Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

HTML
<div class="table-wrap"><table style="line-height: 1.4285715;" class="confluenceTable"><tbody><tr><td class="highlight-grey confluenceTd" data-highlight-colour="grey">By <a target="_top" href="https://www.sonarsource.com">SonarSource</a> &#8211; GNU LGPL 3 &#8211;
<a target="_top" href="https://jira.sonarsource.com/browse/SONARGRADL">Issue Tracker</a> &#8211;
<a target="_top" href="https://github.com/SonarSource/sonar-scanner-gradle">Sources</a>
<br>
<div>
    <div style="padding-top:10px;padding-bottom:5px">
    <span style="font-size:larger;"><strong>SonarQube Scanner for Gradle 2.6.1<2</strong></span>
     &#8211; Compatible with SonarQube 56.67+ (LTS)
    <br>
    </div> 
</div> 
</div> </td></tr></tbody></table></div>

...

 

Code Block
languagetext
titlegradle.properties
systemProp.sonar.host.url=http://localhost:9000

#----- SecurityToken (when 'sonar.forceAuthentication' is set to 'true')
generated from an account with 'publish analysis' permission
systemProp.sonar.login=<token>

 

Analysis

1 - Activate the scanner in your build

...

 

Code Block
languagegroovy
titlebuild.gradle
plugins {
  id "org.sonarqube" version "2.6.2"
}

 

More details on https://plugins.gradle.org/plugin/org.sonarqube

Assuming a local SonarQube server with out-of-the-box settings is up and running, no further mandatory configuration is required.

2 - Run analysis

Execute gradle sonarqube and wait until the build has completed, then open the web page indicated at the bottom of the console output. You should now be able to browse the analysis results.

Configure analysis properties

The SonarQube Scanner for Gradle leverages information contained in Gradle's object model to provide smart defaults for many of the standard SonarQube properties. The defaults are summarized in the tables below.

 

Gradle defaults for standard SonarQube properties

 

PropertyGradle default
sonar.projectKey

[${project.group}:]${project.name} for root module

<root module key>:<module path> for submodules 

sonar.projectName
${project.name}
sonar.projectDescription
${project.description}
sonar.projectVersion
${project.version}
sonar.projectBaseDir
${project.projectDir}
sonar.working.directory
${project.buildDir}/sonar
Notice that additional defaults are provided for projects that have the java-base or java plugin applied:

 

Additional defaults for Java projects

 

PropertyGradle default
sonar.sourceEncoding
${project.compileJava.options.encoding}
sonar.java.source
${project.sourceCompatibility}
sonar.java.target
${project.targetCompatibility}
sonar.sources
${sourceSets.main.allSource.srcDirs} (filtered to only include existing directories)
sonar.tests
${sourceSets.test.allSource.srcDirs} (filtered to only include existing directories)
sonar.java.binaries
${sourceSets.main.output.classesDir}
sonar.java.libraries
${sourceSets.main.compileClasspath} (filtering to only include files; rt.jar and jfxrt.jar added if necessary)
sonar.java.test.binaries
${sourceSets.test.output.classeDir}
sonar.java.test.libraries
${sourceSets.test.compileClasspath} (filtering to only include files; rt.jar and jfxrt.jar added if necessary)
sonar.junit.reportPaths
${test.testResultsDir} (if the directory exists)

Additional defaults for Groovy projects

Same settings than for Java projects plus:

 

PropertyGradle default
sonar.groovy.binaries
${sourceSets.main.output.classesDir}

Additional defaults when JaCoCo plugin is applied

 

PropertyGradle default
sonar.jacoco.reportPaths${jacoco.destinationFile}
sonar.groovy.jacoco.reportPath${jacoco.destinationFile}

 

Additional defaults for Android projects (com.android.application, com.android.library or com.android.test)

By default the first variant of type "debug" will be used to configure the analysis. You can override the name of the variant to be used using the parameter 'androidVariant':

 

Code Block
languagegroovy
titlebuild.gradle
sonarqube {
    androidVariant 'fullDebug'
}


