Getting started with Azure DevOps

If your code is on GitLab, go to the SonarCloud product page and choose Set up or Login, then select GitLab from the list of DevOps cloud platforms. 

Select Bitbucket from the list of SCM cloud platforms.Select Azure DevOps to sign in to SonarCloud.

You will be taken to the Microsoft login page. Sign in using your Microsoft credentials.

Welcome to SonarCloud

Once you have successfully logged in, you will see the SonarCloud welcome screen.

Select Import an organization from Azure to bring your projects into SonarCloud .

Welcome to SonarCloud for the first time.

Set up your organization

Connect your Azure DevOps organization with SonarCloud

You will be presented with a screen like this:

Enter your Azure organization.

You need to enter the name of your Azure DevOps organization and a personal access token created in that organization.

To create the token, go to your Azure DevOps organization to User settings > Personal access tokens, then select + New token.

Create a new personal access token in Azure.

On the next page, under Scopes, make sure that you specify at least the scope Code > Read & write.

Set the scope of your new token to Read & write.

Then click Create to generate the token.

When the personal access token is displayed, copy it and paste it into the field in the SonarCloud setup page.

Additionally, in your Azure DevOps organization, you will need to ensure that Azure Active Directory Conditional Access Policy Validation is disabled. Go to Organization Settings > Security > Policies > Enable Azure Active Directory Conditional Access Policy Validation and ensure that the feature is turned off.

Create your SonarCloud organization

SonarCloud is set up to mirror the way that code is organized in Azure DevOps (and other repository providers):

  • Each SonarCloud project corresponds one-to-one with an Azure DevOps project, which resides in its own Git repository.
  • Azure DevOps projects are grouped into Azure DevOps organizations.
  • Each SonarCloud organization corresponds one-to-one with an Azure DevOps organization.

In this step, you will create a SonarCloud organization that corresponds to your Azure DevOps organization.

SonarCloud will suggest a key for your SonarCloud organization. This is a name unique across all organizations within SonarCloud. You can accept the suggestion or change it manually. The interface will prevent you from changing it to an already existing key.

Choose a plan

Next, you will be asked to choose a SonarCloud subscription plan. If all the repositories to be analyzed are public on Azure DevOps, you can select the free plan. When using the free plan, your code and analysis results will be publicly accessible at sonarcloud.io/explore/projects.

If you want to analyze one or more private repositories then you need to select a paid plan. All paid plans offer a 14-day free trial period. Once the 14 days have elapsed, the cost is based on the number of lines of code analyzed.

Once you have chosen a plan and clicked Create Organization, your SonarCloud organization will be created!

Set up your analysis

Import repositories

The next step is to import the projects (that is, individual Git repositories) that you want to analyze from your Azure DevOps organization into your newly created SonarCloud organization, creating a corresponding SonarCloud project for each.

SonarCloud will present a list of the repositories in your Azure DevOps organization. Select those that you want to import and analyze and select Set Up.

Choose the repositories that you want to import into SonarCloud.

The selected projects will be imported.

Configure analysis

With Azure DevOps projects the actual analysis is performed in your build environment (cloud CI, local machine, etc.). This means you have to configure your build process to perform the analysis on each build and communicate the results up to SonarCloud.

SonarCloud will guide you through a tutorial on how to set up your build environment to perform analysis.

The first step is to select your build environment. SonarCloud will present this page:

Choose your CI method.

If you have no particular preference and are setting up a new project on Azure DevOps, we recommend using Azure DevOps Pipelines as your CI.

Follow the tutorial to set up your analysis.

See your analysis results

Once your analysis is complete, SonarCloud will display your analysis results.

A newly imported project will not be computed until changes are made in the code.

Once it is complete, you can view the results of your first analysis.

© 2008-2022, SonarCloud by SonarSource SA. All rights reserved.