Hi all,
I’m looking for guidance on configuring SonarCloud in a somewhat hybrid setup and couldn’t find any recent or conclusive documentation.
Context
-
Source code is hosted in GitHub Enterprise Cloud (GHE) (not GitHub . com)
-
CI/CD pipelines are running in Azure DevOps Pipelines
-
We want to use SonarCloud for:
-
Code quality analysis
-
PR decoration (if possible)
-
Quality gates in the pipeline
-
Challenges / Questions
-
Repository integration
-
Is it supported to analyze repositories hosted in GHE while running pipelines from Azure DevOps?
-
If yes, what is the recommended way to configure the project in SonarCloud?
-
Manual project setup?
-
Any specific ALM binding strategy?
-
-
-
Authentication & permissions
-
What is the best practice for authenticating SonarCloud from Azure Pipelines?
-
Are there any caveats when the repo is not on github . com?
-
-
Pull Request decoration
-
Is PR decoration supported for GHE repositories in this setup?
-
If yes, how should it be configured (GitHub App, PAT, etc.)?
-
If not, what are the alternatives?
-
-
Branch & PR analysis
- Any required configuration differences compared to “standard” GitHub . com or Azure Repos setups?
-
General architecture guidance
-
Are there recommended patterns or known limitations for this combination:
- Azure DevOps Pipelines + GHE + SonarCloud
-
What I’ve tried
-
Standard SonarCloud Azure DevOps tasks
-
Manual project creation in SonarCloud
-
Searching existing community threads (most seem outdated or focused on GitHub.com or Azure Repos)
Goal
We want a clean, maintainable setup where:
-
Analysis runs in Azure Pipelines
-
Results are visible in SonarCloud
-
Ideally, PR feedback is integrated back into GitHub Enterprise
If anyone has a working setup, reference architecture, or even partial answers, that would be greatly appreciated.