PropertyGradle default

sonar.sources (for non test variants)

${variant.sourcesets.map} (ManifestFile/CDirectories/AidlDirectories/AssetsDirectories/CppDirectories/JavaDirectories/RenderscriptDirectories/ResDirectories/ResourcesDirectories)

sonar.tests (for test variants)

${variant.sourcesets.map} (ManifestFile/CDirectories/AidlDirectories/AssetsDirectories/CppDirectories/JavaDirectories/RenderscriptDirectories/ResDirectories/ResourcesDirectories)
sonar.java[.test].binaries${variant.destinationDir}
sonar.java[.test].libraries${variant.javaCompile.classpath} + ${bootclasspath}
sonar.java.source${variant.javaCompile.sourceCompatibility}
sonar.java.target${variant.javaCompile.targetCompatibility}

Passing manual properties / overriding defaults

The SonarQube Scanner for Gradle adds a SonarQubeExtension extension to project and its subprojects, which allows you to configure/override the analysis properties.

Code Block
languagegroovy
titlebuild.gradle
sonarqube {
    properties {
        property "sonar.exclusions", "**/*Generated.java"
    }
}

Alternatively, SonarQube properties can be set from the command line. See "Configuring properties from the command line" for more information.

 

...

Global configuration settings

Code Block
languagegroovy
titlebuild.gradle
sonarqube {
    properties {
        property "sonar.sourceEncoding", "UTF-8"
    }
}

 

Shared configuration settings

Configuration shared between subprojects can be configured in a subprojects block.

Code Block
languagegroovy
titlebuild.gradle
subprojects {
    sonarqube {
        properties {
            property "sonar.sources", "src"
        }
    }
}

 

Individual configuration settings

Project-specific information is configured in the sonarqube block of the corresponding project.

 

Code Block
languagegroovy
titlebuild.gradle
project(":project1") {
    sonarqube {
        properties {
            property "sonar.branch", "Foo"
        }
    }}

 

Skipping analysis of a project

To skip SonarQube analysis for a particular subproject, set sonarqube.skipProject to true.

 

Code Block
languagegroovy
titlebuild.gradle
project(":project2") {
    sonarqube {
        skipProject = true
    }
}

 

Analyzing Custom Source Sets

By default, the SonarQube Scanner for Gradle passes on the project's main source set as production sources, and the project's test source set as test sources. This works regardless of the project's source directory layout. Additional source sets can be added as needed.

Analyzing custom source sets

Code Block
languagegroovy
titlebuild.gradle
sonarqube {
    properties {
        properties["sonar.sources"] += sourceSets.custom.allSource.srcDirs
        properties["sonar.tests"] += sourceSets.integTest.allSource.srcDirs
    }
}

 

More on configuring SonarQube properties

Let's take a closer look at the sonarqube.properties {} block. As we have already seen in the examples, the property() method allows you to set new properties or override existing ones. Furthermore, all properties that have been configured up to this point, including all properties preconfigured by Gradle, are available via the properties accessor.

...

gradle sonarqube -Dsonar.host.url=http://sonar.mycompany.com -Dsonar.verbose=true
While certainly useful at times, we do recommend to keep the bulk of the configuration in a (versioned) build script, readily available to everyone.

A SonarQube property value set via a system property overrides any value set in a build script (for the same property). When analyzing a project hierarchy, values set via system properties apply to the root project of the analyzed hierarchy. Each system property starting with ""sonar." will be taken into account.

Task dependencies

Before executing the sonarqube task, all tasks producing output to be included in the SonarQube analysis need to be executed. Typically, these are compile tasks, test tasks, and code coverage tasks. To meet these needs, the plugins adds a task dependency from sonarqube on test if the java plugin is applied. Further task dependencies can be added as needed. For example:

Code Block
languagegroovy
titlebuild.gradle
project.tasks["sonarqube"].dependsOn "anotherTask"

 

Example

A simple working example is available at this URL so you can check everything is correctly configured in your env: https://github.com/SonarSource/sonar-scanning-examples/tree/master/sonarqube-scanner-gradle

...