Sonarcloud doesn't recognize exclusions from .sonarcloud.properties

Template for a good new topic, formatted with Markdown:

  • ALM used (Bitbucket Cloud)
  • CI system used (Bitbucket Cloud)

Hi,

we’re using Sonarcloud together with our Bitbucket Cloud repos and Bitbucket pipelines. I tried to exclude files from scanning via using a .sonarcloud.properties file within the master branch of the repository. The problem is, that the file seems to be not recognized and “sonar.exclusions=**/*.xml” is having no effect. Also tried to also add sonar.organization and sonar.projectKey to the .sonarcloud.properties file but it’s not changing anything. There’s also no error happening while scanning, the files are simply not excluded. When I configure it via Administration -> Analysis Scope, it’s working, of course, but I want to have this in the VCS as well so the Admin UI is not an option here.

Thank you very much for your help.
Stephan :slight_smile:

Hi @shinzxc and welcome to the community !

The file you mentionned is only compatible with Autoscan, on GitHub.

You should use a sonar-project.properties file instead, and making that it’s correctly picked up by the scanner execution.

HTH,
Mickaël

1 Like

Thank you Mickael!

Hi Mickael,

I’m probably doing something wrong, but I wasn’t succesful so far…

I run it in a bitbucket pipeline and the mvn command looks like

“mvn -Dproject.settings=sonar-project.properties -B verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar”

The sonar-project.properties files like

sonar.organization=XXX
sonar.projectKey=XXX_etmf-notification
sonar.host.url=https://sonarcloud.io

File type exlcusions

sonar.exclusions=**/*.xml

It’s running without any exception, but the xmls are not ignored.

Any ideas?

My best
Stephan

Hi @shinzxc

In fact, maven is one of the only scanner that doesn’t support the sonar project properties file, my bad on that.

Following this documentation : https://sonarcloud.io/documentation/analysis/scan/sonarscanner-for-maven/

It’s preferable to set your sonar properties in a tag inside your pom.xml.
You can also set your exclusions in the SonarCloud UI settings directly.

HTH,
Mickaël

:smiley: well, that’s unfortunate…alright, pom.xml it is then…

Thank you once again Mickael :slight_smile:

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.