Appearance
🤖 SonarQube Cloud analysis ​
SonarQube Cloud analyzes OCP automatically through its Azure DevOps integration. The Azure Pipelines build no longer starts Sonar scanner tasks or uploads analysis results from CI.
Analysis method ​
Automatic analysis is enabled from the SonarQube Cloud project settings. Once enabled, SonarQube Cloud reads the repository directly and analyzes the default branch and pull requests without pipeline tasks, service connections, or scanner configuration in Azure Pipelines.
WARNING
Do not add CI-based Sonar scanner tasks back to the pipelines while automatic analysis is enabled. SonarQube Cloud does not support running automatic and CI-based analysis for the same project at the same time.
Repository configuration ​
Automatic analysis ignores sonar-project.properties, so the CI-based properties file has been removed.
SonarQube Cloud supports a limited .sonarcloud.properties file for automatic analysis, but wildcard exclusions such as **/Migrations/*.cs are not supported there. Configure analysis scope in the SonarQube Cloud project settings if migration files should remain excluded.
Limitations and follow-up settings ​
Automatic analysis does not consume code coverage reports from CI, so the backend build does not collect OpenCover output for SonarQube Cloud.
The previous CI-based configuration ignored Vue Web:S5256 issues for design-system table components through sonar.issue.ignore.multicriteria. That setting is not supported by automatic-analysis repository configuration; if the suppression is still required, configure it in SonarQube Cloud through project settings or the quality profile.
Rollout checklist ​
- Enable Automatic Analysis in the SonarQube Cloud project.
- Keep Azure Pipelines free of Sonar scanner tasks.
- Recreate any required migration exclusions or Vue rule suppressions in SonarQube Cloud.
- Confirm the SonarQube Cloud project information shows the last analysis method as automatic analysis.