5

We are trying to install a CI Platform with (Jenkins,sonar,eclipse ...). So that every developer can make analysis on his code before commit, I'm wondering between two alternatives :

  • running local analysis with the sonar plugin.
  • install the different plugins that sonar use (findbug,pmd,checkstyle ...) and configure them to meet the sonar configuration.

I'm not sure which alternative to use? I used to work with findbugs,pmd, checkstyle in eclipse and they look great. Can you tell me which is the best alternative? Thanks in advance.

Regards.

gbenmansour
  • 85
  • 1
  • 7
  • Great question for Programmers.SE – David Harkness Feb 07 '13 at 16:48
  • 1
    I think I misunderstood the question. You meant the Eclipse plugin not the the build plugin (ANT, Maven). Apologies for going off on a tangent. – Mark O'Connor Feb 08 '13 at 18:17
  • @gbenmansour Sorry for dragging up an old question but I was wondering the same thing. Did you end up using the Sonar plugin? Is it the case that this requires you to run an analysis (which could take a bit time) as opposed to the Checkstyle plugin instantly checking your code as you write it? – Steve Chambers May 02 '14 at 08:33

2 Answers2

3

With Sonar plugin you can manage the violations like:

  • Create a review
  • Mark a violations as false positive or fixed
  • View the hot classes and hot violations
  • View yours reviews

If you use separate plugins you have to go sonar web to do that. The great advance of sonar is the reviews.

Other question is how many projects you have and will have. I currently work with more than 70 projects and many profiles. Is more simple to me run analysis with one plugin, because I need just add the server and find the project. With other plugin you need add the link for each project in each plugin configuration.

Andre Piantino
  • 320
  • 1
  • 8
  • 1
    I do not use the Sonar "mark false positive" feature. Instead, we annotate the false positives using the tool annotations (or suppression comments, for that matter). This way, the false positive markers are retained when the Sonar database is lost or when the code gets put into a different Sonar (e.g. because the code is reused). – barfuin Feb 06 '13 at 22:11
2

Why not install the Sonar Eclipse plugin?

This was designed to solve the following problems:

  • Sonar does not support parallel analysis of the same project. This issue rules out the option of each developer running Sonar locally. (See SONAR-2761, SONAR-3306)
  • You don't really want developers uploading metrics and source code into the Sonar database. They could be working on an uncommitted workspace and would therefore cause both inaccuracies and confusion if Sonar is being used for code review.
  • Sonar is really designed to be run from a continuous integration server (like Jenkins), building code that has been submitted onto a shared codestream (or branch)

The big advantages of using the Eclipse plugin are:

  • True local analysis, no updates of the Sonar database
  • Configuration of the other tools is retrieved from the Sonar server and jars automatically downloaded.
  • Centralized management of Sonar quality profiles
Mark O'Connor
  • 76,015
  • 10
  • 139
  • 185