We use Azure DevOps pipelines to scan our projects with the following yaml steps:
SonarCloudPrepare@1
SonarCloudAnalyze@1
SonarCloudPublish@1
However when a new project is added to Sonarcloud via the above steps, this is not bound to Azure DevOps:
It is only when adding a project manually through the Sonarcloud UI > Analyse new project page that we are able to bind a project to Azure DevOps, e.g. see the blue azure devops logo
Why is this? Is binding a project via pipeline steps not supported?
I know “It’s the way it always has been” isn’t a great answer, but it’s probably the truth here. A lot happens in the backend when you bind the project through the UI and it has never trickled down to the scanner, nor any effort put into connecting the dots once the first scan of a project has been published.
We also have generally come from the opinion that project provisioning from the scanner is allowed but not ideal, as it can cause the proliferation of many projects where administrators don’t know where they came from. Maybe this is more of a SonarQube concern than SonarCloud where the concept of a “bound project” exists – but that’s the history.
OK sure thanks very much for the explanation. I’ve voted on the card! This would really remove manual effort from when we add new apps (and we add a lot) and let the pipelines do it for us
