SonarCloud scanning in Azure DevOps pipelines worked fine for monorepo using tasks V2.
After upgrade to V3 it was noted that each individual project scan result would also contain findings from other monorepo projects.
Is this a bug or am I missing a path filter that’s now required in V3?
- ALM used (GitHub)
- CI system used (Azure DevOps)
- Scanner command
- task: SonarCloudPrepare@3
inputs:
SonarCloud: 'XYZ'
organization: 'XYZ'
scannerMode: 'dotnet'
projectKey: '${{ parameters.projectKey }}'
projectName: '${{ parameters.projectName }}'
extraProperties: |
sonar.projectVersion=$(Build.BuildNumber)
sonar.cs.vstest.reportsPaths=XYZ
sonar.coverage.exclusions=XYZ
sonar.cpd.exclusions=XYZ
sonar.exclusions=XYZ
sonar.plsql.file.suffixes=XYZ
sonar.tsql.file.suffixes=XYZ
-DotNetCoreCLI@2 (restore, buld publish)
(...)
- VSTest@2
(...)
- task: SonarCloudAnalyze@3
displayName: 'Run Code Analysis'
condition: succeededOrFailed()
- task: SonarCloudPublish@3
inputs:
pollingTimeoutSec: '300'
condition: succeededOrFailed()
- Languages of the repository: C#, TSQL