SonarCloud complains angular project exceeds lines of code (SOLVED: devexpress css files)

Note: this is caused through the local windows sonar scanner tool targeting a project within our app.

Sonar thinks we are trying to analyse 90K lines of code but it’s a small project.

There are other libraries within the same workspace but we ‘should’ not be including them (they are not inside the projectBaseDir).

Not sure if node_modules is being counted?

  • ALM used@ Azure DevOps (but this is not a pipeline issue)

  • CI system used: Azure DevOps (but this is not a pipeline issue)

  • Scanner command used (via local powershell terminal):
    sonar-scanner.bat
    -D"sonar.organization=myOrg" ^
    -D"sonar.projectKey=proj-key" ^
    -D"sonar.projectBaseDir=…/…/projects/test-app" ^
    -D"sonar.sources=src" ^
    D"sonar.exclusions=/node_modules/,/*.spec.ts,/.scannerwork/,/e2e/,/coverage/,…/…/node_modules/" ^
    -D"sonar.tests=src" ^
    -D"sonar.test.inclusions=**/*.spec.ts" ^
    -D"sonar.javascript.lcov.reportPaths=coverage/test-app/lcov.info" ^
    -D"sonar.host.url=https://sonarcloud.io"

  • Languages of the repository: angular (typescript)

  • Error observed: Your analysis with ID “HIDDEN” has failed: your number of lines exceeds your organization plan. Edit billing info or see troubleshooting documentation

I can see from the api response that the lines count would increase by approx 90K however we are targeting a small project with only 30 files being analysed (see redacted logs below).

This is a forked repository where the original branch was successfully analysed as 6.2K lines of code and the forked branch has simply split the app into multiple projects and we’ve added a bit more code but certainly nowhere near 90K lines!

I expect I need a change to the command arguments but the options so far tried have not worked.

Partial redacted logs:

