SonarCloud sonar.exclusions not working still/again

  • SonarCloud (current), Azure DevOps SonarCloudPrepare Task 1.12.0, SonarCloudAnalyze Task 1.15.0
  • CI/CD: Azure DevOps Pipelines (YAML)
  • Language: JavaScript/TypeScript

Well, the usual problem: sonar.exclusions isn’t exclusioning anything.

We have an autogenerated TypeScript file at frontend/src/api/admin/api.ts that’s 40k lines that we want to exclude. Currently analyses are failing because this drives us over our 100KLOC limit.

The log from the SonarCloudAnalyze task shows the following:

04:42:37.898 INFO: Indexing files...
04:42:37.898 INFO: Project configuration:
04:42:37.899 INFO:   Excluded sources: ./frontend/src/api/admin/api.ts
[...]
04:42:38.511 DEBUG: 'frontend/src/api/admin/api.ts' indexed with language 'ts'
[...]
04:43:03.776 DEBUG: 'frontend/src/api/admin/api.ts' generated metadata with charset 'UTF-8'
04:43:06.331 INFO: 215/430 files analyzed, current file: frontend/src/api/admin/api.ts
04:43:16.332 INFO: 215/430 files analyzed, current file: frontend/src/api/admin/api.ts
[...]
04:43:30.184 DEBUG: Detection of duplications for /home/vsts/work/1/s/frontend/src/api/admin/api.ts
04:42:38.756 INFO: 601 files indexed
04:42:38.756 INFO: 0 files ignored because of inclusion/exclusion patterns

I have tried setting sonar.exclusions in the SonarCloud UI, and I have also tried setting it using the extraProperties options of the SonarCloudPrepare Task. Neither cause the analyzer to skip this file.

Here’s the SonarScanner context:

SonarCloud plugins:
  - SonarCSS 1.2.0.1325 (cssfamily)
  - SonarPLSQL 3.4.1.2576 (plsql)
  - SonarScala 1.7.0.883 (sonarscala)
  - C# Code Quality and Security 8.11.0.20529 (csharp)
  - Vulnerability Analysis 8.5.0-M1.3491 (security)
  - Java Code Quality and Security 6.6.0.22815 (java)
  - SonarHTML 3.2.0.2082 (web)
  - SonarFlex 2.5.1.1831 (flex)
  - SonarXML 2.0.1.2020 (xml)
  - VB.NET Code Quality and Security 8.11.0.20529 (vbnet)
  - SonarSwift 4.2.2.77 (swift)
  - CFamily Code Quality and Security 6.12.0.20255 (cpp)
  - Python Code Quality and Security 3.0.0.7330 (python)
  - JaCoCo 1.1.0.898 (jacoco)
  - Mercurial 1.1.2 (scmmercurial)
  - SonarGo 1.7.0.883 (go)
  - SonarKotlin 1.7.0.883 (kotlin)
  - SonarTSQL 1.4.0.3334 (tsql)
  - SonarApex 1.7.0.883 (sonarapex)
  - JavaScript/TypeScript Code Quality and Security 6.3.0.12464 (javascript)
  - SonarRuby 1.7.0.883 (ruby)
  - Vulnerability Rules for C# 8.5.0-M1.3491 (securitycsharpfrontend)
  - Vulnerability Rules for Java 8.5.0-M1.3491 (securityjavafrontend)
  - License for SonarLint 8.0.0.10782 (license)
  - COBOL Code Quality 4.5.1.4460 (cobol)
  - Vulnerability Rules for Python 8.5.0-M1.3491 (securitypythonfrontend)
  - Git 1.12.0.2034 (scmgit)
  - PHP Code Quality and Security 3.8.0.6152 (php)
  - SonarABAP 3.8.0.2034 (abap)
  - Vulnerability Rules for PHP 8.5.0-M1.3491 (securityphpfrontend)
Global server settings:
  - email.from=noreply@sonarcloud.io
  - email.fromName=SonarCloud
  - email.prefix=[SonarCloud]
  - sonar.auth.bitbucket.enabled=true
  - sonar.auth.microsoft.enabled=true
  - sonar.core.id=1BD809FA-AWHW8ct9-T_TB3XqouNu
  - sonar.core.serverBaseURL=https://sonarcloud.io
  - sonar.core.startTime=2020-08-12T13:39:54+0200
  - sonar.dbcleaner.weeksBeforeDeletingAllSnapshots=480
  - sonar.dbcleaner.weeksBeforeKeepingOnlyOneSnapshotByMonth=4
  - sonar.dbcleaner.weeksBeforeKeepingOnlyOneSnapshotByWeek=1
  - sonar.feature_flag.bbc_code_reports.enabled=true
  - sonar.leak.period=30
  - sonar.lf.enableGravatar=true
  - sonar.lf.logoWidthPx=105
  - sonar.organizations.anyoneCanCreate=true
  - sonar.organizations.createPersonalOrg=true
  - sonar.plsql.file.suffixes=sql,tab,pkb
  - sonar.tsql.file.suffixes=.tsql
Project server settings:
  - sonar.branch.longLivedBranches.regex=(develop|release\/)
  - sonar.exclusions=./frontend/src/api/admin/api.ts
  - sonar.javascript.lcov.reportPaths=./frontend/coverage/lcov.info
  - sonar.pullrequest.provider=Azure DevOps Services
  - sonar.pullrequest.vsts.token.secured=******
Project scanner properties:
  - sonar.branch.name=chore/enable-test-coverage-with-html-and-lcov-output
  - sonar.host.url=https://sonarcloud.io/
  - sonar.login=******
  - sonar.organization=******
  - sonar.projectBaseDir=/home/vsts/work/1/s
  - sonar.projectKey=******
  - sonar.projectName=******
  - sonar.projectVersion=1.0
  - sonar.scanner.app=ScannerCLI
  - sonar.scanner.appVersion=4.4.0.2170
  - sonar.scanner.metadataFilePath=/home/vsts/work/_temp/sonar/20200813.11/e44c6a28-aaba-7731-b001-a5a836066eb0/report-task.txt
  - sonar.sourceEncoding=UTF-8
  - sonar.sources=/home/vsts/work/1/s/frontend/src
  - sonar.verbose=true
  - sonar.working.directory=/home/vsts/work/1/s/.scannerwork

I have also tried to set sonar.exclusions by adding a .sonarcloud.properties file in the root of the git repository; that didn’t work either.