Azure Pipelines integration overview

The Azure DevOps extension for SonarQube Cloud makes use of specific tasks to define steps in your pipeline. This page also includes details about the extension modes and your analysis process.

The Azure DevOps extension for SonarQube Cloud is used to manage the integration of SonarQube Cloud with Azure Pipelines. It allows:

  • Integrating smoothly SonarQube analysis into your Azure build pipeline. This includes multi-branch analysis features.

  • Reporting the analysis’ quality gate status right in Azure Pipeline’s Build Summary page.

  • Checking the SonarQube quality gate status in your Azure release pipeline.

  • Monitoring the quality gate status of your projects directly in your Azure DevOps dashboard with the quality gate status widget.

Extension modes

The Azure DevOps extension for SonarQube Cloud can run in one of the following modes depending on your project type:

The Azure DevOps extension for SonarQube Cloud embeds the last compatible version of the SonarScanner for .NET and SonarScanner CLI, which is used by default.

In Maven/Gradle mode, your build task downloads the SonarScanner for Maven or Gradle from the SonarSource binaries site.

In very particular situations, you may not want to use the extension’s default version but a specific previous version of the SonarScanner for .NET or CLI. In such a case, you can configure your Azure build pipeline to download this specific version from the SonarSource binaries site (see Using various features).

SonarQube tasks used in the pipeline definition

The SonarQube Cloud analysis is integrated into your Azure build pipeline by adding the following SonarQube tasks to your build pipeline definition:

  • Prepare Analysis Configuration

  • Run Code Analysis This task starts the SonarScanner for .NET or CLI. In the Maven/Gradle mode, it is replaced by a Maven or Gradle task that downloads the SonarScanner for Maven or Gradle, respectively.

  • Publish Quality Gate Result With this task, the quality gate status and a link to SonarQube Cloud are shown in the Azure Pipeline’s Build Summary page.

Analysis process overview

The figure below shows the analysis’s main steps with the example of a .NET project :

  1. The Prepare Analysis Configuration task starts the Begin step: the SonarScanner for .NET prepares the analysis by gathering all of the parameters and resources needed to analyze your project.

  2. The rules configured in your SonarQube quality profile are run during the build step. The SonarScanner for .NET collects the analysis data while your project is being built.

  3. The Run Code Analysis task starts the End step: the SonarScanner for .NET collects and prepares the analysis results which will be sent to SonarQube.

  4. The SonarScanner for .NET sends the analysis results to SonarQube (Server, Cloud) or SonarQube Community Build for further processing.

  5. SonarQube (Server, Cloud) or SonarQube Community Build sends the quality gate status to Azure DevOps where it can be used in your pipeline through the Publish Quality Gate Result task.

The SonarScanner for .NET is invoked twice during the build pipeline in Azure DevOps.

Related pages

PreviousIntroductionNextSetting up project integration

Last updated

Was this helpful?