INFO: Load project repositories
INFO: Load project repositories (done) | time=45ms
INFO: 112 files indexed
INFO: 112 files ignored because of inclusion/exclusion patterns
INFO: 0 files ignored because of scm ignore settings
INFO: Quality profile for css: Sonar way
INFO: Quality profile for ts: Sonar way
INFO: Quality profile for web: Sonar way
INFO: ------------- Run sensors on module PROJECT-KEY
INFO: JavaScript/TypeScript frontend is enabled
INFO: Load metrics repository
INFO: Load metrics repository (done) | time=44ms
INFO: Sensor SonarCSS Metrics [cssfamily]
INFO: Sensor SonarCSS Metrics [cssfamily] (done) | time=1200ms
INFO: Sensor SonarCSS Rules [cssfamily]
INFO: 30 source files to be analyzed
INFO: 30/30 source files have been analyzed
INFO: Sensor SonarCSS Rules [cssfamily] (done) | time=7926ms
INFO: Sensor C# Project Type Information [csharp]
INFO: Sensor C# Project Type Information [csharp] (done) | time=1ms
INFO: Sensor C# Properties [csharp]
INFO: Sensor C# Properties [csharp] (done) | time=1ms
INFO: Sensor JavaXmlSensor [java]
INFO: Sensor JavaXmlSensor [java] (done) | time=2ms
INFO: Sensor HTML [web]
INFO: Sensor HTML [web] (done) | time=104ms
INFO: Sensor VB.NET Project Type Information [vbnet]
INFO: Sensor VB.NET Project Type Information [vbnet] (done) | time=1ms
INFO: Sensor VB.NET Properties [vbnet]
INFO: Sensor VB.NET Properties [vbnet] (done) | time=1ms
INFO: Sensor JaCoCo XML Report Importer [jacoco]
INFO: 'sonar.coverage.jacoco.xmlReportPaths' is not defined. Using default locations: target/site/jacoco/jacoco.xml,target/site/jacoco-it/jacoco.xml,build/reports/jacoco/test/jacocoTestReport.xml
INFO: No report imported, no coverage information will be imported by JaCoCo XML Report Importer
INFO: Sensor JaCoCo XML Report Importer [jacoco] (done) | time=3ms
INFO: Sensor TypeScript analysis [javascript]
INFO: Deploying custom rules bundle jar:file:/C:/Users/MyProfile/.sonar/cache/89a79ed6219c43720f92a0780fe73b4c/sonar-securityjsfrontend-plugin.jar!/js-vulnerabilities-rules-1.0.0.tgz to C:\Users\<route to app>\projects\my-app\.scannerwork\.sonartmp\eslint-bridge-bundle\package\custom-rules17239358842816312401
INFO: Found 1 tsconfig.json file(s): [C:\Users\<route to app>\projects\my-app\e2e\tsconfig.json]
INFO: 27 source files to be analyzed
INFO: Skipping 27 files with no tsconfig.json
INFO: 27/27 source files have been analyzed
INFO: Sensor TypeScript analysis [javascript] (done) | time=6757ms
INFO: Sensor JavaScript/TypeScript Coverage [javascript]
INFO: Analysing [C:\Users\<route to app>\projects\my-app\coverage\pyxis-online\lcov.info]
INFO: Sensor JavaScript/TypeScript Coverage [javascript] (done) | time=3ms
INFO: Sensor ThymeLeaf template sensor [securityjavafrontend]
INFO: Sensor ThymeLeaf template sensor [securityjavafrontend] (done) | time=2ms
INFO: Sensor JavaSecuritySensor [security]
INFO: Reading type hierarchy from: C:\Users\<route to app>\projects\my-app\.scannerwork\ucfg2\java
INFO: Read 0 type definitions
INFO: Reading UCFGs from: C:\Users\<route to app>\projects\my-app\.scannerwork\ucfg2\java
INFO: No UCFGs have been included for analysis.
INFO: Sensor JavaSecuritySensor [security] (done) | time=3ms
INFO: Sensor CSharpSecuritySensor [security]
INFO: Reading type hierarchy from: C:\Users\<route to app>\projects\my-app\ucfg_cs2
INFO: Read 0 type definitions
INFO: Reading UCFGs from: C:\Users\<route to app>\projects\my-app\ucfg_cs2
INFO: No UCFGs have been included for analysis.
INFO: Sensor CSharpSecuritySensor [security] (done) | time=1ms
INFO: Sensor PhpSecuritySensor [security]
INFO: Reading type hierarchy from: C:\Users\<route to app>\projects\my-app\.scannerwork\ucfg2\php
INFO: Read 0 type definitions
INFO: Reading UCFGs from: C:\Users\<route to app>\projects\my-app\.scannerwork\ucfg2\php
INFO: No UCFGs have been included for analysis.
INFO: Sensor PhpSecuritySensor [security] (done) | time=1ms
INFO: Sensor PythonSecuritySensor [security]
INFO: Reading type hierarchy from: C:\Users\<route to app>\projects\my-app\.scannerwork\ucfg2\python
INFO: Read 0 type definitions
INFO: Reading UCFGs from: C:\Users\<route to app>\projects\my-app\.scannerwork\ucfg2\python
INFO: No UCFGs have been included for analysis.
INFO: Sensor PythonSecuritySensor [security] (done) | time=1ms
INFO: Sensor JsSecuritySensor [security]
INFO: Reading type hierarchy from: C:\Users\<route to app>\projects\my-app\.scannerwork\ucfg2\js
INFO: Read 0 type definitions
INFO: Reading UCFGs from: C:\Users\<route to app>\projects\my-app\.scannerwork\ucfg2\js
INFO: No UCFGs have been included for analysis.
INFO: Sensor JsSecuritySensor [security] (done) | time=1ms
INFO: ------------- Run sensors on project
INFO: Sensor Zero Coverage Sensor
INFO: Sensor Zero Coverage Sensor (done) | time=3ms
INFO: SCM Publisher SCM provider for this project is: git
INFO: SCM Publisher 63 source files to be analyzed
INFO: SCM Publisher 63/63 source files have been analyzed (done) | time=3248ms
INFO: CPD Executor 3 files had no CPD blocks
INFO: CPD Executor Calculating CPD for 10 files
INFO: CPD Executor CPD calculation finished (done) | time=17ms
INFO: Analysis report generated in 536ms, dir size=5 MB
INFO: Analysis report compressed in 921ms, zip size=1 MB
INFO: Analysis report uploaded in 940ms
INFO: ANALYSIS SUCCESSFUL, you can find the results at: https://sonarcloud.io/dashboard?id=PROJECT-KEY
INFO: Note that you will be able to access the updated dashboard once the server has processed the submitted analysis report
INFO: More about the report processing at https://sonarcloud.io/api/ce/task?id=<obfs>
INFO: Analysis total time: 34.068 s

Hey there.

If you add -X to your analysis command, the DEBUG level logs should show you exactly what files have been indexed. This might help you figure out what you need to exclude / set differently.

SOLVED:
One difference I failed to consider was the introduction of dev express components and a few of their css stylesheet files were responsible for 80k extra lines of code. Not kidding…!
Added these to the exclusion parameter and it brought our count down to 1.6K!

-D"sonar.exclusions=/dx.*.css,/node_modules/,/*.spec.ts"

1 Like

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.