Azure DevOps
Introduction to SonarQube Server integration with Azure DevOps.
The integration is compatible with both Azure DevOps Server and Azure DevOps Services.
To bind your SonarQube Server instance to Azure DevOps, see Binding to Azure DevOps.
Key features
With this integration, you’ll be able to:
Import your Azure DevOps repositories into SonarQube Server to easily set up SonarQube Server projects.
Smoothly integrate your SonarQube Server analysis into your Azure build pipeline with our Azure DevOps Extension. This includes multi-branch analysis features.
Report the analysis’ quality gate status right in Azure Pipeline’s Build Summary page.
Report your quality gate status to your merge requests: see your quality gate and code metric results right in Azure Pipeline’s Build Summary page so you know if it’s safe to merge your changes; prevent pull request merges when the quality gate fails.
Use your SonarQube quality gate status to block your Azure DevOps release pipeline.
View issues detected on a pull request in Azure DevOps. Each issue will be a comment on the Azure DevOps pull request. If you change the status of an issue in SonarQube Server, that status change is immediately reflected in the Azure DevOps interface.
Check out this video on SonarQube Server integration with Azure DevOps.
Integration solution overview
Integration is performed at two levels:
Global: Within your SonarQube instance, an “Azure DevOps Configuration” record is used to manage the SonarQube access to your Azure DevOps Services organization or Azure DevOps Server collection. This record stores:
Your organization’s or collection’s URL.
An Azure DevOps Personal Access Token (PAT) which is used by SonarQube to access your Azure DevOps Services organization or Azure DevOps Server collection. This PAT is usually created from a dedicated technical account.
Project: A project administrator must provide Azure DevOps PAT to import their Azure DevOps repository to SonarQube. SonarQube stores this PAT in its database, enabling it to list and import the repositories the administrator can access.
It means that SonarQube uses two different Azure DevOps PATs:
The global PAT to access your organization or collection in order to import repositories or report the quality gate status in Azure Pipelines.
The project PAT to check the user's permissions on repositories when a user imports Azure DevOps repositories.
Related pages
Azure Pipelines (adding analysis to your pipeline)
Last updated
Was this helpful?