Using of "org.sonar.java.xml.maven.PomParser" to parse Maven pom.xml file

393 views
Skip to first unread message

awo...@gmail.com

unread,
Feb 6, 2017, 9:39:29 AM2/6/17
to SonarQube
Hello SonarQube team,

I wanted to parse pom.xml file in my custom SonarQube plugin in the initializer phase, I use : 
SQ 5.6.5
Java plugin +  java-frontend : 4.4.0.8066 
XLM plugin 1.4.1

   @Override
    public void execute() {

        String fichier = fileSystem.baseDir() + "/pom.xml";
        File pom = new File(fichier);
        
        if (!pom.exists() || !pom.isFile()) {
            // le projet n'est pas Maven mais peut être analysé (autre scanner)
            LOGGER.info("Le projet ou module [{}] n'est pas un projet Maven.", fileSystem.baseDir().getName());
        } else {
            //Analyse du projet Maven
            MavenProject pomProperties = PomParser.parseXML(pom);
            if (pomProperties == null) {
                throw MessageException.of("Probleme de parsing du pom.xml");
            }
                           
            LocatedAttribute groupId = pomProperties.getGroupId();
            //grpIg.startLocation().line();
            List<Element> elmts = pomProperties.getProperties().getElements();
            for (Element elmt : elmts) {
                if ("sonar.language".equals(elmt.getNodeName())) {
                    Object ligne = elmt.getUserData("lineNumber");
                    
                    //TODO positionner la variable <sonar.language>
                    throw MessageException.of("Le projet doit \u00eatre multi-langage, veuillez supprimer la propri\u00e9t\u00e9 \u003csonar.language\u003e du pom.xml");
                }
                
            }
        ...
        ...

When packaging the Plugin it does'nt want to put guava inside but when :

[INFO] artifact org.assertj:assertj-core: checking for updates from central
[WARNING] com.google.code.findbugs:jsr305:jar:1.3.9:compile is provided by SonarQube plugin API and will not be packaged in your plugin
[WARNING] com.google.guava:guava:jar:19.0:compile is provided by SonarQube plugin API and will not be packaged in your plugin
[WARNING] commons-lang:commons-lang:jar:2.6:compile is provided by SonarQube plugin API and will not be packaged in your pluginSaisissez le code ici...

But when I run :
org.sonarsource.scanner.maven:sonar-maven-plugin:3.2:sonar

I get this :


at org.apache.maven.plugin.DefaultBuildPluginManager.executeMojo(DefaultBuildPluginManager.java:127)
at org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:209)
... 19 more
Caused by: org.apache.maven.plugin.PluginContainerException: A required class was missing while executing org.sonarsource.scanner.maven:sonar-maven-plugin:3.2:sonar: com/google/common/base/Preconditions
-----------------------------------------------------
realm =    plugin>org.sonarsource.scanner.maven:sonar-maven-plugin:3.2
strategy = org.codehaus.plexus.classworlds.strategy.SelfFirstStrategy
urls[0] = file:/D:/otoolbox-m2/M2_REPO/org/sonarsource/scanner/maven/sonar-maven-plugin/3.2/sonar-maven-plugin-3.2.jar
urls[1] = file:/D:/otoolbox-m2/M2_REPO/org/apache/maven/shared/maven-dependency-tree/2.2/maven-dependency-tree-2.2.jar
urls[2] = file:/D:/otoolbox-m2/M2_REPO/org/codehaus/plexus/plexus-component-annotations/1.5.5/plexus-component-annotations-1.5.5.jar
urls[3] = file:/D:/otoolbox-m2/M2_REPO/org/eclipse/aether/aether-util/0.9.0.M2/aether-util-0.9.0.M2.jar
urls[4] = file:/D:/otoolbox-m2/M2_REPO/org/sonatype/plexus/plexus-sec-dispatcher/1.4/plexus-sec-dispatcher-1.4.jar
urls[5] = file:/D:/otoolbox-m2/M2_REPO/org/sonatype/plexus/plexus-cipher/1.4/plexus-cipher-1.4.jar
urls[6] = file:/D:/otoolbox-m2/M2_REPO/org/codehaus/plexus/plexus-utils/3.0.22/plexus-utils-3.0.22.jar
urls[7] = file:/D:/otoolbox-m2/M2_REPO/org/sonarsource/scanner/api/sonar-scanner-api/2.8/sonar-scanner-api-2.8.jar
urls[8] = file:/D:/otoolbox-m2/M2_REPO/commons-lang/commons-lang/2.6/commons-lang-2.6.jar
urls[9] = file:/D:/otoolbox-m2/M2_REPO/com/google/code/findbugs/jsr305/2.0.3/jsr305-2.0.3.jar
Number of foreign imports: 1
import: Entry[import  from realm ClassRealm[maven.api, parent: null]]

