Excluding files in certain directories for SonarScanner for .NET

Hi,

I have a .NET project that uses EF Core and runs CI pipelines in Azure DevOps using the SonarCloud extensions. In the project there’s multiple migration files generated partially by EF Core, and I’d like to exclude those migrations from the build warning I see in our Azure DevOps pipeline. The build warnings don’t show up as violations in the SonarCloud analysis.

I’ve tried adding sonar.exclusions=**/Migrations/*.cs but it doesn’t have any effect. Any idea how I can eliminate the build warnings from migration files?

Hi,

Welcome to the community!

On the face of it, this looks like a valid exclusion pattern. Where are you configuring that exclusion? Also, where do these files live in your project?

 
Ann

Hi,

I have a set of set of rules defined in SonarCloud and some of them I’ve disabled for one of the projects. So when SonarCloud performs the analysis, the build is green and all is good. But prior to that, when I built the solution, I get warnings that I don’t get otherwise (in the analysis).

The exclusions are added to the SonarCloudPrepare@1 task, as part of the extraProperties:

extraProperties: |
    sonar.exclusions=**/Migrations/*.cs

Hi,

Can you provide your pipeline and your analysis log?

Share the Scanner for .NET verbose logs

  • Add /d:"sonar.verbose=true" to the…
    • SonarScanner.MSBuild.exe or dotnet sonarscanner begin command to get more detailed logs
      • For example: SonarScanner.MSBuild.exe begin /k:"MyProject" /d:"sonar.verbose=true"
    • “SonarQubePrepare” or “SonarCloudPrepare” task’s extraProperties argument if you are using Azure DevOps
      • For example:
        - task: SonarCloudPrepare@1
            inputs:
              SonarCloud: 'sonarcloud'
              organization: 'foo'
              scannerMode: 'MSBuild'
              projectKey: 'foo_sonar-scanning-someconsoleapp'
              projectName: 'sonar-scanning-someconsoleapp'
              extraProperties: |
                sonar.verbose=true
        
  • The important logs are in the END step (i.e. SonarQubeAnalyze / SonarCloudAnalyze / “Run Code Analysis”)

Share the msbuild detailed logs

MsBuild.exe /t:Rebuild /v:d

or

dotnet build -v:d

 
Thx,
Ann

Thank you for your reply!

Unfortunately, I can’t share anything. It’s NDA’d.

But my issue is that if I remove the SonarCloudPrepare step, then dotnet build doesn’t warn me about the files in the directory (the rest of the pipeline obviusly fails then, because the SonarCloudPrepare step doesn’t run). The warnings only show up in the dotnet build after the SonarCloudPrepare step is added again.

As the warnings doesn’t show up in the final analysis, I’d like for dotnet build to not warn me about them as they only cause confusion.

Hi,

Unfortunately sonar.exclusions does not work for us. We tried to exclude migrations folder but it still reports issues related with migration files during the build step. Is there any way to fix it?

Best regards,
Senior Software Engineer @ DOCOsoft
Augustyn Binkowski

Hi Augustyn,

I’ve combined your thread with this other one which is startlingly similar. Can you provide debug logging, as described above?

 
Thx,
Ann