Excluding files in certain directories for SonarScanner for .NET

mikkeloestrup · May 13, 2024, 1:33pm

Hi,

I have a .NET project that uses EF Core and runs CI pipelines in Azure DevOps using the SonarCloud extensions. In the project there’s multiple migration files generated partially by EF Core, and I’d like to exclude those migrations from the build warning I see in our Azure DevOps pipeline. The build warnings don’t show up as violations in the SonarCloud analysis.

I’ve tried adding sonar.exclusions=**/Migrations/*.cs but it doesn’t have any effect. Any idea how I can eliminate the build warnings from migration files?

ganncamp · May 14, 2024, 3:18pm

Hi,

Welcome to the community!

On the face of it, this looks like a valid exclusion pattern. Where are you configuring that exclusion? Also, where do these files live in your project?

Ann

mikkeloestrup · May 15, 2024, 7:23am

Hi,

I have a set of set of rules defined in SonarCloud and some of them I’ve disabled for one of the projects. So when SonarCloud performs the analysis, the build is green and all is good. But prior to that, when I built the solution, I get warnings that I don’t get otherwise (in the analysis).

The exclusions are added to the SonarCloudPrepare@1 task, as part of the extraProperties:

extraProperties: |
    sonar.exclusions=**/Migrations/*.cs

ganncamp · May 15, 2024, 11:47am

Hi,

Can you provide your pipeline and your analysis log?

Share the Scanner for .NET verbose logs

Add /d:"sonar.verbose=true" to the…
- SonarScanner.MSBuild.exe or dotnet sonarscanner begin command to get more detailed logs
  - For example: SonarScanner.MSBuild.exe begin /k:"MyProject" /d:"sonar.verbose=true"
- “SonarQubePrepare” or “SonarCloudPrepare” task’s extraProperties argument if you are using Azure DevOps
  - For example:
```
- task: SonarCloudPrepare@1
    inputs:
      SonarCloud: 'sonarcloud'
      organization: 'foo'
      scannerMode: 'MSBuild'
      projectKey: 'foo_sonar-scanning-someconsoleapp'
      projectName: 'sonar-scanning-someconsoleapp'
      extraProperties: |
        sonar.verbose=true
```
The important logs are in the END step (i.e. SonarQubeAnalyze / SonarCloudAnalyze / “Run Code Analysis”)

Share the msbuild detailed logs

MsBuild.exe /t:Rebuild /v:d

or

dotnet build -v:d

Thx,
Ann

mikkeloestrup · May 17, 2024, 8:42am

Thank you for your reply!

Unfortunately, I can’t share anything. It’s NDA’d.

But my issue is that if I remove the SonarCloudPrepare step, then dotnet build doesn’t warn me about the files in the directory (the rest of the pipeline obviusly fails then, because the SonarCloudPrepare step doesn’t run). The warnings only show up in the dotnet build after the SonarCloudPrepare step is added again.

As the warnings doesn’t show up in the final analysis, I’d like for dotnet build to not warn me about them as they only cause confusion.

ABinkowskiATDOCOsoft · May 16, 2024, 9:37am

Hi,

Unfortunately sonar.exclusions does not work for us. We tried to exclude migrations folder but it still reports issues related with migration files during the build step. Is there any way to fix it?

Best regards,
Senior Software Engineer @ DOCOsoft
Augustyn Binkowski

ganncamp · May 17, 2024, 5:44pm

Hi Augustyn,

I’ve combined your thread with this other one which is startlingly similar. Can you provide debug logging, as described above?

Thx,
Ann

sebastien.marichal · May 27, 2024, 12:12pm

Hello @mikkeloestrup, @ABinkowskiATDOCOsoft,

This is a known issue.
As of today, we can’t filter the excluded files/folders from the analysis, which happens during the build.
The sonar.exclusions property is only used to filter issues sent to SonarQube/SonarCloud during the end step.

As a workaround, you can try to add an .editorconfig file in your Migrations folder to override the severity of the Sonar rules:

[*.cs]
dotnet_diagnostic.S1118.severity = none

Unfortunately, you may have to manually do this for every rule.

I hope this helps.

Have a great day!

ABinkowskiATDOCOsoft · July 25, 2024, 2:29pm

Hi @sebastien.marichal,

Thanks for the update. The editor config worked but only for one of the rules.

[*.cs]
dotnet_diagnostic.S6966.severity = none
dotnet_diagnostic.S1144.severity = none

I can’t get rid of the S1144 event with this config. The S6966 is gone and it is no longer reported as a warning inside the pipeline. Last but not least I’ve updated my Azure DevOps task to version @2.

Best regards,
Senior Software Engineer @ DOCOsoft
Augustyn Binkowski

ganncamp · July 25, 2024, 2:35pm

Hi Augustyn,

Could you create a new thread with all your details, please?

Thx,
Ann

ABinkowskiATDOCOsoft · July 25, 2024, 2:57pm

Hi @ganncamp,

Here is another thread with all the details.

Sonar cloud - Ignoring rules with editorconfig is not working - SonarCloud - Sonar Community (sonarsource.com)

Best regards,
Senior Software Engineer @ DOCOsoft
Augustyn Binkowski