Where the SonarCloud analysis happens?

Hi, I would like to make sure I understand where the Azure DevOps based SonarCloud analysis takes place.

According to what I understand from what is written here, the analysis happens in the pipeline build environment, through the scanner offered by the extension, so the real computation is in charge of the azure project owner, and only the results finally get sent to SonarCloud. Do I understand this correctly?

Moreover, if the above is true, no code is sent to SonarCloud, is it right?

Thanks in advance

Hey there.

The bulk of the code analysis itself happens on the Azure DevOps build agent, the results of which (including the code that was analyzed) are sent to SonarCloud.

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.