Clarification on analysis scope parameters and narrowing the focus

We’ve been using SonarQube for some time, but I’ve recently run into an issue that has prompted me to revisit my analysis parameters.

Our Go projects have source code and test files sitting side by side. For example: config/config.go and config/config_test.go. Our analysis scope parameters then look as follows:

sonar.sources=./
sonar.tests=./
sonar.test.inclusions=tests/**,**/*_Test.php,**/*_test.go,**/testdata/**
sonar.exclusions=**/vendor/**,.testreports/**,**/build/**

My tests are being identified as such, which I’ve confirmed they are not counting towards my LOC metrics in the project. I recently noticed a PR which failed the duplicate lines of code check and, when I reviewed it, most of the code duplication is in the test files.

I’ve read the documentation on analysis scope to find the best approach to resolve this and was left with a few questions or possible paths solutions.

1. What exactly are the differences in the analysis rules for test vs. src files? Are the duplicate lines of code checks intended to apply to test files?
2. I originally interpreted the sonar.exclusions parameter to mean “exclude these files from all analysis”.but the article linked above seems to indicate this is intended to “exclude these files from source file analysis.” Should I expressly add a pattern for my test files to sonar.exclusions or, since they are identified as tests already, should Sonar know that anything included in the test analysis should not be included in the src file analysis?

Hey there.

As requested in the template post, what version/edition of SonarQube are you using?

Apologies, I was not aware the Analysis Scope and file exclusions varied between the releases. I thought that behavior had remained stable between versions. We are still running v8.9.10 of SonarQube.

Hi,

Your version is past EOL. You should upgrade to either the latest version or the current LTA (long-term active version) at your earliest convenience. Your upgrade path is:

8.9.10 → 9.9.4 → 10.4 (last step optional)

You may find these resources helpful:

• Upgrade Guide
• LTS to LTS release upgrade notes for 8.9 to 9.9

If you have questions about upgrading, feel free to open a new thread for that here.

However, to your original questions:

• Duplication is not calculated on files that have been identified as Test source code (state another way, duplication is only calculated on main sources only). I asked myself if there could be a bug in PR analysis where this wasn’t accounted for, but I couldn’t reproduce it.
• sonar.exclusions excludes files from all analysis – and a file can only be categorized as either source or test, so if it’s excluded from source analysis, it’s excluded from all analysis.

If you still see this issue on a supported version of SonarQube, I suggest coming back with:

• Analysis logs (DEBUG level, sonar-scanner -X which will show which files are identified as source and as test)
• Screenshots of duplication reported on test files