ALM used: Azure DevOps
CI system used: Azure DevOps
SonarCloud project setup: Monorepo
Relevant applicable language: C#
Scanner “prepare” task:
- task: SonarCloudPrepare@1 inputs: SonarCloud: redacted organization: redacted projectKey: redacted projectName: redacted scannerMode: 'MSBuild' extraProperties: | sonar.exclusions=$(sonarCloudExclusions) sonar.inclusions=$(sonarCloudInclusions)
The value of
$(sonarCloudExclusions) is populated from proprietary per-project config.
The value of
$(sonarCloudInclusions) is populated from proprietary per-project config, prefixed with
($slnFolder)/**/*,. Reason for this: Our monorepo is large, with many libraries shared as source, and this ensures that shared code within the solution does not get scanned multiple times - within each consuming solution that has a SonarCloud project.
The solution above achieved its target that no source file was scanned twice. However, a few days ago we recognised that tests applied to said shared code are not excluded. We referred to the docs for file exclusion and inclusion. The usage example attempts to distinguish between source and tests. We have no need of this, because the
MSBuild flavour does this excellently automatically, correctly populating the values of
sonar.tests within each module or each project. For us, the aim of these inclusions/exclusions was not to distinguish source from tests, but rather to narrow down the overall scope to certain folders for source and tests alike, so the additional properties for tests inclusions and exclusions seemed appropriate to use, since the docs specifically mention that these value filter the initial scope (which is untouched). So we’ve added the same inclusions and exclusions for tests as for sources:
extraProperties: | sonar.exclusions=$(sonarCloudExclusions) sonar.inclusions=$(sonarCloudInclusions) sonar.test.exclusions=$(sonarCloudExclusions) sonar.test.inclusions=$(sonarCloudInclusions)
Expected result 1: All tests outside the solution folder are removed from each SonarCloud project.
Observed result 1:All tests outside the solution folder are removed from each SonarCloud project.
Expected result 2: All sources remain untouched.
Observed result 2: All sources, everywhere, are removed from each SonarCloud project.
Prepare Analysis Configurationtask version: 1.33.0
Run code analysistask version: 1.36.0
Comparing pipeline logs of two runs, before and after the change, reveal that the new
sonar.test.inclusionsseems to have been populated also into
This example project has no configured exclusions, so we expected to see only new test inclusions in the logs.
Comparing Project → Background Tasks → Show SonarScanner Context before and after showed all identical parameters, including
sonar.testsfor each module, except for the expected additional project-level property
sonar.test.inclusions, populated with the correct value. Specifically no change in
sonar.inclusions, and in this particular project there are no
Would this be an expected behaviour, or a bug?
Am I using an incorrect setup for my goal?
For any solution / workaround you may have for me, please keep in mind that I have a high preference to keep using the scanner’s existing logic for distinguishing sources from tests. If I have to configure this for every project manually - this would be error prone and a high overhead, since our monorepo is very large and very versatile.