-----------------------------------------------------

at org.apache.maven.plugin.DefaultBuildPluginManager.executeMojo(DefaultBuildPluginManager.java:125)
... 20 more
Caused by: java.lang.NoClassDefFoundError: com/google/common/base/Preconditions
at org.sonar.maven.model.XmlLocation.<init>(XmlLocation.java:30)
at org.sonar.maven.model.XmlLocation.getLocation(XmlLocation.java:85)
at org.sonar.java.xml.maven.PomParser$StreamListener.beforeUnmarshal(PomParser.java:80)
at com.sun.xml.internal.bind.v2.runtime.unmarshaller.Loader.fireBeforeUnmarshal(Loader.java:201)
at com.sun.xml.internal.bind.v2.runtime.unmarshaller.StructureLoader.startElement(StructureLoader.java:177)
at com.sun.xml.internal.bind.v2.runtime.unmarshaller.ProxyLoader.startElement(ProxyLoader.java:45)
at com.sun.xml.internal.bind.v2.runtime.unmarshaller.UnmarshallingContext._startElement(UnmarshallingContext.java:559)
at com.sun.xml.internal.bind.v2.runtime.unmarshaller.UnmarshallingContext.startElement(UnmarshallingContext.java:538)
at com.sun.xml.internal.bind.v2.runtime.unmarshaller.StAXStreamConnector.handleStartElement(StAXStreamConnector.java:231)
at com.sun.xml.internal.bind.v2.runtime.unmarshaller.StAXStreamConnector.bridge(StAXStreamConnector.java:165)
at com.sun.xml.internal.bind.v2.runtime.unmarshaller.UnmarshallerImpl.unmarshal0(UnmarshallerImpl.java:400)
at com.sun.xml.internal.bind.v2.runtime.unmarshaller.UnmarshallerImpl.unmarshal(UnmarshallerImpl.java:379)
at org.sonar.java.xml.maven.PomParser.parseXML(PomParser.java:60)
at fr.gce.socle.sonar.nommage.IntialiseurProjet.execute(IntialiseurProjet.java:71)
at org.sonar.api.batch.Initializer.execute(Initializer.java:50)
at org.sonar.batch.phases.InitializersExecutor.execute(InitializersExecutor.java:59)
at org.sonar.batch.phases.AbstractPhaseExecutor.executeInitializersPhase(AbstractPhaseExecutor.java:110)
at org.sonar.batch.phases.AbstractPhaseExecutor.execute(AbstractPhaseExecutor.java:72)
at org.sonar.batch.scan.ModuleScanContainer.doAfterStart(ModuleScanContainer.java:192)
at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:142)
at org.sonar.core.platform.ComponentContainer.execute(ComponentContainer.java:127)
at org.sonar.batch.scan.ProjectScanContainer.scan(ProjectScanContainer.java:241)
at org.sonar.batch.scan.ProjectScanContainer.scanRecursively(ProjectScanContainer.java:236)
at org.sonar.batch.scan.ProjectScanContainer.doAfterStart(ProjectScanContainer.java:226)
at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:142)
at org.sonar.core.platform.ComponentContainer.execute(ComponentContainer.java:127)
at org.sonar.batch.task.ScanTask.execute(ScanTask.java:47)
at org.sonar.batch.task.TaskContainer.doAfterStart(TaskContainer.java:86)
at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:142)
at org.sonar.core.platform.ComponentContainer.execute(ComponentContainer.java:127)
at org.sonar.batch.bootstrap.GlobalContainer.executeTask(GlobalContainer.java:106)
at org.sonar.batch.bootstrapper.Batch.executeTask(Batch.java:119)
at org.sonarsource.scanner.api.internal.batch.BatchIsolatedLauncher.execute(BatchIsolatedLauncher.java:62)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.sonarsource.scanner.api.internal.IsolatedLauncherProxy.invoke(IsolatedLauncherProxy.java:60)
at com.sun.proxy.$Proxy16.execute(Unknown Source)
at org.sonarsource.scanner.api.EmbeddedScanner.doExecute(EmbeddedScanner.java:233)
at org.sonarsource.scanner.api.EmbeddedScanner.runAnalysis(EmbeddedScanner.java:151)
at org.sonarsource.scanner.maven.bootstrap.ScannerBootstrapper.execute(ScannerBootstrapper.java:78)
at org.sonarsource.scanner.maven.SonarQubeMojo.execute(SonarQubeMojo.java:122)
at org.apache.maven.plugin.DefaultBuildPluginManager.executeMojo(DefaultBuildPluginManager.java:101)
... 20 more
Caused by: java.lang.ClassNotFoundException: com.google.common.base.Preconditions
at org.sonar.classloader.ParentFirstStrategy.loadClass(ParentFirstStrategy.java:39)
at org.sonar.classloader.ClassRealm.loadClass(ClassRealm.java:87)
at org.sonar.classloader.ClassRealm.loadClass(ClassRealm.java:76)
... 64 more
[ERROR] 
[ERROR] 
[ERROR] For more information about the errors and possible solutions, please read the following articles:

