circle-exclamation
We've updated our static IP addresses. GitHub Enterprise users should update their allowlists.
chevron-right
search
Start FreeLogin

Setting up Azure DevOps integration for your project

With a bound project, SonarQube Cloud offers numerous analysis reporting features that are supported in Azure DevOps. This page explains how to set them up.

Once your Azure DevOps organization has been imported to SonarQube Cloud, you can create and set up your project by importing your Azure DevOps repository. The created SonarQube Cloud project is bound to its Azure DevOps repository, see Binding with the DevOps platform for more details. To bind an unbound project, see Binding an unbound project to a repository.

hashtag
Setting up pull request integration with Azure DevOps

With a bound project, SonarQube Cloud can:

  • Report the quality gate status and analysis metrics to your pull requests in Azure DevOps.

  • Show issues detected on a pull request in Azure DevOps. Each issue will be a comment on the Azure DevOps pull request. If you change the status of an issue in SonarQube Cloud, that status change is immediately reflected in the Azure DevOps interface.

circle-info

The number of comments posted in the timeline of a pull request is limited to 50.

If this limit has been reached, a message will be displayed as a comment, with a link to the rest of the issues on SonarQube Cloud. This comment will not disappear upon resolution of an issue, but only upon a new build, with less than 50 issues remaining.

To set up the pull request analysis:

  1. See Prerequisites for CI-based analysis for more information.

  2. Enable the pull request analysis on the target branch: see below.

  3. If you don't use an integrated CI tool like Azure Pipelines, you must set up the pull request parameters manually. See Analysis parameters for more details.

  4. You can prevent the pull request merge if the quality gate fails: see below.

chevron-rightEnabling pull request analysis on target branch for unbound projects onlyhashtag
circle-exclamation

If you have a bound project, stop. Do not follow the instructions below because you already have an Azure Personal Access Token (PAT) assigned at the organization level. To update the organization PAT on a bound project, see these instructions: Changing the token used to connect to GitLab or Azure DevOps organization

If you created a project manually without linking to an Azure DevOps repository (known as an unbound project), you can set the Azure PAT at the project level by following these steps.

  1. On the Branch policies page of your target branch, add a build validation policyarrow-up-right.

  2. Create an Azure DevOps Personal Access Token having a Code (read and write) scope.

  3. In SonarQube Cloud, set this token by navigating to Your Project > Administration > General Settings > Pull Requests > Integration with Azure DevOps Services.

chevron-rightPreventing pull request merges when the quality gate failshashtag

To prevent the merge of pull requests when the quality gate fails, proceed as follows (you can also watch this videoarrow-up-right for a quick overview of the procedure):

  1. Go to the Branch policies page of your main branch.

  2. Under Require approval from additional services, select Add status policy.

  3. In the Status to check dropdown, select SonarQube/quality gate.

  4. Then choose the option depending on your need:

    • Optional: Users will be able to merge a pull request even if the quality gate fails.

    • Required: Users will not be able to merge a pull request unless the quality gate passes.

  5. Select Save.

circle-info

This feature is not supported for projects on a monorepo.

hashtag
Related pages

PreviousSetting up GitLab integration for your projectNextSetting user permissions

Last updated

Was this helpful?