当声纳分析绑定到多模块项目中的maven生命周期时，如何使SonarQube模块仅分析项目一次？ [英] How to make SonarQube module analyze the project only once when sonar analysis is bound to maven lifecycle in a multi-module project?

问题描述

我想要实现的是将SonarQube分析集成到构建过程中，这样无论何时运行 mvn clean install ，都会使用SonarQube分析代码。我们希望将它用于本地分析以及在Jenkins上构建。如果发现新问题，那么构建应该失败（我们希望使用构建断路器插件）。这样开发人员就会知道，通过他的代码，他将引入新的问题，并且必须修复它们才能使构建工作。

What I am trying to achieve is integrate SonarQube analysis into the build process, so that whenever mvn clean install is run, the code is analyzed with SonarQube. We want to use it for local analysis and also for build on Jenkins. If new issues are found, than the build should fail (we want to use build breaker plugin for that). This way the developer would know that by his code his is going to introduce new issues, and will have to fix them for the build to work.

当我运行 mvn sonar：sonar 时，分析需要30秒，这没关系。

When I run mvn sonar:sonar, the analysis takes 30 seconds, which is OK.

但是，当我尝试将 sonar 目标绑定到maven构建阶段时，会出现问题。我将 sonar 绑定到验证阶段。现在构建需要 5分钟，这太长了。它应该需要 1分钟。没有SonarQube分析的构建本身需要30秒。

However, the problem occurs when I am trying to bind sonar goal to maven build phases. I bind sonar to verify phase. The build takes 5 minutes now, which is too long. It should take about 1 minute. The build itself, without SonarQube analysis takes 30 seconds.

注意（可能有助于弄清楚问题是什么）：项目在哪个构建运行中有多个模块，我猜这就是问题所在。它看起来像声纳：声纳目标被执行多次，每个子模块执行一次，并且多次分析整个项目（不仅是子模块） ）。因此，我们有4个子模块，并且在构建期间生成了5次报告。

Note (may help to figure out what the problem is): the project on which the build is run has multiple modules in it, and I guess that is the problem. It looks like sonar:sonar goal is executed multiple times, once for each submodule, and the whole project is analyzed multiple times (not only the submodules). So, we have 4 submodules, and the report is generated 5 times during the build.

相反，我们只想分析整个项目一次，而不是5次。在为所有模块生成 cobertura 报告之后，在构建结束时运行此1分析也很重要。

Instead, we want to analyze the whole project only once, not 5 times. It's also important for this 1 analysis to be run at the end of the build, after the cobertura reports are generated for all modules.

所以，如何将SonarQube分析集成到构建中，以便在为所有子模块生成cobertura报告后，它最终只分析一次我的多模块项目？

So, how do I integrate SonarQube analysis into the build, so that it analyzes my multi-module project only once, in the end, after cobertura reports are generated for all the submodules?

父pom中的SonarQube插件属性：

<!-- Sonar plugin properties -->
<sonar.jdbc.url>jdbc:url</sonar.jdbc.url>
<sonar.analysis.mode>preview</sonar.analysis.mode>
<sonar.issuesReport.html.enable>true</sonar.issuesReport.html.enable>       
<sonar.issuesReport.console.enable>true</sonar.issuesReport.console.enable>
<sonar.host.url>sonar.host:9000</sonar.host.url>
<sonar.language>java</sonar.language>
<sonar.buildbreaker.skip>false</sonar.buildbreaker.skip>
<sonar.qualitygate>Sonar%20way%20with%20Findbugs</sonar.qualitygate>
<sonar.preview.includePlugins>buildbreaker</sonar.preview.includePlugins>
<sonar.exclusions>file:**/target/**</sonar.exclusions>
<branch>development</branch>

项目中的插件配置：

                <!-- Run cobertura analysis during package phase -->
                <plugin>
                    <groupId>org.codehaus.mojo</groupId>
                    <artifactId>cobertura-maven-plugin</artifactId>
                    <executions>
                        <execution>
                           <phase>package</phase>
                              <goals>
                                 <goal>cobertura</goal>
                               </goals>
                        </execution>
                  </executions>
                </plugin>

                <!-- Run sonar analysis (preview mode) during verify phase. Cobertura reports need to be generated already -->
                <plugin>
                   <groupId>org.codehaus.mojo</groupId>
                   <artifactId>sonar-maven-plugin</artifactId>
                   <version>2.5</version>
                   <executions>
                        <execution>
                           <phase>verify</phase>
                              <goals>
                                 <goal>sonar</goal>
                               </goals>
                        </execution>
                  </executions>
                </plugin>

推荐答案

IMO，这只是一个Maven配置问题，你在执行 sonar：sonar 时，错过了< inherited> false< / inherited> 元素：

IMO, this is just a Maven configuration issue, you're missing the <inherited>false</inherited> element on the execution of sonar:sonar:

                <!-- Run sonar analysis (preview mode) during verify phase. Cobertura reports need to be generated already -->
                <plugin>
                   <groupId>org.codehaus.mojo</groupId>
                   <artifactId>sonar-maven-plugin</artifactId>
                   <version>2.5</version>
                   <executions>
                        <execution>
                           <phase>verify</phase>
                           <goals>
                              <goal>sonar</goal>
                           </goals>
                           <inherited>false</inherited>
                        </execution>
                  </executions>
                </plugin>

这篇关于当声纳分析绑定到多模块项目中的maven生命周期时，如何使SonarQube模块仅分析项目一次？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！