Using SonarQube with Cover CLI

Diffblue Cover writes tests that can be reported as "code smells" by SonarQube. This page gives suggestions for reducing the reported "code smells" and other warnings in the SonarQube output.

Turning off SonarQube for all Diffblue tests using Diffblue Cover CLI

A simple way to turn off the warnings given by SonarQube is to use the --annotate-suppress-warnings option to add the @SuppressWarnings code annotation to all test methods written by Diffblue Cover.

For example, --annotate-suppress-warnings=all suppresses all SonarQube warnings by producing the code annotation @SuppressWarnings({"all"}). You can use this command when you write tests, as shown below:

dcover create --annotate-suppress-warnings=all

Turning off SonarQube for specific warnings using Diffblue Cover CLI

If you want to turn off a specific warning, you can use the warning code to do this. For example, to suppress warnings java:S1161 and java:S5785 use the following:

--annotate-suppress-warnings=java:S1161,java:S5785

The codes for SonarQube warnings can be found in the SonarQube information about a warning. An example warning code is shown at the end of this page.

Turning off SonarQube for all Diffblue tests using SonarQube configuration

One simple solution is to turn off SonarQube analysis for all written tests. This can be achieved either through the SonarQube administration or via the SonarQube project configuration:

1. Open Administration (for all projects) or Project Settings (for one project).

2. Go to General Settings > Analysis Scope and add **/*DiffblueTest.java to the Test File Exclusions. This will exclude all Cover generated tests from analysis.

Turning off SonarQube for all Diffblue tests via the project build configuration

Edit the project configuration file (e.g. in your pom.xml or gradle config file) and add the following line to the project properties:

<sonar.test.exclusions>**/*DiffblueTest.java</sonar.test.exclusions>

Full details of turning off SonarQube for tests can be found in the SonarQube documentation.

Fine-Grained tuning using SonarQube configuration

Another option is to use SonarQube's fine-grained tuning options to turn on/off certain kinds of warnings and paths.

An alternative is to create a sonar-project.properties file in the resources directory and build custom rules there. For example, the following:

sonar.issue.ignore.multicriteria=e1
sonar.issue.ignore.multicriteria.e1.ruleKey=java:S5785
sonar.issue.ignore.multicriteria.e1.resourceKey=**/*DiffblueTest.java

ignores the JUnit assertTrue/assertFalse should be simplified to the corresponding dedicated assertion warning on all *DiffblueTest.java files.

Manually adding @SuppressWarnings to Diffblue unit tests

It is also possible to turn off warnings in generated code by adding the @SuppressWarnings annotation manually. (This can also be done automatically, see the Suppressing Warnings section above.)

This can be done at the class or method level. Adding the appropriate annotations to classes or methods can prevent extraneous warnings, and can be as fine-grained as desired. For example the following:

@Test
  @SuppressWarnings("java:S5785")
  public void testEquals5() {

suppresses all warnings for JUnit assertTrue/assertFalse should be simplified to the corresponding dedicated assertion in the testEquals5 method.

Note that codes for the appropriate warnings from SonarQube can be found in the SonarQube information about a warning e.g. java:S5785, as shown below: