Excluding coverage with `sonar.coverage.exclusions` is not working

Bradock · June 17, 2024, 9:42am

Despite going through the docs and the many questions () this parameter is not working for me:

CI system used Github Actions with SonarSource/sonarcloud-github-action@master
Languages of the repository: TS and Py
Error observed: The exclusion path is not respected.
This is what I have in my sonar-project.properties:

sonar.projectVersion=1.0

# Sonar basic configuration
sonar.qualitygate.wait=true
sonar.qualitygate.timeout=180

sonar.sources=.

# JS/TS
sonar.javascript.lcov.reportPaths="./coverage/js/lcov.info"
sonar.eslint.reportPaths="./lintreport.json"
sonar.coverage.exclusions="**/*.test.ts, **/test_*.py, **/*.json"

Steps to Reproduce

The quality gate fails
When inspecting the link given I see the report

In the report I find all the files that are being marked as Coverage on New Code 0.0%: x/y/f1.ts, x/y/z/f2.ts, x/y/z/f3.ts
Add the file paths to sonar.coverage.exclusions

sonar.coverage.exclusions="**/*.test.ts, **/test_*.py, **/*.json, x/y/f1.ts, x/y/z/f2.ts, x/y/z/f3.ts"

When running the CI again the logs show the files added to the parameter:

INFO:   Excluded sources: **/build-wrapper-dump.json
INFO:   Excluded sources for coverage: **/*.test.ts, **/test_*.py, **/*.json, x/y/f1.ts, x/y/z/f2.ts, x/y/z/f3.ts

Then it errors again with the same files.

Question

How can I fix my issue above?
How can I exclude from coverage analysis all files in path x/y/**/*.ts, where ** is any 1 folder level deep and *.ts is any typescript file?
How can I exclude all files, independently of its depth that end with *.test.ts (i.e. path/to/file/asdf.test.ts and path/fdsa.test.ts)?

Any other information on exclusion that is not in the docs is appreciated.

Thanks,

Lexy_Zhitenev · June 18, 2024, 5:44am

Check if you have a similar error during analysis:

If that’s the case, you’d have to wait until it’s fixed.

Bradock · June 18, 2024, 8:30am

Hello @Lexy_Zhitenev, thanks for your response.

I don’t think that it applies to me.
There’s no Exception or buildLogging* in my analysis.

There are no error messages, except the one on the bottom:

INFO: ------------- Check Quality Gate status
INFO: Waiting for the analysis report to be processed (max 180s)
INFO: Time spent writing ucfgs 240ms
INFO: ------------------------------------------------------------------------
INFO: EXECUTION FAILURE
INFO: ------------------------------------------------------------------------
INFO: Total time: 1:02.860s
INFO: Final Memory: 117M/339M
INFO: ------------------------------------------------------------------------
ERROR: Error during SonarScanner execution
ERROR: QUALITY GATE STATUS: FAILED - View details on https://sonarcloud.io/dashboard?id=<id>&pullRequest=<nb>
ERROR: 
ERROR: Re-run SonarScanner using the -X switch to enable full debug logging.

ganncamp · June 18, 2024, 12:47pm

Hi,

Can you provide your full analysis log?

The analysis / scanner log is what’s output from the analysis command. Hopefully, the log you provide - redacted as necessary - will include that command as well.

This guide will help you find them.

Thx,
Ann

Bradock · June 20, 2024, 9:27am

To reiterate my goal is to avoid coverage on files: lib/dashboards/file1.ts, lib/dashboards/file2.ts, etc.

As a side node I also tried to rename my files to lib/dashboards/file1.ext.ts, then use as exclusion **/*.ext.ts but got similar results.

Here is the log output from the analysis on Github Action:

Run SonarSource/sonarcloud-github-action@master

with:

projectBaseDir: .

env:

