Template for a good new topic, formatted with Markdown:
ALM used (Azure DevOps)
CI system used (Azure DevOps)
Scanner command used when applicable (private details masked)
Languages of the repository - .net primarily
Only if the SonarCloud project is public, the URL
And if you need help with pull request decoration, then the URL to the PR too
Error observed (wrap logs/code around with triple quotes ``` for proper formatting)
No Error as such
Steps to reproduce
N/A
Potential workaround
N/A
I would like to automate the creation of workitems in DevOps as bugs, vunerabilities and security hotspots are highlighed by sonarcloud. This will allow for us to reduce the feedback loop and make fixing convention and security issues easier and in a timely manner.
Would this required calling into a SC API if the build breaks based on SC checks or is there somethign built in im missing?
We currently don’t support this kind of scenario, but that’s definitely something to keep in mind for the future.
In the mean time, and as a party-automated workaroud, you can add a new reply on the comment that SonarCloud is writing on the PR, with a # + the number of the work item if you want to kind of link it.
Hi Mickaël,
Thanks for the feedback - yeah guess the git # solution requires for a work item to be manually created and associated. Would suggest bi-directional comms for work item creation should defo be considered by the dev team across ALM instances. Would take a great product to a awesome product IMO only
Thanks David
This feature would be really neat. The typical scenario when integrating Sonar with any non-initial project is that you got some heap of refactoring to do. And reality shows us that most people won’t fix them all right away.
If I could convert n sonar tasks to one Azure DevOps Task I could group similar todos and resolve them one group at a time. A happy medium.
