How to integrate your MAVEN project with SonarQube

Reading Time: 3 minutes

So, You want to integrate your project to SonarQube for managing the source code quality of your project. That’s indeed a wonderful idea. If you are wondering and excited to learn How to go about it, just keep calm and sit back, I will take you through the same. I am very certain that after this blog you will be able to integrate your project to SonarQube in just a matter of time.

  • So, Let’s dive into this!
    Before we go any further, Let’s understand What SonarQube(previously known as Sonar) is?
    SonarQube is open-source for continuous inspection of code quality. Sonar is a web based code quality analysis tool for MAVEN based JAVA projects. It covers a wide area of code quality checkpoints which include: Architecture & Design, Complexity, Duplications, Coding Rules, Potential Bugs, Unit test etc.It offers reports like
  • Duplicated code
  • Coding Standards
  • Unit Tests
  • Code Coverage
  • Code Complexity
  • Potential Bugs
  • Comments
  • Design & ArchitectureIntegrable with CI, Maven, Ant, Gradle.Supports languages: Java (including Android), C/C++, Objective-C, C#, PHP, Flex, Groovy, JavaScript, Python, PL/SQL, COBOL, Swift, etc.
    Integrates with Eclipse, Visual Studio, and IntelliJ IDEA development environments through the SonarLint plugins
    Integrates with external tools: JIRA, Mantis, LDAP, Fortify, etc.
    Is expandable with the use of plugins.

Latest stable release SonarQube 6.2

Alright, So above was the introduction to SonarQube. I believe that was enough of SonarQube. Now let’s jump onto Maven SonarQube integration.
The very first thing we need to do is to launch the SonarQube dashboard on the browser. Let’s see How to do this.

Step1. Download the latest stable release of SonarQube and unzip it to your favorite directory.
Step2.Start the SonarQube server

For Windows

For other operating systems like Linux/Ubuntu
YOUR_DIR_PATH/sonarqube/bin/[OS]/ console

That’s how we run the SonarQube Server

Step3. Once the SonarQube Server is up and running then you can visit the SonarQube Dashboard at http://localhost:9000(default System administrator credentials are admin/admin)
By default, the SonarQube runs on 9000 port.

Now that, SonarQube Server is up and running we are good to integrate our project(Maven)into it and do the continuous inspection of code quality.

That is how the SonarQube dashboard looks like

integrate your project to SonarQube

Come let’s integrate our Maven project with SonarQube.
Before we could integrate our Maven project to SonarQube, We will need to integrate SonarQube Scanner in our POM.XML.

SonarQube Scanner is recommended since it is the default launcher to analyze a project with SonarQube.

Let’s see How to integrate Sonar-Scanner with Maven project in POM.XML
We will need to add the following dependency

<!-- -->

Followed by the profile

<!-- Optional URL to server. Default value is http://localhost:9000 -->

// You can also replace the IP with your own IP or just say localhost instead.

Now, that you are done integrating Sonar- Scanner into the POM.XML file.
Our one last task would be, To run the following commands to generate the reports of our project on SonarQube Dashboard at http://localhost:9000

1. mvn clean //to clean the existing resources
2. mvn install
3. mvn sonar:sonar //to generate the reports, this command generates the report and move the reports to SonarQube dashboard. You can view your reports under project section of the Dashboard

Or you can also say mvn clean install sonar:sonar // to generate reports
In my case, I have set my system’s IP to launch the SonarQube dashboard. You can also use it with localhost to run it on your browser

That’s how the dashboard looks like after project integration

integrate your project to SonarQube

If you find any challenge, Do let me know in the comments.
If you enjoyed this post, I’d be very grateful if you’d help it spread.Keep smiling, Keep coding! Cheers!

Written by 

Deepak is a Software Consultant having experince of more than 5 years . He is very enthusiastic towards his work and is a good team player. He has sound knowledge of different technologies which include Java, C++, C, HTML, CSS, Javascript, C# always keen to learn new technologies.

12 thoughts on “How to integrate your MAVEN project with SonarQube4 min read

  1. sonar supports scala? on the other blog I can see code coverage i.e. scoverage. I am using 4.5.7 but its not considering scala sources its considering java sources

  2. How can we fail maven build in case of Sonar violations ? My Quality gate is expecting 80% code coverage . I need to fail the build if code coverage is less than 80 %.

  3. Hi Deepak,

    I’m facing following issues, Can you please guide?

    1. mvn clean return following error
    [ERROR] Plugin org.apache.maven.plugins:maven-clean-plugin:2.5 or one of its dependencies could not be resolved: Failed to read artifact descriptor for org.apache.maven.plugins:maven-clean-plugin:jar:2.5: Could not transfer artifact org.apache.maven.plugins:maven-clean-plugin:pom:2.5 from/to central ( java.lang.RuntimeException: Unexpected error: the trustAnchors parameter must be non-empty -> [Help 1]

    2. mvn sonar:sonar -Dsonar.login=60a66f6c240e1b6a182c0102609920e1f53c6f72 -U return below:
    [ERROR] No plugin found for prefix ‘sonar’ in the current project and in the plugin groups [org.apache.maven.plugins, org.codehaus.mojo] available from the repositories [local (/Users/sandip.gami/.m2/repository), central (] -> [Help 1]

  4. It will help a lot if you can provide compatibility matrix of maven version , sonar.maven plugin version, java source version and sonar cube version .

Comments are closed.