If SonarQube's results are not relevant, developers will push back on using it. That's why precisely configuring what to analyze for each project is a very important step. Doing so allows you to remove noise, like the issues and duplications marked on generated code or the issues from rules that are not relevant for certain types of object.
SonarQube gives you several options for configuring exactly what will be analyzed. You can
- completely ignore some files or directories
- exclude files/directories from Issues detection (specific rules or all of them) but analyze all other aspects
- exclude files/directories from Duplications detection but analyze all other aspects
- exclude files/directories from Coverage calculations but analyze all other aspects
We recommend that you exclude generated code, source code from libraries, etc. There are four different ways to narrow your analysis to the source code that will be relevant to the development team. You can combine them all together to tune your analysis scope.
sonar.sources property to limit the scope of the analysis to certain directories.
Some project modules should not be analyzed and consolidated with global project measures. For instance: sample modules, integration tests modules, etc. To exclude those modules, at the project level, go to Configuration > Settings > Exclusions > Files and set the Module Exclusions property. The format is a comma-separated list of modules:
module1_to_exclude,module2_to_exclude. If a module's artifactId differs from its module name (the directory name), it is the artifactId that should be used instead of the module name
You can also work the other way around with inclusions by setting the Module Inclusions property. Be careful: the root project must be added to the list.
Known limitation in .NET: this property does not currently work while the "sonar.dotnet.key.generation.strategy" is set to "safe". See SONARDOTNT-10.
Most language plugins offer a way to restrict the scope to files matching a set of extensions. Go to Settings > General Settings > LanguagePlugin and set the File suffixes property:
It is possible to exclude specific files from being analyzed. At the project level, go to Configuration > Settings > Exclusions > Files and set the:
sonar.exclusionsproperty to exclude source code files
sonar.tests.exclusionsproperty to exclude unit test files
Global exclusions that will apply to all projects can also be set. Go to Settings > General Settings > Exclusions > Files and set the
Since version 3.5, you can also work the other way around by setting inclusions. Go to Settings > General Settings > Exclusions > Files and set the
sonar.test.inclusions properties. If you set an inclusion, then only the files or modules listed there will be included in the analysis.
See the Patterns section for more details on the syntax.
You can have SonarQube ignore issues on certain components and against certain coding rules. Go to Configuration > Settings > Exclusions > Issues.
Ignore Issues on Files
You can ignore all issues on files that contain a block of code matching a given regular expression.
Example: Ignore all issues on files containing
Ignore Issues in Blocks
You can ignore all issues on specific blocks of code, while continuing to scan and mark issues on the remainder of the file.
Note: If the first regular expression is found but not the second one, the end of the file is considered to be the end of the block.
Example: Ignore all issues included between
GEN-LAST and between
Ignore Issues on Multiple Criteria
You can ignore issues on certain components and for certain coding rules.
- I want to ignore all issues on all files =>
- I want to ignore all issues on COBOL program bank/ZTR00021.cbl =>
- I want to ignore all issues on classes located directly in the Java package
com.foo, but not in its sub-packages =>
- I want to ignore all issues against coding rule cpp.Union on files in the directory object and its sub-directories =>
<TODO> Update the screenshot
Restrict Scope of Coding Rules
You can restrict the application of a rule to only certain components, ignoring all others.
- I only want to check the rule Magic Number on Bean objects and not on anything else =>
- I only want to check the rule Prevent GO TO statement from transferring control outside current module on COBOL programs located in the directories bank/creditcard and
<TODO> Update the screenshot
You can prevent some files from being checked for duplications.
To do so, go to Settings > General Settings > Exclusions > Duplications and set the Duplication Exclusions property. See the Patterns section for more details on the syntax.
Ignore Code Coverage
You can prevent some files from being taken into account for code coverage by unit tests and integration tests.
To do so, go to Settings > General Settings > Exclusions > Code Coverage and set the Coverage Exclusions property. See the Patterns section for more details on the syntax.
Paths can be defined either as either relative or absolute. Use relative paths whenever possible.
The following wildcards can be used in either kind of path:
|*||zero or more characters|
|**||zero or more directories|
|?||a single character|
Relative paths are based on the fully qualified name of the component (like the ones displayed in the red frames below):
Note that for Java (only), the fully qualified name is not exactly the one that is displayed. You have to replace the "." package separator with "/" and add the ".java" extension. For the above example, the fully qualified name is "org/sonar/api/utils/KeyValueFormat.java". For other languages, the path is displayed in the fully qualified format automatically.
To define an absolute path, start the pattern with "file:"