# Getting started with Azure DevOps {% stepper %} {% step %} ## Sign up 1. Go to [SonarQube Cloud product page](https://www.sonarsource.com/products/sonarqube/cloud/). If you want to use the [US region](https://docs.sonarsource.com/sonarqube-cloud/~/changes/1027/getting-started/getting-started-in-us-region), go to [sonarqube.us](http://sonarqube.us/) instead.
Sign up to SonarQube Cloud using GitHub.
2. Select **Azure DevOps** from the list of DevOps platforms. You will be taken to the Azure DevOps login page. 3. Sign in using your Azure DevOps credentials.\ For prerequisites on your DevOps account’s email address, see [#via-devops-platform](https://docs.sonarsource.com/sonarqube-cloud/~/changes/1027/managing-your-account/signing-in#via-devops-platform "mention"). Your SonarQube Cloud account is created and bound to your DevOps account. For more information, see [Authentication](https://www.sonarsource.com/trust-center/#authentication) in the Trust Center. Once you have successfully logged in, you will be prompted to connect your Azure DevOps organization with SonarQube Cloud and create your SonarQube Cloud organization. {% endstep %} {% step %} ## Create your organization We use an [organization-based structure](https://docs.sonarsource.com/sonarqube-cloud/~/changes/1027/administering-sonarcloud/about-sonarqube-cloud-solution/resources-structure/organization) that mirrors the structure on your chosen DevOps platforms: each SonarQube Cloud organization corresponds one-to-one with a GitHub organization or personal account. A subscription plan is associated one-to-one with a SonarQube Cloud organization. See [subscription-plans](https://docs.sonarsource.com/sonarqube-cloud/~/changes/1027/administering-sonarcloud/managing-subscription/subscription-plans "mention") for a comparison between the different plans. Proceed as follows. For detailed prerequisites and instructions, see [importing-azure-devops-organization](https://docs.sonarsource.com/sonarqube-cloud/~/changes/1027/administering-sonarcloud/managing-organization/creating-organization/importing-azure-devops-organization "mention"). 1. Create the PAT to be used for the organization binding. \ SonarQube Cloud uses an Azure DevOps user account to import your Azure DevOps organization and repositories. You must provide a [Personal Access Token](https://docs.microsoft.com/en-us/azure/devops/organizations/accounts/use-personal-access-tokens-to-authenticate?view=tfs-2017\&tabs=preview-page) (PAT) from this account. 2. Select **Import an organization from Azure DevOps**. 3. Paste the PAT you created to **Personal Access Token**. 4. Check the organization details. 5. Select the subscription plan 6. Create your organization. A new page opens. 7. Select **Analyze a new project** and go to the next step below. {% hint style="info" %} * The organization creator becomes the organization admin. To set up the organization permissions, see [organization-permissions](https://docs.sonarsource.com/sonarqube-cloud/~/changes/1027/administering-sonarcloud/managing-organization/users-and-permissions/organization-permissions "mention"). * Consider upgrading to [Enterprise](https://docs.sonarsource.com/sonarqube-cloud/administering-sonarcloud/managing-subscription/subscription-plans) so you can benefit from many features, in particular SSO and SCIM. See [setup](https://docs.sonarsource.com/sonarqube-cloud/~/changes/1027/administering-sonarcloud/enterprise-security/sso-and-provisioning/setup "mention"). {% endhint %} {% endstep %} {% step %} ## Import your repositories You can now import the existing projects (that is, individual Git repositories) that you want to analyze from your Azure DevOps organization into your newly created SonarQube Cloud organization. A corresponding, one-to-one SonarQube Cloud project will be created for each imported repository. Proceed as follows (you need the Create Projects permission in your organization): 1. Select the repositories you want to import and select the **Set up** button.
Select your repository(ies) and select the Set up button.
2. Select the new code definition for your new project(s). For more information about this definition, see [about-new-code](https://docs.sonarsource.com/sonarqube-cloud/~/changes/1027/standards/about-new-code "mention").\ Note that the new code definition you apply at this stage will apply to all of the projects you have selected for import. You can change your new code definition later on a per-project basis (see [configuring-new-code-calculation](https://docs.sonarsource.com/sonarqube-cloud/~/changes/1027/managing-your-projects/project-analysis/configuring-new-code-calculation "mention")).
Select a new code definition option for your project.
3. Create your project(s). {% hint style="info" %} The project creator becomes the project admin. To set up the project permissions, see [setting-permissions](https://docs.sonarsource.com/sonarqube-cloud/~/changes/1027/managing-your-projects/administering-your-projects/setting-permissions "mention"). {% endhint %} {% hint style="info" %} When you import a project that is eligible for automatic analysis, SonarQube Cloud automatically creates a set of webhooks for your Azure DevOps repository. These webhooks are used to trigger [automatic analysis](https://docs.sonarsource.com/sonarqube-cloud/~/changes/1027/analyzing-source-code/automatic-analysis) in the repository whenever code is pushed, or pull requests are created, and are visible in your Azure DevOps project settings, under **Service hooks**. {% endhint %} {% endstep %} {% step %} ## Set up your project analysis For Azure DevOps repositories, there are two analysis methods available: Automatic analysis and CI-based analysis. ### Automatic analysis If a project qualifies for automatic analysis, SonarQube Cloud will start the analysis of the project’s main branch and of the most recent active pull requests automatically, and the results will appear shortly after. See [Automatic analysis](https://docs.sonarsource.com/sonarqube-cloud/~/changes/1027/analyzing-source-code/automatic-analysis) for more information. ### CI-based analysis If automatic analysis is not supported for your project or you don't want to use it, you’ll need to set up CI-based analysis. The actual analysis is performed in your build environment (for example, on a cloud CI or your local machine). This means that you must configure your build process to perform the analysis on each build and communicate the results to SonarQube Cloud. SonarQube Cloud will guide you through a tutorial on how to set up your build environment to perform analysis. For more information, see [azure-pipelines](https://docs.sonarsource.com/sonarqube-cloud/~/changes/1027/analyzing-source-code/ci-based-analysis/azure-pipelines "mention"). To understand the SonarQube analysis principles, see [analysis-process-overview](https://docs.sonarsource.com/sonarqube-cloud/~/changes/1027/discovering-sonarcloud/analysis-process-overview "mention"). ### About the SonarQube Cloud analysis The SonarScanner performs the automated source code analysis as part of your code review process. This stand-alone program runs on the CI/CD host and sends the analysis results to SonarQube Server, which computes them, calculates the quality gate, and generates reports. To perform the analysis, the SonarScanner uses the [Sonar analyzers](https://docs.sonarsource.com/sonarqube-cloud/~/changes/1027/discovering-sonarcloud/overview) that it downloads from SonarQube Cloud at installation. The Sonar Solution offers SonarScanners that integrate with the following build systems: Gradle, Maven, .NET, NPM, and Python. For other project types, the SonarScanner CLI which requires more manual configuration is used. For more information about integrated CI tools and SonarScanners, see [ci-based-analysis](https://docs.sonarsource.com/sonarqube-cloud/~/changes/1027/analyzing-source-code/ci-based-analysis "mention") ### Setting up the pull request analysis By setting up pull request analysis, you ensure pull requests are analyzed when they are opened and every time a change is pushed to the pull request branch. To do so, you must add the SonarQube Cloud analysis to your CI pipeline. * To learn more about pull request analysis, see [pull-request-analysis](https://docs.sonarsource.com/sonarqube-cloud/~/changes/1027/analyzing-source-code/pull-request-analysis "mention"). * To integrate SonarQube Cloud analysis into your Azure pipeline, see [azure-pipelines](https://docs.sonarsource.com/sonarqube-cloud/~/changes/1027/analyzing-source-code/ci-based-analysis/azure-pipelines "mention"). You can also configure pull request decoration to allow your developers to view the analysis from SonarQube Cloud directly on the pull requests they submit. * To learn more about the Azure DevOps integration features, see [azure-devops](https://docs.sonarsource.com/sonarqube-cloud/~/changes/1027/managing-your-projects/issues/in-devops-platform/azure-devops "mention"). * To set up your project integration with Azure DevOps, see [azure-devops](https://docs.sonarsource.com/sonarqube-cloud/~/changes/1027/managing-your-projects/administering-your-projects/devops-platform-integration/azure-devops "mention"). {% endstep %} {% step %} ## Connect with SonarQube for IDE SonarQube for IDE is a free IDE extension that integrates with SonarQube Cloud. Like a spell checker, SonarQube for IDE highlights issues as you type. Install SonarQube for IDE to leverage the power of SonarQube in your IDE. To do so, see [connected-mode](https://docs.sonarsource.com/sonarqube-cloud/~/changes/1027/analyzing-source-code/connected-mode "mention"). {% endstep %} {% step %} ## View your analysis results
The Project Overview page.
