custom.allSource.srcDirs
        properties["sonar.tests"] += sourceSets.integTest.allSource.srcDirs
    }
}

 

More on configuring SonarQube properties

Let's take a closer look at the sonarqube.properties {} block. As we have already seen in the examples, the property() method allows you to set new properties or override existing ones. Furthermore, all properties that have been configured up to this point, including all properties preconfigured by Gradle, are available via the properties accessor.

Entries in the properties map can be read and written with the usual Groovy syntax. To facilitate their manipulation, values still have their “idiomatic” type (FileList, etc.). After the sonarProperties block has been evaluated, values are converted to Strings as follows: Collection values are (recursively) converted to comma-separated Strings, and all other values are converted by calling their toString() method.

Because the sonarProperties block is evaluated lazily, properties of Gradle's object model can be safely referenced from within the block, without having to fear that they have not yet been set.

Setting properties from the Command Line

SonarQube properties can also be set from the command line, by setting a system property named exactly like the SonarQube property in question. This can be useful when dealing with sensitive information (e.g. credentials), environment information, or for ad-hoc configuration.
 

gradle sonarqube -Dsonar.host.url=http://sonar.mycompany.com -Dsonar.jdbc.password=myPassword -Dsonar.verbose=true
While certainly useful at times, we do recommend to keep the bulk of the configuration in a (versioned) build script, readily available to everyone.

A SonarQube property value set via a system property overrides any value set in a build script (for the same property). When analyzing a project hierarchy, values set via system properties apply to the root project of the analyzed hierarchy. Each system property starting with ""sonar." will be taken into account.

Task dependencies

Before executing the sonarqube task, all tasks producing output to be analysed by SonarQube need to be executed. Typically, these are compile tasks, test tasks, and code coverage tasks. To meet these needs, the plugins adds a task dependency from sonarqube on test if the java plugin is applied. Further task dependencies can be added as needed. For example:

build.gradle
project.tasks["sonarqube"].dependsOn anotherTask

 

Migration from Gradle Sonar Runner Plugin

If you are user of Gradle Sonar Runner Plugin migration to Gradle SonarQube Plugin is really straightforward. You need to replace the following configuration by new names:

 
Gradle SonarRunner Plugin (deprecated)Gradle SonarQube Plugin (new)
apply plugin: "sonar-runner"
apply plugin: 'org.sonarqube'
sonarRunner {
sonarProperties {
property "sonar.projectName", "My Project Name"
property "sonar.projectKey", "org.sonarqube:java-gradle-simple"
}
}
sonarqube {
properties {
property "sonar.projectName", "My Project Name"
property "sonar.projectKey", "org.sonarqube:java-gradle-simple"
}
}
./gradlew sonarRunner
./gradlew sonarqube

Examples
To help you getting started, some project samples are available on github that can be browsed or downloaded:
  • projects/languages/java/gradle/java-gradle-simple
  • projects/multi-module/gradle/java-gradle-modules

 

  • No labels