When SonarQube analyzes my Java project which is built using Gradle and Jenkins, I get a lot of warnings about third party libraries not being accessible through the ClassLoader:
WARN - Class 'org/slf4j/Logger' is not accessible through the ClassLoader.
WARN - Class 'com/google/gson/Gson' is not accessible through the ClassLoader.
These libraries are all listed as dependencies in my build.gradle.
I read here about using the sonar.libraries
property where I'd give a path to the Jar. But because Gradle downloads those dependencies for me, the paths look like this on my machine: /home/siberut/.gradle/caches/modules-2/files-2.1/org.slf4j/slf4j-api/1.7.5/6b262da268f8ad9eff941b25503a9198f0a0ac93/slf4j-api-1.7.5.jar
.
And those paths change with every new version of the library.
So how can I get I get rid of those warnings? Is there maybe a way to let Gradle tell SonarQube about the location of the Jars?
Thanks
Edit:
I'm using SonarQube Server 4.1.1, Gradle Plugin 1.23, Sonar Plugin 2.1, Sonar Runner 2.3 and gradle --version
gives:
------------------------------------------------------------
Gradle 1.10
------------------------------------------------------------
Build time: 2013-12-17 09:28:15 UTC
Build number: none
Revision: 36ced393628875ff15575fa03d16c1349ffe8bb6
Groovy: 1.8.6
Ant: Apache Ant(TM) version 1.9.2 compiled on July 8 2013
Ivy: 2.2.0
JVM: 1.7.0_21 (Oracle Corporation 23.7-b01)
OS: Linux 3.10-2-486 i386
Here is the complete console output of a build including all the warnings: Link
Jenkins calls my build.gradle like this:
Jenkins calls SonarQube like this:
Edit: Just like Peter Niederwieser said, letting Gradle invoke SonarQube gets rid of the warnings. The relevant part of my configuration is here.
You'll have to set sonar.libraries
. But in order to set this property manually, you'll have to define a Gradle task that copies all external dependencies to a lib directory, and then use sonar.libraries=path/to/lib/*.jar
to reference them. Instead, I'd invoke Sonar via the sonar-runner
Gradle plugin, which will take care of setting the above properties (plus sonar.libraries
and others) for you.
The following fixed this issue for me in build.gradle
sonarqube {
properties {
def compileDependencies = project.configurations.compile.files.collect {it.path}join(",")
def compileOnlyDependencies = project.configurations.compileOnly.files.collect {it.path}join(",")
property "sonar.java.libraries", "$compileDependencies,$compileOnlyDependencies"
property "sonar.test.libraries", "$compileDependencies,$compileOnlyDependencies"
}
}
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With