Currently we are using an Sonar On-Premise installation. (7.9.3.X)
We send our Sonar Analysis via the maven goal "mvn sonar:sonar" to our Sonar Server. We have the Server URL and the authentication configured in our .m2/settings.xml.
If I am triggering the goal it does not select the Quality Profiles for Java.
[INFO] Load quality profiles
[INFO] Load quality profiles (done) | time=62ms
[INFO] Load active rules
[INFO] Load active rules (done) | time=1159ms
[INFO] Indexing files...
[INFO] Project configuration:
[INFO] 1 file indexed
[INFO] 0 files ignored because of scm ignore settings
[INFO] Quality profile for xml: Sonar way
I tried to set:
<sonar.java.binaries>target/classes</sonar.java.binaries>
For testing the "Findbugs" Way
<sonar.sources>src/main/</sonar.sources>
for testing the "Sonar Way"
and the deprecated Setting
<sonar.language>java</sonar.language>
but the configuration does not Scan for Java Files.
The current sonar properties I set are:
<sonar.host.url>https://sonar:9000</sonar.host.url>
<sonar.login>secrettoken</sonar.login>
<sonar.projectName>myproject</sonar.projectName>
<sonar.sources>.</sonar.sources>
In other Projects Scanning for Java files succeed.
In my effective Pom of the Project ("mvn help:effective-pom") I cannot found any exclusions nor a language "preselection".
What am I missing? Anyone else faced this Problem?
Thanks for your help!
Try with this
<sonar.sources>UTF-8</sonar.sources>
<sonar.sources>.</sonar.sources>
Related
I was testing evosuite (automation tool to generate junit test) using Maven plugin in Eclipse Luna, using JDK 1.8
I have followed the tutorial given in evosuite tutorial: http://www.evosuite.org/documentation/tutorial-part-2/
Able to generate test using the tutorial file provided by evosuite but when I tried it on one of the projects that I am working on, it couldn't generate test when I initiate mvn evosuite:generate in cmd.
understand that I first need to do a mvn compile and it actually generate all the .class files in the folder "target\classes", I actually checked that the physical files are indeed present in the folder "Classes". the folder structure is exactly the same as in the folder "src\main\java".
when I initiate "mvn evosuite:generate" ,
it actually started generating,
it is showing:
[INFO] Registered remote process from /127.0.0.1:58449
[INFO] Going to execute 139 jobs
[INFO] Estimated completion time: 278 minutes, by 2018-04-22T05:33:27.051
[INFO] Going to start job for: "Java file". Expected to end in 1158 seconds,
by 2018-04-22T01:14:45.848
and it continues until the very last java file,
showing this:
[INFO] * Updating database to "java file name"
then it came to this:
=== CTG run results ===
[INFO] Removed test suites: 0
[INFO] New test suites: 0
[INFO] Missing classes:
[INFO] "Java file name"
and ended with this statement
[INFO] WARN: failed to generate tests for 139 classes out of 139
[INFO] Stopping spawn process manager
[INFO] ---------------------------------------------------------------------
[INFO] BUILD SUCCESS
[INFO] ---------------------------------------------------------------------
[INFO] Total time: 52:44 min
[INFO] Finished at: 2018-04-22T01:47:02+08:00
[INFO] ---------------------------------------------------------------------
I am wondering if i miss out any steps? Because using the same steps I am able to generate the test cases using the tutorial_maven provided by evosuite.
Or is this due to the complexity of the project and java files that evosuite is unable to process and generate the unit test?
Please advise! Thank you! i have tried many many different methods, mvn clean install repeatedly, but to no avail.
edit: tried eclipse plugin for evosuite as well: got the same error saying cannot find test.java file which is weird. Isn't the plugin supposed to generate the test file?
In Jenkins, I have a Maven project with the following structure:
x proftaakmaven
- AutosimulatieSysteem
- LandenMonitoringSysteem
- PolitieSysteem
x Verplaatsingssysteem
- VerplaatsingREST
- VerplaatsingSOAP
- VerplaatsingCommon
- VerplaatsingenRabbitMQ
- RabbitMQ-Proof-of-Concept
- VerplaatsingenRabbitMQTestClient
The Maven reactor constructs this building order:
[INFO] Reactor Build Order:
[INFO]
[INFO] AutoSimulatie
[INFO] LandenMonitorSysteem
[INFO] PolitieSysteem
[INFO] VerplaatsingenSysteem
[INFO] VerplaatsingenCommon
[INFO] VerplaatsingenREST
[INFO] VerplaatsingenSOAP
[INFO] RabbitMQ-Proof-of-Concept
[INFO] VerplaatsingenRabbitMQ
[INFO] VerplaatsingenRabbitMQTestClient
[INFO] proftaakmaven
However, due to a current failure in 'LandenMonitorSysteem' source code, Maven fails on building the other modules as well. This makes the Jenkins job fail.
I have tried running Maven with --fail-never and --fail-at-end. But neither seem to have any effect.
How would I be able to continue building all the modules, even if one fails?
Thanks.
--fail-at-end should be the thing to use.
If that doesn't work you could use -pl to specify the list of working projects.
If you use the -am flag as well you can specify the target you are interested in building and Maven will calculate the dependency tree for you.
I.E. mvn clean install -pl VerplaatsingenRabbitMQTestClient -am
I have found the solution. The problem was the way that I provided the argument. In Jenkins 2.0, the job should be configured like this :
The settings inside the job
Is there a Maven plugin that allows you to check if there are newer versions of dependencies available in the repository?
Say, you are using dependency X with version 1.2. Now a new version of X is released with version 1.3. I'd like to know, based on the dependencies used in my project, which dependencies have newer versions available.
The Maven Versions plugin and it's display-dependency-updates mojo are what you're looking for:
mvn versions:display-dependency-updates
Here is what the output looks like:
[INFO] ------------------------------------------------------------------------
[INFO] Building Build Helper Maven Plugin
[INFO] task-segment: [versions:display-dependency-updates]
[INFO] ------------------------------------------------------------------------
[INFO] [versions:display-dependency-updates]
[INFO]
[INFO] The following dependency updates are available:
[INFO] org.apache.maven:maven-artifact ........................ 2.0 -> 2.0.9
[INFO] org.apache.maven:maven-plugin-api ...................... 2.0 -> 2.0.9
[INFO] org.apache.maven:maven-project ....................... 2.0.2 -> 2.0.9
[INFO] org.codehaus.plexus:plexus-utils ....................... 1.1 -> 1.5.6
[INFO]
[INFO] ------------------------------------------------------------------------
[INFO] BUILD SUCCESSFUL
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 17 seconds
[INFO] Finished at: Fri Aug 15 10:46:03 IST 2008
[INFO] Final Memory: 10M/167M
[INFO] ------------------------------------------------------------------------
If you want to receive email notifications when newer artifacts versions are available on Maven Central you can create an account on artifact-listener and choose which artifact you want to follow.
You can either search manually for artifacts or directly upload your pom.xml.
You will periodically received notifications like this one (available in english and french for now) :
In projects with a large number of dependancies, you sometimes keep your versions in a properties section.
<properties>
<assertj.version>3.15.0</assertj.version>
<aws-sdk.version>1.11.763</aws-sdk.version>
<cxf.version>3.3.6</cxf.version>
In the case where you are only interested in updates to those versions, you can use the following command
mvn versions:display-property-updates
This gives a more condensed view and only returns the versions you need to update in the properties section.
The VersionEye Maven Plugin is doing the same: versioneye_maven_plugin.
VersionEye can notify you about new versions on Maven Repositories, too. It is a language agnostic tool and beside Java it supports 7 other languages. Beside the simple follow/notify feature it can also directly monitor GitHub and BitBucket repositories and notify your about out-dated dependencies in your projects.
There is also a REST JSON API, for tool integrations.
By the way, I'm the dude who started this project. Let me know if you have questions.
The ideal way to do it is to set dependency versions as properties in pom.xml and then running the below command to get the updated versions for your specific/custom dependencies.