CDK_VERSION: 2.128.0

DEPLOYMENT_ENVIRONMENT: prod

pythonLocation: /opt/hostedtoolcache/Python/3.11.9/x64

PKG_CONFIG_PATH: /opt/hostedtoolcache/Python/3.11.9/x64/lib/pkgconfig

Python_ROOT_DIR: /opt/hostedtoolcache/Python/3.11.9/x64

Python2_ROOT_DIR: /opt/hostedtoolcache/Python/3.11.9/x64

Python3_ROOT_DIR: /opt/hostedtoolcache/Python/3.11.9/x64

LD_LIBRARY_PATH: /opt/hostedtoolcache/Python/3.11.9/x64/lib

GITHUB_TOKEN: ***

SONAR_TOKEN: ***

/usr/bin/docker run --name b34dc2fa8b0fd9a14406da18a1b8023e69288_cc4bd7 --label 1b34dc --workdir /github/workspace --rm -e "CDK_VERSION" -e "DEPLOYMENT_ENVIRONMENT" -e "pythonLocation" -e "PKG_CONFIG_PATH" -e "Python_ROOT_DIR" -e "Python2_ROOT_DIR" -e "Python3_ROOT_DIR" -e "LD_LIBRARY_PATH" -e "GITHUB_TOKEN" -e "SONAR_TOKEN" -e "INPUT_ARGS" -e "INPUT_PROJECTBASEDIR" -e "HOME" -e "GITHUB_JOB" -e "GITHUB_REF" -e "GITHUB_SHA" -e "GITHUB_REPOSITORY" -e "GITHUB_REPOSITORY_OWNER" -e "GITHUB_REPOSITORY_OWNER_ID" -e "GITHUB_RUN_ID" -e "GITHUB_RUN_NUMBER" -e "GITHUB_RETENTION_DAYS" -e "GITHUB_RUN_ATTEMPT" -e "GITHUB_REPOSITORY_ID" -e "GITHUB_ACTOR_ID" -e "GITHUB_ACTOR" -e "GITHUB_TRIGGERING_ACTOR" -e "GITHUB_WORKFLOW" -e "GITHUB_HEAD_REF" -e "GITHUB_BASE_REF" -e "GITHUB_EVENT_NAME" -e "GITHUB_SERVER_URL" -e "GITHUB_API_URL" -e "GITHUB_GRAPHQL_URL" -e "GITHUB_REF_NAME" -e "GITHUB_REF_PROTECTED" -e "GITHUB_REF_TYPE" -e "GITHUB_WORKFLOW_REF" -e "GITHUB_WORKFLOW_SHA" -e "GITHUB_WORKSPACE" -e "GITHUB_ACTION" -e "GITHUB_EVENT_PATH" -e "GITHUB_ACTION_REPOSITORY" -e "GITHUB_ACTION_REF" -e "GITHUB_PATH" -e "GITHUB_ENV" -e "GITHUB_STEP_SUMMARY" -e "GITHUB_STATE" -e "GITHUB_OUTPUT" -e "RUNNER_OS" -e "RUNNER_ARCH" -e "RUNNER_NAME" -e "RUNNER_ENVIRONMENT" -e "RUNNER_TOOL_CACHE" -e "RUNNER_TEMP" -e "RUNNER_WORKSPACE" -e "ACTIONS_RUNTIME_URL" -e "ACTIONS_RUNTIME_TOKEN" -e "ACTIONS_CACHE_URL" -e "ACTIONS_ID_TOKEN_REQUEST_URL" -e "ACTIONS_ID_TOKEN_REQUEST_TOKEN" -e "ACTIONS_RESULTS_URL" -e GITHUB_ACTIONS=true -e CI=true --entrypoint "/entrypoint.sh" -v "/var/run/docker.sock":"/var/run/docker.sock" -v "/home/runner/work/_temp/_github_home":"/github/home" -v "/home/runner/work/_temp/_github_workflow":"/github/workflow" -v "/home/runner/work/_temp/_runner_file_commands":"/github/file_commands" -v "/home/runner/work/datalab/datalab":"/github/workspace" 1b34dc:2fa8b0fd9a14406da18a1b8023e69288

INFO: Scanner configuration file: /opt/sonar-scanner/conf/sonar-scanner.properties

INFO: Project root configuration file: /github/workspace/sonar-project.properties

INFO: SonarScanner 5.0.1.3006

INFO: Java 17.0.11 Alpine (64-bit)

INFO: Linux 6.5.0-1021-azure amd64

INFO: User cache: /opt/sonar-scanner/.sonar/cache

INFO: Analyzing on SonarCloud

INFO: Default locale: "en_US", source code encoding: "UTF-8" (analysis is platform dependent)

INFO: Load global settings

INFO: Load global settings (done) | time=425ms

INFO: Server id: 1BD809FA-AWHW8ct9-T_TB3XqouNu

INFO: Loading required plugins

INFO: Load plugins index

INFO: Load plugins index (done) | time=163ms

INFO: Load/download plugins

INFO: Load/download plugins (done) | time=847ms

INFO: Found an active CI vendor: 'Github Actions'

INFO: Load project settings for component key: 'acme_datalab'

INFO: Load project settings for component key: 'acme_datalab' (done) | time=134ms

INFO: Process project properties

INFO: Project key: acme_datalab

INFO: Base dir: /github/workspace

INFO: Working dir: /github/workspace/.scannerwork

INFO: Load project branches

INFO: Load project branches (done) | time=131ms

INFO: Check ALM binding of project 'acme_datalab'

INFO: Detected project binding: BOUND

INFO: Check ALM binding of project 'acme_datalab' (done) | time=112ms

INFO: Load project pull requests

INFO: Load project pull requests (done) | time=168ms

INFO: Load branch configuration

INFO: Github event: pull_request

INFO: Auto-configuring pull request 32

INFO: Load branch configuration (done) | time=910ms

INFO: Load quality profiles

INFO: Load quality profiles (done) | time=190ms

INFO: Load active rules

INFO: Load active rules (done) | time=5985ms

INFO: Organization key: acme

INFO: Pull request 32 for merge into master from refactor/constructors-sonar-ignore-again

INFO: Preprocessing files...

WARN: File '/github/workspace/AWSCLIV2.pkg' is bigger than 20MB and as consequence is removed from the analysis scope.

INFO: 3 languages detected in 60 preprocessed files

INFO: 0 files ignored because of inclusion/exclusion patterns

INFO: 26303 files ignored because of scm ignore settings

INFO: Loading plugins for detected languages

INFO: Load/download plugins

INFO: Load/download plugins (done) | time=1270ms

INFO: Load project repositories

INFO: Load project repositories (done) | time=138ms

INFO: SCM collecting changed files in the branch

INFO: SCM collecting changed files in the branch (done) | time=177ms

INFO: Indexing files...

