Directory exclusion problem

Get help SonarQube
#1

When using SonarQube 6.7.5 Community Edition on Windows Server 2016 using SQL Server 2016 and Java 8, unable to exclude a directory from being analysed by SonarQube

My directory structure is:

Source/Coral
Source/Emerald
Source/Sapphire

I need to exclude the Emerald directory, all it’s sub-directories and files

Reviewed the following knowledge base document on https://docs.sonarqube.org/display/SONAR/Narrowing+the+Focus#NarrowingtheFocus-IgnoreFiles and concluded in order to exclude Source/Emerald directory and sub-directories the pattern would be as follows:
sonar.exclusions=Emerald/**/*

Therefore, added Emerald/**/* to project in SonarQue via Administration > Analysis Scope > Source File Exclusions, but after a build and analysis noted files in Emerald directory where not excluded

Reviewed further and concluded the following exclusion should be applied in order to address relative paths
sonar.exclusions=**/Emerald/**

However, after a further build and analysis files in Emerald directory where still not excluded.

I would appreciate any advice on how this issue should be addressed.

#2

Hi,

Is there anything relevant-seeming in your analysis log? Also, are we talking about a Maven/Gradle analysis? And is this a multi-module project, or are Coral, Emerald, and Sapphire side by side?

 
Ann

#3

Hi Ann,

We are using a Maven build and it is a multi-module project, below is a small sample of our analysis log which clearly shows the Emerald exclusion, but then goes on to show this sub project being analysed:

[INFO] ------------- Scan gantt-chart
[INFO] Base dir: B:\Source\Emerald\gantt-chart
[INFO] Working dir: B:\Source\Emerald\gantt-chart\target\sonar
[INFO] Source paths: pom.xml, src/main/java
[INFO] Source encoding: windows-1252, default locale: en_GB
[INFO] Index files
[INFO] Excluded sources:
[INFO] **/exel/sql/parser/parser.java
[INFO] **/Yylex.java
[INFO] **/package-info.java
[INFO] **/ace.js
[INFO] **/jquery-2.2.4.js
[INFO] **/summernote.js
[INFO] **/bootstrap.js
[INFO] **/*.jsp
[INFO] **/sym.java
[INFO] **/parser.java
[INFO] **/Emerald/**
[INFO] 25 files indexed
[INFO] 0 files ignored because of inclusion/exclusion patterns
[INFO] Quality profile for java: Sonar way with Findbugs
[INFO] Quality profile for xml: Sonar way
[INFO] Sensor JavaSquidSensor [java]
[INFO] Configured Java source version (sonar.java.source): 8
[INFO] JavaClasspath initialization
[INFO] JavaClasspath initialization (done) | time=0ms
[INFO] JavaTestClasspath initialization
[INFO] JavaTestClasspath initialization (done) | time=0ms
[INFO] Java Main Files AST scan
[INFO] 24 source files to be analyzed
[INFO] 24/24 source files have been analyzed
[INFO] Java Main Files AST scan (done) | time=1985ms
[INFO] Java Test Files AST scan
[INFO] 0 source files to be analyzed
[INFO] 0/0 source files have been analyzed
[INFO] Java Test Files AST scan (done) | time=0ms
[INFO] Sensor JavaSquidSensor [java] (done) | time=2001ms
[INFO] Sensor FindBugs Sensor [findbugs]
[INFO] Loading findbugs plugin: B:\Source\Emerald\gantt-chart\target\sonar\findbugs\findsecbugs-plugin.jar
[INFO] Findbugs output report: B:\Source\Emerald\gantt-chart\target\sonar\findbugs-result.xml
[INFO] Sensor FindBugs Sensor [findbugs] (done) | time=2546ms
[INFO] Sensor SurefireSensor [java]
[INFO] parsing [B:\Source\Emerald\gantt-chart\target\surefire-reports]
[INFO] Sensor SurefireSensor [java] (done) | time=0ms
[INFO] Sensor JaCoCoSensor [java]
[INFO] Sensor JaCoCoSensor [java] (done) | time=0ms
[INFO] Sensor SonarJavaXmlFileSensor [java]
[INFO] 1 source files to be analyzed
[INFO] Sensor SonarJavaXmlFileSensor [java] (done) | time=32ms
[INFO] Sensor XML Sensor [xml]
[INFO] 1/1 source files have been analyzed

Hope this clarifies things

Regards
Carl

#4

Hi Carl,

Is this the part you’re worried about:

Because FindBugs just sorta does its thing, seemingly regardless of the SonarQube settings. Do you actually see code from Emerald in the UI?

