Dotnet scanner exclusions not working

SonarQube Cloud
, ,
1

The DotNet scanner does not appear to be honouring exclusions.

Scanner version:

SonarScanner for MSBuild 10.1.2
....
INFO: SonarScanner 5.0.1.3006
INFO: Java 17.0.11 Eclipse Adoptium (64-bit)
INFO: Windows 11 10.0 amd64

I have set up my XML configuration as follows:

<?xml version="1.0" encoding="utf-8" ?>
<SonarQubeAnalysisProperties xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://www.sonarsource.com/msbuild/integration/2015/1">
    <Property Name="sonar.exclusions">
        XXXXX.Database/Data Generators/**/*;
        XXXXX.Database/Scripts/**/*;
        XXXXX.Database/Intergration/**/*;
    </Property>
</SonarQubeAnalysisProperties>

(I have also tried putting them all on one line.)

The log file reports the following exclusions:

INFO:   Excluded sources: **/build-wrapper-dump.json, XXXXX.Database/Data Generators/**/*;
XXXXX.Database/Scripts/**/*;
XXXXX.Database/Intergration/**/*;, coverage.net472.xml

However later in the log file I can see the following messages relating to files that should be excluded.

WARN: Unable to fully parse: C:/Users/AA/projects/XXXXX/[source-control-root-folder]/XXXXX.Database/Data Generators/Unseed Base Data.sql
WARN: Parse error starting from line 3
WARN: 
WARN: 
WARN: Unable to fully parse: C:/Users/AA/projects/XXXXX/[source-control-root-folder]/XXXXX.Database/Data Generators/Unseed Base Data.sql
WARN: Parse error starting from line 6

Note: [source-control-root-folder] isn’t really formatted like this, I’m showing where the project is cloned to in the folder structure.

If I check in the Sonar UI, all of the Analysis options are empty. The exclusions fields are not populated.

If it makes any difference I am working on a branch, could that be why the server settings are not getting set in the UI as well ?

Other than that, I’m not sure what else to try.

2

Update..

I am now trying my exclusions as follows:

<?xml version="1.0" encoding="utf-8" ?>
<SonarQubeAnalysisProperties xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://www.sonarsource.com/msbuild/integration/2015/1">
    <Property Name="sonar.exclusions">**/XXXXX.Database/Data Generators/*.sql;**/XXXXX.Database/Data Generators/**/*;**/XXXXX.Database/Scripts/*.sql;**/XXXXX.Database/Scripts/**/*;**/XXXXX.Database/Integration/*.sql;**/XXXXX.Database/Integration/**/*</Property>
</SonarQubeAnalysisProperties>

I can still see in my log file entries like this:

WARN: Unable to fully parse: C:/Users/AA/projects/XXXXX/[source-control-root-folder]/XXXXX.Database/Integration/Seed Data.sql

WARN: Parse error starting from line 6

The glob pattern **/XXXXX.Database/Integration/*.sql and **/XXXXX.Database/Integration/**/* should ignore these files.

I suspect as the files have a space in them, this is confusing things. I did test this on a glob pattern tester and it showed the files were included.

I really need to be not analysing these files.

I also have no idea why they are causing parse errors - there is nothing unusual about the files - they just contain SQL.

3

Hi,

For the SonarScanner for .NET, exclusions aren’t applied during CI-side analysis - so you’ll still see excluded files showing up in the logs as being processed. For the SS4.NET, exclusions are only applied server-side after all the heavy lifting is done.

With the exception of project name and key, analysis parameters aren’t saved into the DB. So exclusions you set in the pipeline will never show up in the UI.

Would it help to be able to exclude the project from analysis? (I believe that exclusion would be applied during CI-side analysis, but I wouldn’t swear to it in court.)

 
Ann