Skip to main content

SonarQube–Configure coverage exclusions

Code reviews are one of my daily activities. To help me streamline the process, I like to use the help of static code analysis tools like NDepend and SonarQube.

While looking through the SonarQube logs for a specific project I noticed a large list of issues in a set of Javascript files. These Javascript files were external libraries (like jQuery) that were imported into the project and not created by the dev team. Fixing these issues would only be possible by sending a pull request to the library maintainers.

To stop the pollution of our SonarQube logs, I decided to exclude these files from the log analysis.

Here are the steps:

  • Browse to your SonarQube dashboard.
  • Login as an administrator.

image

  • After being logged in, you can go to the Administration tab on the project level.

image

  • Select Analysis Scope from the Category list.

image

  • Go to the Files tab and add one or more Source File Exclusions.
    • In our case we want to exclude the Scripts folder in our web project, so we add Scripts/** to the Source File Exclusions
    • IMPORTANT: Source File Exclusions are case sensitive. First time I entered scripts/** which had no effect.

image

  • Source File Exclusions are executed on the project level and applied for each csproj file individually:

2018-09-03T06:55:30.4158415Z INFO: -------------  Scan MTIL.Web
2018-09-03T06:55:30.4158415Z INFO: Base dir: D:\b\4\agent\_work\35\s\MTIL.Web
2018-09-03T06:55:30.4168180Z INFO: Working dir: D:\b\4\agent\_work\35\.sonarqube\out\.sonar\MTIL_MTIL_C301B249-2F5F-4264-B23F-FC169C8E7397
2018-09-03T06:55:30.4207240Z INFO: Source encoding: UTF-8, default locale: en_US
2018-09-03T06:55:30.4207240Z INFO: Index files
2018-09-03T06:55:30.4207240Z INFO: Excluded sources:
2018-09-03T06:55:30.4207240Z INFO:   Scripts/**
2018-09-03T06:55:30.4431835Z INFO: Analyzer working directory contains 5 .pb file(s)
2018-09-03T06:55:30.5886820Z INFO: 40 files indexed
2018-09-03T06:55:30.5886820Z INFO: 14 files ignored because of inclusion/exclusion patterns
2018-09-03T06:55:30.5964940Z INFO: Quality profile for cs: Sonar way
2018-09-03T06:55:30.6238360Z INFO: Sensor Lines Sensor
2018-09-03T06:55:30.6248125Z INFO: Sensor Lines Sensor (done) | time=1ms
2018-09-03T06:55:30.6248125Z INFO: Sensor SCM Sensor
2018-09-03T06:55:30.6736375Z INFO: SCM provider for this project is: git
2018-09-03T06:55:30.6746140Z INFO: 1 files to be analyzed
2018-09-03T06:55:31.7077510Z WARNING: WARN: Missing blame information for the following files:
2018-09-03T06:55:31.7116570Z INFO: 0/1 files analyzed
2018-09-03T06:55:31.7184925Z INFO: Sensor SCM Sensor (done) | time=1034ms
2018-09-03T06:55:31.7184925Z INFO: Sensor C#
2018-09-03T06:55:31.7194690Z INFO: Importing analysis results from D:\b\4\agent\_work\35\.sonarqube\out\6\output-cs
2018-09-03T06:55:31.7194690Z WARNING: WARN:   * D:/b/4/agent/_work/35/s/MTIL.Web/ErrorHandler/AiHandleErrorAttribute.cs
2018-09-03T06:55:31.7194690Z WARNING: WARN: This may lead to missing/broken features in SonarQube
2018-09-03T06:55:31.7809885Z INFO: Importing Roslyn report
2018-09-03T06:55:31.8151660Z INFO: Sensor C# (done) | time=155ms
2018-09-03T06:55:31.8151660Z INFO: Sensor C# Unit Tests Coverage Report Import
2018-09-03T06:55:31.8151660Z INFO: Sensor C# Unit Tests Coverage Report Import (done) | time=0ms
2018-09-03T06:55:31.8161425Z INFO: Sensor C# Integration Tests Coverage Report Import
2018-09-03T06:55:31.8161425Z INFO: Sensor C# Integration Tests Coverage Report Import (done) | time=0ms
2018-09-03T06:55:31.8161425Z INFO: Sensor C# Unit Test Results Import
2018-09-03T06:55:31.8161425Z INFO: Sensor C# Unit Test Results Import (done) | time=0ms
2018-09-03T06:55:31.8171190Z INFO: Sensor Zero Coverage Sensor
2018-09-03T06:55:31.8415315Z INFO: Sensor Zero Coverage Sensor (done) | time=14ms
2018-09-03T06:55:31.8415315Z INFO: Sensor Code Colorizer Sensor
2018-09-03T06:55:31.8415315Z INFO: Sensor Code Colorizer Sensor (done) | time=2ms
2018-09-03T06:55:31.8425080Z INFO: Sensor CPD Block Indexer
2018-09-03T06:55:31.8425080Z INFO: DefaultCpdBlockIndexer is used for cs
2018-09-03T06:55:31.8718030Z INFO: Sensor CPD Block Indexer (done) | time=1ms

Labels:

Popular posts from this blog

DevToys–A swiss army knife for developers

As a developer there are a lot of small tasks you need to do as part of your coding, debugging and testing activities.  DevToys is an offline windows app that tries to help you with these tasks. Instead of using different websites you get a fully offline experience offering help for a large list of tasks. Many tools are available. Here is the current list: Converters JSON <> YAML Timestamp Number Base Cron Parser Encoders / Decoders HTML URL Base64 Text & Image GZip JWT Decoder Formatters JSON SQL XML Generators Hash (MD5, SHA1, SHA256, SHA512) UUID 1 and 4 Lorem Ipsum Checksum Text Escape / Unescape Inspector & Case Converter Regex Tester Text Comparer XML Validator Markdown Preview Graphic Color B
Read more

Help! I accidently enabled HSTS–on localhost

I ran into an issue after accidently enabling HSTS for a website on localhost. This was not an issue for the original website that was running in IIS and had a certificate configured. But when I tried to run an Angular app a little bit later on http://localhost:4200 the browser redirected me immediately to https://localhost . Whoops! That was not what I wanted in this case. To fix it, you need to go the network settings of your browser, there are available at: chrome://net-internals/#hsts edge://net-internals/#hsts brave://net-internals/#hsts Enter ‘localhost’ in the domain textbox under the Delete domain security policies section and hit Delete . That should do the trick…
Read more

Azure DevOps/ GitHub emoji

I’m really bad at remembering emoji’s. So here is cheat sheet with all emoji’s that can be used in tools that support the github emoji markdown markup: All credits go to rcaviers who created this list.
Read more