INFO: Project configuration:

INFO: Excluded sources: **/build-wrapper-dump.json

INFO: Excluded tests: **/*.test.ts, **/test_*.py, **/*.json, lib/**/*.ts, lib/dashboards/**/*.ts

INFO: Excluded sources for coverage: **/*.test.ts, **/test_*.py, **/*.json, lib/**/*.ts, lib/dashboards/**/*.ts

INFO: 60 files indexed

INFO: Quality profile for json: Sonar way

INFO: Quality profile for py: Sonar way

INFO: Quality profile for ts: Sonar way

INFO: ------------- Run sensors on module datalab

INFO: Load metrics repository

INFO: Load metrics repository (done) | time=112ms

INFO: Sensor cache enabled

INFO: Load sensor cache

INFO: Load sensor cache (404) | time=463ms

INFO: Sensor Python Sensor [python]

INFO: Starting global symbols computation

INFO: 9 source files to be analyzed

INFO: 9/9 source files have been analyzed

INFO: Starting rules execution

INFO: 9 source files to be analyzed

INFO: 9/9 source files have been analyzed

INFO: The Python analyzer was able to leverage cached data from previous analyses for 0 out of 9 files. These files were not parsed.

INFO: Sensor Python Sensor [python] (done) | time=6127ms

INFO: Sensor Cobertura Sensor for Python coverage [python]

INFO: Python test coverage

INFO: Parsing report '/github/workspace/./coverage/py/repport.xml'

WARN: Invalid directory path in 'source' element: /home/runner/work/datalab/datalab

INFO: Sensor Cobertura Sensor for Python coverage [python] (done) | time=626ms

INFO: Sensor PythonXUnitSensor [python]

INFO: Sensor PythonXUnitSensor [python] (done) | time=431ms

INFO: Sensor Python HTML templates processing [securitypythonfrontend]

INFO: HTML files are not indexed : you may want to add them in the scanned files of this project to detect Python XSS vulnerabilities

INFO: Sensor Python HTML templates processing [securitypythonfrontend] (done) | time=1ms

INFO: Sensor JaCoCo XML Report Importer [jacoco]

INFO: 'sonar.coverage.jacoco.xmlReportPaths' is not defined. Using default locations: target/site/jacoco/jacoco.xml,target/site/jacoco-it/jacoco.xml,build/reports/jacoco/test/jacocoTestReport.xml

INFO: No report imported, no coverage information will be imported by JaCoCo XML Report Importer

INFO: Sensor JaCoCo XML Report Importer [jacoco] (done) | time=1ms

INFO: Sensor IaC CloudFormation Sensor [iac]

INFO: 0 source files to be analyzed

INFO: 0/0 source files have been analyzed

INFO: Sensor IaC CloudFormation Sensor [iac] (done) | time=272ms

INFO: Sensor IaC AzureResourceManager Sensor [iac]

INFO: Sensor IaC AzureResourceManager Sensor is restricted to changed files only

INFO: 0 source files to be analyzed

INFO: 0/0 source files have been analyzed

INFO: Sensor IaC AzureResourceManager Sensor [iac] (done) | time=80ms

INFO: Sensor Java Config Sensor [iac]

INFO: 0 source files to be analyzed

INFO: 0/0 source files have been analyzed

INFO: Sensor Java Config Sensor [iac] (done) | time=9ms

INFO: Sensor JavaScript/TypeScript analysis [javascript]

INFO: Detected os: Linux arch: amd64 alpine: true. Platform: UNSUPPORTED

INFO: Using Node.js executable: 'node'.

INFO: Memory configuration: OS (7929 MB), Node.js (2096 MB).

INFO: Found 1 tsconfig.json file(s): [/github/workspace/tsconfig.json]

INFO: Creating TypeScript program

INFO: TypeScript configuration file /github/workspace/tsconfig.json

INFO: 28 source files to be analyzed

INFO: Starting analysis with current program

INFO: Analyzed 28 file(s) with current program

INFO: 28/28 source files have been analyzed

INFO: Hit the cache for 0 out of 28

INFO: Miss the cache for 28 out of 28: FILE_CHANGED [28/28]

INFO: Sensor JavaScript/TypeScript analysis [javascript] (done) | time=17467ms

INFO: Sensor CSS Rules [javascript]

INFO: Sensor CSS Rules is restricted to changed files only

INFO: No CSS, PHP, HTML or VueJS files are found in the project. CSS analysis is skipped.

INFO: Sensor CSS Rules [javascript] (done) | time=2ms

INFO: Sensor JavaScript/TypeScript Coverage [javascript]

INFO: Analysing [/github/workspace/./coverage/js/lcov.info]

INFO: Sensor JavaScript/TypeScript Coverage [javascript] (done) | time=7ms

INFO: Sensor Import of ESLint issues [javascript]

INFO: Importing /github/workspace/./lintreport.json

WARN: No issues information will be saved as the report file can't be read.

