Sonarscanner for .NET Miss-identifying my Source as Tests

jhodgson · August 27, 2021, 3:19pm

I am having an issue where the SonarScanner for .NET is not properly scanning one specific project within my solution.

Environment Details

SonarQube Server v8.9.2
Sonarscanner for .Net v5.2.1.31210
Project targets .NET Framework 4.8

Issue Details
One project in my solution, specifically my web applicaiton project, does not appear to be scanning properly. I can view the raw source in the sonar report however this project reports no LoC, rule violations, tests, coverage, etc. All other projects appear to work properly however they are all supporting projects and are either test projects or libraries.

What I Know About the Issue
I have ran the scan with verbose output and I believe I know the cause of the problem however I am at a loss as to how to fix it.

The logs show that my API project is being assigned to the sonar.tests key instead of the sonar.sources.
Here is the relevant output for the project in question

D3B0DC17-A0A9-4D4A-B996-A2B00B723526.sonar.projectName=SafeTraceTx.Api
D3B0DC17-A0A9-4D4A-B996-A2B00B723526.sonar.projectBaseDir=C:\\git-root\\main-sandbox\\app\\SafeTraceTx.Api
D3B0DC17-A0A9-4D4A-B996-A2B00B723526.sonar.sourceEncoding=utf-8
D3B0DC17-A0A9-4D4A-B996-A2B00B723526.sonar.sources=
D3B0DC17-A0A9-4D4A-B996-A2B00B723526.sonar.tests=\
"C:\\git-root\\main-sandbox\\app\\SafeTraceTx.Api\\App_Start\\SwaggerConfig.cs",\
"C:\\git-root\\main-sandbox\\app\\SafeTraceTx.Api\\Auth\\App_Start\\Ioc\\Modules\\ApiModule.cs",\
"C:\\git-root\\main-sandbox\\app\\SafeTraceTx.Api\\Auth\\App_Start\\Ioc\\Modules\\DomainModule.cs",\
"C:\\git-root\\main-sandbox\\app\\SafeTraceTx.Api\\Auth\\App_Start\\Ioc\\Modules\\RepositoryModule.cs",\
"C:\\git-root\\main-sandbox\\app\\SafeTraceTx.Api\\Auth\\App_Start\\WebApiConfig.cs",\
"C:\\git-root\\main-sandbox\\app\\SafeTraceTx.Api\\Auth\\Attributes\\SafeTraceTxApiAuthorizeAttribute.cs",\
...

Here is the relevant output for a working project

93B784E4-FF9C-4012-AEDA-51649E530624.sonar.projectName=SafeTraceTx.Domain
93B784E4-FF9C-4012-AEDA-51649E530624.sonar.projectBaseDir=C:\\git-root\\main-sandbox\\app\\SafeTraceTx.Domain
93B784E4-FF9C-4012-AEDA-51649E530624.sonar.sourceEncoding=utf-8
93B784E4-FF9C-4012-AEDA-51649E530624.sonar.sources=\
"C:\\git-root\\main-sandbox\\app\\SafeTraceTx.Domain\\Auth\\CommandServices\\ISystemAuthenticationService.cs",\
"C:\\git-root\\main-sandbox\\app\\SafeTraceTx.Domain\\Auth\\CommandServices\\SystemAuthenticationService.cs",\
"C:\\git-root\\main-sandbox\\app\\SafeTraceTx.Domain\\Auth\\Common\\IJwtTokenUtility.cs",\
"C:\\git-root\\main-sandbox\\app\\SafeTraceTx.Domain\\Auth\\Common\\JwtOverrideTokenDetails.cs",\

Likewise here is the relevant output for the broken projects associated test project

549FBD81-F442-4C1E-BFDB-4EAF3A530DE3.sonar.projectName=SafeTraceTx.Api.Tests
549FBD81-F442-4C1E-BFDB-4EAF3A530DE3.sonar.projectBaseDir=C:\\git-root\\main-sandbox\\app\\Tests\\SafeTraceTx.Api.Tests
549FBD81-F442-4C1E-BFDB-4EAF3A530DE3.sonar.sourceEncoding=utf-8
549FBD81-F442-4C1E-BFDB-4EAF3A530DE3.sonar.sources=
549FBD81-F442-4C1E-BFDB-4EAF3A530DE3.sonar.tests=\
"C:\\git-root\\main-sandbox\\app\\Tests\\SafeTraceTx.Api.Tests\\Auth\\Attributes\\SafeTraceTxApiAuthorizeAttributeTests.cs",\
"C:\\git-root\\main-sandbox\\app\\Tests\\SafeTraceTx.Api.Tests\\Auth\\Attributes\\SafeTraceTxAuthorizeAttributeTests.cs",\
"C:\\git-root\\main-sandbox\\app\\Tests\\SafeTraceTx.Api.Tests\\Auth\\Controllers\\Controllers\\HeartbeatControllerTests.cs",\
"C:\\git-root\\main-sandbox\\app\\Tests\\SafeTraceTx.Api.Tests\\Auth\\Controllers\\Controllers\\LoginControllerTests.cs",\

Does anyone know how the scanner determines if it should set the sources from the project to the sources or tests key? And what might be causing it to miss identify the source project as a test project?

jhodgson · August 27, 2021, 4:07pm

I believe I have found the problem. There is a reference to nunit in that project which is causing it to be marked as a test project. I have removed the reference and I am re-testing.

For anyone that this might be useful for I found SonarQube.Integrations.targets in the source for the scanner which has this to say about how it determines a test project.

Test projects
    *************
    The analysis performed by SonarQube varies depending on whether a project is a test project or not.

    A project can be explicitly marked as being a test or product project by setting the property $(SonarQubeTestProject) e.g.

      <SonarQubeTestProject>true</SonarQubeTestProject>

    If $(SonarQubeTestProject) is not set explicitly then the project is categorized as a Test project if:
    * Is a Fakes or a Temp project explicitly marked as SonarQubeExclude=false
    * Has one of the expected test project GUIDs ("3AC096D0-A1C2-E12C-1390-A8335801FDAB" or legacy "82A7F48D-3B50-4B1E-B82E-3ADA8210C358").
    * Has a TestContainer project capability.
    * References a known unit test related assembly.
    * Deprecated: Project name matches "sonar.msbuild.testProjectPattern" parameter. Use SonarQubeTestProject=true instead.

    Otherwise it is a Product project.

Hopefully this can help anyone else track down similar issues.

system · September 3, 2021, 4:07pm

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.