The missing class "com.google.common.base.Preconditions" commes from "guava:19.0" but I don't how to makke it be in Maven classpath as it's not package inthe my custom plugin.

Could you please help me ?

Thanks a lot

WOGNIN

awo...@gmail.com

unread,
Feb 6, 2017, 9:52:23 AM2/6/17
to SonarQube, awo...@gmail.com
A little precision : the parser I use is :

import org.sonar.java.xml.maven.PomParser;

comming from "java-frontend : 4.4.0.8066"

Thanks a lot.

WOGNIN

yves.dubo...@sonarsource.com

unread,
Feb 7, 2017, 2:59:16 AM2/7/17
to SonarQube, awo...@gmail.com
Hello Wognin,

I suggest you check the clues provided in this topic.

Best regards,

Yves Dubois-Pèlerin
SonarSource team

awo...@gmail.com

unread,
Feb 7, 2017, 3:44:04 AM2/7/17
to SonarQube, awo...@gmail.com
Thanks Yves,

I've check the topic you advised me.
It's nearly the same problem but in my case, I don't use any dependency of org.codehaus.sonar. I know that it has shut down.
you can see snippet of my pom.xml file.

<?xml version="1.0" encoding="UTF-8"?>
<modelVersion>4.0.0</modelVersion>

<groupId>my-groupid</groupId>
<artifactId>sonar-my-plugin</artifactId>
<version>5.6</version>
<packaging>sonar-plugin</packaging>
<name>xxx</name>
<description>SonarQube Plugin</description>

<properties>
<!-- encodage des sources du projet -->
<sonar.sourceEncoding>UTF-8</sonar.sourceEncoding>
    
<javaVersion>1.8</javaVersion>
<maven.build.timestamp. format>yyyy-MM-dd'T'HH:mm:ssZ</maven.build.timestamp.format>
    
        <sonar.version>5.6.5</sonar.version>
        <java.plugin.version>4.4.0.8066</java.plugin.version>
        <sslr.version>1.21</sslr.version>
        
        
</properties>


<dependencies>
<dependency>
<groupId>org.sonarsource.sonarqube</groupId>
<artifactId>sonar-plugin-api</artifactId>
<version>${sonar.version}</version>
<scope>provided</scope>
</dependency>
    

<dependency>
<groupId>org.sonarsource.java</groupId>
<artifactId>sonar-java-plugin</artifactId>
<type>sonar-plugin</type>
<version>${java.plugin.version}</version>
<scope>provided</scope>
</dependency>
    
        <dependency>
          <groupId>org.sonarsource.java</groupId>
          <artifactId>java-frontend</artifactId>
          <version>${java.plugin.version}</version>
        </dependency>

