SonarCloud with BitBucket Repos and Azure Pipelines

We use BitBucket for our source code repositories and Azure Pipelines for our Build and Release. I’d like to throw in SonarCloud into the mix for some Static Code Analysis of our code, where would the “scanning of the code” be performed? Would it be a BitBucket repo or Azure Pipeline integration?

I originally signed up for a SonarCloud account by singing in with my Azure DevOps account. An account was automatically created and thats what i associated my billing against. Then i went to wire up a BitBucket repo and it created another SonarCloud account asking for further billing information. Could you please advise on how where the SonarCloud integration should reside, and how i can resolve the two accounts situation? We would like the Static Code analysis to happen on a pull request.

Hi Erika,

Thank you for using SonarCloud and welcome to the Community Forum!

If your repositories are in Bitbucket, you should login/sign up with your Bitbucket account. Did you have a look in the documentation? This should help a lot: https://sonarcloud.io/documentation/integrations/bitbucketcloud/

Hi Luis,

Thanks for responding! So you recommend the analysis/scanning happens at the repository level (BitBucket) and not the CI build stage (Azure Pipelines)? If thats the case, i guess i would have to delete the account thats associated with my Azure DevOps credentials, and re-set up the billing against the account i signed up for using my BitBucket credentials…is that right?

Hi @erikadanis,

Just to clarify a bit, it’s possible to use Azure Pipelines to launch analysis for the code that is hosted in BitBucketCloud (you are not obliged to use BitBucket Pipelines).
Indeed, you have to connect with your BitbucketCloud account in SonarCloud and fill your billing details for the organization that will be bound to Bitbucket Cloud.

Inside SonarCloud, you have a tutorial to help you set up your analysis with Azure Pipelines for a code hosted on a BitBucketCloud repo:

Cheers,

Hi Aurelie,

Just to be 100% clear :slight_smile:

We are ONLY using BitBucket Repos (not BitBucket Pipelines), and using Azure Pipelines for CI. So where should the integration with SonarCloud reside? WIth Azure Pipelines? When i tried to wire up a Prepare Analysis step in Azure Pipelines it didnt give me the option to choose a SonarCloud project, just the organisation.

Hi @erikadanis,

Well integration with SonarCloud happens in several places. In your case, a repo in BitBucket Cloud and a CI in Azure Pipelines, the integration is like this:

  • Connect and authenticate with your BitBucketCloud account
  • Create your SC project and organization from your BitbucketCloud repo and workspace
  • Set up and launch the analysis in Azure Pipelines
  • Branches & PR get decorated in BitBucketCloud

What build tool do you use (maven, gradle, …)?

I really recommend you to follow the tutorial inside SonarCloud after you have created your project from your BBC repo to set up your analysis, all the steps are described with the necessary properties to copy-paste to set up your analysis.

Cheers

2 Likes

Hi @aurelie,

Thanks so much you’re recommendations are really helpful! Now i have the problem of the two accounts that i need to disassociate.

  • Account 1: Associated with my email address and Azure DevOps (org and billing set up)
  • Account 2: Associated with my email address and BitBucket (no org, no billing, seems to be the default)

In order to access Account 1, i had to log via an “incognito” tab and a message came up that my email address is already associated with the BitBucket one, if i want to continue it will erase it. So ive clicked continue with the aim to delete Account 1 and start again. Unless there is another way and im doing something horribly wrong?

Also do you have a link to that tutorial you describe in your image?

Kind Regards,
Erika

Hi Erika,

Here is what I recommend you to do:

  1. Delete Account 1 with Azure DevOps. To do this go to Administration >> Organisation settings >> Delete
  2. Login into your Account 2 with BitBucket. Create your organisation and upgrade to the paid plan
  3. Import your projects from Bitbucket and setup Azure Pipelines

You should always login to SonarCloud with your Bitbucket credentials.

Please note that there is no way to transfer the paid plan between organisations. I am not sure if you have finalised the 2 week trial period. In any case you will enjoy again the 2 week free period in the new organisation.

Hope this helps.

Hi @erikadanis,

The tutorial is in the product, after you have created your project by selecting a BitBucket repository. (When you click “+” → Analyse a new project)

Cheers