Skip to end of metadata
Go to start of metadata

Table of Contents

This page describes how to integrate SonarQube into a build script for Apache Ant.

Prerequisites

You must have previously installed the SonarQube Scanner for Ant and read Analyzing Source Code.

Usage

The SonarQube Scanner for Ant is an Ant Task that is wrapper of SonarQube Scanner, which works by invoking SonarQube Scanner and passing to it all properties named following a sonar.* convention. This has the downside of not being very Ant-y, but the upside of providing instant availability of any new analysis parameter introduced by a new version of a plugin or of SonarQube itself. Therefore, successful use of the SonarQube Scanner for Ant requires strict adherence to the property names shown below.

You may also consult the list of analysis parameters for additional properties which will be honored in an Ant-based analysis.

Simple Project

Define a new sonar Ant target in your Ant build script:

build.xml
<project name="My Project" default="all" basedir="." xmlns:sonar="antlib:org.sonar.ant">
...
 
<!-- Define the SonarQube global properties (the most usual way is to pass these properties via the command line) -->
<property name="sonar.host.url" value="http://localhost:9000" />

...
 
<!-- Define the SonarQube project properties -->
<property name="sonar.projectKey" value="org.codehaus.sonar:example-java-ant" />
<property name="sonar.projectName" value="Simple Java Project analyzed with the SonarQube Ant Task" />
<property name="sonar.projectVersion" value="1.0" />
<property name="sonar.sources" value="src" />
<property name="sonar.java.binaries" value="build" />
<property name="sonar.java.libraries" value="lib/*.jar" />
...

<!-- Define the SonarQube target -->
<target name="sonar">
	<taskdef uri="antlib:org.sonar.ant" resource="org/sonar/ant/antlib.xml">
		<!-- Update the following line, or put the "sonar-ant-task-*.jar" file in your "$HOME/.ant/lib" folder -->
		<classpath path="path/to/sonarqube/ant/task/lib/sonarqube-ant-task-2.4.jar" />
	</taskdef>

	<!-- Execute the SonarQube analysis -->
	<sonar:sonar />
</target>
...

Run the following command from the project base directory to launch the analysis:

ant sonar

Security

Any user who's granted Execute Analysis permission can run an analysis.

If the Anyone group is not granted Execute Analysis permission or if the SonarQube instance is secured (the sonar.forceAuthentication property is set to true), the credentials of a user having been granted Execute Analysis permission have to be provided through the sonar.login and sonar.password properties. Example: sonar-runner -Dsonar.login=myLogin -Dsonar.password=myPassword

Note that for a preview analysis, the user also has to be granted the Browse permission on the project to be analyzed.

Sample Projects

To help you get started, a simple project sample is available on github that can be browsed or downloadedprojects/languages/java/ant/java-ant-simple

Multi-language Project

Since SonarQube 4.2, it is possible to run an analysis on a multi-language project. To do so, the sonar.language property just has to be removed. Conversely, if for some reason you want to perform a single language-only analysis, make sure sonar.language is specified.

To help you get started, a multi-language project sample can be browsed or downloaded from github: projects/languages/multi-language/multi-language-java-javascript-ant

Converting a Mono-language Project to a Multi-language Project

Let's take as an example a project containing both Java and JavaScript source code. Your SonarQube instance currently contains two different projects: one for the Java source code and one for the JavaScript source code. Optionally, you may also have created a view to aggregate these two projects.

The first step is to choose which one of these two mono-language projects you will convert to a multi-language project. You will lose the history (timeline, false positives, action plans, etc.) on the one that won't get converted to a multi-language project. In this example, we'll choose to convert the Java project to a multi-language project as most of our code (and therefore history) is Java.

The second step is to run another analysis of this Java project the old way (make sure to explicitly set the sonar.language property to java). This step is mandatory to keep the history on the project.

The third and last step is to remove the sonar.language property and set the sonar.sources property to the parent directory containing all your source code (Java + JavaScript). You can now run another analysis. You will finally be able to browse your first multi-language project!

Multi-module Project

The configuration for parent and modules must be done in the parent build.xml file:

Parent build.xml
... 
<!-- Set modules IDs -->
<property name="sonar.modules" value="module-one,module-two"/>
  
<!-- For modules, properties are inherited from the parent. They can be overridden as shown below: -->
<property name="module-one.sonar.projectName" value="Module One" />
<property name="module-one.sonar.sources" value="sources/java" />
<property name="module-one.sonar.binaries" value="target" />
<!-- Default module base directory is <curent_directory>/<module_ID>. It can be overridden if necessary -->
<property name="module-one.sonar.projectBaseDir" value="Module 1" />	
...

To help you getting started, project samples are available on github that can be browsed or downloaded:

  • Modules with the same structure: projects/multi-module/ant/java-ant-modules-same-structure
  • Modules with different structures: projects/multi-module/ant/java-ant-modules-different-structures

Advanced Usage

Additional analysis parameters can be defined in the build.xml file or through command-line parameters. 

  • No labels