which versions are you using - SonarQube 8.9.2 LTS
what are you trying to achieve - Avoid or report the use of sonar.exclusions
what have you tried so far to achieve this - Found nothing relevant or working
Hello everybody,
I would like to block our developpers to use sonar.exclusions to avoid the sonar analysis.
I doubt that there is a way to block it but I would like to know if there is a way to emit a report (mail) when an analysis using it is possible.
Thanks for your help,
Michel
You’ve raised a very important point, but it seems we’re on our own, see this thread
Guess we will need to diff their sonar.exclusions with the sonar.exclusions configured at
Sonarqube server and break the build if there is more excluded.
Still considering how to implement that for Maven pipelines using the sonar:sonar goal , any ideas !?
Will use api/settings/values?keys=sonar.global.exclusions and compare it with the given
property sonar.exclusions from the pom.
The tricky part is, when the global setting uses glob patterns and sonar.exclusions has absolute path.