Menu
I am using sonar-maven-plugin 3.2 and maven 3.3.9. In the parent POM, I have the sonar.projectKey maven property defined. The value is in effect, I can see it from the printout of sonar. But the mvn sonar:sonar step fails, because the maven modules use the same project key value, because the maven property has the same value in all modules. Sonar gives the error:
Project '...' can't have 2 modules with the following key: ...
Is there really no way to have a single sonar project that contains all maven modules? Are all modules must be really different sonar projects?
I am aware that I could use the branch property asa hack, but I would like to avoid doing that. If there is a way to have a maven multi module project in sonar with a single project key, containing all maven modules, that would be the best...
530
The project key can be updated (without losing the history on the project) at Project Settings > Update Key. The new key must contain at least one non-digit character. Allowed characters are: 'a' through 'z', 'A' through 'Z', '-' (dash), '_' (underscore), '. ' (dot), ':' (colon) and digits '0' to '9'.
The SonarScanner for Maven is a Maven plugin that allows you to execute SonarCloud code analysis via a regular Maven goal. As a Maven goal, the scanner is available anywhere Maven is available (locally, in CI services, etc.), without the need to manually download, set up, and maintain a separate installation.
What happens when you run mvn sonar:sonar is that an analysis report is generated and submitted to the server for asynchronous processing. Once the report is successfully submitted to the server, the local process ends.
Modules have been removed in a recent release. I couldn't yet validate if the below, modules-based solution works on SonarQube 8.x, but assume a different solution has to be used. When I contacted SonarQube support they suggested to manage permissions on project key prefixes, and use prefix-scoped project creation permissions to dynamically create project keys sharing that prefix.
In this case your pom.xml would look like this:
<properties>
<sonar.projectKey>
YourKey-${project.groupId}:${project.artifactId}
</sonar.projectKey>
</properties>
where YourKey is the project-prefix. This requires your SonarQube admin to apply the suggested permission scheme.
SonarQube prior to 7.6 is/was module-aware.
To define modules in your parent.pom, you declare the following properties:
<properties>
<sonar.projectKey>
YourKey
</sonar.projectKey>
<sonar.moduleKey>
${project.groupId}:${project.artifactId}
</sonar.moduleKey>
</properties>
Both properties will be inherited by your modules. This will then compile the result into a single Sonar report, tracking the sub-modules under the common projectKey.
Interestingly the result is:
[INFO] Reactor Summary:
[INFO]
[INFO] parent ................................. SUCCESS [01:14 min]
[INFO] module1................................. SKIPPED
[INFO] module2 ................................ SKIPPED
[INFO] module3 ................................ SKIPPED
I'm therefore not sure, how the exact module resolution was done, but in the end all modules showed up in the report.
114
According to SonarQube Analysis Parameters:
sonar.projectKey
The project key that is unique for each project. Allowed characters are: letters, numbers, '-', '_', '.' and ':', with at least one non-digit.
When using Maven, it is automatically set to<groupId>:<artifactId>.
Therefore, remove your sonar.projectKey configuration and it should work.
(I have been through the same loop).
31
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