 
Ann

#5

Hi Ann,

Yes, I can confirm code from Emerald is in the UI see example

image
image.png1304×190 8.34 KB

Regards
Carl

#6

Hi Carl,

Could you try again with the exclusion **/Emerald/**/* or even **/Emerald/**/*.*? From the docs, ** is only relevant to directories.

 
Ann

#7

Hi Ann,

Will do, our builds are quite lengthy so may not get back to you today

Regards
Carl

#8

Hi Ann

New Build completed and using **/Emerald/**/* exclusion pattern analysis log file still shows sub project being analysed:

[INFO] ------------- Scan gantt-chart
[INFO] Base dir: B:\Source\Emerald\gantt-chart
[INFO] Working dir: B:\Source\Emerald\gantt-chart\target\sonar
[INFO] Source paths: pom.xml, src/main/java
[INFO] Source encoding: windows-1252, default locale: en_GB
[INFO] Index files
[INFO] Excluded sources:
[INFO] **/exel/sql/parser/parser.java
[INFO] **/Yylex.java
[INFO] **/package-info.java
[INFO] **/ace.js
[INFO] **/jquery-2.2.4.js
[INFO] **/summernote.js
[INFO] **/bootstrap.js
[INFO] **/*.jsp
[INFO] **/sym.java
[INFO] **/parser.java
[INFO] **/Emerald/**/*
[INFO] 25 files indexed
[INFO] 0 files ignored because of inclusion/exclusion patterns
[INFO] Quality profile for java: Sonar way with Findbugs
[INFO] Quality profile for xml: Sonar way
[INFO] Sensor JavaSquidSensor [java]
[INFO] Configured Java source version (sonar.java.source): 8
[INFO] JavaClasspath initialization
[INFO] JavaClasspath initialization (done) | time=0ms
[INFO] JavaTestClasspath initialization
[INFO] JavaTestClasspath initialization (done) | time=0ms
[INFO] Java Main Files AST scan
[INFO] 24 source files to be analyzed
[INFO] 24/24 source files have been analyzed
[INFO] Java Main Files AST scan (done) | time=2140ms
[INFO] Java Test Files AST scan
[INFO] 0 source files to be analyzed
[INFO] Java Test Files AST scan (done) | time=0ms
[INFO] Sensor JavaSquidSensor [java] (done) | time=2156ms
[INFO] 0/0 source files have been analyzed
[INFO] Sensor FindBugs Sensor [findbugs]
[INFO] Loading findbugs plugin: B:\Source\Emerald\gantt-chart\target\sonar\findbugs\findsecbugs-plugin.jar
[INFO] Findbugs output report: B:\Source\Emerald\gantt-chart\target\sonar\findbugs-result.xml
[INFO] Sensor FindBugs Sensor [findbugs] (done) | time=2579ms
[INFO] Sensor SurefireSensor [java]
[INFO] parsing [B:\Source\Emerald\gantt-chart\target\surefire-reports]
[INFO] Sensor SurefireSensor [java] (done) | time=0ms
[INFO] Sensor JaCoCoSensor [java]
[INFO] Sensor JaCoCoSensor [java] (done) | time=0ms
[INFO] Sensor SonarJavaXmlFileSensor [java]
[INFO] 1 source files to be analyzed
[INFO] Sensor SonarJavaXmlFileSensor [java] (done) | time=31ms
[INFO] Sensor XML Sensor [xml]
[INFO] 1/1 source files have been analyzed

