Do scans happen on a self-hosted agent or through the SonarQube SonarSource extension on Azure DevOps? Can someone explain this process?
Hi,
The SonarQube extension provides tasks for your Azure pipelines. The scan happens on your agent, whether managed or self-hosted.
You can find some information in the documentation about analyzing your code on Azure DevOps.
Denis
How does that work? I read that document, and I can’t find a definitive answer, especially when nothing gets installed on the agent.
What type of code are you trying to analyze? (dotnet, C/C++, Javascript…)
Generally speaking, the extension will take care of supplying the Sonar components (scanner) needed for the analysis.
Beyond that, the machine may need some other components. For example, for a .NET analysis, you will need a suitable .NET SDK. You will also need to make sure the required tools for building and testing your solution are installed, if any.
Denis
I am analyzing dotnet and C/C++. for now. Yes, the machine (agent) being used has other needed components and tools. My main reason for asking the question is to understand how I can improve performance, so I wanted to understand how and where it’s actually running. I am accustomed to running it locally, as in installing SonarQube on a client or server. Using it in Azure DevOps is new to me.
I think you might be confusing two things:
- Running SonarQube
- Running the analysis
The extension will help you run an analysis on an agent. Running SonarQube itself (the server) is a completely different thing that the extension will not help you with.
For the various installation options, I would refer you to the SonarQube documentation.
Denis
No, I understand the difference. I was just trying to understand how the analysis happens as it relates to using the extension with an agent.