26

I am wondering which sonar-maven-plugin in which version I should use. As far as I know there is a org.codehaus.mojo version and two org.codehaus.sonar versions (sonar-maven3-plugin, sonar-maven-plugin).

As far as I understand the sonar-maven3-plugin is now deprecated and the org.codehaus.sonar:sonar-maven-plugin should be used instead. However those org.codehaus.sonar version are tied to a certain version of the sonar server, therefore it makes probably no sense to use them directly. To be able to deal with this there is the org.codehaus.mojo:sonar-maven-plugin which checks which sonar version the server has and from there checks which org.codehaus.sonar:sonar-maven-plugin to use.

So in order to have a maven pom that is independent of the Sonar Server Version one should probably use the org.sonar.mojo:sonar-maven-plugin:RELEASE version to be safe.

Did I get this right?

Any further things to consider?

Thanks

jstadler
  • 340
  • 1
  • 3
  • 7

2 Answers2

16

As described in the documentation page (see "Project analyzed with Maven 3"), the plugin you have to use is org.codehaus.mojo:sonar-maven-plugin, not the internal one(s).

agabrys
  • 8,728
  • 3
  • 35
  • 73
Fabrice - SonarSource Team
  • 26,535
  • 3
  • 62
  • 58
  • And, how do we correlate the version numbers between the org.codehaus.sonar and org.codehaus.mojo sonar-maven-plugins? – Russ Jackson Jun 17 '15 at 18:39
  • Let's say that the "org.codehaus.mojo:sonar-maven-plugin" used to be a facade plugin to the internal ones in order to not have dependencies to SonarQube API. It detects which version of the internal plugins to use thanks to a WS call to the server to know which version of SonarQube is installed. I say "used to be a facade" because in upcoming SQ 5.2, the internal plugins will no longer be required and therefore are removed from the code base. – Fabrice - SonarSource Team Jun 18 '15 at 08:44
  • 3
    How about the `org.codehaus.sonar:sonar-maven-plugin`? Is that a Maven2 only plugin? – Gijs Sep 17 '15 at 16:05
  • 1
    Now, it's: [org.sonarsource.scanner.maven:sonar-maven-plugin](https://mvnrepository.com/artifact/org.sonarsource.scanner.maven/sonar-maven-plugin) – Valijon Aug 15 '20 at 09:53
2

When we were using sonarserver ver 3.7.1 we used to have org.codehaus.sonar:sonar-maven-plugin. Once we migrated from Sonar Server to SonarQube server 4.5+ onwards, we need to use org.codehaus.mojo:sonar-maven-plugin. Currently in our project , we need to compile our code with jdk 6(as it is old project) and run the sonarqube server ver 4.5.7 analysis with java 7 so with java 6 we run the command mvn clean org.jacoco:jacoco-maven-plugin:0.7.4.201502262128:prepare-agent install and while running the sonar analysis we change the jvm to java 7 and execute the command mvn org.codehaus.mojo:sonar-maven-plugin:2.4:sonar -Dsonar -Dsonar.host.url=http://localhost:9000 -Dsonar.dynamicAnalysis=true

Joy Chowdhury
  • 73
  • 1
  • 10