Introducing Qodana for Azure Pipelines
With Qodana, you can detect, analyze, and resolve code issues right in the CI/CD system you rely on. Since Qodana was released, we’ve supported GitHub Actions, GitHub App, GitLab CI/CD, TeamCity, and Jenkins. We continue to expand our integrated environments to make sure we bring code quality into your favorite CI/CD. This time around, we’re introducing a new extension for Azure Pipelines.
Qodana linters are now integrated into your Azure DevOps repositories to allow you to make code analysis a part of your build pipeline and ensure the maintainability and reliability of your projects. You can integrate Qodana with Azure Pipelines in just 2 steps:
Now let’s dive into the details.
Install Qodana for Azure Pipelines
From Visual Studio Marketplace, install the Qodana for Azure Pipelines extension by clicking the Get it free button, and Proceed to organization once the installation has finished.
If you do not have the required permissions to install an extension from the marketplace, a request will be sent to the account administrator to ask them to approve the installation.
Configure Qodana to analyze your code
Set up a pipeline that integrates with Qodana
Before analyzing your code, you will first need to set up a new build pipeline that integrates with Qodana. On the Azure DevOps panel, go to Pipelines and click Create Pipeline. If any pipelines have already been created, select New pipeline.
You can configure the pipeline with either the YAML editor or the classic editor. When using the classic editor, you can take advantage of the predefined templates. The YAML editor requires you to use a YAML file. Let’s choose the latter for this example.
The YAML editor will open with the template YAML file. In order to configure it correctly you will need to configure the Qodana Scan task by editing your azure-pipelines.yml file:
# Start with a minimal pipeline that you can customize to build and deploy your code. # Add steps that build, run tests, deploy, and more: # https://aka.ms/yaml trigger: - main pool: vmImage: ubuntu-latest steps: - task: Cache@2 # Not required, but Qodana will open projects with cache faster. inputs: key: '"$(Build.Repository.Name)" | "$(Build.SourceBranchName)" | "$(Build.SourceVersion)"' path: '$(Agent.TempDirectory)/qodana/cache' restoreKeys: | "$(Build.Repository.Name)" | "$(Build.SourceBranchName)" "$(Build.Repository.Name)" - task: QodanaScan@1
You can also find the Qodana Scan task in the list of tasks on the Show assistant panel.
Run your pipeline
When you are done making the changes to the file, click Save and Run.
See the results
To display the Qodana report summary in Azure DevOps, install Microsoft DevLabs’ SARIF SAST Scans Tab extension. Once installation is done, go to the Pipelines tab, select the pipeline being run and analyzed, and look at the Scans tab for more information about the quality of your code.
With the Qodana for Azure Pipelines extension, you will be able to easily integrate Qodana into your Azure DevOps pipeline and start seeing the analytics the first time your code is checked.
If you have any questions or suggestions about Qodana, post a comment here, tag us on Twitter or contact us at firstname.lastname@example.org.
Your Qodana team
Subscribe to Blog updates
Thanks, we've got you!
Qodana for .NET 8 is almost ready! Try the EAP and let us know what you think
Qodana now supports .NET 8, starting from the 2023.3-eap version, with plans to release the official linter before the end of the year.
Qodana Is Out Of Preview With First-Class JetBrains IDE Integration
Today, Qodana announces a huge milestone: It’s no longer in preview and is available commercially with some major improvements. Get in now to enjoy a 50% discount on your first year.
Qodana 2023.1: Flexible Profile Configuration, Support for Migration to the Kotlin/JS IR Compiler, License Compatibility Checks for Go, Plugin Integrations, and 30+ New Inspections
The new Qodana release is live with major enhancements to help you ensure your code is of the highest quality.