maven - 从 Azure DevOps 发布声纳扫描结果

问题描述

我正在 Azure DevOps 上构建 Java Maven 服务。服务构建正在从 JFrog Artifactory Repository 中提取一个 jar，我正在为此使用该 task: ArtifactoryMaven@2任务

为 ADO 安装了 Sonarqube 扩展。添加 SonarQubePrepare@4 和 SonarQubeAnalyze@4 任务时，将跳过分析步骤并显示以下消息：

Starting: SonarQubeAnalyze
==============================================================================
Task         : Run Code Analysis
Description  : Run scanner and upload the results to the SonarQube server.
Version      : 4.22.0
Author       : sonarsource
Help         : Version: 4.22.0. This task is not needed for Maven and Gradle projects since the scanner should be run as part of the build.

[More Information](http://redirect.sonarsource.com/doc/install-configure-scanner-tfs-ts.html)
==============================================================================
##[warning][SQ] When using Maven or Gradle, don't use the analyze task but instead tick the 'SonarQube' option in the Maven/Gradle task to run the scanner as part of the build.
Finishing: SonarQubeAnalyze

如何在使用 ArtifactoryMaven 任务时启用声纳扫描？

这是我当前的管道代码片段：

 - task: SonarQubePrepare@4
   inputs:
     SonarQube: sonar-svc-conn
     scannerMode: 'Other'
     extraProperties: |
       sonar.host.url=${{ parameters.sonarhost }}
       sonar.projectKey=${{ parameters.sonarprojectkey }}
       sonar.login=${{ parameters.sonarToken }}

- task: ArtifactoryMaven@2
  inputs:
    mavenPomFile: 'pom.xml'
    goals: 'clean install'
    # options: '-e -Dmaven.test.skip=true'
    artifactoryResolverService: my-repo-connection
    collectBuildInfo: true
    buildName: '$(Build.DefinitionName)'
    buildNumber: '$(Build.BuildNumber)'
    targetResolveReleaseRepo: 'myrepo'
    targetResolveSnapshotRepo: myrepo

 - task: SonarQubeAnalyze@4

任何线索都会有所帮助。提前致谢！

标签： mavenazure-devopssonarqubeartifactory