Versions Compared

Old Version 2

changes.mady.by.user Moses Kim

Saved on

compared with

New Version 3

changes.mady.by.user Moses Kim

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.


Info

SonarQube Official Doc Link: https://docs.sonarqube.org/display/SONAR/Analysis+Parameters



Panel
borderColor#888888

Table of Contents
maxLevel3
indent16px


프로젝트 분석 환경 설정을 위한 파라미터들은 다양한 위치에서 설정 가능합니다. 파라미터들은 다음과 같은 계층 구조를 가집니다:

  • Global 분석 파라미터: UI에서 설정하며 모든 프로젝트에 적용됩니다(화면 최상단 bar 메뉴, Settings > General Settings).
  • Project 분석 파라미터: UI에서 설정하며 global 파라미터의 설정 내용을 오버라이딩합니다(프로젝트 레벨,  Configuration > Settings).
  • Project 분석 파라미터: 프로젝트 분석 환경 설정 파일(sonar-project.properties) 혹은 분석 환경 파일(sonar.properties)에서 설정하며, UI에서 설정된 파라미터의 설정 내용을 오버라이딩합니다.
  • Analysis / Command Line 파라미터: 분석 실행시 설정하며, project 분석 파라미터의 설정 내용을 오버라이딩 합니다.

UI에서 설정한 파라미터의 설정값들만 SonarQube 데이터 베이스에 저장됩니다.

예를 들어, `sonar.exclusions` 파라미터의 설정값을 커맨드 라인 명령어를 통해 오버라이딩해서 분석을 실행한 경우 해당 내용은 데이터베이스에 저장되지 않습니다. Eclipse를 통해 로컬 분석을 수행하는 경우, exclusion은 UI 상에서 설정되어 있기 때문에 해당 설정값는 데이터베이스에 저장됩니다.

본 섹션에서는 모든 파라미터를 기술하지 않습니다. 인터페이스에 표시되는 프로퍼티 키 역시 global, project 레벨 및 분석 파라미터로 설정할 수 있습니다

Mandatory Parameters

필수 파라미터

Server

서버

Key

Description

Default value

sonar.host.urlSonarQube Server URLhttp://localhost:9000
Project Configuration

프로젝트 환경 설정

Key

Description

Default value

sonar.projectKey

각 프로젝트가 고유하게 가지고 있는 key 값으로 다음의 문자열을 사용할 수 있습니다:

  • 숫자, 문자, '-' , '_' 및 '.'. 1자리 이상의 숫자가 포함되어야 합니다.

Maven을 사용하는 경우 key값은 자동으로 다음으로 설정됩니다: <groupId>:<artifactId>

 
sonar.sources

콤마(',')로 구분된 디렉토리 명칭을 입력할 수 있습니다.

Maven과 호환되나 그렇지 않은 경우 소스코드는 기본 Maven 코드 저장 위치에서 추출합니다.

 

Optional Parameters

Project identity

선택 파라미터

프로젝트 식별

Key

Description

Default value

sonar.projectName

Name of the project that will be displayed on the web interface.
Set through <name> when using Maven.

  • If there is no name defined yet, use the project key
    • If there is already a name in the DB, don't overwrite;

    SonarQube 웹 인터페이스에 표시되는 프로젝트 이름. Maven 프로젝트인 경우 <name> 속성으로 설정합니다.

    • 속성을 명시하지 않은 경우 project key를 사용합니다
    • 동일한 이름이 데이터베이스에 존재하는 경우, 덮어쓰지 않습니다
    sonar.projectVersion

    The project version.
    Set through <version> when using Maven.

    		"not provided"

    Authentication

    If Anyone does not have permission to perform analyses, you'll need to supply the credentials of a user with Execute Analysis permission for the analysis to run under

    프로젝트 버전. Maven 프로젝트인 경우 <version> 속성으로 설정합니다.

    		없음

    인증

    분석 수행권한이 없는 사용자로 로그인 한 경우, Execute Analysis 권한을 가진 사용자의 인증 정보를 입력해야 합니다.

