Disable C# rules and exclude files from analysis

Dear community :wave:t2:

I have this .NET 7 solution and I want to accomplish the following two things:

  1. Exclude all files inside src/WebApp/wwwroot/leaflet from Sonar analysis at all.
  2. Disable the C# rules S1135 and S3925

Exclude files

To ignore the mentioned files, I’ve created the file SonarQube.Analysis.xml (see here) with the following content:

<?xml version="1.0" encoding="utf-8" ?>
<SonarQubeAnalysisProperties>
    <Property Name="sonar.exclusions">src/WebApp/wwwroot/leaflet/**/*.*</Property>
</SonarQubeAnalysisProperties>

Unfortunately, SonarCloud still analyzes all the files inside the directory.

Disable rules

To disable the C# rules S1135 and S3925, I’ve create the file .editorconfig (see here) with the following content:

[*.cs]
dotnet_diagnostic.S3925.severity = none
dotnet_diagnostic.S1135.severity = none

It works for S3925, but the issues for S1135 are still there.

I’d appreciate your help to solve my two issues :slight_smile:

1 Like

Hey there.

To pass a SonarQube.Analysis.xml file, you’ll need to pass /s:<custom.analysis.xml> to the dotnet sonarscanner command.

You can, alternatively, just pass your exclusion directly to the scanner command (it will still be checked into version control)! dotnet sonarscanner end /d:sonar.exclusions=<your_exclusion>

To change the rules applied to your project, you cannot use a .editorconfig file. You must change the Quality Profile applied to your project to one not including these rules.

Hey @Colin

Thanks for your reply!

Exclude files

Now I’m starting the Sonar scan like this:
dotnet sonarscanner begin /k:mu88_Project28 /o:mu88 /d:sonar.login=${{ secrets.SONAR_TOKEN }} /d:sonar.host.url=https://sonarcloud.io /d:sonar.cs.vscoveragexml.reportsPaths=coverage.xml /s:SonarQube.Analysis.xml
Which immediately fails with:

SonarScanner for MSBuild 5.9.1
Using the .NET Core version of the Scanner for MSBuild
Loading analysis properties from /home/runner/work/Project28/Project28/SonarQube.Analysis.xml
Unable to read the analysis settings file '/home/runner/work/Project28/Project28/SonarQube.Analysis.xml'. Please fix the content of this file.
Error: Process completed with exit code 1.

Can you tell me what is wrong with my file?

<?xml version="1.0" encoding="utf-8" ?>
<SonarQubeAnalysisProperties>
    <Property Name="sonar.exclusions">src/WebApp/wwwroot/leaflet/**/*.*</Property>
</SonarQubeAnalysisProperties>

Disable rules

How can I configure the Quality Profile from my Git repository? I don’t want to change anything in the UI manually. And .editorconfig seems to get included, because it seems to work for S3925.

ping @Colin

Hey there.

<SonarQubeAnalysisProperties  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://www.sonarsource.com/msbuild/integration/2015/1">
  <Property Name="sonar.host.url">https://sonarcloud.io</Property>
  <Property Name="sonar.login">[my-user-token]</Property>
</SonarQubeAnalysisProperties>

With regard to your Quality Profile, if this works (using an .editorconfig file) – it’s not officially supported, which might be why you see inconsistent behavior. The Quality Profile should be configured within the SonarCloud UI, as documented.

Do you have a ticket/CR/issue/PR that I can vote for so that rules can be configured from a config file/repo and not via UI?