User specific sonar reports for same project

sonar-project.properties file example java
sonarqube multiple coverage reports
sonar.sources multiple directories
sonarqube analysis
sonarqube exclude project
sonar-scanner-cli
sonar maven multi-module project
sonar.sources wildcard

I have configured one project in sonar and integrated sonar with maven for build time analysis of the project.

After analysis, report is generated and uploaded to Sonar for browsing. But once another user compiles the same project their report overwrites mine.

Basically I want that one user's report on one project is not overwritten by report from other user. A user must be able to see their current violations independently. Is it possible in Sonar?

Sonar stores it's analysis on a daily basis, which explains why it's kind of pointless to run analysis several times in a day. Each analysis run will overwrite that day's existing results, which in turn spoils ongoing statistical analysis.

I would suggest running Sonar, from a dedicated build server like Jenkins (which has a Sonar plug-in). This daily analysis will populate the Sonar database and keep the project dashboard current. This architecture also enables you to keep the database credentials confidential.

Obviously developers would like to see the results of their bug fixing. For that I'd recommend running the Sonar Eclipse plug-in. The latest version will run the same Sonar analysis locally. Recent versions of Sonar also enable you to assign violations to developers for resolution.

Analysis Parameters, Global analysis parameters, defined in the UI, apply to all the projects (From the the sonar.exclusions parameter via command line for a specific project, it will Allowed characters are: letters, numbers, - , _ , . and : , with at least one non-digit. token of a SonarQube user with Execute Analysis permission on the project. SonarSource analyzers do not run your tests or generate reports. They only import pre-generated reports. Below you'll find language- and tool-specific analysis parameters for importing coverage and execution reports. In the Guides category of the SonarSource Community forum you might find instructions on generating these reports.

This is not possible, last performed analysis will always be the one you browse in the interface. However, I guess what you need is the Issue Report Plugin which will enable analysis to store results locally, with the dry-run option.

This way your developers will be able to run an analysis on their code and see the violation delta without pushing the results.

Analysis Parameters, For language-specific parameters related to external issue reports, see External Allowed characters are: letters, numbers, - , _ , . and : , with at least one non-​digit. token of a SonarQube user with Execute Analysis permission on the project. Though there is a global Issues tab, the Issues tab on the project dashboard display issues specific to the project concerned alone: The issues tab always display the category, severity level, tag(s), and the calculated effort (regarding time) it will take to rectify an issue.

You can do it by explicitly setting the below properties in pom.xml

<properties>
            <sonar.projectKey>Test</sonar.projectKey>
             <sonar.projectName>Test</sonar.projectName>
</properties>

Every user should set different projectKey and projectName, if you want that one user's report on one project is not overwritten by report from other user.

Does SonarQube merge coverage results from different coverage , If I generate code coverage reports of multiple formats for the same code, is SonarQube in the sonar-project.properties the locations of the reports as specified here: you should use the bw-outputs of the machine where you are analyzing,  Alternatives to sonar-project.properties. If a sonar-project.properties file cannot be created in the root directory of the project, there are several alternatives: The properties can be specified directly through the command line. Ex: sonar-scanner -Dsonar.projectKey=myproject -Dsonar.sources=src1

Using SonarCloud with Travis CI - Travis CI, You are using one of the two following environments: Create a user authentication token for your account on SonarCloud. its key; Create a sonar-​project.properties file for your project (see the documentation). or need multiple steps Maven commands ; execute JaCoCo XML report generation at end of your main build. In terms of languages, Sonar support analysis of Java in the core, but also of JavaScript, PHP, PL/SQL and Cobol through plugins (Open Source or commercial) as the reporting engine is language agnostic. Since version 2.0, Sonar enables to cover quality on 7 axes and so to report on: Duplicated code; Coding standards; Unit tests; Complex code; Potential bugs

Generate Codecoverage Report with Jacoco and Sonarqube, Generate Codecoverage Report with Jacoco and Sonarqube You have download and setting Sonarqube and you can use community edition for this one​. of project. and then execute this maven command to connect with Sonarqube. Analysis Parameters. Project analysis settings can be configured in multiple places. Here is the hierarchy: Note that only parameters set through the UI are stored in the database. For example, if you override the sonar.exclusions parameter via command line for a specific project, it will not be stored in the database.

Using SonarQube to Analyze a Java Project, One should note that we use an external MySQL database instead of the default built-in one. required to avoid errors later when Maven will be sending analysis reports to SonarQube: Consequently, you will need to disable certain rules. In sonar-project.properties file, you can find C specific settings, where you should configure the information like where the .sln file exists and which version of .NET; you are using and where the key libraries are located. The screenshot is given below for the reference.

Comments
  • +1 - just wasted hours trying to find how to delete an analysis done today... only to find out that the analysis kicked off later had already deleted the bad one for me. Thanks to your post I can stop searching.