<properties>
<java.version>1.8</java.version>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
<skip.tests>true</skip.tests>
<spring-cloud-gcp.version>1.2.3.RELEASE</spring-cloud-gcp.version>
<spring-cloud.version>Hoxton.SR6</spring-cloud.version>
<spring-cloud-stream-schema.version>2.2.1.RELEASE</spring-cloud-stream-schema.version>
<confluent.version>5.5.1</confluent.version>
<avro.version>1.10.0</avro.version>
<janino.version>3.1.2</janino.version>
<swagger.version>2.9.2</swagger.version>
<google-cloud-logging-logback.version>0.118.1-alpha</google-cloud-logging-logback.version>
<spring-cloud-stream-binder-kafka.version>3.0.6.RELEASE</spring-cloud-stream-binder-kafka.version>
</properties>
mvn versions:display-property-updates
[INFO] The following version properties are referencing the newest available version:
[INFO] ${avro.version} .............................................. 1.10.0
[INFO] ${spring-cloud-stream-schema.version} ................. 2.2.1.RELEASE
[INFO] ${janino.version} ............................................. 3.1.2
[INFO] The following version property updates are available:
[INFO] ${spring-cloud-gcp.version} .......... 1.2.3.RELEASE -> 1.2.5.RELEASE
[INFO] ${google-cloud-logging-logback.version} 0.118.1-alpha -> 0.118.2-alpha
[INFO] ${spring-cloud-stream-binder-kafka.version} 3.0.6.RELEASE -> 3.0.8.RELEASE
[INFO] ${confluent.version} ................................. 5.5.1 -> 6.0.0
[INFO] ${swagger.version} ................................... 2.9.2 -> 3.0.0
[INFO] ${spring-cloud.version} .................... Hoxton.SR6 -> Hoxton.SR8
[INFO]
[INFO] ------------------------------------------------------------------------
[INFO] BUILD SUCCESS
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 3.572 s
[INFO] Finished at: 2020-10-06T09:35:08-07:00
[INFO] ------------------------------------------------------------------------
Another way to achieve this is by executing the command mvn versions:display-dependency-updates but the problem I face with this approach is that it also shows me updates for the nested dependencies which are not too useful for me.
You can use the Versions Maven Plugin[1] to generate reports in your Maven site to get a list of possible updates. With regard to Spring's irregularity, it appears to use the Mercury versioning system[2]. When configuring the Versions plugin, you can add a special rule for Spring stuff:
http://mojo.codehaus.org/versions-maven-plugin/
http://docs.codehaus.org/display/MAVEN/Mercury+Version+Ranges
I might be a bit late to join the party but a more clear way to get more readable html file or a xml file as report which can be taken for further automation using:
mvn versions:dependency-updates-report
This report plugin not just shows more comprehensive details on updates but also has options to update to latest versions. You can find the documentation for it to use various parameters.
You can use Maven Check, a command line tool, which is standalone unlike the Versions Maven Plugin. It also works with Gradle projects.
Output example:
2 build file(s) found, checking for artifact updates
my-gradle-project\build.gradle
[COMPILE ONLY] com.google.guava:guava 31.0-android -> 31.1-android
1 artifact update(s) available
my-maven-project\pom.xml
[DEPENDENCY] org.apache.commons:commons-lang3 3.10 -> 3.12.0
[BUILD PLUGIN] org.apache.maven.plugins:maven-compiler-plugin 3.10.0 -> 3.10.1
2 artifact update(s) available
2/2 build file(s) checked, 3 artifact update(s) available
Disclaimer: I am the author of Maven Check.
I am trying to integrate a standard maven project with SonarQube through Jenkins. SonarQube has been added a Post-Build Action to the project build.
I can see Sonar invoked correctly in the console output of the build, but it doesn't find any files to index. The Sonar analysis finishes successfully as far as I can tell but reports are empty.
The same command run locally from command line against a local SonarQube installation works correctly.
Jenkins: 1.605
Sonar: 5.1 (runs on the same machine as Jenkins, off a
MySQL DB)
Jenkins Maven Plugin: 2.8
Jenkins SonarQube Plugin: 2.2
I've added SonarQube section in Jenkins -> Configure Jenkins section with server URL and DB URL.
The only configuration parameter on SonarQube additional properties in projects post build actions is -Dsonar.scm.disabled=true, which I believe turns off the uncommitted files check.
[sonarcore] $ /usr/share/apache-maven/bin/mvn -f /var/lib/jenkins/workspace/sonarcore/myproject-core/pom.xml -e -B sonar:sonar -Dsonar.scm.disabled=true -Dsonar.jdbc.url=jdbc:mysql://localhost:3306/sonar?autoReconnect=true&useUnicode=true&characterEncoding=utf8 -Dsonar.host.url=http://localhost:9000/
[INFO] Error stacktraces are turned on.
[INFO] Scanning for projects...
