Question 2 : How to Disable/Skip Dependency Check for few projects

Must-share information (formatted with Markdown):

• which versions are you using (SonarQube, Scanner, Plugin, and any relevant extension)

1. SonarQube Server 7.9.1.27448
2. SonarQube Scanner 4.0.0.1744

• what are you trying to achieve

1. Disable Dependency Check for Specific Projects.
   12:43:05.204 INFO: Dependency-Check XML report does not exists. Please check property sonar.dependencyCheck.reportPath:/opt/Node1/workspace/Mainframe_Pipeline/SonarQube_MF_LFG_Prod/Source/${WORKSPACE}/dependency-check-report.xml
   12:43:05.204 INFO: Analysis skipped/aborted due to missing report file
   12:43:05.206 DEBUG: XML-Dependency-Check report does not exist.
   java.io.FileNotFoundException: XML-Dependency-Check report does not exist.
   at org.sonar.dependencycheck.report.XmlReportFile.getXmlReport(XmlReportFile.java:37)
   at org.sonar.dependencycheck.DependencyCheckSensor.parseAnalysis(DependencyCheckSensor.java:61)
   at org.sonar.dependencycheck.DependencyCheckSensor.execute(DependencyCheckSensor.java:97)
   at org.sonar.scanner.sensor.AbstractSensorWrapper.analyse(AbstractSensorWrapper.java:48)
   at org.sonar.scanner.sensor.ProjectSensorsExecutor.execute(ProjectSensorsExecutor.java:49)
   at org.sonar.scanner.scan.ProjectScanContainer.doAfterStart(ProjectScanContainer.java:361)
   at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:136)
   at org.sonar.core.platform.ComponentContainer.execute(ComponentContainer.java:122)
   at org.sonar.scanner.bootstrap.GlobalContainer.doAfterStart(GlobalContainer.java:141)
   at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:136)
   at org.sonar.core.platform.ComponentContainer.execute(ComponentContainer.java:122)
   at org.sonar.batch.bootstrapper.Batch.doExecute(Batch.java:73)
   at org.sonar.batch.bootstrapper.Batch.execute(Batch.java:67)
   at org.sonarsource.scanner.api.internal.batch.BatchIsolatedLauncher.execute(BatchIsolatedLauncher.java:46)
   at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
   at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
   at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
   at java.lang.reflect.Method.invoke(Method.java:498)
   at org.sonarsource.scanner.api.internal.IsolatedLauncherProxy.invoke(IsolatedLauncherProxy.java:60)
   at com.sun.proxy.$Proxy0.execute(Unknown Source)
   at org.sonarsource.scanner.api.EmbeddedScanner.doExecute(EmbeddedScanner.java:185)
   at org.sonarsource.scanner.api.EmbeddedScanner.execute(EmbeddedScanner.java:137)
   at org.sonarsource.scanner.cli.Main.execute(Main.java:112)
   at org.sonarsource.scanner.cli.Main.execute(Main.java:75)
   at org.sonarsource.scanner.cli.Main.main(Main.java:61)

12:43:05.206 INFO: Dependency-Check HTML report does not exists. Please check property sonar.dependencyCheck.htmlReportPath:/opt/Node1/workspace/Mainframe_Pipeline/SonarQube_MF_LFG_Prod/Source/${WORKSPACE}/dependency-check-report.html
12:43:05.206 INFO: HTML-Dependency-Check report does not exist.
12:43:05.206 DEBUG: HTML-Dependency-Check report does not exist.
java.io.FileNotFoundException: HTML-Dependency-Check report does not exist.
at org.sonar.dependencycheck.report.HtmlReportFile.getHtmlReport(HtmlReportFile.java:37)
at org.sonar.dependencycheck.DependencyCheckSensor.uploadHTMLReport(DependencyCheckSensor.java:67)
at org.sonar.dependencycheck.DependencyCheckSensor.execute(DependencyCheckSensor.java:111)
at org.sonar.scanner.sensor.AbstractSensorWrapper.analyse(AbstractSensorWrapper.java:48)
at org.sonar.scanner.sensor.ProjectSensorsExecutor.execute(ProjectSensorsExecutor.java:49)
at org.sonar.scanner.scan.ProjectScanContainer.doAfterStart(ProjectScanContainer.java:361)
at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:136)
at org.sonar.core.platform.ComponentContainer.execute(ComponentContainer.java:122)
at org.sonar.scanner.bootstrap.GlobalContainer.doAfterStart(GlobalContainer.java:141)
at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:136)
at org.sonar.core.platform.ComponentContainer.execute(ComponentContainer.java:122)
at org.sonar.batch.bootstrapper.Batch.doExecute(Batch.java:73)
at org.sonar.batch.bootstrapper.Batch.execute(Batch.java:67)
at org.sonarsource.scanner.api.internal.batch.BatchIsolatedLauncher.execute(BatchIsolatedLauncher.java:46)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.sonarsource.scanner.api.internal.IsolatedLauncherProxy.invoke(IsolatedLauncherProxy.java:60)
at com.sun.proxy.$Proxy0.execute(Unknown Source)
at org.sonarsource.scanner.api.EmbeddedScanner.doExecute(EmbeddedScanner.java:185)
at org.sonarsource.scanner.api.EmbeddedScanner.execute(EmbeddedScanner.java:137)
at org.sonarsource.scanner.cli.Main.execute(Main.java:112)
at org.sonarsource.scanner.cli.Main.execute(Main.java:75)
at org.sonarsource.scanner.cli.Main.main(Main.java:61)

• what have you tried so far to achieve this

1. Nothing is been done as i dont have any clue on disabling/skipping dependency check.

Hi,

seems, you are using this plugin

This plugin has only a global settings page, see
https://yoursonarhost/admin/settings?category=dependency-check

but it has no in- / exclusion setting for projects.
So, the answer is no.
You may create an issue / feature request @ github repo

Maybe it’s possible to use a ‘dummy’ dependency-check-report.xml or dependency-check-report.html file, but that’s not a clean solution.

Gilbert

@Rebse Thank you so much for your time and addressing this issue. Looks like there is no way to control this at project level. As you mentioned, created an issue @github repo.