Azure DevOps

With a bound project, SonarQube Cloud offers numerous analysis reporting features that are supported in Azure DevOps. This page explains how to set them up.

Once your Azure DevOps organization has been imported to SonarQube Cloud, you can create and set up your project by importing your Azure DevOps repository. The created SonarQube Cloud project is bound to its Azure DevOps repository, see Binding with the DevOps platform for more details. To bind an unbound project, see Binding an unbound project to a repository.

Setting up pull request integration with Azure DevOps

With a bound project, SonarQube Cloud can:

  • Report the quality gate status and analysis metrics to your pull requests in Azure DevOps.

  • Show issues detected on a pull request in Azure DevOps. Each issue will be a comment on the Azure DevOps pull request. If you change the status of an issue in SonarQube Cloud, that status change is immediately reflected in the Azure DevOps interface.

The number of comments posted in the timeline of a pull request is limited to 50.

If this limit has been reached, a message will be displayed as a comment, with a link to the rest of the issues on SonarQube Cloud. This comment will not disappear upon resolution of an issue, but only upon a new build, with less than 50 issues remaining.

To set up the pull request analysis:

  1. See Prerequisites for CI-based analysis for more information.

  2. Enable the pull request analysis on the target branch: see below.

  3. If you don't use an integrated CI tool like Azure Pipelines, you must set up the pull request parameters manually. See Pull request analysis for more details.

  4. You can prevent the pull request merge if the quality gate fails: see below.

Enabling pull request analysis on target branch for unbound projects only

If you have a bound project, stop. Do not follow the instructions below because you already have an Azure Personal Access Token (PAT) assigned at the organization level. To update the organization PAT on a bound project, see these instructions: Changing the token used to connect to GitLab or Azure DevOps organization

If you created a project manually without linking to an Azure DevOps repository (known as an unbound project), you can set the Azure PAT at the project level by following these steps.

  1. on the Branch policies page of your target branch, add a build validation policy.

  2. Create an Azure DevOps Personal Access Token having a Code (read and write) scope.

  3. In SonarQube Cloud, set this token by navigating to Your Project > Administration > General Settings > Pull Requests > Integration with Azure DevOps Services.

Preventing pull request merges when the quality gate fails

To prevent the merge of pull requests when the quality gate fails, proceed as follows (you can also watch this video for a quick overview of the procedure):

  1. Go to the Branch policies page of your main branch.

  2. Under Require approval from additional services, select Add status policy.

  3. In the Status to check dropdown, select SonarQube/quality gate.

  4. Then choose the option depending on your need:

    • Optional: Users will be able to merge a pull request even if the quality gate fails.

    • Required: Users will not be able to merge a pull request unless the quality gate passes.

  5. Select Save.

This feature is not supported for projects on a monorepo.

Related pages

PreviousGitLabNextSetting user permissions

Last updated

Was this helpful?