.sonarcloud.properties not working for automatic analysis

pasij · April 5, 2023, 6:39am

I’m trying to reduce the amount of code in one of our repositories and I put these to .sonarcloud.properties file to do exactly that:

sonar.sources=.
sonar.inclusions=**/app/*

In the project analysis SonarCloud context I see this:

Project scanner properties:
  - sonar.inclusions=**/pom.xml,**/src/main/**/*
  - sonar.sources=.

I think the settings in the file don’t work?

I also set the same in the project settings in the website, and the same analysis context shows this too:

Project server settings:
  - sonar.autoscan.enabled=true
  - sonar.inclusions=**/app/*

So, what are the settings in effect really?

ganncamp · April 7, 2023, 5:53pm

Hi,

Your project’s Administration → Background Tasks → [ row dot menu] → Show SonarScanner Context reflects the values that were actually used during analysis.

The docs give you the precedence of parameters set in different places. Basically, those set closer to the actual analysis command take precedence.

Now to the question of where the overwrite is coming from. Since you’re using automatic analysis, the override can’t be on the command line. Can you double-check your .sonarcloud.properties file to make sure the inclusions parameter isn’t set a second time farther down in the file?

Ann

pasij · April 11, 2023, 10:27am

Hi @ganncamp

Well this is really easy to check as there is only 2 lines I previously mentioned in my .sonarcloud.properties file:

sonar.sources=.
sonar.inclusions=**/app/*

ganncamp · April 11, 2023, 6:41pm

Hi,

Yes, you did start with that. I was asking that you look in the file to make double-sure. But okay.

Am I correct in thinking this is a Maven project? Do you have any analysis properties set in your pom?

Ann

pasij · April 14, 2023, 6:50am

The repository has multiple pom.xml files in different directories, and at least the one in the root of the repository has these mentions of sonar:

<destFile>${sonar.jacoco.reportPath}</destFile>
<destFile>${sonar.jacoco.itReportPath}

There’s only 1 other pom.xml file in one sub directory with word sonar, and it seems to have only sonar.exclusions set within it.

So yes, I think there is Maven project(s).

ganncamp · April 14, 2023, 3:06pm

Hi,

I’m 85% sure this is coming from something on your side, but just in case it’s not, I’m going to flag it for team attention.

Ann

Serhat_Yenican · April 24, 2023, 1:55pm

Hi @pasij

For Java projects, the automatic analysis doesn’t support changing sonar.sources and sonar.inclusions properties. So, we have some undocumented limitations for automatic analysis for Java projects. We should either update our documents or support changing the properties written in our docs soon.

What you can do for now to reduce the amount of code to be analyzed is to exclude files in the UI under
Your Organization > Your Project > Administration - General Settings > Analysis Scope > Files. Please note that automatic analysis only takes the exclusion configuration in the UI into account but not in the .sonarcloud.properties file for now.

Thanks

system · May 3, 2023, 1:27pm

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.