We've had trouble setting up a custom SonarQube server. The global analysis works fine, but unit test files are being analyzed and they trigger issues on the report.
For instance, we have hardcoded IP addresses in unit test files, and Sonar reports a security hotspot.
The arborescence is as follow:
component-a
module1/src/...
module1/tests/...
module2/src/...
module2/tests/...
component-b
src/...
tests/...
component-c
src/...
tests/...
I've tried the following parameters but it does not work, as test files are still being analyzed:
sonar.sources=.
sonar.sources.inclusions=component-a/**/src,component-b/src,component-c/src
sonar.sources.exclusions=component-a/**/tests,component-b/tests,component-c/tests
sonar.tests=.
sonar.test.inclusions=component-a/**/tests,component-b/tests,component-c/tests
Do you have any idea on how to make this configuration work?
Thanks in advance
Try something like:
sonar.sources=.
sonar.tests=.
sonar.test.inclusions=**/tests/**/*
The test files should still be analyzed but only as test files (security hotspots should not be reported on them).
Related
I'm using TestNG Results Plugin.
I defined TestNG XML report pattern as: **\target\surefire-reports\testng-results.xml
I'm getting this error:
TestNG Reports Processing: START
Looking for TestNG results report in workspace using pattern: **\target\surefire-reports\testng-results.xml
Did not find any matching files.
What should be the correct pattern?
I just fixed this problem!
It's because that the current directory was changed to the default Jenkins workspace, something like '/Users/Shared/Jenkins/Home/workspace/your_project_name' when it ran!!
You will find it yourself if you add shell command 'pwd' before Post-build Actions in the Configuration of your project in Jenkins.
You just need configure your project in General -> Advanced... -> Use custom workspace, and fill in the full path of your project, and it will work!!!
The following pattern works for me: **/target/surefire-reports/*.xml
Also ensure that the default listeners are not disabled in your surefire configuration to ensure that surefire creates the xml reports for ReoprtNG/TestNG. Until I removed the disabling of default listeners I got the same error.
Current my scanner is running through and only scanning the parent and skipping the rest of my nested files. If I run sonarlint (using the cli and specifying some test and source files) , it tries to analyze 37k files instead of the few I need. I have been able to skip ~3k files by adding the <sonar.skip>true</sonar.skip> property to a pom file. However, I still can't configure the project to run across certain sub-folders and print out some kind of code coverage test. (Is JaCoCo needed for the latest version(6.3,0)? Or can code-coverage be handled through some configuration?).
If Sonar seems to be analyzing too many files, it is probably because you had not set the sonar.sources=src/main/java in your sonar-project.properties file, so it defaults to the basedir and includes everything.
SonarQube can't do code-coverage itself, it just reports on coverage-reports from a tool like JaCoCo. It is funny they don't clarify these things in https://docs.sonarqube.org/display/SCAN/Analyzing+with+SonarQube+Scanner --but with enough digging, you can find good info on that site.
I try to use the generic test plugin. I have the unittest.xml file with an absolute path
<file path="/Users/emerson/dev/sonar/project/workspace/components/triage/src/assets/test/unit/tests/controllers/controller.coffee">
the coffee script got compiled into js and unit tests were executed with the unittest.xml as result.
When I add this to my sonar build via the sonar.genericcoverage.unitTestReportPaths, it does recognise the unittest.xml, but does nothing.
The log says
[sonar:sonar] 14:32:55.108 INFO - imported unit test data for 0 files
[sonar:sonar] 14:32:55.109 INFO - unit test data ignored for 1 unknown files, including:
and then the path to the file named in the unittest.xml
The path is valid, why does it not recognise it ? Neither the coffee script nor the compiled js are part of the sonar build, is it therefore ?
As there is no support of coffee script with sonar, my hope was to at least include the unittest results in sonar.
Can someone explain whether it is possible and what should be written into the path field in the unittest.xml ?ยจ
Thanks for any clarification
Indeed the files need to be indexed in SonarQube in order to import test data.
You can set sonar.import_unknown_files to true with SonarQube 5.1+ to have all files indexed by SonarQube.
http://docs.sonarqube.org/display/SONAR/Analyzing+Source+Code#AnalyzingSourceCode-Unrecognizedfiles
I am working on to get Functional Test Coverage using JaCoCo and SONAR for a java based application.
My Requirement:
Get Functional Test Coverage.
Publish the Functional Test Coverage results to SONAR(pass on the jacoco.exec file to SONAR)
Below is the set up I did:
Set up instances on my DVL(development box) and make the system up and running.
In the /bin directory of the instances, I am including jacoco agent in the CATALINA_OPTS variable with below configuration:
vim catalina.sh
export CATALINA_OPTS="$CATALINA_OPTS -javaagent:${XYZ_ROOT}/WEB-INF/lib/org.jacoco.agent-0.5.8.201206210517.jar=includes=com.xyz.xx.*,excludes=com.xyz.xx.webclient.command.UIBean,output=tcpclient,address=lxdm379m7.xyz.com,port=9000"
(lxdm379m7.xyz.com is my sonar server and 9000 is the port number)
Now restarted the server, And the server is up.
I do manual testing on my AUT which is on my DVL. Hit pages back and forth.
My Issue:
Not able to generate the jacoco.exec file.
Help I need:
Why is the jacoco.exec file not generated.
If it is generated, where can I find it? and how to pass it on to SONAR ?
Any help or clue on this is appreciated.
I have a project which uses Maven. I wish to run Sonar on the integration test classes.
I have tried to add the pattern **/*ITCase.java in Settings / Exclusions / Test file inclusions (in the Sonar UI that's at localhost:9000). This setting is said to be
"Patterns used to include some test files and only these ones in analysis."
However, the files still are excluded. Any ideas? Has anyone used that setting successfully?
I have not found a solution with Maven.
But using the sonar runner, it is quite simple and works well.
I put a sonar-project.properties file in the src/test/java directory, apart from the sonar.projectKey, sonar.projectName and sonar.projectVersion, these are the settings to use:
sonar.sources = .
sonar.binaries = ../../../target/test-classes
sonar.language = java
sonar.sourceEncoding = UTF-8
The sonar runner can be run from the test/java directory and the project will appear in the Sonar local webpage at http://localhost:9000