-
ALM used: Azure DevOps
-
CI system used: Azure DevOps
-
SonarCloud project setup: Monorepo
-
Relevant applicable language: C#
-
Scanner “prepare” task:
- task: SonarCloudPrepare@1
inputs:
SonarCloud: redacted
organization: redacted
projectKey: redacted
projectName: redacted
scannerMode: 'MSBuild'
extraProperties: |
sonar.exclusions=$(sonarCloudExclusions)
sonar.inclusions=$(sonarCloudInclusions)
The value of $(sonarCloudExclusions)
is populated from proprietary per-project config.
The value of $(sonarCloudInclusions)
is populated from proprietary per-project config, prefixed with ($slnFolder)/**/*,
. Reason for this: Our monorepo is large, with many libraries shared as source, and this ensures that shared code within the solution does not get scanned multiple times - within each consuming solution that has a SonarCloud project.
The solution above achieved its target that no source file was scanned twice. However, a few days ago we recognised that tests applied to said shared code are not excluded. We referred to the docs for file exclusion and inclusion. The usage example attempts to distinguish between source and tests. We have no need of this, because the MSBuild
flavour does this excellently automatically, correctly populating the values of sonar.sources
and sonar.tests
within each module or each project. For us, the aim of these inclusions/exclusions was not to distinguish source from tests, but rather to narrow down the overall scope to certain folders for source and tests alike, so the additional properties for tests inclusions and exclusions seemed appropriate to use, since the docs specifically mention that these value filter the initial scope (which is untouched). So we’ve added the same inclusions and exclusions for tests as for sources:
extraProperties: |
sonar.exclusions=$(sonarCloudExclusions)
sonar.inclusions=$(sonarCloudInclusions)
sonar.test.exclusions=$(sonarCloudExclusions)
sonar.test.inclusions=$(sonarCloudInclusions)
Expected result 1: All tests outside the solution folder are removed from each SonarCloud project.
Observed result 1:All tests outside the solution folder are removed from each SonarCloud project.
Expected result 2: All sources remain untouched.
Observed result 2: All sources, everywhere, are removed from each SonarCloud project.
===
Additional info:
-
Prepare Analysis Configuration
task version: 1.33.0 -
Run code analysis
task version: 1.36.0 -
Comparing pipeline logs of two runs, before and after the change, reveal that the new
sonar.test.inclusions
seems to have been populated also intosonar.exclusions
:
This example project has no configured exclusions, so we expected to see only new test inclusions in the logs. -
Comparing Project → Background Tasks → Show SonarScanner Context before and after showed all identical parameters, including
sonar.sources
andsonar.tests
for each module, except for the expected additional project-level propertysonar.test.inclusions
, populated with the correct value. Specifically no change insonar.inclusions
, and in this particular project there are nosonar.exclusions
and nosonar.test.exclusions
.
===
Would this be an expected behaviour, or a bug?
Am I using an incorrect setup for my goal?
For any solution / workaround you may have for me, please keep in mind that I have a high preference to keep using the scanner’s existing logic for distinguishing sources from tests. If I have to configure this for every project manually - this would be error prone and a high overhead, since our monorepo is very large and very versatile.