        <dependency>
          <groupId>org.sonarsource.sslr-squid-bridge</groupId>
          <artifactId>sslr-squid-bridge</artifactId>
          <version>2.6.1</version>
          <exclusions>
            <exclusion>
              <groupId>org.codehaus.sonar.sslr</groupId>
              <artifactId>sslr-core</artifactId>
            </exclusion>
            <exclusion>
              <groupId>org.codehaus.sonar</groupId>
              <artifactId>sonar-plugin-api</artifactId>
            </exclusion>
            <exclusion>
              <groupId>org.codehaus.sonar.sslr</groupId>
              <artifactId>sslr-xpath</artifactId>
            </exclusion>
            <exclusion>
              <groupId>org.slf4j</groupId>
              <artifactId>jcl-over-slf4j</artifactId>
            </exclusion>
            <exclusion>
              <groupId>org.slf4j</groupId>
              <artifactId>slf4j-api</artifactId>
            </exclusion>
          </exclusions>
        </dependency>
                
<dependency>
<groupId>org.sonarsource.java</groupId>
<artifactId>java-checks</artifactId>
<version>${java.plugin.version}</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.sonarsource.xml</groupId>
<artifactId>sonar-xml-plugin</artifactId>
<type>sonar-plugin</type>
<version>1.4.1</version>
<scope>provided</scope>
<exclusions>
<exclusion>
<groupId>xml-apis</groupId>
<artifactId>xml-apis</artifactId>
</exclusion>
<exclusion>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-api</artifactId>
</exclusion>
<exclusion>
<groupId>org.slf4j</groupId>
<artifactId>jcl-over-slf4j</artifactId>
</exclusion>
<exclusion>
<groupId>org.slf4j</groupId>
<artifactId>log4j-over-slf4j</artifactId>
</exclusion>
</exclusions>
</dependency>

<dependency>
<groupId>org.sonarsource.java</groupId>
<artifactId>java-checks-testkit</artifactId>
<version>${java.plugin.version}</version>
<scope>test</scope>
</dependency>


<dependency>
<groupId>org.sonarsource.sslr</groupId>
<artifactId>sslr-testing-harness</artifactId>
<version>${sslr.version}</version>
<scope>test</scope>
</dependency>
    
    
        <dependency>
          <groupId>org.sonarsource.sonarqube</groupId>
          <artifactId>sonar-testing-harness</artifactId>
          <version>${sonar.version}</version>
          <scope>test</scope>
        </dependency>
<dependency>
<groupId>fr.gce.socle.normes</groupId>
<artifactId>controle-groupid</artifactId>
<version>1.0.2-SNAPSHOT</version>
</dependency>
   <!-- dependance pour les logs slf4j. -->
   <dependency>
     <groupId>org.slf4j</groupId>
     <artifactId>slf4j-log4j12</artifactId>
     <version>1.5.6</version>
     <scope>test</scope>
   </dependency>

       <dependency>
     <groupId>org.easytesting</groupId>
     <artifactId>fest-assert</artifactId>
     <version>1.4</version>
     <scope>test</scope>
   </dependency>
        
        
</dependencies>
  
<build>
<plugins>
    
    
            <plugin>
              <groupId>org.apache.maven.plugins</groupId>
              <artifactId>maven-compiler-plugin</artifactId>
              <configuration>
                <source>1.8</source>
                <target>1.8</target>
              </configuration>
            </plugin>
<plugin>
<groupId>org.sonarsource.sonar-packaging-maven-plugin</groupId>
<artifactId>sonar-packaging-maven-plugin</artifactId>
<version>1.17</version>
<extensions>true</extensions>
<configuration>
<pluginClass>my.groupId....ReglesPlugin</pluginClass>
<archive>
           <manifestEntries>
             <Implementation-Build>10d113a8926a1934395983d4ece1d1ed0d4a87f3</Implementation-Build>
             <Build-Time>${maven.build.timestamp}</Build-Time>
           </manifestEntries>
         </archive>
</configuration>
</plugin>
...

</plugins>
</build>

</project>

To build my pom file, I followed this example of SonarQube custom rules.

Thanks again.

WOGNIN

yves.dubo...@sonarsource.com

unread,
Feb 8, 2017, 4:09:56 AM2/8/17
to SonarQube, awo...@gmail.com
Hello Wognin,

The following dependency - even transitive - must be removed:

<groupId>org.codehaus.sonar</groupId>
<artifactId>sonar-plugin-api</artifactId>

You correctly make an <exclusion> for it in sslr-squid-bridge:2.6.1, but the dependency came back from your dependency on sonar-xml-plugin! I suggest you run "mvn dependency:tree" and add <exclusion>s until org.codehaus.sonar:sonar-plugin-api has completely faded away.
Reply all
Reply to author
Forward
0 new messages