ignoring specific files/folders with sonar.exclusions

Question

I have an ASP.NET MVC5 web app running on an Azure Devops CI/CD pipeline which includes SonarCloud for static code analyses. I am trying to ignore all 3rd party files such as Javascript/JQuery libraries which are throwing up a lot of "Bugs" and "Code Smells".

I would like to hide these files specifically:

INFO: 4/9 files analyzed, current file: BookingSystem/Scripts/jquery-3.3.1.js

I have tried various sonar.exclusions in Administration > General Settings > Analysis Scope > Files > Source File Exclusions and none have hidden the specific folders:

sonar.exclusions=**\Scripts\**
sonar.exclusions=Scripts\**
sonar.exclusions=**\Scripts**
sonar.exclusions=**\BookingSystem\Scripts\**

picture of logs

Can anyone tell me which format to use please?

Answer 1

Adding the following to sonar-project.properties worked fine for me:

sonar.exclusions=Scripts/*, 3rdparty/*

Make sure to set the value only once, using a comma separated list of ignore patterns. If you don't have that file, check this answer or the SonarCloud docs:

Analysis parameters can also be set in a configuration file within your project. The file used depends on your setup:

• Maven Java project: pom.xml
• Gradle Java project: build.gradle
• Ant Java project: build.xml
• Other CI-based analysis: sonar-project.properties
• Automatic analysis: .sonarcloud.properties

Answer 2

Take a look about my step to exclude folder from .NET Migrations

this is the way to ignore/exclude folders from Sonar

/d:sonar.exclusions="**/Migrations/**"

the full command is bellow

      - name: Build and analyze
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}  # Needed to get PR information, if any
          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
        shell: powershell
        run: |
          .\.sonar\scanner\dotnet-sonarscanner begin /k:"felipementel_DEPLOY.Cachorro.Api" /o:"felipementel" /d:sonar.token="${{ secrets.SONAR_TOKEN }}" /d:sonar.host.url="https://sonarcloud.io" /d:sonar.cs.vscoveragexml.reportsPaths=coverage.xml /d:sonar.exclusions="**/Migrations/**"
          dotnet run --project DEPLOY.Cachorro.Api/DEPLOY.Cachorro.Api.csproj --no-incremental
          dotnet-coverage collect "dotnet test" -f xml -o "coverage.xml"
          .\.sonar\scanner\dotnet-sonarscanner end /d:sonar.token="${{ secrets.SONAR_TOKEN }}"

Answer 3

I did not configure the sonar.exclusions via the UI like what you mentioned. You can try with below method in azure devops.

Just specify it in task definition(Sample):

- task: SonarCloudPrepare@1
  displayName: 'Prepare analysis on SonarCloud'
  inputs:
    SonarCloud: 'SonarCloud'
    organization: 'xxxx'
    scannerMode: 'MSBuild'
    projectKey: 'xxxx'
    extraProperties: sonar.exclusions=**/Properties/**

Here is what my project structure:

See this Properties folder was ignored successfully: