Here is a problem/issue found while using Sonar in a Maven 3 Java JS project using JENKINS build.

To analyse my project , I've choosen two different way, but both doesn't work as it should.

First way : Launching Sonar as standlone task as a post-build action in JENKINS

Sonar Plugin v2.1 Installed from JENKINS

Sonar Runner v2.3 Installed from JENKINS

In post-build section of my maven project, I check Launch Sonar as standlone task and I set these properties :

# Required metadata
sonar.projectKey=***
sonar.projectName=***
sonar.projectVersion=1.0
sonar.java.source=1.7

# Path to the parent source code directory.
sonar.sources=src/main

#Path to the directories to exclude
sonar.exclusions=src/main/webapp/ui/ext/**,src/main/webapp/ui/build/**,src/main/webapp/ui/admin/sass/**,src/main/webapp/ui/user/sass/**,src/main/ressources/**

#Path to classes directory
sonar.binaries=target/classes

#Path to Junit test reports and test files
sonar.junit.reportsPath=target/surefire-reports
sonar.tests=src/test
sonar.dynamicAnalysis=reuseReports

#Jacoco coverage report
sonar.jacoco.reportPath=target/jacoco.exec
sonar.java.coveragePlugin=jacoco

# Encoding of the source code
sonar.sourceEncoding=UTF-8

With this way I can analyse both JAVA and JS as I want.But, SONAR doesn't load maven dependencies as they should be loaded. Here is the log when SONAR analyse :

09:23:55.605 INFO  - Java bytecode scan...
09:23:55.646 WARN  - Class 'org/springframework/context/ApplicationContext' is not    accessible through the ClassLoader.
09:23:55.656 WARN  - Class 'com/mongodb/MongoClient' is not accessible through the ClassLoader.
09:23:55.657 WARN  - Class 'com/mongodb/DB' is not accessible through the ClassLoader.
09:23:55.661 WARN  - Class 'org/springframework/context/ApplicationContext' is not    accessible through the ClassLoader.
09:23:55.662 WARN  - Class 'org/springframework/context/ApplicationContext' is not accessible through the ClassLoader.
...
09:23:55.749 WARN  - Class 'org/apache/log4j/Logger' is not accessible through the ClassLoader.
09:23:55.773 INFO  - Java bytecode scan done: 168 m

I can see in Sonar the code coverage...and the analyse is SUCCESSFUL But I can't keep these WARNINGS in my build.

So I did a Sonar analyse using maven.

Second way : Soanar using maven

Maven plugin v3.0.4 Installed from JENKINS

Sonar plugin v2.1 Installed from JENKINS

In after build section I choose Sonar and I set these properties :

 -Dsonar.projectKey=***
 -Dsonar.projectName=***
 -Dsonar.projectVersion=1.0
 -Dsonar.java.source=1.7

 -Dsonar.sources=src/main

-Dsonar.exclusions=src/main/webapp/ui/ext/**,src/main/webapp/ui/build/**,src/main/webapp/ui/admin/sass/**,src/main/webapp/ui/user/sass/**,src/main/ressources/**

-Dsonar.binaries=target/classes

-Dsonar.junit.reportsPath=target/surefire-reports
-Dsonar.tests=src/test
-Dsonar.dynamicAnalysis=reuseReports

-Dsonar.jacoco.reportPath=target/jacoco.exec
-Dsonar.java.coveragePlugin=jacoco

-Dsonar.sourceEncoding=UTF-8

Using this way, I have no more classe loader problem and all the dependencies are loaded.

But Sonar only analyse the JAVA code, even if I define sonar.sources=src/main he only analyse JAVA.

Here is the log :

[INFO] --- sonar-maven-plugin:2.2:sonar (default-cli) @ WebDark ---
[INFO] SonarQube version: 4.2
INFO: Default locale: "fr_FR", source code encoding: "UTF-8"
....
[INFO] [15:20:59.054] Base dir: /**/**/jenkins/jobs/**/workspace
[INFO] [15:20:59.054] Working dir: /**/**/jenkins/jobs/**/workspace/target/sonar
[INFO] [15:20:59.054] Source dirs: /**/**/jenkins/jobs/**/workspace/src/main/java
[INFO] [15:20:59.054] Test dirs: /**/**/jenkins/jobs/**/workspace/src/test/java
[INFO] [15:20:59.054] Binary dirs: /**/**/jenkins/jobs/WebDark/workspace/target/classes
[INFO] [15:20:59.055] Source encoding: UTF-8, default locale: fr_FR
[INFO] [15:20:59.055] Index files
[INFO] [15:20:59.083] Excluded sources:
...
...

Again, the analyse is SUCCESSFUL but, SONAR doesn't analyse JS. And as you can see in the log, the Source dirsis set to /**/**/jenkins/jobs/**/workspace/src/main/java even if I seted before -Dsonar.sources=src/main.

So , is it possible to analyse both JAVA and JS in a Maven project with many dependencies using SONAR and JENKINS with no WARNING/ERROR and in a proper way ? Does SONAR have limits ?

Thank you for concidering my post and help me resolving my issue.

I hope I can help you by pointing out to you the first paragraph of this documentation:

It sais "...Therefore, for a multi-language project, the property usually has to be overridden to: sonar.sources=src. Note that this property can only be set in the pom file. It's not possible to set it via the command line."

http://docs.codehaus.org/display/SONAR/Analyzing+with+Maven#AnalyzingwithMaven-AnalyzingaMulti-languageProject

Good Luck!

If you want dependency analysis then indeed the only way it to use Maven plugin to do analysis.

If you want to be able to override default Maven source directories using the property sonar.sources from command line then you should watch/vote for this ticket: https://jira.codehaus.org/browse/MSONAR-70

Note that starting from SonarQube Maven Plugin 2.3 we are using internally sonar-runner API so overriding properties from command line may work in your situation (as it seems you have a single module project). But no guaranty until MSONAR-70 is properly fixed.