Need help scanning MS DevOps pull requests

Need help scanning MS DevOps pull requests

We are using a paid sonarcloud account. Our repos are in MS DevOps git. We are able to trigger sonarcloud scans from our pipelines. We have sonarcloud policies and quality gates set up.

While we can trigger a sonarcloud scan from our pipeline I can’t figure out how to have a failed quality gate stop a pipeline or a pull request.

We want to:
A) Ideally fail a pull request based on a sonarcloud scan
B) if that is not possible, surface sonarcloud scan results to the pull request review (decorate?)
C) if pull request integration is not possible, then stop a pipeline if the sonarcloud scan step fails the quality gate.

I have tried setting up the pull request integration from sonarcloud project admin settings. I specified azure devops services and entered a personal access token.

I think I’m close but I can’t get the various elements wired up correctly. Please advise.

Thank you,


Hi Aaron,

Welcome to the community!

I guess this is this the “Require approval from additional services” part described in the docs under ‘Using branch policies on Azure DevOps’