java.io.FileNotFoundException: /github/workspace/./lintreport.json (No such file or directory)

at java.base/java.io.FileInputStream.open0(Native Method)

at java.base/java.io.FileInputStream.open(FileInputStream.java:216)

at java.base/java.io.FileInputStream.<init>(FileInputStream.java:157)

at org.sonar.plugins.javascript.external.EslintReportSensor.importReport(EslintReportSensor.java:62)

at org.sonar.plugins.javascript.external.AbstractExternalIssuesSensor.lambda$execute$1(AbstractExternalIssuesSensor.java:55)

at java.base/java.util.ArrayList.forEach(ArrayList.java:1511)

at org.sonar.plugins.javascript.external.AbstractExternalIssuesSensor.execute(AbstractExternalIssuesSensor.java:55)

at org.sonar.plugins.javascript.external.EslintReportSensor.execute(EslintReportSensor.java:43)

at org.sonar.scanner.sensor.AbstractSensorWrapper.analyse(AbstractSensorWrapper.java:62)

at org.sonar.scanner.sensor.ModuleSensorsExecutor.execute(ModuleSensorsExecutor.java:75)

at org.sonar.scanner.sensor.ModuleSensorsExecutor.lambda$execute$1(ModuleSensorsExecutor.java:48)

at org.sonar.scanner.sensor.ModuleSensorsExecutor.withModuleStrategy(ModuleSensorsExecutor.java:66)

at org.sonar.scanner.sensor.ModuleSensorsExecutor.execute(ModuleSensorsExecutor.java:48)

at org.sonar.scanner.scan.ModuleScanContainer.doAfterStart(ModuleScanContainer.java:64)

at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:123)

at org.sonar.core.platform.ComponentContainer.execute(ComponentContainer.java:109)

at org.sonar.scanner.scan.ProjectScanContainer.scan(ProjectScanContainer.java:192)

at org.sonar.scanner.scan.ProjectScanContainer.scanRecursively(ProjectScanContainer.java:188)

at org.sonar.scanner.scan.ProjectScanContainer.doAfterStart(ProjectScanContainer.java:159)

at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:123)

at org.sonar.core.platform.ComponentContainer.execute(ComponentContainer.java:109)

at org.sonar.scanner.bootstrap.ScannerContainer.doAfterStart(ScannerContainer.java:399)

at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:123)

at org.sonar.core.platform.ComponentContainer.execute(ComponentContainer.java:109)

at org.sonar.scanner.bootstrap.GlobalContainer.doAfterStart(GlobalContainer.java:131)

at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:123)

at org.sonar.core.platform.ComponentContainer.execute(ComponentContainer.java:109)

at org.sonar.batch.bootstrapper.Batch.doExecute(Batch.java:60)

at org.sonar.batch.bootstrapper.Batch.execute(Batch.java:54)

at org.sonarsource.scanner.api.internal.batch.BatchIsolatedLauncher.execute(BatchIsolatedLauncher.java:46)

at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)

at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)

at java.base/java.lang.reflect.Method.invoke(Method.java:568)

at org.sonarsource.scanner.api.internal.IsolatedLauncherProxy.invoke(IsolatedLauncherProxy.java:60)

at jdk.proxy1/jdk.proxy1.$Proxy0.execute(Unknown Source)

at org.sonarsource.scanner.api.EmbeddedScanner.doExecute(EmbeddedScanner.java:189)

at org.sonarsource.scanner.api.EmbeddedScanner.execute(EmbeddedScanner.java:138)

at org.sonarsource.scanner.cli.Main.execute(Main.java:126)

at org.sonarsource.scanner.cli.Main.execute(Main.java:81)

at org.sonarsource.scanner.cli.Main.main(Main.java:62)

INFO: Sensor Import of ESLint issues [javascript] (done) | time=4ms

INFO: Sensor IaC Docker Sensor [iac]

INFO: Sensor IaC Docker Sensor is restricted to changed files only

INFO: 0 source files to be analyzed

INFO: 0/0 source files have been analyzed

INFO: Sensor IaC Docker Sensor [iac] (done) | time=55ms

INFO: Sensor Serverless configuration file sensor [security]

INFO: 0 Serverless function entries were found in the project

INFO: 0 Serverless function handlers were kept as entrypoints

INFO: Sensor Serverless configuration file sensor [security] (done) | time=10ms

INFO: Sensor AWS SAM template file sensor [security]

INFO: Sensor AWS SAM template file sensor [security] (done) | time=1ms

INFO: Sensor AWS SAM Inline template file sensor [security]

INFO: Sensor AWS SAM Inline template file sensor [security] (done) | time=0ms

INFO: Sensor javabugs [dbd]

INFO: Reading IR files from: /github/workspace/.scannerwork/ir/java

INFO: No IR files have been included for analysis.

INFO: Sensor javabugs [dbd] (done) | time=2ms

INFO: Sensor pythonbugs [dbd]

INFO: Reading IR files from: /github/workspace/.scannerwork/ir/python

INFO: Analyzing 57 functions to detect bugs.

INFO: Sensor pythonbugs [dbd] (done) | time=3948ms

INFO: Sensor TextAndSecretsSensor [text]

INFO: Sensor TextAndSecretsSensor is restricted to changed files only

INFO: Available processors: 2

INFO: Using 2 threads for analysis.

INFO: The property "sonar.tests" is not set. To improve the analysis accuracy, we categorize a file as a test file if any of the following is true:

* The filename starts with "test"

* The filename contains "test." or "tests."

