This version of the SonarQube documentation is no longer maintained. It relates to a version of SonarQube that is not active.

Azure Pipelines integration overview

The Azure DevOps Extension for SonarQube Server is used to manage the integration of SonarQube Server with Azure Pipelines.

It allows:

  • Integrating smoothly SonarQube analysis into your Azure build pipeline. This includes multi-branch analysis features.

  • Reporting the analysis’ quality gate status right in Azure Pipeline’s Build Summary page.

  • Checking the SonarQube quality gate status in your Azure release pipeline.

For general information about the SonarQube Server analysis integration into a CI pipeline, see SonarQube Server analysis overview.

Extension modes

The Azure DevOps extension for SonarQube Server can run in one of the following modes depending on your project type:

The Azure DevOps Extension for SonarQube Server embeds the last compatible version of the SonarScanner for .NET and SonarScanner CLI, which is used by default.

In Maven/Gradle mode, your build task downloads the SonarScanner for Maven or Gradle from the SonarSource binaries site.

In very particular situations, you may not want to use the extension’s default version but a specific previous version of the SonarScanner for .NET or CLI. In such a case, you can configure your Azure build pipeline to download this specific version from the SonarSource binaries site (see Using various features).

SonarQube tasks used in the pipeline definition

The SonarQube Server analysis is integrated into your Azure build pipeline by adding the following SonarQube tasks to your build pipeline definition:

  • Prepare Analysis Configuration

  • Run Code Analysis This task starts the SonarScanner for .NET or CLI. In the Maven/Gradle mode, it is replaced by a Maven or Gradle task that downloads the SonarScanner for Maven or Gradle, respectively.

  • Publish Quality Gate Result With this task, the quality gate status and a link to SonarQube Server are shown in the Azure Pipeline’s Build Summary page.

The Publish Quality Gate Result task can significantly increase the overall build time because it will poll SonarQube until the analysis is complete.

Analysis process overview

The figure below shows the analysis’s main steps with the example of a .NET project :

  1. The pipeline’s Run Code Analysis task starts the SonarScanner for .NET embedded in the Azure DevOps Extension for SonarQube Server. (The SonarScanner then downloads its binaries from the server as explained in Scanner engine and analyzers download in SonarQube Server analysis overview.)

  2. Once the analysis is complete, the scanner sends the results to SonarQube Server.

  3. SonarQube Server sends the quality gate status to Azure DevOps. This information is processed through the pipeline’s Publish Quality Gate Result task.

The SonarScanner for .NET is invoked twice during the build pipeline in Azure DevOps.

Last updated

Was this helpful?