21

We run SonarQube analyses for our Java projects via Maven. Maven somehow does this automagically; all we did was add the sonar-maven-plugin to our pom.xml:

<pluginManagement>
    <plugins>
        ...
        <plugin>
            <groupId>org.codehaus.mojo</groupId>
            <artifactId>sonar-maven-plugin</artifactId>
            <version>2.2</version>
        </plugin>
    </plugins>
</pluginManagement>

This works fine.

But now we need to run the SonarQube analysis twice, with different quality profiles. Since you can't easily change the project key from Maven, we use SonarQube's branch property to differentiate the SonarQube projects, like this (again from pom.xml):

<properties>
    <sonar.profile>MyQualityProfile1</sonar.profile>
    <sonar.branch>Dev_${sonar.profile}</sonar.branch>
    ...
</properties>

This way, we end up with two project entries in the SonarQube UI, both of which contain the exact same code, but have different issues depending on their quality profile (one used quality profile 1, and the other used quality profile 2).

Problem: In order to achieve this, I must manually change the pom.xml properties and run the entire build twice.

Question: How can I configure maven to simply run the sonar:sonar goal twice with different properties?

This would save us a lot of time on our builds. I already found this similar question, but no answers so far. Thanks!

Community
  • 1
  • 1
barfuin
  • 16,865
  • 10
  • 85
  • 132

4 Answers4

18

Expanding on the previous answer given by Eldad AK regarding profiles:

Create two maven profiles as follows:

<properties>
  <sonar.branch>Dev_${sonar.profile}</sonar.branch>
</properties>

<profiles>
  <profile>
    <id>QualityProfileOne</id>
    <properties>
      <sonar.profile>MyQualityProfile1</sonar.profile>
    </properties>
  </profile>
  <profile>
    <id>QualityProfileTwo</id>
    <properties>
      <sonar.profile>MyQualityProfile2</sonar.profile>
    </properties>
  </profile>
</profiles>


Then run the following:

    $ mvn clean install -DskipTests
    $ mvn sonar:sonar -PQualityProfileOne
    $ mvn sonar:sonar -PQualityProfileTwo

(you may need to perform a clean between running sonar, not sure)
Amit Verma
  • 8,660
  • 8
  • 35
  • 40
John Q Citizen
  • 3,138
  • 4
  • 26
  • 31
  • Thanks, this is much clearer to me now. Do you know of a way to get Maven to run both profiles in one go? – barfuin Mar 11 '14 at 13:04
  • You can't invoke both profiles at the same time, as both try to set the same property `sonar.profile` and one profile will overwrite the value assigned by the other profile (try running `mvn -PQualityprofileOne -PQualityProfileTwo help:effective-pom` to confirm that this is the case). – John Q Citizen Mar 12 '14 at 01:43
  • Ahh, that's too bad, we were so close. But thank you anyways! – barfuin Mar 12 '14 at 20:05
  • It seems that this is the closest answer I'm going to get, so I'm accepting it. In the meantime, I resolved my original issue by moving from Maven to [Gradle](http://www.gradle.org/). – barfuin Mar 21 '14 at 22:12
3

Try to configure two executions of your plugin. Something like this:

<plugin>
    <groupId>org.codehaus.mojo</groupId>
    <artifactId>sonar-maven-plugin</artifactId>
    <executions>
        <execution>
            <id>s1</id>
            <phase>verify</phase>
            <goals>
                <goal>sonar</goal>
            </goals>
            <configuration>
                <sonar.branch>MyQualityProfile1</sonar.branch>
            </configuration>
        </execution>
        <execution>
            <id>s2</id>
            <phase>install</phase>
            <goals>
                <goal>sonar</goal>
            </goals>
            <configuration>
                <sonar.branch>MyQualityProfile2</sonar.branch>
            </configuration>
        </execution>
    </executions>
</plugin>

This will start two executions of sonar in phases verify and install, each with another sonar.branch value. In Sonar you can then configure the required quality profiles after the first analysis.

Horst Krause
  • 636
  • 7
  • 22
  • If both executions can have their own configurations, then that might work. Can I also bind both executions to the same phase? The order of the executions would not matter to me. – barfuin Feb 02 '15 at 17:29
  • I never tried two executions in the same phase. But because verify and install are both "late enough", why not use them as suggested? – Horst Krause Feb 03 '15 at 06:28
  • It is not work sonar.branch not visible in the build. (sonar-maven-plugin 2.7.1) – burtsevyg Nov 25 '15 at 22:04
  • This is the correct answer and should be upvoted. As a general rule of Maven, multiple executions of the same plugin can each have their own config, and can run in the same phase. The concern raised by @burtsevyg of `sonar.branch` vs. `sonar.profile` is specific to the plugin, which might be simply due to discrepancy with the example provided – 333kenshin Jul 23 '19 at 15:58
1

A combination of maven and Ant might work: Use Maven for the first sonar analysis as you already do and use the Maven Antrun Plugin to execute another SonarQube configuration defined using the SonarQube Ant Task.

mg_
  • 66
  • 5
0

I would opt for the maven profiles.
Each profile would have its own properties.

I hope this helps.

Eldad Assis
  • 10,464
  • 11
  • 52
  • 78
  • 1
    How would profiles help? The build should only run once, but execute the `sonar:sonar` goal twice. – barfuin Feb 27 '14 at 15:26
  • The two profiles will run one after the other. Try creating two simple profiles with trivial tasks and see they run one after the other (assuming you don't limit execution) – Eldad Assis Feb 27 '14 at 15:31