Skip to content
An sbt plugin which provides an easy way to integrate Scala projects with SonarQube.
Branch: master
Clone or download

README.md

sbt-sonar

circleci-badge bintray-badge bintray-stats-badge gitter-badge

An sbt plugin which provides an easy way to integrate Scala projects with SonarQube - a tool for continuous code inspection and quality management .

This plugin is particularly useful when used together with sbt-release for an automated release process in your project, but it can be also used without sbt-release.

Requirements

Installation

To install this plugin in your project, add the following to your ./project/plugins.sbt file:

addSbtPlugin("com.github.mwz" % "sbt-sonar" % "2.0.0")

Usage

You can define your project properties either in the external config file sonar-project.properties, which should be located in the root directory of your project as explained in SonarQube Scanner guide or directly in sbt. By default, the plugin expects the properties to be defined in the sonarProperties setting key in sbt, which comes with the following set of predefined properties:

  • sonar.projectName - your project name defined in the name sbt setting key
  • sonar.projectKey - your project name transformed into a lowercase and dash-separated value
  • sonar.sourceEncoding - UTF-8
  • sonar.sources - default Scala source directory relative to the root of your project (usually src/main/scala, uses the value of scalaSource in Compile defined by sbt)
  • sonar.tests - default Scala tests directory relative to the root of your project (usually src/test/scala, uses the value of scalaSource in Test defined by sbt)
  • sonar.scala.version - defines the version of Scala used in your project (i.e. scalaVersion)
  • sonar.scala.scoverage.reportPath - relative path to the scoverage report (e.g. target/scala-2.12/scoverage-report/scoverage.xml)
  • sonar.scala.scapegoat.reportPath - relative path to the scapegoat report (e.g. target/scala-2.12/scapegoat-report/scapegoat.xml)

If you wish to add more properties to the existing config e.g. to configure your Sonar plugins or set up a multi-module project, use the ++= operator, e.g.:

import sbtsonar.SonarPlugin.autoImport.sonarProperties

sonarProperties ++= Map(
  "sonar.host.url" -> "https://your-sonarqube-server.com",
  "sonar.sources" -> "src/main/scala",
  "sonar.tests" -> "src/test/scala",
  "sonar.modules" -> "module1,module2",
  "module1.sonar.projectName" -> "Module 1",
  "module2.sonar.projectName" -> "Module 2"
  ...
)

To overwrite the entire config provided by default, use the := operator, e.g.:

import sbtsonar.SonarPlugin.autoImport.sonarProperties

sonarProperties := Map(
  "sonar.host.url" -> "https://your-sonarqube-server.com",
  "sonar.projectName" -> "Project Name",
  "sonar.projectKey" -> "project-name",
  "sonar.sources" -> "src/main/scala",
  "sonar.tests" -> "src/test/scala",
  "sonar.junit.reportPaths" -> "target/test-reports",
  "sonar.sourceEncoding" -> "UTF-8",
  "sonar.scala.scoverage.reportPath" -> "target/scala-2.12/scoverage-report/scoverage.xml",
  "sonar.scala.scapegoat.reportPath" -> "target/scala-2.12/scapegoat-report/scapegoat.xml"
  ...
)

External config

To use the external sonar-project.properties file instead, you can set the sonarUseExternalConfig to true, e.g.:

import sbtsonar.SonarPlugin.autoImport.sonarUseExternalConfig

sonarUseExternalConfig := true

Execute SonarQube scan

To run SonarQube analysis, execute the sonarScan sbt task in your project. Depending on the configuration option you have chosen, the plugin will update the sonar.projectVersion property to your current project version either in sonar-project.properties file or in the sonarProperties in sbt config and it will run the SonarQube scan printing the progress to sbt console.

Also, you can overwrite/set sonarProperties via system properties (java options) when you execute sonarScan command, e.g.:

sbt -Dsonar.projectName=MyProjectName sonarScan

Please remember to set the sonar.host.url property before you execute the analysis. You can do that either by adding it to the sonarProperties settings in sbt (as shown in the examples above), or you can set it via a system property, e.g.:

sbt -Dsonar.host.url=https://your-sonarqube-server.com sonarScan

sbt-release

This plugin can be also easily used with sbt-release by wrapping the sonarScan task in a releaseStepTask in the following way:

import sbtsonar.SonarPlugin.autoImport.sonarScan

releaseProcess := Seq[ReleaseStep](
  ...
  releaseStepCommand("coverageOn"),
  releaseStepTask(test),
  releaseStepCommand("coverageOff"),
  releaseStepTask(coverageReport),
  releaseStepTask(scapegoat),
  releaseStepTask(sonarScan),
  ...
)

Fallback mode

It is possible to make the plugin call through to a standalone sonar-scanner executable, if that's what you prefer, for any reasons. This was the default behaviour before version 2.0 and in case you experience any issues with 2.x, you can fall back to using the standalone mode.

In order to do that, you need to have the sonar-scanner installed on your CI server or locally, if you intend to run the analysis on your machine. You also need to make sure you have defined the SONAR_SCANNER_HOME environmental variable, or sonarScanner.home system property, and updated the global settings in $SONAR_SCANNER_HOME/conf/sonar-scanner.properties to point to your SonarQube instance (you can also do that by setting the sonar.host.url via system properties, as shown above).

To enable the fallback mode set the sonarUseSonarScannerCli seting to true, e.g.:

import sbtsonar.SonarPlugin.autoImport.sonarUseSonarScannerCli

sonarUseSonarScannerCli := true

Examples

Please see src/sbt-test directory for some example projects.

Changelog

  • 2.0.0 - Use an embedded sonar-scanner (#34) 🎊. This version removes the dependency on having the standalone sonar-scanner-cli installed. To upgrade from 1.x please define the sonar.host.url property explicitly before running the sonarScan task (see the Execute SonarQube section for more details). If you want to fallback to the default behaviour from 1.x, which makes the plugin call through to the standalone sonar-scanner, you can set the sonarUseSonarScannerCli setting to true (see the Fallback mode section for more details).
Previous releases
  • 1.7.0 - Renamed deprecated sonar.scoverage.reportPath property to sonar.scala.scoverage.reportPath (#30).
  • 1.6.0 - Set automatically the sonar.tests property (#25).
  • 1.5.0 - Allow sbt-sonar to run on Windows (#16).
  • 1.4.0 - Set automatically the sonar.scala.version property (#13).
  • 1.3.0 - Allow to set sonar properties via system properties (#7).
  • 1.2.0 - Use SONAR_SCANNER_HOME/bin for lookup of the sonar-scanner executable (#4).
  • 1.1.0 - Search for sonar-scanner home directory in system properties (sonarScanner.home) if SONAR_SCANNER_HOME environmental variable is not defined (#1).
  • 1.0.0 - Support for sbt 1.0 💪 default scoverage and scapegoat report paths added automatically to the sonarProperties config; added unit and sbt tests.
  • 0.3.1 - Updated the scope of scalaSource setting key to resolve scoping ambiguity with some other plugins.
  • 0.3.0 - Defined a set of default project settings in the sonarProperties config key.
  • 0.2.0 - Added the ability to define sonar project properties directly in sbt.
  • 0.1.0 - First release of the plugin! 🎉

License

The project is licensed under the Apache License v2. See the LICENSE file for more details.

You can’t perform that action at this time.