Start FreeLog in
SonarQube Cloud | Getting started with SonarQube Cloud | Analyzing Azure DevOps projects

Getting started with Azure DevOps

On this page

If your code is on Azure DevOps, you can benefit from SonarQube Cloud's integration with Azure DevOps.

Key features of Azure DevOps integration

SonarQube Cloud's integration with Azure DevOps allows you to maintain code quality and security in your Azure DevOps repositories. It is compatible with both Azure DevOps Server and Azure DevOps Services.

With this integration, you'll be able to:

  • Sign in to SonarQube Cloud with your Azure DevOps credentials.
  • Import your Azure DevOps repositories into SonarQube Cloud to easily set up SonarQube Cloud projects.
  • Integrate smoothly SonarQube Cloud analysis into your Azure build pipeline with the Azure DevOps extension for SonarQube. This includes multi-branch analysis features.
  • Report the analysis' quality gate status right in Azure Pipeline's Build Summary page.
  • Prevent pull request merges when the quality gate fails.
  • View issues detected on a pull request in Azure DevOps.
    Each issue will be a comment on the Azure DevOps pull request. If you change the status of an issue in SonarQube Cloud, that status change is immediately reflected in the Azure DevOps interface.  
Azure DevOps integration overview

Sign up to SonarQube Cloud

Go to the SonarQube Cloud product page and choose Set up or Login, then select Azure DevOps from the list of DevOps cloud platforms.

You will be taken to the Microsoft login page. Sign in using your Microsoft credentials.

Setting up a new SonarQube Cloud account with your Azure DevOps service requires that you be logged into both instances because there is some back-and-forth involved between the two platforms.

With an existing Azure DevOps service, you will start by opening a new SonarQube Cloud account, creating a SonarQube Cloud Organization, and connecting it to Azure with an Azure Personal Access Token. With your PAT in place, importing your repositories and configuring the analysis are the next steps to get things going. 

Once you have successfully logged in, you will see the SonarQube Cloud welcome screen. See below for full, step-by-step instructions.

Set up your organization

In this step, you will create a SonarQube Cloud organization by importing your Azure DevOps organization. SonarQube Cloud is set up to mirror the way that code is organized in Azure DevOps (and other repository providers):

  • Each SonarQube Cloud project corresponds one-to-one with an Azure DevOps project, which resides in its own Git repository.
  • Azure DevOps projects are grouped into Azure DevOps organizations.
  • Each SonarQube Cloud organization corresponds one-to-one with an Azure DevOps organization.

You will be presented with a screen like this:

Check the organization name and key

SonarQube Cloud will suggest a key for your SonarQube Cloud organization. This is a name unique across all organizations within SonarQube Cloud. You can accept the suggestion or change it manually. The interface will prevent you from changing it to an already existing key.

Create and enter the Azure PAT

  1. Create the Personal Access Token (PAT) on the Azure DevOps organization as described in Step 1 of Importing an Azure DevOps organization.
  2. Copy-paste the PAT to Personal Access Token.

Choose a plan

Next, you will be asked to choose a SonarQube Cloud subscription plan. If all the repositories to be analyzed are public on your DevOps platform, you can select the Free plan. When using the Free plan, your code and analysis results will be publicly accessible at sonarcloud.io/explore/projects.

If you want to analyze more than 50k lines of private code, then you need to select the Team or Enterprise plan. Monthly plans offer a 14-day free trial period. Once the 14 days have elapsed, the cost is based on the number of lines of code analyzed. For more information, see Managing your subscription.

Once you have chosen a plan and clicked Create Organization, your SonarQube Cloud organization will be created!

Set up your analysis

Import repositories

The next step is to import the projects (that is, individual git repositories) that you want to analyze (from your Azure DevOps organization) into your newly created SonarQube Cloud organization. A corresponding SonarQube Cloud project will be created for each git repository.

SonarQube Cloud will present a list of the repositories in your Azure DevOps organization. Choose those that you want to import and analyze, then select Set Up to continue.

The selected projects will be imported.

Choose your new code definition

The next step is to set the new code definition (NCD) for your project(s). The NCD is a mandatory step and it defines which part of your code is considered new code. This helps you to focus your attention on the most recent changes to your code and allows you to follow the Clean as You Code methodology.

For more information, check out the About new code page. 

Configure analysis

With Azure DevOps projects the actual analysis is performed in your build environment (cloud CI, local machine, etc.). This means that you must configure your build process to perform the analysis on each build and communicate the results to SonarQube Cloud.

SonarQube Cloud will guide you through a tutorial on how to set up your build environment to perform analysis.

The first step is to select your build environment. SonarQube Cloud will present this page:

If you have no particular preference and are setting up a new project on Azure DevOps, we recommend using Azure DevOps Pipelines as your CI.

SonarQube Cloud’s in-product tutorial assumes that the user has experience setting up pipelines in Azure DevOps and will walk you through most of the process. You can check our documentation if more information is needed to set up your YAML file.

See your analysis results

Your next steps are to check the results of your first analysis and set your new code definition, an important part of implementing a Clean as You Code strategy.


Was this page helpful?

© 2008-2025 SonarSource SA. All rights reserved. SONAR, SONARSOURCE, SONARQUBE, and CLEAN AS YOU CODE are trademarks of SonarSource SA.

Creative Commons License