Gradle or Maven project
Adding the SonarQube Cloud analysis to your Azure build pipeline for Maven or Gradle projects.
The setup is different depending on whether you use YAML or the Azure Classic interface.
The use of the Classic editor is not always possible (e.g. if your code is stored on GitHub).
If you use YAML, SonarSource can provide you with YAML templates or code examples.
Before you start
Before you begin, read Azure Pipelines integration overview.
The prerequisites are:
The Azure DevOps Extension is installed in your Azure DevOps organization: see Azure DevOps Extension.
Your project is created in SonarQube Server (see Creating and configuring your Azure DevOps project) and configured for Azure Pipelines (see Setting up Azure integration for your project).
The pull request and branch analysis are enabled in your pipeline.
Analysis parameters can be set at different levels, see the Configuring the project analysis parameters article. You must define the project key in the Prepare Analysis Configuration task of your pipeline. You may define additional parameters in this task the same way. In that case, these parameters have precedence over parameters defined at the project or global level.
Using YAML
Add the SonarQube analysis run to your build task.
Add the following SonarQube tasks:
Before your build task, add a Prepare Analysis Configuration task.
After your build task, add a Run Code Analysis task.
After the Rune Code Analysis task, add a Publish Quality Gate Result task.
By default, the scanner version used will be the one specified in your Maven/Gradle build configuration, see SonarScanner for Maven or SonarScanner for Gradle. You can overwrite it by using the sqMavenPluginVersionChoice or sonarQubeGradlePluginVersion input in your pipeline’s Execute build task.
See the YAML file example below. See also our YAML pipeline templates. For information about the SonarQube task inputs, check the SonarQube tasks for Azure Pipelines page.
Make sure the SonarQube task version used in your YAML file is the correct one.
For example, in SonarQubePrepare@7, 7 should correspond to the version of the Azure DevOps Extension you’re using.
Using the Classic editor
1. In the Azure DevOps’ Classic editor, create or update your build pipeline.
2. Add a Prepare Analysis Configuration task before your build task:
In SonarQube Server Service Endpoint, select the SonarQube Server service connection you created during setup. Review the Setting up Azure integration for your project page for more information about adding a connection.
Under Choose a way to run the analysis, select Integrate with Maven or Gradle.
Expand the Advanced section and replace the Additional Properties with the following snippet:
3. Add a new Maven or Gradle task:
Under Code Analysis, check Run SonarQube or SonarCloud Analysis.
4. Add a new Publish quality gate result task on your build pipeline summary.
5. Ensure that the pipeline runs automatically for all the branches you want: Under the Triggers tab of your pipeline, select Enable continuous integration and select all the branches for which you want SonarQube Server analysis to run automatically.
6. Save your pipeline.
Related pages
Last updated
Was this helpful?