Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 10 Next »

The new structure of Team Foundation Build gives us a great opportunity to integrate better with your build and release processes from Visual Studio Team Services (VSTS) (formerly VSO) and on-premises Team Foundation Server (TFS) servers. We have created a public extension you can install into your VSTS account or a TFS 2015 server. The extension contains the following build steps:

For C# and VB.NET projects

  • SonarQube Scanner for MSBuild - Begin Analysis
  • SonarQube Scanner for MSBuild - End Analysis

All other languages

  • SonarQube Scanner CLI

The extension is open-sourced and available in GitHub SonarQube Scanner for MSBuild repository.

Installing the extension

If you're using Visual Studio Team Services (VSTS) or on-premises Team Foundation Server (TFS) 2015 Update 2 (or newer) you can simply install the extension from the marketplace and follow the instructions below.

  • Amaury Leve Add SonarQube Extension marketplace screenshot

After installing the extension, follow the steps below to get it running for your build.


Enable the SonarQube Analysis in the Build Definition


  1. Open the Build Defintions page  in your Visual Studio Team Services Control Panel
    Click the Build & Release button on the top bar and then the Builds menu.

  2. Edit an existing Build Definition or create a new one and then click the Add build step... button.

  3. Select the Build category and then add the appropriate tasks.
    • For C# and VB.NET projects add both SonarQube Scanner for MSBuild - Begin Analysis and SonarQube Scanner for MSBuild - End Analysis tasks.
    • For mixed languages projects including C# or VB.Net projects, add SonarQube Scanner for MSBuild - Begin Analysis, SonarQube Scanner for MSBuild - End Analysis and SonarQube Scanner CLI tasks
    • For other language projects, add the SonarQube Scanner CLI task

  4. Reorder tasks by drag-dropping them so 
    • the SonarQube Scanner for MSBuild - Begin Analysis task is defined before the Visual Studio Build task(or the MSBuild task), 
    • the SonarQube Scanner for MSBuild - End Analysis task after the Visual Studio Test task
    • the SonarQube Scanner CLI task

  5. Follow the task configuration instructions:
    • Configure SonarQube Scanner for MSBuild - Begin Analysis
    • Configure SonarQube Scanner for MSBuild - End Analysis
    • Configure SonarQube Scanner CLI

  6. Click the Save button.

Configure SonarQube Scanner for MSBuild - Begin Analysis

  1. SonarQube Server section allows you to define the endpoint (i.e. SonarQube Server instance) to use.

    You can either:
    • select an existing endpoint from the dropdown list
    • add a new endpoint
    • manage existing endpoints

    This is equivalent to setting and sonar.password arguments on a local call.

  2. SonarQube Project Settings section allows you to specify which SonarQube project to use.

    • Project Key - the unique project key in SonarQube

    • Project Name - the name of the project in SonarQube

    • Project Version - the version of the project in SonarQube

      This is the equivalent of setting  sonar.projectKey, sonar.projectName and sonar.projectVersion arguments on a local CLI call.

  3. Advanced section allows to specify advanced features. We advise you to keep the out-of-the-box experience if you are not familiar with these settings.
    • Additional Settings - space separated settings using the format: /d:propertyName=propertyValue. Normal command line escaping rules apply
    • Settings File - as Additional Settings except you can specify a file that will contains these settings
    • Include full analysis report in the build summary - delays the build to wait for SonarQube analysis report
    • Fail the build on quality gate failure - delays the build to wait for SonarQube analysis report AND make the build to fail if SonarQube quality gate is failure

Configure SonarQube Scanner for MSBuild - End Analysis

Nothing to configure here as the task will use the EndPoint to detect the SonarQube Server instance and the credentials to use.

Configure SonarQube Scanner CLI

The SonarQube for MSBuild Begin Analysis and SonarQube Scanner CLI have similar configuration options.

  1. SonarQube Endpoint - add or choose an existing SonarQube Endpoint. This sets and sonar.password.
  2. Project Key - the unique project key in SonarQube. This sets the sonar.projectKey parameter.
  3. Project Name - the name of the project in SonarQube. This sets the sonar.projectName parameter.
  4. Project Version - the version of the project. This sets the sonar.projectVersion parameter.

  5. Additional Settings and Settings File - choose additional command line arguments or a settings file for the SonarQube analyser. Note that the format is different for SonarQube Scanner CLI and SonarQube for MSBuild.

Add a SonarQube Service Endpoint

  1. Open the Services page in your Visual Studio Team Services Control Panel
    Click the Settings cog icon in the top bar of the project screen and then click the Services menu.

  2. Click on New Service Endpoint and choose SonarQube.
  3. Specify a Connection Name, the Server URL of your SonarQube Server (including the port if required) and the Authentication Token to use.

  • Amaury Leve Add more details about the token. How to get it
    VAL: changed the Authentication Token text above to a link with the correct location...



  • No labels