Hello,
I would like to exclude files from the static code analysis. I thought I had got it right with the configuration, but unfortunately I haven’t. (question)
Project files
- Spring Boot Project
- <ProjectDir>/src/main (Project files)
- <ProjectDir>/src/main/resources (not exists)
- <ProjectDir>/src/test (Test files)
- <ProjectDir>/src/test/resources (XLIFF-Files for Testing)
- SonarCloud Config
- <ProjectDir>/sonar-project.properties
sonar.sources=src
sonar.tests=src/test
sonar.exclusions=src/test
sonar.coverage.exclusions=**/*.xliff,**/*.xlf
# Code coverage
sonar.java.binaries=target/classes
Process:
- New private repository created on GitHub.
- Branch from public repository pushed into private repository
- New project created in SonarCloud (is paid plan)
- SonarCloud and repository connected
- SonarKey saved by GitHub
- Analysis started with GitHubAction CI
Unfortunately, the Test files (Java) are still analysed (Code Smells) and the XLIFF files are considered out as part of the analysis.
Project structure
I had tried a few more things and at the moment I don’t know what else I could do.
Update:
After my question, I tried several more times.
I extended the mvn command with -X in the GitHubAction and could see that all properties from the sonar-project.properties
were not in the log. Then I transferred the properties to pom.xml.
<properties>
<sonar.organization>alaugks</sonar.organization>
<sonar.host.url>https://sonarcloud.io</sonar.host.url>
<sonar.coverage.jacoco.xmlReportPaths>target/site/jacoco/jacoco.xml</sonar.coverage.jacoco.xmlReportPaths>
<!-- from sonar-project.properties -->
<sonar.sources>src/main</sonar.sources>
<sonar.tests>src/test</sonar.tests>
<sonar.exclusions>src/test</sonar.exclusions>
<sonar.java.binaries>target/classes</sonar.java.binaries>
<sonar.coverage.exclusions>src/test</sonar.coverage.exclusions>
</properties>
- The XML (Xliff files) are now no longer processed in the analysis.
- The test files are still analysed.
Question:
- Why the sonar-project.properties are not respected?
- Why are the test files still being analysed?
Thanks for the support