[INFO]
[INFO] ------------------------------------------------------------------------
[INFO] Building myproject-core 0.0.1-SNAPSHOT
[INFO] ------------------------------------------------------------------------
[INFO]
[INFO] --- sonar-maven-plugin:2.5:sonar (default-cli) # myproject-core ---
[INFO] SonarQube version: 5.1
INFO: Default locale: "en_US", source code encoding: "UTF-8"
INFO: Work directory: /var/lib/jenkins/workspace/sonarcore/myproject-core/target/sonar
INFO: SonarQube Server 5.1
[INFO] [10:23:00.144] Load global repositories
[INFO] [10:23:00.327] Load global repositories (done) | time=185ms
[INFO] [10:23:00.336] Server id: 20150413092802
[INFO] [10:23:00.338] User cache: /var/lib/jenkins/.sonar/cache
[INFO] [10:23:00.353] Install plugins
[INFO] [10:23:00.409] Install JDBC driver
[INFO] [10:23:00.422] Create JDBC datasource for jdbc:mysql://localhost:3306/sonar?autoReconnect=true&useUnicode=true&characterEncoding=utf8
[INFO] [10:23:01.722] Initializing Hibernate
[INFO] [10:23:03.174] Load project repositories
[INFO] [10:23:03.198] Load project repositories (done) | time=24ms
[INFO] [10:23:03.198] Load project settings
[INFO] [10:23:03.424] Load technical debt model
[INFO] [10:23:03.447] Apply project exclusions
[INFO] [10:23:03.647] ------------- Scan myproject-core
[INFO] [10:23:03.651] Load module settings
[INFO] [10:23:03.758] Load rules
[INFO] [10:23:03.826] Base dir: /var/lib/jenkins/workspace/sonarcore/myproject-core
[INFO] [10:23:03.826] Working dir: /var/lib/jenkins/workspace/sonarcore/myproject-core/target/sonar
[INFO] [10:23:03.827] Source paths: pom.xml, src/main/java
[INFO] [10:23:03.827] Test paths: src/test/java
[INFO] [10:23:03.827] Binary dirs: target/classes
[INFO] [10:23:03.828] Source encoding: UTF-8, default locale: en_US
[INFO] [10:23:03.828] Index files
[INFO] [10:23:03.853] 0 files indexed
[INFO] [10:23:03.894] Sensor Lines Sensor
[INFO] [10:23:03.895] Sensor Lines Sensor (done) | time=1ms
[INFO] [10:23:03.896] Sensor QProfileSensor
I found another similar thread on SO that said I need to install more plugins, but I haven't been able to find which plugins do I need.
Analysing with SonarQube causes 0 files indexed and no reports (Maven Project)
I havent added SonarQube Runner on Jenkins as I don't think it is needed. Please see here https://stackoverflow.com/a/13473275/4473028
In your server:
You need to have installed the Sonar runner on your server and you need to have the variable SONAR_RUNNER_HOME properly set.
In your jenkins configuration:
You need to set the configurations for the sonarQube Scanner like this:
Sonar configuration in Global Tool Configuration
Once you install the plugin, you will be able to configure it as a step of execution in the configuration of the job.
In your job configuration:
You need to indicate the path of the sonar-project.properties file and the instance of sonnar-runner that you already configured in the step before like this: sonar step configuration
Im trying to install this maven plugin, but i have several questions which i cant do trial & error because of my slow internet speed :
The documentation said :
For the default usage of the deployer install all platforms and add-on apis, ensure that all folder in the platforms folder have names like android-3, android-4 and so on.
Do i really need to download ALL of the platforms and extras, even i dont want to use it?
And then, it said :
If you find names using the platform version (e.g. 15) in the folder name reinstall that platform from the android tool.
This is my platforms folder :
It seems all of my platform's name is using the version, do i really need to re-install ALL of those installed platforms?
Do you have any other way how to make this maven plugin work more easily?
Or do you have any better idea? (different plugin maybe, or anything). Im very new to Maven.
Thanks very much for your help.
No need to reinstall, but make sure you have all the platform levels.When you run the SDK deployer POM, the build will go looking each and every one of the platform level folders and if you have one missing the build will fail. So make sure you have all even if you don't require them. That's why they insist on the folder naming.
This is how missing platform errors look like:
[INFO] ------------------------------------------------------------------------
[INFO] BUILD FAILURE
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 01:32 min
[INFO] Finished at: 2014-05-29T18:11:29-06:00
[INFO] Final Memory: 19M/246M
[INFO] ------------------------------------------------------------------------
[ERROR] Failed to execute goal org.codehaus.mojo:properties-maven-plugin:1.0-alpha-2:read-project-properties (default) on project android-10: Properties file not found: $ANDROID_HOME/platforms/android-10/source.properties -> [Help 1]