Introduction to Azure DevOps integration

The integration is compatible with both Azure DevOps Server and Azure DevOps Services.

Key features

With this integration, you’ll be able to:

• Import your Azure DevOps repositories into SonarQube Server to easily set up SonarQube Server projects.

• Smoothly integrate your SonarQube Server analysis into your Azure build pipeline with our Azure DevOps Extension. This includes multi-branch analysis features. See these pages for ALM-specific instructions for adding your analysis using yaml or the Azure Classic editor:

  • Gradle or Maven project

  • .NET project

  • C family project

  • JS, TS, Go, Python, PHP, etc. project

  • Monorepo projects

• Report the analysis’ quality gate status right in Azure Pipeline’s Build Summary page.

• Prevent pull request merges when the quality gate fails.

• View issues detected on a pull request in Azure DevOps. Each issue will be a comment on the Azure DevOps pull request. If you change the status of an issue in SonarQube Server, that status change is immediately reflected in the Azure DevOps interface.

Integration solution overview

Integration is performed at two levels:

• Global: Within your SonarQube instance, an “Azure DevOps Configuration” record is used to manage the SonarQube access to your Azure DevOps Services organization or Azure DevOps Server collection. This record stores:

  • Your organization’s or collection’s URL.

  • An Azure DevOps Personal Access Token (PAT) which is used by SonarQube to access your Azure DevOps Services organization or Azure DevOps Server collection. This PAT is usually created from a dedicated technical account.

• Project: A project administrator must provide Azure DevOps PAT to import their Azure DevOps repository to SonarQube. SonarQube stores this PAT in its database, enabling it to list and import the repositories the administrator can access.

It means that SonarQube uses two different Azure DevOps PATs:

• The global PAT to access your organization or collection in order to import repositories or report the quality gate status in Azure Pipelines.

• The project PAT to check the user's permissions on repositories when a user imports Azure DevOps repositories.

Related pages

• Azure Pipelines integration overview

• Setting up Azure DevOps integration at global level

• Creating and configuring your Azure DevOps project

• Setting up Azure integration for your project

• Adding analysis to Azure pipeline

• Troubleshooting analysis