Monday 19 December 2016

Use the SonarQube Scanner with the new activity for the Team Build

As I mentioned the new SonarSource-maintained activity allows for the SonarQube scanner to be run independently of MSBuild – very useful for repositories containing only JavaScript files for example, where you cannot use the MSBuild-based task because of the lack of a .*proj file.

So all you need to do is to add the relevant task to your build definition:

image

You only need to configure the required options in the task - it comes with a pre-configured sonar-scanner.properties file so you are ready to go!

You need to create a SonarQube Endpoint like described in the other post, add the typical project key/name/version property triplet and, if you want, you can change the folder containing the source files. Also, if you have your own sonar-scanner.properties ready for use you can supply it in the Advanced pan:

image

Scenarios where you might want to use this task are where you don’t have a MSBuild-based project system supporting your code, so the other task would not work. Also, it is very handy with heterogeneous projects.

Tuesday 13 December 2016

The new connected extension installation experience in TFS 2017

A few months ago I blogged about how the Marketplace takes advantage of the shared TFS and VSTS architecture to provide a good experience to the administrator when it comes to Extensions.

Now the experience goes from good to excellent with TFS 2017!

The installation experience is now completely seamless. From my local TFS Gallery I can browse the Marketplace like I always did:

image

By clicking that link I am going to be redirected to the Marketplace, but even if I am not logged in as a user I will be logged in as a server:

image

This is done on the Team Foundation Server instance you are using, if you look at the URL you clicked you can see a serverKey attribute in the query string.

Now I can browse the Marketplace and select whatever I am interested in. Let’s say the Countdown Widget:

image

Clicking on Install is going to trigger the installation, already pointing at the local TFS Gallery – the extension was already downloaded for you, this happened as soon as you clicked on Install:

image

image

That’s it!

image

It is a great improvement as the experience now no longer requires manual interaction with the server.

This is also an excellent example of a good experience in a context of a Hybrid DevOps Stack, where the Marketplace providing the extensions is part of the stack and it provides the very same service both on-premise and as a service.

Thursday 8 December 2016

What happened to the SonarQube extension?

If you run a SonarQube analysis in your pipeline you might have noticed this:

imageIt is actually the case – the SonarQube extension is being spun off the product and transferred to SonarSource for further development.

This is not bad news, as we already gained the possibility of running the command-line scanner in the Team Build, both on-premise and (that is where it is important!) on the hosted one.

Also, there is a new integration type – a native SonarQube one:

image

Here you can define your server and use a token for authentication, which is much better than credentials.