search

porscheinformatik / sonarqube-licensecheck

SonarQube Licensecheck Plugin
Apache License 2.0
156 stars 58 forks source link

Gradle sonar plugin looking in the wrong directory #421

Open adamkorynta opened 4 months ago

adamkorynta commented 4 months ago

When I run the gradle sonar plugin, the GradleDependencyScanner is using the context path to look for the license-details.json file: https://github.com/porscheinformatik/sonarqube-licensecheck/blob/6b04f454dbe0ac4e807229543d365b5427302e44/src/main/java/at/porscheinformatik/sonarqube/licensecheck/gradle/GradleDependencyScanner.java#L51

This ends up looking in a directory under my gradle project's build/sonar/<gradle-project-name>/build/reports/dependency-license/license-details.json. I tried to configure my JK1 plugin to output to that directory, but it looks like the gradle sonar task cleans the directory prior to running the analylsis.

2024-04-25T17:15:42.300-0700 [DEBUG] [org.sonarqube.gradle.SonarTask] Searching for license file at build\reports\dependency-license\license-details.json
2024-04-25T17:15:42.300-0700 [INFO] [org.sonarqube.gradle.SonarTask] No license-details.json file found in C:\Git\myrepo\build\sonar\myrepo-parent-plugin\build\reports\dependency-license\license-details.json - skipping Gradle dependency scan

I'll note that I have many gradle subprojects and I am running the sonar task on the root project with the same configuration identified in the REAMD.md.

derhecht commented 4 months ago

same problem here

additionally could not override it with config GRADLE_JSON_REPORT_PATH

it also looks like there is typo/camelcase problem: licenseCheck.gradle-json-report-path vs licensecheck.gradle-json-report-path

using standalone sonarqube runner in docker container but sonar is always try to find a file in: .scannerwork/build/reports/dependency-license/license-details.json

SOLVED by: adding ../ in front of my licenseCheck.gradle-json-report-path path definition. i think this is because File licenseDetailsJsonFile = context .fileSystem() .baseDir() .toPath() .resolve(pathDef)... - contains baseDir which is in my setup the .scannerwork folder of sonarqube container

agi1clj commented 2 months ago

Same problem here. @derhecht did you change directly in the code?

derhecht commented 2 months ago

Same problem here. @derhecht did you change directly in the code?

there are two optons: 1) in Sonarqube GUI URL/admin/settings?category=license+check at the bottom 2) we've a global setup where I just add "-DlicenseCheck.gradle-json-report-path=../build/reports/dependency-license/license-details.json" when calling sonarqube runner Docker

agi1clj commented 2 months ago

That's great. Thanks a lot @derhecht . In my case worked with: ../reports/dependency-license/license-details.json I did it from the Sonarqube GUI