🔏
Azure Serverless Quickstart
  • Introduction
  • Initial Setup
    • Workstation Installs
    • Codebase
      • Directory Structure
      • User Interface Project
        • Configuring StoryBook
        • Configure Tailwind
        • Configure Craco
        • -Architectural Decision Log
      • Data Access Project
        • DDD
      • Untitled
      • Full Stack Debugging
      • Creating GitHub Project
    • Infrastructure
      • Configure Session Behavior
      • Create AAD Tenant
      • Resource Group
      • Create AAD B2C Instance
        • Identity Experience Framework
        • Configure Session Behavior
      • Storage Account & CDN
        • CDN Rules
        • Configure Azure BLOB Storage
      • App Insights
        • Create AppInsight Account
        • Apollo GraphQL App Insights Configuration
      • CosmosDB
      • Twilio SendGrid
      • KeyVault
      • Function
      • Function App Settings
      • Front Door
      • DevOps
      • Optional Items
        • Azure Data Factory
      • Azure Event Hub
    • CICD and Source Control
      • Azure DevOps
      • SonarCloud
        • Incorporate into Yaml
      • Chromatic
      • User Interface YAML
      • CICD for Data Access
        • Create Pipeline
        • Data Access YAML
  • Application Structure
    • Connect Apollo
      • Apollo Overview
      • Create Apollo Component
    • MongoDB Integration
      • Mappings
      • Directory Structure
      • Apollo Connection
      • Models
      • Queries Mutations and Subscriptions
      • Caching Reponses
    • Integrating GraphQL Tools
      • GraphQL Code Generator
    • Feature Flags
      • Flag Structure & Storage
      • Website Integration
      • Apollo Integration
      • Tips and Techniques
      • Alternative Approaches
    • React Router
    • Adding Authentication
      • Create AAD Applications
      • Configure AAD For External Identities
      • Adding MSAL And React
      • Add MSAL to the build
      • Add MSAL to ApolloClient
      • Add MSAL to ApolloServer
    • Ant Design
    • Jest Tests
  • Azure Active Directory Business-to-Consumer (AD B2C)
    • Introduction
    • How to navigate through AD B2C documentation
    • Localization
    • Abbreviations
    • Azure AD B2C Extension
  • Cognitive Search
  • Cost Analysis
  • Technical Architecture
    • Identity and Access Control
  • Adding Functionality
    • Google Analytics
      • Create Analytics
    • DAPR
      • DAPR setup
      • DAPR Services (ignore for now)
        • Identity
  • Patterns and Practices
    • Idempotent Messages
    • Pathways
    • DDD
      • Initial Setup
        • Aggregate Root
        • Entity
        • Value Object
      • Field Types
        • Primitive Types
        • Non-Primitive Types
          • Types.DocumentArray
          • PopulatedDoc
          • Custom Types
      • Example Walkthrough
  • Open Items
    • Issue Tracking
  • Helpful Resources
  • DDD
    • Page 1
  • Experimental
    • StaticWebApp
    • Azure Maps
Powered by GitBook
On this page
  • Introduction
  • Setup SonarCloud
  • Create a SonarCloud Account and Organization:
  • Generate a Security Token
  • Create Projects
  • Setup Azure DevOps
  • Install SonarCloud plug-in into Azure DevOps
  • Add to VS Code

Was this helpful?

  1. Initial Setup
  2. CICD and Source Control

SonarCloud

PreviousAzure DevOpsNextIncorporate into Yaml

Last updated 1 year ago

Was this helpful?

Introduction

SonarCloud helps to create a floor to the acceptable quality of code in a project. SonarCloud is free for public projects, and relatively affordable for private projects, it is a solution worth considering.

The following explains the process for adding SonarCloud to your project:

Setup SonarCloud

Create a SonarCloud Account and Organization:

  • Navigate to the and create an account by logging in with GitHub

  • Click the + icon to the left of your name in the upper right of the screen, and

    • Choose Create an Organization from the menu. (The steps that follow are dependent on what you logged in with, refer to SonarCloud's documentation.)

Generate a Security Token

  • While logged into SonarCloud website:

  • Click your name in the upper right of the screen, and choose My Account from the menu.

