Help Needed: Importing External Reports While Excluding Directories from SonarQube Analysis

Hello,

I am using SonarQube to import an external report generated by a PHP component for analyzing issues in the web/modules directory. I have configured the property sonar.externalIssuesReportPaths=report.json to import the external report, and I also want to exclude the web/modules directory from SonarQube’s analysis using sonar.exclusions=web/modules.

However, when I launch the sonar-scanner, the issues from the external report are ignored because the web/modules directory is excluded from the scan.

My Request:
How can I configure SonarQube to:

  1. Import external report issues for the web/modules directory.
  2. Skip SonarQube’s native analysis for the web/modules directories

I have tried several methods, but none have worked as expected.
Example of a Report Line:

json

Copier le code

{
  "issues": [
    {
      "engineId": "Upgrade",
      "ruleId": "LibraryDeprecationAnalyzer",
      "severity": "INFO",
      "type": "BUG",
      "primaryLocation": {
        "message": "tour - The 'tour' extension is not installed. Cannot check deprecated library use.",
        "filePath": "web/modules/tour/test.php",
        "textRange": {
          "startLine": 1
        }
      }
    }
  ]
}

Could you please guide me on how to achieve this configuration?

Thank you!

Hey there.

The good news is that you can use Ignore Issues on Multiple Criteria to set a file path pattern and a rule key pattern (but for the latter, you can use the rule key pattern * to ignore all rules).

This won’t save time during the actual analysis like the normal exclusion of files, but if that’s not a problem, than you have your answer. :smiley:

Thanks, Colin, it works!

1 Like