Stack Overflow
Stack Overflow

Questions tagged [sonarqube-scan]

SonarQube Scanners run the analyzers on code. Use this tag for questions related to any of the scanners: SonarQube Scanner for CLI, Maven, Gradle, Jenkins, etc.

1464 questions
10
votes
0 answers

Run a plugin before another one

I want to make a plugin which runs cppcheck tool inside a Sensor class. In order to reuse an existing and supported plugin I would like to use sonar-cxx plugin to import my plugin's results. How does it work to order plugins use in sonar-scanner? I…
begarco
  • 751
  • 7
  • 20
10
votes
2 answers

"IllegalStateException: No files nor directories matching" for non-existing JAR

I recently tried to upgrade my Gradle build to SonarQube plugin 2.2 and encountered the following error: Caused by: java.lang.IllegalStateException: No files nor directories matching…
Brian Clozel
  • 56,583
  • 15
  • 167
  • 176
10
votes
1 answer

Gradle Configuration of pluginRepository

I am trying to get a simple Gradle project (the one that is created by eclipse automatically) with static code analysis made by Sonar to run on our continuous integration. Our CI server is behind a proxy and i have to access the Gradle plugin…
cpetry
  • 198
  • 1
  • 11
9
votes
1 answer

What is the difference between jacoco branch coverage and Sonar condition coverage?

I'm trying to analyze java code with the SonarQube Scanner (version 3.1.0.1141). SonarQube version : 5.6.6 Sonar Java plugin version : 4.12.0.11033 jacoco version : 0.8.0 I have filled the sonar-project.properties with those properties : # Sonar…
Alban
  • 123
  • 1
  • 1
  • 5
9
votes
4 answers

Can SonarQube be used as a Static Application Security Testing (SAST) tool?

I'm looking for a Static Application Security Testing (SAST) tool and I can't afford the commercial products (eg. Checkmarx). SonarQube is a great static code analysis tool but I notice that there is only a few rules of the "Vulnerabilities" type…
DogJunior
  • 91
  • 1
  • 1
  • 6
9
votes
1 answer

Sonarqube vs sonarscanner

I have a very big confusion that what is the use of sonar scanner when we have sonarqube server? when I analyzed a project with soarqube server it made an analysis and worked well. I am still in confusion why we need scanners too. Does it required…
user7486728
9
votes
3 answers

Why doesn't my sonar scanner run create a report-task.txt file?

I'm trying to get my build to break based on sonar results - so I've got a build-breaker running off the results in report-task.txt. I'm running sonar in maven - with the following plugin config:
hawkeye
  • 34,745
  • 30
  • 150
  • 304
9
votes
1 answer

sonar-maven-plugin:3.1.1:sonar analyze error after upgrade to SonarQube 6.0

We just upgraded to SQ 6.0 and now some projects get the following error when analyzing with maven: [INFO] --- sonar-maven-plugin:3.1.1:sonar (default-cli) @ gitlab-hook-dispatcher --- [INFO] User cache: C:\Users\frank.jakop\.sonar\cache [INFO] Load…
Frank
  • 741
  • 1
  • 10
  • 24
9
votes
3 answers

How to specify wildcards in sonar-project.properties

I am trying to use SonarQube to scan the UI modules I have. The UI modules are lot in number. They have a common structure. Each module has its own JS files. I need to specify the sonar.sources value to match all JS files in my project. Is it…
IamSan
  • 165
  • 1
  • 1
  • 6
8
votes
0 answers

Sonarqube jest coverage report fails on expected XML format

I am using jest-sonar-reporter for the coverage as below: package.json { "name": "app", "version": "1.0.0", "description": "The task runner packages for Gulp", "main": "gulpfile.js", "scripts": { ... "test": "jest…
helloworld9
  • 173
  • 2
  • 2
  • 8
8
votes
0 answers

Jest + SonarQube - Report not being imported

I'm running sonar-scanner on my NodeJS + Typescript app, as well as using Jest for the unit test. I'm able to see the report on the console, displaying the coverage for each of the modules created. I then looked up how to integrate Jest with…
fernandonos
  • 173
  • 1
  • 4
  • 15
8
votes
1 answer

Sonar scanner with Maven and JDK 11

I can make Sonar scanner work with OpenJDK 8 but not with OpenJDK 11. The Maven command used is: mvn clean org.jacoco:jacoco-maven-plugin:prepare-agent verify sonar:sonar -Dsonar.analysis.mode=preview -Dsonar.report.export.path=sonar-report.json -P…
Réda Housni Alaoui
  • 1,244
  • 2
  • 15
  • 22
8
votes
5 answers

Quality Gate Failure in SonarQube does not fail the build in Teamcity

I set up a Build project in TeamCity and integrated Sonarqube with it. The project is getting build and even publish the report successfully in SonarQube console. But when the quality gate fails, it's not breaking the build. I searched and read…
Nikit Swaraj
  • 657
  • 4
  • 8
  • 21
8
votes
2 answers

SonarQube: sonar.exclusions parameter cannot exclude a folder

I work on symfony project and I want to exclude some generated code from sonar analytics. I want to exclude a folder named by this path: src/Application/Sonata. I tried many possibilities with sonar exclusions but in…
user6830821
8
votes
0 answers

SonarQube - Unable to analyse xml and xsd file, with UTF-16 encoding

I'm using sonarqube (version 5.6.7) and sonar-scanner (version 3.0.3.778) for analysing some documents. Among these documents there are also .xml and .xsd files with econding UTF-16. When I launch my sonar-scanner command from command line, with…
Nicomedes E.
  • 1,326
  • 5
  • 18
  • 27
1 2
3
97 98