* Any directory in the file path is named: "doc", "docs", "test" or "tests"

* Any directory in the file path has a name ending in "test" or "tests"

INFO: 5 source files to be analyzed

INFO: 5/5 source files have been analyzed

INFO: Sensor TextAndSecretsSensor [text] (done) | time=717ms

INFO: Sensor JavaSecuritySensor [security]

INFO: Enabled taint analysis rules: S2076, S2078, S2083, S2091, S2631, S3649, S5131, S5135, S5144, S5145, S5146, S5147, S5334, S5883, S6096, S6173, S6287, S6350, S6384, S6390, S6398, S6399, S6547, S6549

INFO: Load type hierarchy and UCFGs: Starting

INFO: Load type hierarchy: Starting

INFO: Reading type hierarchy from: /github/workspace/.scannerwork/ucfg2/java

INFO: Read 0 type definitions

INFO: Load type hierarchy: Time spent was 00:00:00.001

INFO: Load UCFGs: Starting

INFO: Load UCFGs: Time spent was 00:00:00.000

INFO: Load type hierarchy and UCFGs: Time spent was 00:00:00.002

INFO: No UCFGs have been included for analysis.

INFO: java security sensor: Time spent was 00:00:00.023

INFO: java security sensor: Begin: 2024-06-17T09:29:09.801885420Z, End: 2024-06-17T09:29:09.825548071Z, Duration: 00:00:00.023

Load type hierarchy and UCFGs: Begin: 2024-06-17T09:29:09.806313226Z, End: 2024-06-17T09:29:09.808600205Z, Duration: 00:00:00.002

Load type hierarchy: Begin: 2024-06-17T09:29:09.806372727Z, End: 2024-06-17T09:29:09.808180725Z, Duration: 00:00:00.001

Load UCFGs: Begin: 2024-06-17T09:29:09.808481394Z, End: 2024-06-17T09:29:09.808524133Z, Duration: 00:00:00.000

INFO: java security sensor peak memory: 370 MB

INFO: Sensor JavaSecuritySensor [security] (done) | time=27ms

INFO: Sensor CSharpSecuritySensor [security]

INFO: Enabled taint analysis rules: S2076, S2078, S2083, S2091, S2631, S3649, S5131, S5135, S5144, S5145, S5146, S5334, S5883, S6096, S6173, S6287, S6350, S6399, S6639, S6641

INFO: Load type hierarchy and UCFGs: Starting

INFO: Load type hierarchy: Starting

INFO: Reading type hierarchy from: /github/workspace/ucfg2/cs

INFO: Read 0 type definitions

INFO: Load type hierarchy: Time spent was 00:00:00.000

INFO: Load UCFGs: Starting

INFO: Load UCFGs: Time spent was 00:00:00.000

INFO: Load type hierarchy and UCFGs: Time spent was 00:00:00.000

INFO: No UCFGs have been included for analysis.

INFO: csharp security sensor: Time spent was 00:00:00.001

INFO: csharp security sensor: Begin: 2024-06-17T09:29:09.827983806Z, End: 2024-06-17T09:29:09.829330859Z, Duration: 00:00:00.001

Load type hierarchy and UCFGs: Begin: 2024-06-17T09:29:09.828357691Z, End: 2024-06-17T09:29:09.828887264Z, Duration: 00:00:00.000

Load type hierarchy: Begin: 2024-06-17T09:29:09.828378780Z, End: 2024-06-17T09:29:09.828705096Z, Duration: 00:00:00.000

Load UCFGs: Begin: 2024-06-17T09:29:09.828791386Z, End: 2024-06-17T09:29:09.828829808Z, Duration: 00:00:00.000

INFO: csharp security sensor peak memory: 370 MB

INFO: Sensor CSharpSecuritySensor [security] (done) | time=2ms

INFO: Sensor PhpSecuritySensor [security]

INFO: Enabled taint analysis rules: S2076, S2078, S2083, S2091, S2631, S3649, S5131, S5135, S5144, S5145, S5146, S5334, S5335, S5883, S6173, S6287, S6350

INFO: Load type hierarchy and UCFGs: Starting

INFO: Load type hierarchy: Starting

INFO: Reading type hierarchy from: /github/workspace/.scannerwork/ucfg2/php

INFO: Read 0 type definitions

INFO: Load type hierarchy: Time spent was 00:00:00.000

INFO: Load UCFGs: Starting

INFO: Load UCFGs: Time spent was 00:00:00.000

INFO: Load type hierarchy and UCFGs: Time spent was 00:00:00.000

INFO: No UCFGs have been included for analysis.

INFO: php security sensor: Time spent was 00:00:00.001

INFO: php security sensor: Begin: 2024-06-17T09:29:09.833676281Z, End: 2024-06-17T09:29:09.835060904Z, Duration: 00:00:00.001

Load type hierarchy and UCFGs: Begin: 2024-06-17T09:29:09.833811222Z, End: 2024-06-17T09:29:09.834555465Z, Duration: 00:00:00.000

Load type hierarchy: Begin: 2024-06-17T09:29:09.834214181Z, End: 2024-06-17T09:29:09.834378706Z, Duration: 00:00:00.000

Load UCFGs: Begin: 2024-06-17T09:29:09.834465137Z, End: 2024-06-17T09:29:09.834511723Z, Duration: 00:00:00.000

INFO: php security sensor peak memory: 370 MB

INFO: Sensor PhpSecuritySensor [security] (done) | time=2ms

INFO: Sensor PythonSecuritySensor [security]

INFO: Enabled taint analysis rules: S2076, S2078, S2083, S2091, S2631, S3649, S5131, S5135, S5144, S5145, S5146, S5147, S5334, S5496, S6287, S6350, S6639, S6680, S6776, S6839

INFO: Load type hierarchy and UCFGs: Starting

INFO: Load type hierarchy: Starting

INFO: Reading type hierarchy from: /github/workspace/.scannerwork/ucfg2/python

INFO: Read 531 type definitions

INFO: Load type hierarchy: Time spent was 00:00:00.134

INFO: Load UCFGs: Starting

INFO: Reading UCFGs from: /github/workspace/.scannerwork/ucfg2/python

INFO: Load UCFGs: Time spent was 00:00:00.609

INFO: Load type hierarchy and UCFGs: Time spent was 00:00:00.744

INFO: Analyzing 2852 UCFGs to detect vulnerabilities.

