Hi Team,
I am using SQ-6.7, Scanner-3.2 with all the default plugins.Whenever we are analyzing the projects then on some part of the code it is raising the red flag with message not covered by tests but it is not failing the analysis. This issue is with java,javaScript,typescript codes but not on HTML codes.So can anyone please explain the reason for this?Please find the screenshot for the same.
Thanks in advance!
Hi,
Can you clarify what the problem is ? The markers you are seeing are coverage indicators, a feature of SonarQube: https://docs.sonarqube.org/display/SONAR/Seeing+Coverage .
Note that the coverage data is taken directly from the reports you’re providing to the scanner (when running the analysis), SonarQube is simply rendering that data in the code viewer here.
Hi Nicolas,
Thanks for your response 
.I was asking whether it is showing coverage with respect to unit test as it is displaying the message that not covered by tests. If it is raising wrt unit tests then why it is raising this red flag with not covered by tests on lines that doesn’t has any code. As per this link: https://docs.sonarqube.org/display/SONAR/Seeing+Coverage it is not clear which coverage it is referring to.
Hi,
Likely because the coverage reports itself (from the coverage) tool is reporting a coverage miss on that line. Again, SonarQube only imports the coverage data from the report given at analysis time, so any coverage-related suspicion must be investigated directly with the coverage tool itself (independently from SonarQube).
FYI @vicky for example JaCoCo in following case
void implicit() {
nop();
} // implicit return
void explicit() {
nop();
return; // explicit
}
void nop() {
return; // explicit
}
will mark closing curly brace of the first method as red or green, because it corresponds to implicit return statement. And will not mark closing curly brace in the last two methods, because there are explicit return statements which will be marked instead.
And yes - the result in SonarQube is exactly the same as in HTML report generated by JaCoCo.
1 Like
Hi,
Thanks for this info. Couple of things i would like to include:
- I am not using Jacoco
- It is raising the red flag with not covered by tests on javascript,typescript code as well but not on HTML.
so that’s why i am confused about this.
Hi Vicky,
Ok, this is an important point which we should in fact have clarified from the beginning. Clear question: are you actually importing any coverage report ?
If not, then keep in mind that SonarQube tracks executable lines, in order to let you know which code is not covered (even if no coverage report is passed to the analysis). More info in this blog post: https://blog.sonarsource.com/executable_lines
If you believe that executable lines is wrongly considering an empty line as executable, then please share a complete reproducer of your problem:
- source file which can be compiled and analysed without dependencies
- versions of SonarQube and analyzers you used for analysis
- screenshot of end-result in SonarQube
We can then see if we reproduce the same behaviour, and then discuss potential improvements.
Hi Nicolas,
Ok so because of executable lines concept it raises red flag. I got that.
Thanks a lot for your response!
Hi Nicolas, regarding your “SonarQube only imports the coverage data from the report”.
I am using this dotnet test /p:CollectCoverage=true cmd in Sonal Cloud build template(inside AzureDevOps) to generate the coverage.json under the test project root.
Could you please provide me some guide to import the covergae.json(i guess this is the report you referring to) to SonarQube ?
Thanks,
A
Hi @Adrian_Ng. Since you’re using dotnet I guess you’re doing C# or VB.Net. Either case you should check the dedicated documentation: Code Coverage Results Import (C#, VB.NET) .