Scanning .Net projects does not scan all related / included projects

Problem:
When scanning a .Net Project which includes other projects from other folders they will be ignored.
“File xxxx is ignored. It is not located in project basedir”

Example folder structure

├ FOLDER_A
│  └ FOLDER_A1
│      └ project_a.csproj 
├ FOLDER_B
│  └ project_b.csproj
└ FOLDER_C
   └ project_c.csproj

Content of “project_a.csproj” file:

<Project Sdk="Microsoft.NET.Sdk">
  . . .
  <ItemGroup>
    <ProjectReference Include="..\..\FOLDER_B\project_b.csproj" />
    <ProjectReference Include="..\..\FOLDER_C\project_c.csproj" />
  </ItemGroup>
</Project>

What will happen during the scan of “project_a.csproj”:

INFO: Indexing files of module 'project_a'
INFO:   Base dir: /. . ./FOLDER_A/FOLDER_A1

INFO: Indexing files of module 'project_b'
INFO:   Base dir: /. . ./FOLDER_B
WARN: File '/. . ./FOLDER_B/file_1.cs' is ignored. It is not located in project basedir '/. . ./FOLDER_A/FOLDER_A1'.

INFO: Indexing files of module 'project_c'
INFO:   Base dir: /. . ./FOLDER_C
WARN: File '/. . ./FOLDER_C/file_2.cs' is ignored. It is not located in project basedir '/. . ./FOLDER_A/FOLDER_A1'.

So far we tried all kind of combinations setting:

  • sonar.projectBaseDir
  • sonar.sources
  • sonar.working.directory
  • sonar.tests

But as soon as setting more than “sonar.projectBaseDir” the following error occurs:

ERROR: File xxxx can't be indexed twice. Please check that inclusion/exclusion patterns produce disjoint sets for main and test files

Any idea how we can scan all that belongs to “project_a” even if it is only “included” from other folders.

PS: Yes, we are aware that the same finding may appear then in other projects, but there are no special scan for just this “helper” projects b & c, because they will not be built for themselve.

Specs:

  • SonarQube 9.7.1
  • SonarScanner for MSBuild 5.13
  • Azure DevOps Marketplace Extension

Hello @jensheidrich_acn

Could you please:

Share the Scanner for .NET verbose logs

  • Add /d:"sonar.verbose=true" to the…
    • SonarScanner.MSBuild.exe or dotnet sonarscanner begin command to get more detailed logs
      • For example: SonarScanner.MSBuild.exe begin /k:"MyProject" /d:"sonar.verbose=true"
    • “SonarQubePrepare” or “SonarCloudPrepare” task’s extraProperties argument if you are using Azure DevOps
      • For example:
- task: SonarCloudPrepare@1
    inputs:
      SonarCloud: 'sonarcloud'
      organization: 'foo'
      scannerMode: 'MSBuild'
      projectKey: 'foo_sonar-scanning-someconsoleapp'
      projectName: 'sonar-scanning-someconsoleapp'
      extraProperties: |
        sonar.verbose=true
  • The important logs are in the END step (i.e. SonarQubeAnalyze / SonarCloudAnalyze / “Run Code Analysis”)

Share the msbuild detailed logs

MsBuild.exe /t:Rebuild /v:d

or

dotnet build -v:d