INFO: Check cache: Starting

INFO: Load cache: Starting

INFO: Load cache: Time spent was 00:00:00.000

INFO: Check cache: Time spent was 00:00:00.001

INFO: Create runtime call graph: Starting

INFO: Variable Type Analysis #1: Starting

INFO: Create runtime type propagation graph: Starting

INFO: Create runtime type propagation graph: Time spent was 00:00:00.061

INFO: Run SCC (Tarjan) on 7964 nodes: Starting

INFO: Run SCC (Tarjan) on 7964 nodes: Time spent was 00:00:00.014

INFO: Tarjan found 7964 strongly connected components

INFO: Propagate runtime types to strongly connected components: Starting

INFO: Propagate runtime types to strongly connected components: Time spent was 00:00:00.039

INFO: Variable Type Analysis #1: Time spent was 00:00:00.119

INFO: Variable Type Analysis #2: Starting

INFO: Create runtime type propagation graph: Starting

INFO: Create runtime type propagation graph: Time spent was 00:00:00.030

INFO: Run SCC (Tarjan) on 7716 nodes: Starting

INFO: Run SCC (Tarjan) on 7716 nodes: Time spent was 00:00:00.007

INFO: Tarjan found 7716 strongly connected components

INFO: Propagate runtime types to strongly connected components: Starting

INFO: Propagate runtime types to strongly connected components: Time spent was 00:00:00.022

INFO: Variable Type Analysis #2: Time spent was 00:00:00.061

INFO: Create runtime call graph: Time spent was 00:00:00.187

INFO: Load config: Starting

INFO: Load config: Time spent was 00:00:00.170

INFO: Compute entry points: Starting

INFO: Compute entry points: Time spent was 00:00:00.222

INFO: No entry points found.

INFO: python security sensor: Time spent was 00:00:01.328

INFO: python security sensor: Begin: 2024-06-17T09:29:09.835964021Z, End: 2024-06-17T09:29:11.164859886Z, Duration: 00:00:01.328

Load type hierarchy and UCFGs: Begin: 2024-06-17T09:29:09.836122215Z, End: 2024-06-17T09:29:10.580323862Z, Duration: 00:00:00.744

Load type hierarchy: Begin: 2024-06-17T09:29:09.836141561Z, End: 2024-06-17T09:29:09.970262541Z, Duration: 00:00:00.134

Load UCFGs: Begin: 2024-06-17T09:29:09.970345075Z, End: 2024-06-17T09:29:10.579506864Z, Duration: 00:00:00.609

Check cache: Begin: 2024-06-17T09:29:10.581527498Z, End: 2024-06-17T09:29:10.583445381Z, Duration: 00:00:00.001

Load cache: Begin: 2024-06-17T09:29:10.582062312Z, End: 2024-06-17T09:29:10.582652859Z, Duration: 00:00:00.000

Create runtime call graph: Begin: 2024-06-17T09:29:10.584025930Z, End: 2024-06-17T09:29:10.771801322Z, Duration: 00:00:00.187

Variable Type Analysis #1: Begin: 2024-06-17T09:29:10.585142695Z, End: 2024-06-17T09:29:10.704908786Z, Duration: 00:00:00.119

Create runtime type propagation graph: Begin: 2024-06-17T09:29:10.586367570Z, End: 2024-06-17T09:29:10.647490426Z, Duration: 00:00:00.061

Run SCC (Tarjan) on 7964 nodes: Begin: 2024-06-17T09:29:10.647787478Z, End: 2024-06-17T09:29:10.662663914Z, Duration: 00:00:00.014

Propagate runtime types to strongly connected components: Begin: 2024-06-17T09:29:10.663865917Z, End: 2024-06-17T09:29:10.703822699Z, Duration: 00:00:00.039

Variable Type Analysis #2: Begin: 2024-06-17T09:29:10.707404052Z, End: 2024-06-17T09:29:10.769288964Z, Duration: 00:00:00.061

Create runtime type propagation graph: Begin: 2024-06-17T09:29:10.708048129Z, End: 2024-06-17T09:29:10.739042231Z, Duration: 00:00:00.030

Run SCC (Tarjan) on 7716 nodes: Begin: 2024-06-17T09:29:10.739162505Z, End: 2024-06-17T09:29:10.747073051Z, Duration: 00:00:00.007

Propagate runtime types to strongly connected components: Begin: 2024-06-17T09:29:10.747165102Z, End: 2024-06-17T09:29:10.769189750Z, Duration: 00:00:00.022

Load config: Begin: 2024-06-17T09:29:10.771874698Z, End: 2024-06-17T09:29:10.941916211Z, Duration: 00:00:00.170