    Key

    Description

    Default value

    sonar.loginThe login or authentication token of a SonarQube user with Execute Analysis permissionExecute Analysis 권한을 가진 SonarQube 사용자의 로그인 계정 혹은 사용자 토큰. 
    sonar.passwordThe password that goes with the sonar.login  username. This should be left blank if an authentication token is being used사용자 계정의 비밀번호. 사용자 토큰을 사용하는 경우, 공란으로 남겨둡니다. 
    Web Services

    웹 서비스

    Key

    Description

    Default value

    sonar.ws.timeoutMaximum time to wait for the response of a Web Service call (in seconds웹 소비스 콜의 최대 응답 대기시간(초) 60
    Project Configuration

    프로젝트 설정

    Key

    Description

    Default value

    sonar.projectDescription

    프로젝트 설명
    The project description.
    Not compatible with Maven, which uses the <description> attribute.<description> 속성을 사용하는 Maven 프로젝트와 호환되지 않습니다

    		 
    sonar.links.homepageProject home page
    Not compatible with Maven, which uses the <url> attribute프로젝트 홈페이지 링크
    <url> 속성을 사용하는 Maven 프로젝트와 호환되지 않습니다.    		 

    sonar.links.ci

    		Continuous integration 
    Not compatible with Maven, which uses the <ciManagement><url> attribute<ciManangement><url> 속성을 사용하는 Maven 프로젝트와 호환되지 않습니다.    		 
    sonar.links.issueIssue tracker
    Not compatible with Maven, which uses the <issueManagement><url> attribute이슈 트래커
    <issueManagement><url> 속성을 사용하는 Maven 프로젝트와 호환되지 않습니다.    		 
    sonar.links.scmProject sources
    Not compatible with Maven, which uses the <scm><url> attribute프로젝트 소스 링크
    <scm><url> 속성을 사용하는 Maven 프로젝트와 호환되지 않습니다.    		 
    sonar.links.scm_devDeveloper connection
    Not compatible with Maven, which uses the <scm><developerConnection> attribute

    개발자 컨텍션 링크

    <scm><developerConnection> 속성을 사용하는 Maven 프로젝트와 호환되지 않습니다.

    		 
    sonar.tests

    Comma-separated paths to directories containing tests.
    Not compatible with Maven, which retrieves test from the default location for Java Maven projects.  컴마로 구분된 테스트 케이스 파일의 경로

    Java Maven 프로젝트의 기본 경로 정보를 사용하는 Maven 프로젝트와 호환되지 않습니다.

    		 

    sonar.language

    Set the language of the source code to analyze. Browse the Plugin Library page to get the list of all available languages. If not set, a multi-language analysis will be triggered.

     

    sonar.sourceEncoding

    Set the source file encoding.

    Encoding of source files. Example of values: UTF-8, MacRoman, Shift_JIS. This property can be replaced by the standard property project.build.sourceEncoding in Maven projects.

    The list of available encodings depends on your JVM. See http://docs.oracle.com/javase/1.5.0/docs/guide/intl/encoding.doc.html (column : Canonical Name for java.nio API)

    System encoding

    sonar.projectDate

    Assign a date to the analysis.

    Note: This parameter is applicable to a few, special use cases, rather than being an "every day" parameter:

    • When analyzing a new project, you may want to retroactively create some history for the project in order to get some information on quality trends over the last few versions.
    • When moving from one database engine to another, it is highly recommended (even mandatory) to start from a fresh new database schema. In doing so, you will lose the entire history for all your projects. Which is why you may want to feed the new SonarQube database with some historical data.

    To answer those use cases, you can use the sonar.projectDate property. The format is yyyy-MM-dd, for example: 2010-12-01.

    The process is the following:

    • Retrieve a the oldest version of your application's source that you wish to populate into the history (from a specific tag, whatever).
    • Run a SonarQube analysis on this project by setting the sonar.projectDate property. Example: sonar-scanner -Dsonar.projectDate=2010-12-01
    • Retrieve the next version of the source code of your application, update the sonar.projectDate property, and run another analysis. And so on for all the versions of your application you're interested in.

    Since you cannot perform an analysis dated prior to the most recent one in the database, you must analyze your versions in chronological order, oldest first.
    (warning)Note: You may need to adjust your housekeeping settings if you wish to create a long-running history.

    Current date

     sonar.branch

    Manage SCM branches. (warning) Two branches of the same project are considered to be different projects in SonarQube. As a consequence issues found in a project A in a branch B1 are not linked to issues found for this project A in a branch B2. Currently, there is no way to resolve automatically issues of B2 when they are resolved in B1 as again A-B1 & A-B2 are considered as separated project.

    If you are a user of Developer Cockpit, please see "Limitation" section in the Developer Cockpit Installation and Usage

     

    sonar.profile

    This property is deprecated since SQ 4.5 LTS (see SONAR-5370 - Deprecate usage of "sonar.profile" as an analysis parameter CLOSED ) and should not be used.

