John Mercier

[A software developer interested in java, groovy, and nixos]

Sonar is a tool which provides static code analysis for your java projects. Start by creating an account at and creating a login token.

To set it up in a gradle project add the plugin.

plugins {
    id "org.sonarqube" version '2.6.2'

For development the best place to add the token is in `~/home/$USER/.gradle/

Once everything is setup run the task.

./gradlew sonarqube
Reckoned version: 0.1.0-SNAPSHOT
> Task :compileJava UP-TO-DATE
> Task :processResources NO-SOURCE
> Task :classes UP-TO-DATE
> Task :compileTestJava UP-TO-DATE
> Task :processTestResources NO-SOURCE
> Task :testClasses UP-TO-DATE
> Task :test UP-TO-DATE
> Task :sonarqube
Metric 'comment_lines_data' is deprecated. Provided value is ignored.
Classes not found during the analysis : [javax.lang.model.element.Modifier]
4 actionable tasks: 1 executed, 3 up-to-date

For travis-ci it is best to use an encrypted environment variable and use it as an argument to gradle. Here is a section of the .travis.yml.

- ./gradlew build
- ./gradlew -Dsonar.organization=moaxcp -Dsonar.login=$SONAR_TOKEN sonarqube

$SONAR_TOKEN is a secure environment variable. To create a secure environment variable use the guide.

Here is an example run.

2014 - 2018 | Mixed with Foundation v5.5.1 | Baked with JBake v2.6.1