### Review your project’s quality gate The purpose of Quality gates is to tell you whether your code is good enough to be pushed to the next step: * For the main branch and other long-lived branches, the quality gate answers the question: "Can I release my code today?" * For pull requests (and short-lived branches), the quality gate answers the question: "Can I merge this pull request?" By keeping an eye on the quality gates, the decision makers can quickly judge the status of code and decide what to do next. For more information, see [quality-gates](https://docs.sonarsource.com/sonarqube-cloud/~/changes/1027/standards/quality-gates "mention"). ### Review your issues An analysis detects an issue as a problem in your code. When a coding rule is broken, an issue is raised. Each issue affects one or more software qualities with a varying impact level, called severity, as inherited from the rule. For more information about rules, see [managing-rules](https://docs.sonarsource.com/sonarqube-cloud/~/changes/1027/standards/managing-rules "mention"). To review your issues, see [issues](https://docs.sonarsource.com/sonarqube-cloud/~/changes/1027/managing-your-projects/issues "mention") {% endstep %} {% step %} ## Adjust your project setup The analysis performed by the SonarScanner is configured through analysis parameters. The following applies: * A few analysis parameters are mandatory. * Many analysis parameters, such as those defining the analysis scope, have a default value and can be adjusted. * Analysis parameters allow you to include the code and test coverage in your analysis, or to import issues generated by a third-party analyzer, etc. SonarQube Server manages the analysis parameters through sonar properties (The sonar property key has the following syntax: `sonar.`.). You can configure the analysis parameters in different places. For more information, see [configuration-overview](https://docs.sonarsource.com/sonarqube-cloud/~/changes/1027/analyzing-source-code/analysis-parameters/configuration-overview "mention"). You can: * Adjust your analysis scope, see [setting-analysis-scope](https://docs.sonarsource.com/sonarqube-cloud/~/changes/1027/managing-your-projects/project-analysis/setting-analysis-scope "mention"). * Implement test coverage, see [test-coverage](https://docs.sonarsource.com/sonarqube-cloud/~/changes/1027/analyzing-source-code/test-coverage "mention"). * Import external analyzer reports, see [external-analyzer-reports](https://docs.sonarsource.com/sonarqube-cloud/~/changes/1027/analyzing-source-code/importing-external-issues/external-analyzer-reports "mention"). * Define a Long-lived branch pattern, see [long-lived-branch-pattern](https://docs.sonarsource.com/sonarqube-cloud/~/changes/1027/managing-your-projects/project-analysis/long-lived-branch-pattern "mention"). * Change the new code definition applied to your project, see [configuring-new-code-calculation](https://docs.sonarsource.com/sonarqube-cloud/~/changes/1027/managing-your-projects/project-analysis/configuring-new-code-calculation "mention"). * Change the quality gate assigned to your project, see [changing-quality-gate](https://docs.sonarsource.com/sonarqube-cloud/~/changes/1027/managing-your-projects/project-analysis/changing-quality-gate "mention"). * Change the quality profiles assigned to your project, see [quality-profile-association](https://docs.sonarsource.com/sonarqube-cloud/~/changes/1027/managing-your-projects/project-analysis/quality-profile-association "mention") {% endstep %} {% step %} ## Check out security reports and portfolios Managers and tech leads can check out the security reports and portfolios features to begin monitoring the security and releasability of projects. For more information, see [viewing-enterprise-reports](https://docs.sonarsource.com/sonarqube-cloud/~/changes/1027/getting-started-with-enterprise/viewing-enterprise-reports "mention"). {% endstep %} {% endstepper %} ## Related pages * [azure-devops](https://docs.sonarsource.com/sonarqube-cloud/~/changes/1027/discovering-sonarcloud/integration-with-devops-platforms/azure-devops "mention") (integration solution overview) * [importing-azure-devops-organization](https://docs.sonarsource.com/sonarqube-cloud/~/changes/1027/administering-sonarcloud/managing-organization/creating-organization/importing-azure-devops-organization "mention") * [setting-up-project](https://docs.sonarsource.com/sonarqube-cloud/~/changes/1027/managing-your-projects/administering-your-projects/setting-up-project "mention") * [azure-devops](https://docs.sonarsource.com/sonarqube-cloud/~/changes/1027/managing-your-projects/administering-your-projects/devops-platform-integration/azure-devops "mention") * [azure-pipelines](https://docs.sonarsource.com/sonarqube-cloud/~/changes/1027/analyzing-source-code/ci-based-analysis/azure-pipelines "mention") * [getting-started-in-us-region](https://docs.sonarsource.com/sonarqube-cloud/~/changes/1027/getting-started/getting-started-in-us-region "mention") ## Related online learning * :desktop: [Initial SonarQube Cloud set up with Azure DevOps](https://www.sonarsource.com/learn/course/sonarqube-cloud/03584daa-8cd6-4825-be83-4ca3b0e73078/initial-sonarqube-cloud-set-up-with-azure-devops) * :desktop: [Configuring code analysis for SonarQube Cloud with Azure Pipelines](https://www.sonarsource.com/learn/course/sonarqube-cloud/d77cd975-f3c7-4ee9-bda5-9e25447d1c9b/configuring-code-analysis-for-sonarqube-cloud-with-azure-pipelines) * :desktop: [Configuring pull request decoration for SonarQube Cloud using Azure DevOps](https://www.sonarsource.com/learn/course/sonarqube-cloud/4a81488c-81ec-4479-8f93-e7bda1a00351/configuring-pull-request-decoration-for-sonarqube-cloud-using-azure-devops)