Compute entry points: Begin: 2024-06-17T09:29:10.942032426Z, End: 2024-06-17T09:29:11.164390003Z, Duration: 00:00:00.222

INFO: python security sensor peak memory: 370 MB

INFO: Sensor PythonSecuritySensor [security] (done) | time=1330ms

INFO: Sensor JsSecuritySensor [security]

INFO: Enabled taint analysis rules: S3649, S6105, S5146, S6287, S5147, S2631, S5131, S2076, S5334, S5696, S5883, S2083, S5144, S6096, S6350

INFO: Load type hierarchy and UCFGs: Starting

INFO: Load type hierarchy: Starting

INFO: Reading type hierarchy from: /github/workspace/.scannerwork/ucfg2/js

INFO: Read 0 type definitions

INFO: Load type hierarchy: Time spent was 00:00:00.000

INFO: Load UCFGs: Starting

INFO: Reading UCFGs from: /github/workspace/.scannerwork/ucfg2/js

INFO: Load UCFGs: Time spent was 00:00:00.134

INFO: Load type hierarchy and UCFGs: Time spent was 00:00:00.135

INFO: Analyzing 91 UCFGs to detect vulnerabilities.

INFO: Check cache: Starting

INFO: Load cache: Starting

INFO: Load cache: Time spent was 00:00:00.000

INFO: Check cache: Time spent was 00:00:00.000

INFO: Create runtime call graph: Starting

INFO: Variable Type Analysis #1: Starting

INFO: Create runtime type propagation graph: Starting

INFO: Create runtime type propagation graph: Time spent was 00:00:00.032

INFO: Run SCC (Tarjan) on 2826 nodes: Starting

INFO: Run SCC (Tarjan) on 2826 nodes: Time spent was 00:00:00.003

INFO: Tarjan found 2826 strongly connected components

INFO: Propagate runtime types to strongly connected components: Starting

INFO: Propagate runtime types to strongly connected components: Time spent was 00:00:00.007

INFO: Variable Type Analysis #1: Time spent was 00:00:00.049

INFO: Variable Type Analysis #2: Starting

INFO: Create runtime type propagation graph: Starting

INFO: Create runtime type propagation graph: Time spent was 00:00:00.017

INFO: Run SCC (Tarjan) on 2826 nodes: Starting

INFO: Run SCC (Tarjan) on 2826 nodes: Time spent was 00:00:00.003

INFO: Tarjan found 2826 strongly connected components

INFO: Propagate runtime types to strongly connected components: Starting

INFO: Propagate runtime types to strongly connected components: Time spent was 00:00:00.008

INFO: Variable Type Analysis #2: Time spent was 00:00:00.032

INFO: Create runtime call graph: Time spent was 00:00:00.086

INFO: Load config: Starting

INFO: Load config: Time spent was 00:00:00.012

INFO: Compute entry points: Starting

INFO: Compute entry points: Time spent was 00:00:00.196

INFO: All rules entry points : 29

INFO: Slice call graph: Starting

INFO: Slice call graph: Time spent was 00:00:00.000

INFO: Live variable analysis: Starting

INFO: Live variable analysis: Time spent was 00:00:00.200

INFO: Taint analysis for js: Starting

INFO: 0 / 91 UCFGs simulated, memory usage: 237 MB

INFO: 39 / 91 UCFGs simulated, memory usage: 234 MB

INFO: Taint analysis for js: Time spent was 00:00:02.042

INFO: Report issues: Starting

INFO: Report issues: Time spent was 00:00:00.002

INFO: Store cache: Starting

INFO: Store cache: Time spent was 00:00:00.000

INFO: js security sensor: Time spent was 00:00:02.684

INFO: js security sensor: Begin: 2024-06-17T09:29:11.165958286Z, End: 2024-06-17T09:29:13.850259164Z, Duration: 00:00:02.684

Load type hierarchy and UCFGs: Begin: 2024-06-17T09:29:11.166179097Z, End: 2024-06-17T09:29:11.301335631Z, Duration: 00:00:00.135

Load type hierarchy: Begin: 2024-06-17T09:29:11.166202169Z, End: 2024-06-17T09:29:11.166847107Z, Duration: 00:00:00.000

Load UCFGs: Begin: 2024-06-17T09:29:11.166893824Z, End: 2024-06-17T09:29:11.301201111Z, Duration: 00:00:00.134

Check cache: Begin: 2024-06-17T09:29:11.301393478Z, End: 2024-06-17T09:29:11.301632432Z, Duration: 00:00:00.000

Load cache: Begin: 2024-06-17T09:29:11.301409548Z, End: 2024-06-17T09:29:11.301577360Z, Duration: 00:00:00.000

Create runtime call graph: Begin: 2024-06-17T09:29:11.301671404Z, End: 2024-06-17T09:29:11.388587746Z, Duration: 00:00:00.086

Variable Type Analysis #1: Begin: 2024-06-17T09:29:11.304957520Z, End: 2024-06-17T09:29:11.354585346Z, Duration: 00:00:00.049

Create runtime type propagation graph: Begin: 2024-06-17T09:29:11.305048378Z, End: 2024-06-17T09:29:11.337962825Z, Duration: 00:00:00.032

Run SCC (Tarjan) on 2826 nodes: Begin: 2024-06-17T09:29:11.341553606Z, End: 2024-06-17T09:29:11.344710010Z, Duration: 00:00:00.003