    • Select the Security tab

    • Generate Tokens : <<recommend using your Azure DevOps project name e.g.: sharethrift>>

    • Click the Generate button

      • Copy the token value that appears to a secure note, (It is only shown once, and you will need it later)

Create Projects

  • While logged into SonarCloud website:

  • Click the + icon to the left of your name in the upper right of the screen, and

    • Choose Analyze a new project from the menu (you may see an error message, it can be ignored)

    • Click the Create a project manually link in the lower left of the screen.

    • The create project screen shows:

      • Organization: <<select the organization you created earlier>>

      • Project Key: sharethrift-ui

      • Display Name: sharethrift-ui

      • Public / Private: Private

      • Click the Next button

      • On the next page choose Previous version

      • Click Create project

  • Navigate to the newly created project

    • On the vertical navigation, choose Branches

    • Click on the 3 dots icon to the right of the master branch and choose Rename Branch

      • Rename to "main" and click the Rename button

    • Click on Administration in the lower left and choose Quality Gate

      • Click the Organization's settings link at the top if setting is not already in the list

      • Click on the 3 dots icon in the upper right and choose Copy

      • Give the new quality gate the name of your project

      • Click Copy

      • Navigate back to your project and on the left vertical navigation, choose Administration > Quality Gate

      • Choose the new gate you created

  • Repeat the process above with the following Project Key/ Display Names:

    • sharethrift-data-access

Setup Azure DevOps

Install SonarCloud plug-in into Azure DevOps

  • In the Azure DevOps portal, navigate to your project's settings

  • Choose Service Connections under Pipelines

  • Click the New Service Connection button

  • Search for SonarCloud and select it and click Next

  • New Sonar Cloud Service Connection blade will show:

    • Sonar Cloud Token: <<paste Security Token generated earlier>>

    • Service Connection Name: sonarcloud

    • Description: <<leave blank>>

    • Security: <<leave checked>>

    • Click the Verify and save button

Add to VS Code

Configuration Process:

  1. Open your VSCode project

  2. Under the section titled Generate Tokens, enter vscode and click the Generate button.

  3. You will get a new token, copy the token value secure location we will use it later and you will not be able to retrieve it once it is generated.

  4. Open Visual Studio Code, and navigate to the setting section

    • On Windows/Linux - File > Preferences > Settings

    • On macOS - Code > Preferences > Settings

  5. Select User Settings and Search for SonarLint

  6. Ensure that you select User directly under the search box so that you are configuring user settings.

  7. Pick any of the settings and click **Edit in settings.json

  8. Paste the following into the settings.json file

    "sonarlint.connectedMode.connections.sonarcloud": [
        {
          "organizationKey": "<<YOUR COMPANY NAME>>",
          "token": "<<YOUR VSCODE TOKEN GOES HERE>>"
        }
      ],
    "sonarlint.connectedMode.project": {
        "projectKey": "<<YOUR PROJECT KEY>>"
      },
  9. Replace the <<YOUR VSCODE TOKEN GOES HERE>> with the token you created earlier.

  10. Replace the <<YOUR COMPANY NAME>> with your organization key

  11. Replace the <<YOUR PROJECT KEY>> with your project key.

    • You can look up the project key under Administration > Projects Management on your organization's page.

  12. IMPORTANT!! Sonarlint will prompt you to install the Adopt Open JavaSDK if you don't have java installed, please ensure you do this.

  13. Restart VSCode and reopen your VSCode Project related to your ScratchOrg

The following is a sample settings.json file for reference:

{
    "sonarlint.connectedMode.connections.sonarcloud": [
        {
          "organizationKey": "mycompany",
          "token": "b33e974....76331859"
        }
      ],
    "sonarlint.connectedMode.project": {
        "projectKey": "myproject"
      },
    "sonarlint.ls.javaHome": "/Library/Java/JavaVirtualMachines/adoptopenjdk-11.jdk/Contents/Home"
}

Install the into VSCode, and restart VSCode

Visit and log in using the Azure DevOps button.

Visit

You can look up the organization key on the .

SonarCloud website
SonarLint Extension
SonarCloud
your security page
organization key page