Can't exclude folders

SonarQube Server / Community Build
,
1

Must-share information (formatted with Markdown):
Version: SonarQube Server Enterprise Edition v9.9.8 (build 100196))

We have a github action that is run both for PRs and once a day for the whole main branch. Yesterday I updated the actions/cache version as we were using v4.0.2 and that was deprecated. The daily run using the new yml file pulled all folders from the repo into Sonar.

Github workflow

`

- name: Checkout code
  uses: actions/checkout@v4
  with:
      fetch-depth: '0'

- name: Install Java
  uses: actions/setup-java@v4
  with:
    distribution: 'semeru' 
    java-version: '21'       
    
- name: Cache SonarQube packages
  uses: actions/cache@v4
  with:
    path: ~\.sonar\cache
    key: ${{ runner.os }}-sonar
    restore-keys: ${{ runner.os }}-sonar

- name: Cache SonarQube scanner
  id: cache-sonar-scanner
  uses: actions/cache@v4
  with:
    path: .\.sonar\scanner
    key: ${{ runner.os }}-sonar-scanner
    restore-keys: ${{ runner.os }}-sonar-scanner

- name: Install SonarQube scanner
  if: steps.cache-sonar-scanner.outputs.cache-hit != 'true'
  shell: powershell
  run: |
      New-Item -Path .\.sonar\scanner -ItemType Directory
      dotnet tool update dotnet-sonarscanner --tool-path .\.sonar\scanner

- name: SonarQube Analysis Start
  run: |
      dotnet tool install --global dotnet-coverage
      .\.sonar\scanner\dotnet-sonarscanner begin /d:sonar.host.url="${{secrets.SONARQUBE_HOST}}" /k:"ProjectKey" /d:sonar.login="${{secrets.SONARQUBE_TOKEN}}" /d:sonar.verbose="true" /d:sonar.inclusions="**/**" /d:sonar.exclusions="**/*Tests/**,**/Scripts/**" /d:sonar.test.inclusions="**/*Tests/**" /d:sonar.cs.vstest.reportsPaths="**/TestResults/**/*.trx" /d:sonar.cs.vscoveragexml.reportsPaths="coverage.xml" /d:sonar.qualitygate.wait=true /d:sonar.dotnet.excludeTestProjects=true

- name: Build
  run: dotnet build 'SonarScan.sln' --restore -p:CopyLocalLockFileAssemblies=true --configfile="${{ github.workspace }}/nuget.config" 

- name: Run tests with code coverage
  run: |
      dotnet test "Test.csproj"  --collect:"Code Coverage;Format=Xml;CoverageFileName=coverage1.xml"
      dotnet test "Tes2.csproj" --framework net48 --collect:"Code Coverage;Format=Xml;CoverageFileName=coverage2.xml"
      dotnet coverage merge **/*.xml --output coverage.xml --output-format xml 

- name: Archive code coverage results
  uses: actions/upload-artifact@v4
  with:
      name: code-coverage-report
      path: coverage.xml
      retention-days: 30
 
- name: SonarQube Analysis End
  if: always()
  run:  .\.sonar\scanner\dotnet-sonarscanner end /d:sonar.login="${{secrets.SONARQUBE_TOKEN}}"

`

Our repo has multiple folders, like Build, Libs, Documentation, Source and those didn’t show up in Sonar before yesterday’s build.
I have tried setting up /d:sonar.projectBaseDir=“…/Source” but that threw a

java.lang.IllegalStateException: Error when resolving baseDir

I also tried /d:sonar.sources=“…/Source” but that doesn’t seem to have any effect I still see Reading files from: 'D:\a\repo\Libs'. in the Sonar analysis end section

This is how the project looked like before in Sonar

image
image1425×244 11.3 KB

and this is how it looks now

image
image1480×688 30.5 KB

3

Temporarily I solved it by adding /d:sonar.scanner.scanAll=false but that is not a solution as we want to add front end tests in the future. I would appreciate if anyone can provide a better solution.

4

Hey there.

You can always adjust the analysis scope to avoid having unwanted files analyzed. Specifically, I think you’ll find sonar.exclusions helpful.