SonarQube version - * Community Edition Version 7.9.3 (build 33349)
Java 8
Using Gradle sonar Plugin
classpath “org.sonarsource.scanner.gradle:sonarqube-gradle-plugin:2.5”
Gradle version - 2.6 or 2.1 both tried
I am trying to analyze my multi-module project with gradle sonarQube task where I am using jaCoCo plugin for code Coverage
jacoco {
toolVersion = “0.8.2”
}
But analysis report is including test files in the report.
Same thing I tried with sonarScanner but it don’t include test added\updated\deleted code.
Gradle properties -
ext.analysisExclusionClasses = [’/firstorderevent/’,
‘/dto/’,
‘/test/’
]
I tried adding sonar.source to /src/main/java
Excluding test folder through sonar.exclusions and through test.exclusions
All the possible suggestions given in another tried I tried.
Here one can see it is saying 16 lines modified and in the measures tab give definition for that lines but in the other hand with sonar.properties file it is just counting the source file. Screen shot for the same.
Your SonarQube version is too old for us to analyze your problem. You should upgrade to a supported version, either 8.9.3 LTS or 9.2 Latest. See Download | SonarQube
Note: This will require you to upgrade to Java 11 for the SonarQube server, and it is also strongly recommended to upgrade to Java 11 for the Scanner (Gradle execution).
Once this upgrade is done, we’ll dive deeper in your problem.
Hi @OlivierK,
I can upgrade the version locally, but we were having this version in the whole organisation.
So, for the version upgrade request approval, it’s a long procedure.
That’s the reason, I am trying on the same version locally.
If possible can I get something around this version.?
The core problem here is that you apparently try to analyze your Maven (or Gradle) java project with the sonar-scanner CLI. This is wrong and (very) error prone. You should use the scanner for Maven or scanner for Gradle (depending on your project build tool).
Thanks @OlivierK
Just one more doubt why we should not use sonar-scanner CLI for maven and gradle?
As this can be used as a common command to analyze these projects.
Any specific reasons.?
Because by using the scanner for Maven/Gradle, the scanner will retrieve automatically from the Maven/Gradle environment a ton of informations that you would have to configure manually otherwise and that makes the analysis of complex Maven/Gradle projects with the Scanner CLI very error prone.
Among the settings that you have to configure with scanner CLI and not with the Scanner for Maven/Gradle:
sonar.projectKey
sonar.projectName
sonar.sources
sonar.tests
sonar.projectVersion
sonar.java.binaries
sonar.junit.reportPaths
sonar.jacoco.reportPaths
sonar.java.source
sonar.java.target
… and more
I think that’s a long enough list to justify using the proper scanner