Start Free
9.9 | Analyzing source code | Scanners | SonarQube extension for Azure DevOps

SonarQube extension for Azure DevOps

On this page

The SonarQube Extension for Azure DevOps makes it easy to integrate analysis into your build pipeline. The extension allows the analysis of all languages supported by SonarQube.

Requirements

SonarQube extension for Azure DevOps v7.x.x

Allowable values for the scannerMode required property have changed. Please use the following in your @7 tasks:

  • dotnet for the SonarScanner for .NET
  • cli for the SonarScanner CLI
  • other to integrate with Maven or Gradle

To take advantage of cashing your SonarScanner version, there are a few required inputs for your pipeline. Please see the Caching your SonarScanner download article for details.

Version @6 tasks were deprecated in v7.0 and will be dropped in a subsequent release.

Compatibility

The SonarQube extension for Azure DevOps 6.x is compatible with:

The SonarQube extension for Azure DevOps 5.x is compatible with:

  • Azure DevOps Server 2019 (including Express editions)
  • Azure DevOps Server 2020 (including Express editions)
  • Azure DevOps Server 2022
  • Azure DevOps Services

The SonarQube extension for Azure DevOps 4.x is compatible with:

  • TFS 2017 Update 2+ (including Express editions)
  • TFS 2018 (including Express editions)

Analysis

For information on setting up analysis with the SonarQube Extension for Azure DevOps, see the Azure DevOps DevOps Platform integration page.

Previous versions

As new scanner versions are released, previous requirements and/or planned deprecations will be listed here.

SonarQube extension for Azure DevOps v6.2.x

The current versions of the SonarScanner for .NET and SonarScanner CLI scanners are embedded and depending on your configuration, some additional setup may be required. 

If you want to specify the exact .NET or CLI scanner version, use the the msBuildVersion and cliVersion properties. Please check the Using the Prepare Analysis Configuration task on the Azure DevOps integration page for details.

When specifying a particular scanner version, internet access is required by the pipelines calling the .NET or CLI scanners:

  • Access to github.com is required to download the SonarScanner for .NET. The GitHub URL and its HTTP redirect, objects.githubusercontent.com, should be whitelisted.
  • Access to binaries.sonarsource.com is required to download the SonarScanner CLI. The Sonar binaries should be whitelisted.

For users running on-premise or using self-hosted agents, the minimum agent version for SonarQube v6 tasks is 3.218.0.

in v6.0.1

  • Version @5 tasks were deprecated in v6.0.1 and will be dropped in a subsequent release.

SonarQube extension for Azure DevOps v5.x.x

  • Version @5 tasks were deprecated in v6.0.1 and will be dropped in a subsequent release.
  • For users running on-premise or using self-hosted agents, the minimum agent version for SonarQube version @5 tasks is 2.114.0.

Was this page helpful?

© 2008-2024 SonarSource SA. All rights reserved. SONAR, SONARSOURCE, SONARLINT, SONARQUBE, SONARCLOUD, and CLEAN AS YOU CODE are trademarks of SonarSource SA.

Creative Commons License