Hi Team, I am new to sonarcloud and this is my first issue raised here.
I am configuring sonarcloud analysis with one of my bitbucket repo for the first time. For this purpose I have set up the sonarcloud analysis step in the bitbucket-pipelines.yml as follows:
step: &build-test-sonarcloud
size: 2x
name: Analyze on SonarCloud
caches:
- sonar
- docker
script:
- npm install --quiet
- pipe: sonarsource/sonarcloud-scan:1.4.0
variables:
DEBUG: 'true'
EXTRA_ARGS: '-Dsonar.exclusions="config/**,drivers/**,public/**,scripts/**,src/vendor/**,src/assets/**,src/components/**/*.test.js,craco.config.js,node_modules" -Dsonar.javascript.lcov.reportPaths=coverage/lcov.info'
SONAR_SCANNER_OPTS: -Xmx256m
SONAR_TOKEN: ${SONAR_TOKEN}
- pipe: sonarsource/sonarcloud-quality-gate:0.1.4
And following is my folder structure:
However, this step fails in the pipeline at “- pipe: sonarsource/sonarcloud-scan:1.4.0” and I can see an error message in the Background tasks section of my repo with the following msg:
This analysis will make your organization 'generalaeronautics' to reach the maximum allowed lines limit (having 105567 lines).
Please contact the administrator of the organization to resolve this issue.
Following is the SonnarScanner context report shown in background tasks:
SonarCloud plugins:
- IaC Code Quality and Security 1.9.2.2279 (iac)
- PL/SQL Code Quality and Security 3.7.0.4372 (plsql)
- Scala Code Quality and Security 1.10.0.3710 (sonarscala)
- C# Code Quality and Security 8.44.0.52574 (csharp)
- Vulnerability Analysis 9.6.1.17278 (security)
- Java Code Quality and Security 7.13.0.29990 (java)
- HTML Code Quality and Security 3.6.0.3106 (web)
- Flex Code Quality and Security 2.7.0.2865 (flex)
- XML Code Quality and Security 2.5.0.3376 (xml)
- Text file Code Quality and Security 1.1.0.282 (text)
- VB.NET Code Quality and Security 8.44.0.52574 (vbnet)
- Swift Code Quality and Security 4.6.1.5444 (swift)
- CFamily Code Quality and Security 6.37.0.60132 (cpp)
- Python Code Quality and Security 3.17.0.10029 (python)
- Dataflow Bug Detection Rules for Python 1.6.0.2275 (dbdpythonfrontend)
- Dataflow Bug Detection 1.6.0.2275 (dbd)
- Go Code Quality and Security 1.10.0.3710 (go)
- JaCoCo 1.1.1.1157 (jacoco)
- Kotlin Code Quality and Security 2.10.0.1456 (kotlin)
- Dataflow Bug Detection Rules for Java 1.6.0.2275 (dbdjavafrontend)
- T-SQL Code Quality and Security 1.6.0.4844 (tsql)
- Apex Code Quality and Security 1.10.0.3710 (sonarapex)
- JavaScript/TypeScript/CSS Code Quality and Security 9.8.0.19239 (javascript)
- Ruby Code Quality and Security 1.10.0.3710 (ruby)
- Vulnerability Rules for C# 9.6.1.17278 (securitycsharpfrontend)
- Vulnerability Rules for Java 9.6.1.17278 (securityjavafrontend)
- License for SonarLint 8.0.0.32487 (license)
- Vulnerability Rules for JS 9.6.1.17278 (securityjsfrontend)
- COBOL Code Quality 5.0.0.5433 (cobol)
- Vulnerability Rules for Python 9.6.1.17278 (securitypythonfrontend)
- PHP Code Quality and Security 3.25.0.9077 (php)
- ABAP Code Quality and Security 3.11.0.4030 (abap)
- Configuration detection fot Code Quality and Security 1.2.0.267 (config)
- Vulnerability Rules for PHP 9.6.1.17278 (securityphpfrontend)
Global server settings:
- email.from=noreply@sonarcloud.io
- email.fromName=SonarCloud
- email.prefix=[SonarCloud]
- sonar.auth.bitbucket.enabled=true
- sonar.auth.microsoft.enabled=true
- sonar.core.id=1BD809FA-AWHW8ct9-T_TB3XqouNu
- sonar.core.serverBaseURL=https://sonarcloud.io
- sonar.core.startTime=2022-09-26T10:49:34+0200
- sonar.dbcleaner.weeksBeforeDeletingAllSnapshots=260
- sonar.dbcleaner.weeksBeforeKeepingOnlyOneSnapshotByMonth=4
- sonar.dbcleaner.weeksBeforeKeepingOnlyOneSnapshotByWeek=1
- sonar.global.exclusions=**/build-wrapper-dump.json
- sonar.lf.enableGravatar=true
- sonar.lf.logoWidthPx=105
- sonar.maintenance_mode.link=https://sonarcloud.statuspage.io/incidents/66vlr4dc3jwy
- sonar.maintenance_mode.message=Results of analyses performed prior to 6:15am CET may not be available yet and will be progressively provided throughout coming hours. Results of analysis performed after 8:00am CET are available.
- sonar.maintenance_mode.start_date=2022-03-26T23:00:00.000+01:00
- sonar.organizations.anyoneCanCreate=true
- sonar.organizations.createPersonalOrg=true
- sonar.plsql.file.suffixes=sql,tab,pkb
- sonar.tsql.file.suffixes=.tsql
Project server settings:
- sonar.exclusions=**/*.test.js,**/config,**/drivers,**/public,**/scripts,**/src/assets
Project scanner properties:
- sonar.exclusions=config/**,drivers/**,public/**,scripts/**,src/vendor/**,src/assets/**,src/components/**/*.test.js,craco.config.js,node_modules
- sonar.host.url=https://sonarcloud.io
- sonar.javascript.lcov.reportPaths=coverage/lcov.info
- sonar.organization=generalaeronautics
- sonar.projectBaseDir=/opt/atlassian/pipelines/agent/build
- sonar.projectKey=generalaeronautics_ga_hub
- sonar.scanner.app=ScannerCLI
- sonar.scanner.appVersion=4.6.2.2472
- sonar.sourceEncoding=UTF-8
- sonar.verbose=true
- sonar.working.directory=/opt/atlassian/pipelines/agent/build/.scannerwork
I have reason to believe that the sonar.exclusion is not working because my another project (similar in size) works perfectly good without any file exclusion. I suppose I am in the right enterprize-plan bracket. My judgment may be wrong but I need to clarify that it’s really my enterprise-plan that is the problem and not the file exclusions.
Attaching the sonarscan report :
ezyzip.zip (605.9 KB)
Thanks for the help in advanced!