    Default profile for the given language

     

    sonar.projectBaseDir

    Use this property when you need analysis to take place in a directory other than the one from which it starts. E.G. analysis begins from jenkins/jobs/myjob/workspace but the files to be analyzed are in ftpdrop/cobol/project1. The path may be relative or absolute.

    Specify not the the source directory, but some parent of the source directory. The value specified here becomes the new "analysis directory", and other paths are then specified as though the analysis were starting from the new sonar.projectBaseDir.

    Note that the analysis process will need write permissions in this directory; it is where the sonar.working.directory will be created.

    		 
     sonar.working.directory

    Set the working directory for an analysis triggered with the SonarQube Scanner or the SonarQube Ant Task (versions greater than 2.0).

    Path must be relative and unique for each project.

    Beware: the specified folder is deleted before each analysis.

    		.sonar
    sonar.scm.provider
    		This property can be used to explicitly tell SonarQube which SCM plugin should be used to grab SCM data on the project (in case auto-detection does not work). The value of this property is always lowercase and depends on the plugin (ex. "tfvc" for the TFVC plugin). Check the documentation page of each plugin to know more. 
    sonar.scm.forceReloadAllBy default, blame information is only retrieved for changed files. Set this property to true to load blame information for all files. This can be useful is you feel that some SCM data is outdated but SonarQube does not get the latest information from the SCM engine.false

    Exclusions / Inclusions

    See Narrowing the Focus to:

    • Exclude files from analysis
    • Prevent some files from being checked for duplications
    • Prevent some files from being taken into account for code coverage by unit tests and integration tests
    • Ignore issues on certain components and against certain coding rules 

    Key

    Description

    Default value

    sonar.inclusionsComma-delimited list of file path patterns to be included in analysis. When set, only files matching the paths set here will be included in analysis. 
    sonar.exclusionsComma-delimited list of file path patterns to be excluded from analysis. 
    sonar.coverage.exclusionsComma-delimited list of file path patterns to be excluded from coverage calculations 
    sonar.test.exclusionsComma-delimited list of test file path patterns to be excluded from analysis. 
    sonar.test.inclusionsComma-delimited list of test file path patterns to be included in analysis. When set, only test files matching the paths set here will be included in analysis. 
    sonar.issue.ignore.allfileFiles containing text matching this regular expression will be ignored by analysis. 
    sonar.import_unknown_files
    		If set to true, all files are imported - with respect to inclusions and exclusions, even if there is no matching language plugin installed.
    false
    sonar.cpd.exclusionsComma-delimited list of file path patterns to be excluded from duplication detection 

    Duplications

    KeyDescription

    Default value

    sonar.cpd.exclusions(see the Exclusions/Inclusions section) 
    sonar.cpd.${language}.minimumtokensA piece of code is considered duplicated as soon as there are at least 100 duplicated tokens in a row (overide with sonar.cpd.${language}.minimumTokens) spread on at least 10 lines of code (override with sonar.cpd.${language}.minimumLines). For Java projects, a piece of code is considered as duplicated when there is a series of at least 10 statements in a row, regardless of the number of tokens and lines. This threshold cannot be overridden. 100
    sonar.cpd.${language}.minimumLines10

     

    Analysis Logging

    Key

    Description

    Default value

    sonar.log.level

    Control the quantity / level of logs produced during an analysis.

    DEBUG: 
    Display INFO logs + more details at DEBUG level.
    Similar to sonar.verbose=true

    TRACE: 
    Display DEBUG logs + the timings of all ElasticSearch queries and Web API calls executed by the SonarQube Scanner.

    INFO
    sonar.verbose

    Add more detail to both client and server-side analysis logs.

    • Activates DEBUG mode for the scanner. This is a shortcut of sonar.log.level=DEBUG.
    • Adds client-side environment variables and system properties to server-side log of analysis report processing. 
      NOTE There is the potential for this setting to expose sensitive information such as passwords if they are stored as server-side environment variables.
    		false
    sonar.showProfiling

    Display logs to see where the analyzer spends time.

    This parameter is generating a file containing these timing infos in
    <workingDir>/profiling/<moduleKey>-profiler.xml where <workingDir> is:

    • .sonar/profiling/ when analysis is run with Sonar Scanner

    • target/sonar/profiling/ when Maven is used 


    		false
    sonar.scanner.dumpToFileOutputs to the specified file the full list of properties passed to the scanner API as a means to debug analysis. 

    Parameters specific to Integration

    Those parameters are listed here for completeness of this documentation page - but regular users should not have to worry about them because they mainly target integration use cases.

    Key

    Description

    sonar.analysis.mode

    This parameter is set to preview as part of PR analysis.