Propagate runtime types to strongly connected components: Begin: 2024-06-17T09:29:11.345929536Z, End: 2024-06-17T09:29:11.353894012Z, Duration: 00:00:00.007

Variable Type Analysis #2: Begin: 2024-06-17T09:29:11.355169321Z, End: 2024-06-17T09:29:11.387854784Z, Duration: 00:00:00.032

Create runtime type propagation graph: Begin: 2024-06-17T09:29:11.355689147Z, End: 2024-06-17T09:29:11.373655154Z, Duration: 00:00:00.017

Run SCC (Tarjan) on 2826 nodes: Begin: 2024-06-17T09:29:11.374362418Z, End: 2024-06-17T09:29:11.377496681Z, Duration: 00:00:00.003

Propagate runtime types to strongly connected components: Begin: 2024-06-17T09:29:11.378822204Z, End: 2024-06-17T09:29:11.387079925Z, Duration: 00:00:00.008

Load config: Begin: 2024-06-17T09:29:11.389229548Z, End: 2024-06-17T09:29:11.402109849Z, Duration: 00:00:00.012

Compute entry points: Begin: 2024-06-17T09:29:11.402160143Z, End: 2024-06-17T09:29:11.598703940Z, Duration: 00:00:00.196

Slice call graph: Begin: 2024-06-17T09:29:11.601014964Z, End: 2024-06-17T09:29:11.601599119Z, Duration: 00:00:00.000

Live variable analysis: Begin: 2024-06-17T09:29:11.602206187Z, End: 2024-06-17T09:29:11.802684045Z, Duration: 00:00:00.200

Taint analysis for js: Begin: 2024-06-17T09:29:11.803751167Z, End: 2024-06-17T09:29:13.845841667Z, Duration: 00:00:02.042

Report issues: Begin: 2024-06-17T09:29:13.845894656Z, End: 2024-06-17T09:29:13.848816153Z, Duration: 00:00:00.002

Store cache: Begin: 2024-06-17T09:29:13.848885913Z, End: 2024-06-17T09:29:13.848908224Z, Duration: 00:00:00.000

INFO: js security sensor peak memory: 427 MB

INFO: Sensor JsSecuritySensor [security] (done) | time=2686ms

INFO: ------------- Run sensors on project

INFO: Sensor Zero Coverage Sensor

INFO: Sensor Zero Coverage Sensor (done) | time=13ms

INFO: SCM Publisher SCM provider for this project is: git

INFO: SCM Publisher 5 source files to be analyzed

INFO: SCM Publisher 5/5 source files have been analyzed (done) | time=108ms

INFO: CPD Executor 4 files had no CPD blocks

INFO: CPD Executor Calculating CPD for 33 files

INFO: CPD Executor CPD calculation finished (done) | time=68ms

INFO: SCM writing changed lines

INFO: SCM writing changed lines (done) | time=80ms

INFO: Analysis report generated in 256ms, dir size=334 KB

INFO: Analysis report compressed in 100ms, zip size=106 KB

INFO: Analysis report uploaded in 489ms

INFO: ------------- Check Quality Gate status

INFO: Waiting for the analysis report to be processed (max 180s)

INFO: Time spent writing ucfgs 207ms

INFO: ------------------------------------------------------------------------

INFO: EXECUTION FAILURE

INFO: ------------------------------------------------------------------------

INFO: Total time: 1:00.678s

ERROR: Error during SonarScanner execution

ERROR: QUALITY GATE STATUS: FAILED - View details on https://sonarcloud.io/dashboard?id=acme_datalab&pullRequest=32

ERROR:

ERROR: Re-run SonarScanner using the -X switch to enable full debug logging.

INFO: Final Memory: 117M/397M

INFO: ------------------------------------------------------------------------

Bradock · June 20, 2024, 9:30am

And here is the configuration file:

sonar.projectKey=acme_datalab
sonar.organization=acme

sonar.projectName=datalab
sonar.projectVersion=1.0

sonar.qualitygate.wait=true
sonar.qualitygate.timeout=180

sonar.sources=.

sonar.python.version=3.11

sonar.javascript.lcov.reportPaths="./coverage/js/lcov.info"
sonar.python.coverage.reportPaths="./coverage/py/repport.xml"
sonar.eslint.reportPaths="./lintreport.json"
sonar.test.exclusions="**/*.test.ts, **/test_*.py, **/*.json, lib/**/*.ts, lib/dashboards/**/*.ts"
sonar.coverage.exclusions="**/*.test.ts, **/test_*.py, **/*.json, lib/**/*.ts, lib/dashboards/**/*.ts"

ganncamp · June 21, 2024, 12:51pm

Hi,

Thanks for the log and for providing your full set of parameters.

Nothing’s jumping out at me from it.

Could we have a screenshot of this?

Also, you’ve defined sonar.sources as . or as every file in the directory. You haven’t defined sonar.tests.

Is it possible for you to more narrowly define sonar.sources and perhaps add a sonar.tests definition, given that wildcards are not allowed in either? Or are your source files and test files fully comingled?

BTW, since you have no tests (from analysis’ perspective), defining sonar.test.exclusions doesn’t do any good.

Further on the topic of your parameters. You probably want to drop all those ./ path prefixes:

INFO: Parsing report '/github/workspace/./coverage/py/repport.xml'
WARN: Invalid directory path in 'source' element: /home/runner/work/datalab/datalab

Ann