Current my scanner is running through and only scanning the parent and skipping the rest of my nested files. If I run sonarlint (using the cli and specifying some test and source files) , it tries to analyze 37k files instead of the few I need. I have been able to skip ~3k files by adding the <sonar.skip>true</sonar.skip> property to a pom file. However, I still can't configure the project to run across certain sub-folders and print out some kind of code coverage test. (Is JaCoCo needed for the latest version(6.3,0)? Or can code-coverage be handled through some configuration?).
If Sonar seems to be analyzing too many files, it is probably because you had not set the sonar.sources=src/main/java in your sonar-project.properties file, so it defaults to the basedir and includes everything.
SonarQube can't do code-coverage itself, it just reports on coverage-reports from a tool like JaCoCo. It is funny they don't clarify these things in https://docs.sonarqube.org/display/SCAN/Analyzing+with+SonarQube+Scanner --but with enough digging, you can find good info on that site.
Related
We've had trouble setting up a custom SonarQube server. The global analysis works fine, but unit test files are being analyzed and they trigger issues on the report.
For instance, we have hardcoded IP addresses in unit test files, and Sonar reports a security hotspot.
The arborescence is as follow:
component-a
module1/src/...
module1/tests/...
module2/src/...
module2/tests/...
component-b
src/...
tests/...
component-c
src/...
tests/...
I've tried the following parameters but it does not work, as test files are still being analyzed:
sonar.sources=.
sonar.sources.inclusions=component-a/**/src,component-b/src,component-c/src
sonar.sources.exclusions=component-a/**/tests,component-b/tests,component-c/tests
sonar.tests=.
sonar.test.inclusions=component-a/**/tests,component-b/tests,component-c/tests
Do you have any idea on how to make this configuration work?
Thanks in advance
Try something like:
sonar.sources=.
sonar.tests=.
sonar.test.inclusions=**/tests/**/*
The test files should still be analyzed but only as test files (security hotspots should not be reported on them).
I have configured the Build steps as below
Created another Build Configuration (e.g. named "Send to SonarQube") and added the dependency on initial configuration
An artifact dependency for ".teamcity/.NETCoverage/dotCover.dcvr" file and getting artifacts from "Build from the same chain".
In the new configuration ("Send to SonarQube") added a Command Line step with the following script:
%teamcity.dotCover.home%\dotCover.exe report /ReportType=HTML /Source="dotCover.dcvr" /Output="dotCover.html"
Added SonarQube Runner to the new configuration and added additional command line argument with "-Dsonar.cs.dotcover.reportsPaths=dotCover.html"
Please suggest
Note: When i have checked the dotCover.html the coverage is showing perfectly. But the sonarqube is showing as 0% covered
Since you are using build chains, you are probably switching directories and SonarQube uses absolute paths. To confirm this, look at the html/[nnn].html files in your working directory. In html -> head -> title, does the absolute path match the source code in your current working directory when you run the report command?
So to summarize, in your "Send to SonarQube", you need to ensure:
You have your source code in the working directory
Your individual [nnn].html files have titles with absolute paths matching the source code in your working directory.
There are a few ways to ensure #2:
Way #1
Tell TeamCity to run all snapshot dependencies on the same agent.
Make sure your VCS setup is exactly the same. (For myself, I had excluded some folders in my "Send To SonarQube" equivalent, and that caused a different working directory)
Way #2
Override the Checkout Directory in your VCS setup for everything in the build chain to point to the same absolute directory.
(I haven't tried this, but it should work across agents since the agent name isn't in the directory path)
Would like to disable the test-out folder means test outputs in my project as it less disk space issues in automation machines. Tried all below options as got it our tool:
SetDefaultListener(false);
setVerbose(0);
command line argument -usedefaultListener false
nothing can work me.I am using maven build tool to generate the jar. We need to give the jar to automachines to run this.
That's not possible by definition if do not want to have that folders, you have to skip tests in process of Jar building.
I have a largish Maven multiproject build. I'm scanning the codebase with SonarQube (5.6.5). For background, I successfully integrated the various JaCoCo exec files into SonarQube by using the "jacoco:merge" goal, to produce a single exec file. The SonarQube property that alleges to allow specifying a list of JaCoCo exec files doesn't work in our version of SonarQube, but specifying a single one does work.
I'm now trying to integrate the numerous "TEST-*" files in "target/surefire-reports" in each of the subprojects. The "sonar.junit.reportsPath" property expects a single directory, so I can't specify a list of them.
That means I'm going to have to do something as part of the build to merge the entire contents of all of the "target/surefire-reports" directories into a single directory, so I can specify that directory.
I already have a pom that does nothing but merge JaCoCo data. This seems like a logical place to store the surefire reports.
How can I do this sort of thing with Maven? Would this be an application of the "maven-resources-plugin", or something else?
Ok, well, I guess I answered my own question. I was able to get this to work with the resources plugin, specifying every one of my modules as resource directories. I now have one ridiculous-looking POM that has three lists of all of the modules in my multiproject build, for three tasks that require me to list all of the modules to process. The Gradle version would be amazingly short.
I try to use the generic test plugin. I have the unittest.xml file with an absolute path
<file path="/Users/emerson/dev/sonar/project/workspace/components/triage/src/assets/test/unit/tests/controllers/controller.coffee">
the coffee script got compiled into js and unit tests were executed with the unittest.xml as result.
When I add this to my sonar build via the sonar.genericcoverage.unitTestReportPaths, it does recognise the unittest.xml, but does nothing.
The log says
[sonar:sonar] 14:32:55.108 INFO - imported unit test data for 0 files
[sonar:sonar] 14:32:55.109 INFO - unit test data ignored for 1 unknown files, including:
and then the path to the file named in the unittest.xml
The path is valid, why does it not recognise it ? Neither the coffee script nor the compiled js are part of the sonar build, is it therefore ?
As there is no support of coffee script with sonar, my hope was to at least include the unittest results in sonar.
Can someone explain whether it is possible and what should be written into the path field in the unittest.xml ?ยจ
Thanks for any clarification
Indeed the files need to be indexed in SonarQube in order to import test data.
You can set sonar.import_unknown_files to true with SonarQube 5.1+ to have all files indexed by SonarQube.
http://docs.sonarqube.org/display/SONAR/Analyzing+Source+Code#AnalyzingSourceCode-Unrecognizedfiles