The new structure of Team Foundation Build gives us a great opportunity to integrate better with your build and release processes in Visual Studio Team Services (VSTS) (formerly VSO) and Team Foundation Server (TFS) on-premises. We have created a public extension you can install into your VSTS account or a TFS 2015 server. The extension contains the following build steps:
For C# and VB.NET projects
- SonarQube Scanner for MSBuild - Begin Analysis
- SonarQube Scanner for MSBuild - End Analysis
All other languages
- SonarQube Scanner CLI
The source of the extension is available in the GitHub SonarQube Scanner for MSBuild repository.
The SonarQube Extension for VSTS/TFS is compatible with TFS 2015 Update 2 and VSTS. It requires SonarQube version 5.6+.
- A SonarQube server (it can be https://sonarqube.com too)
- An agent with MSBuild and Java
You can simply install the extension from the marketplace and follow the instructions below.
After installing the extension, follow the steps below to get it running for your build.
In order to analyze properly your solution you will need to setup a SonarQube Endpoint and edit your current Build Definition.
- Open the Services page in your Visual Studio Team Services Control Panel.
Click the Settings cog icon in the top bar of the project screen and then click the Services menu.
- Click on New Service Endpoint and choose SonarQube.
- Specify a Connection Name, the Server URL of your SonarQube Server (including the port if required) and the Authentication Token to use.
Editing the Build Definition
- Open the Build Definitions page in your Visual Studio Team Services Control Panel.
Click the Build & Release button on the top bar and then the Builds menu.
- Edit an existing Build Definition or create a new one and then click the Add build step... button.
- Select the Build category and then add the appropriate tasks.
- For other language projects, add the SonarQube Scanner CLI task.
Configuring SonarQube Tasks
- SonarQube Server section allows you to define the endpoint (i.e. SonarQube Server instance) to use.
You can either:
- select an existing endpoint from the drop down list
- add a new endpoint
- manage existing endpoints
This is equivalent to setting sonar.host.url, sonar.login and sonar.password arguments on a local call.
SonarQube Project Settings section allows you to specify which SonarQube project to use.
Project Key - the unique project key in SonarQube
Project Name - the name of the project in SonarQube
Project Version - the version of the project in SonarQube
This is the equivalent of setting sonar.projectKey, sonar.projectName and sonar.projectVersion arguments on a local CLI call.
- Advanced section allows to specify advanced features. We advise you to keep the out-of-the-box experience if you are not familiar with these settings.
- Additional Settings - space separated settings using the format: /d:propertyName=propertyValue. Normal command line escaping rules apply
- Settings File - as Additional Settings except you can specify a file that will contains these settings
- Include full analysis report in the build summary - delays the build to wait for SonarQube analysis report
Fail the build on quality gate failure - delays the build to wait for SonarQube analysis report AND make the build to fail if SonarQube quality gate is failure
RemarksInclude full analysis report in the build summary and Fail the build on quality gate failure induce a delay in your build and you might want to disable them for your development CI.
In this scenario, you want to use SonarQube Scanner for MSBuild - Begin Analysis and SonarQube Scanner for MSBuild - End Analysis tasks.
Other language solutions
In this scenario, you want to use SonarQube Scanner CLI task.