Will try second suggested exclusion pattern of **/Emerald/**/*.*

New build completed and using **/Emerald/**/*.* exclusion pattern analysis log file still shows sub project being analysed:

[INFO] ------------- Scan gantt-chart
[INFO] Base dir: B:\Source\Emerald\gantt-chart
[INFO] Working dir: B:\Source\Emerald\gantt-chart\target\sonar
[INFO] Source paths: pom.xml, src/main/java
[INFO] Source encoding: windows-1252, default locale: en_GB
[INFO] Index files
[INFO] Excluded sources:
[INFO] **/exel/sql/parser/parser.java
[INFO] **/Yylex.java
[INFO] **/package-info.java
[INFO] **/ace.js
[INFO] **/jquery-2.2.4.js
[INFO] **/summernote.js
[INFO] **/bootstrap.js
[INFO] **/*.jsp
[INFO] **/sym.java
[INFO] **/parser.java
[INFO] **/Emerald/**/*.*
[INFO] 25 files indexed
[INFO] 0 files ignored because of inclusion/exclusion patterns
[INFO] Quality profile for java: Sonar way with Findbugs
[INFO] Quality profile for xml: Sonar way
[INFO] Sensor JavaSquidSensor [java]
[INFO] Configured Java source version (sonar.java.source): 8
[INFO] JavaClasspath initialization
[INFO] JavaClasspath initialization (done) | time=0ms
[INFO] JavaTestClasspath initialization
[INFO] JavaTestClasspath initialization (done) | time=0ms
[INFO] Java Main Files AST scan
[INFO] 24 source files to be analyzed
[INFO] 24/24 source files have been analyzed
[INFO] Java Main Files AST scan (done) | time=2031ms
[INFO] Java Test Files AST scan
[INFO] 0 source files to be analyzed
[INFO] Java Test Files AST scan (done) | time=0ms
[INFO] Sensor JavaSquidSensor [java] (done) | time=2047ms
[INFO] Sensor FindBugs Sensor [findbugs]
[INFO] 0/0 source files have been analyzed
[INFO] Loading findbugs plugin: B:\Source\Emerald\gantt-chart\target\sonar\findbugs\findsecbugs-plugin.jar
[INFO] Findbugs output report: B:\Source\Emerald\gantt-chart\target\sonar\findbugs-result.xml
[INFO] Sensor FindBugs Sensor [findbugs] (done) | time=2547ms
[INFO] Sensor SurefireSensor [java]
[INFO] parsing [B:\Source\Emerald\gantt-chart\target\surefire-reports]
[INFO] Sensor SurefireSensor [java] (done) | time=0ms
[INFO] Sensor JaCoCoSensor [java]
[INFO] Sensor JaCoCoSensor [java] (done) | time=0ms
[INFO] Sensor SonarJavaXmlFileSensor [java]
[INFO] 1 source files to be analyzed
[INFO] Sensor SonarJavaXmlFileSensor [java] (done) | time=31ms
[INFO] Sensor XML Sensor [xml]
[INFO] 1/1 source files have been analyzed
[INFO] Sensor XML Sensor [xml] (done) | time=0ms

Neither of the suggested exclusion patterns seem to work.

Please review and advise

Regards
Carl

#9

Hi,

I just noticed this in your analysis log:

That means that analysis is only looking below the ‘Emerald’ directory. Which would be why your exclusion isn’t working. You’ll need to find some unique path segment below ‘gantt-chart’, in fact.

 
Ann

#10

Discovered that the entire Emerald project could be excluded from the SonarQube analysis by the simple addition of the following property to the Emerald parent pom.xml file:

<properties>
<sonar.skip>true</sonar.skip>
</properties>

Therefore, please consider this issue resolved and many thanks for your help

Regards
Carl

#11

Hi Carl,

Thanks for the followup. TBH, that’s a new one on me. I’ve got something to dig into now…

 
Ann

#14

A post was split to a new topic: Exclude files in VSTS pipeline