I have findbugs (and checkstyle) configured in my project pom.xml:
<plugin>
<groupId>org.codehaus.mojo</groupId>
<artifactId>findbugs-maven-plugin</artifactId>
<version>2.3</version>
<configuration>
<xmlOutput>true</xmlOutput>
<threshold>Normal</threshold>
<effort>Max</effort>
<debug>false</debug>
<excludeFilterFile>${basedir}/src/test/config/findbugs-exclude.xml</excludeFilterFile>
</configuration>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-checkstyle-plugin</artifactId>
<version>2.4</version>
<configuration>
<suppressionsLocation>${basedir}/src/test/config/checkstyle-surpressions.xml</suppressionsLocation>
<testFailureIgnore>false</testFailureIgnore>
</configuration>
</plugin>
<!--.......-->
</plugins>
And this works like a charm. 'mvn site' produces finbugs report which correctly uses the specified excludeFileterFile.
The problem is when I try to use the sonar plugin. ('mvn sonar:sonar') Sonar do not use the exclude filter specified above. (But it will correctly use the checkstyle suppression file).
Info from console when running 'mvn sonar:sonar':
WARNING: Alternate user settings file: C:\Users\rgi.m2\settings.xml is invalid. Using default path.
[INFO] Scanning for projects...
[INFO] ------------------------------------------------------------------------
....
[INFO] [findbugs:findbugs {execution: default-cli}]
[INFO] Using source root:
[INFO] <...edit...>\target\classes
[INFO] Using test source root:
[INFO] <...edit...>\target\test-classes
[INFO] Using maximum effort.
[INFO] Adding Source Directory: <...edit...>\src\main\java
[INFO] Using low threshold.
[INFO] Using FindBugs Version: 1.3.8
[INFO] Using low threshold.
[INFO] Using low threshold.
[INFO] Using the xdoc format
[INFO] Using maximum effort.
[INFO] Using low threshold.
[INFO] Using low threshold.
[INFO] Debugging is Off
[INFO] Using bug include filter <...edit...>\target\sonar\findbugs-include.xml
[INFO] Using bug exclude filter <...edit...>\target\sonar\findbugs-exclude.xml
[INFO] Printing Errors
.....
[INFO] ------------------------------------------------------------------------
[INFO] BUILD SUCCESSFUL
[INFO] ------------------------------------------------------------------------
And the sonar-pom.xml in target/sonar directory:
<plugin>
<artifactId>maven-checkstyle-plugin</artifactId>
<version>2.2</version>
<dependencies>
<dependency>
<groupId>org.codehaus.sonar.runtime.rules-extensions</groupId>
<artifactId>parent</artifactId>
<version>20100210071723</version>
<type>pom</type>
</dependency>
</dependencies>
<configuration>
<suppressionsLocation>{...edit...}/src/test/config/checkstyle-surpressions.xml</suppressionsLocation>
<testFailureIgnore>false</testFailureIgnore>
<outputFileFormat>xml</outputFileFormat>
<consoleOutput>false</consoleOutput>
<enableRSS>false</enableRSS>
<skip>false</skip>
<failsOnError>false</failsOnError>
<configLocation>{...edit...}\target\sonar\checkstyle.xml</configLocation>
</configuration>
</plugin>
<plugin>
<groupId>org.codehaus.mojo</groupId>
<artifactId>findbugs-maven-plugin</artifactId>
<version>2.0.1</version>
<configuration>
<xmlOutput>true</xmlOutput>
<threshold>Low</threshold>
<effort>Max</effort>
<debug>false</debug>
<excludeFilterFile>{...edit...}\target\sonar\findbugs-exclude.xml</excludeFilterFile>
<classFilesDirectory>{...edit...}\target\classes</classFilesDirectory>
<skip>false</skip>
<includeFilterFile>{...edit...}\target\sonar\findbugs-include.xml</includeFilterFile>
</configuration>
</plugin>
Note that checkstyle in sonar-pom.xml referes to the file in the project configuration, but findbugs exclude file is dummy empty file from sonar.
Anyone know how to get sonar to use finbugs exclude file defined in the project pom.xml?
Thx in advance
/Roy