• Using PnP PowerShell on Visual Studio Team Services (VSTS) Hosted Agent

    Visual Studio Team Services (VSTS) provides great Continuous Integration (CI) and Continuous Deployment (CD) functionalities you can leverage to implement DevOps pipelines and automation with your custom developments.

    If your custom solutions rely on PnP PowerShell during their build and/or deployment processes, you will need PnP PowerShell to be installed on the agent.
    Unfortunately the Hosted Agents do not have PnP PowerShell installed by default.
    Note: that documentation only applies to the Hosted and Hosted 2017 agents, the Linux Hosted Agent is not supported at the moment

    Install PnP PowerShell

    Add a first task to your build/release definition (type PowerShell). In the Type Field select Inline Script.
    In the Inline Script section copy and paste that script

    Install-PackageProvider -Name NuGet -Force -Scope "CurrentUser"
    Install-Module SharePointPnPPowerShellOnline -Scope "CurrentUser" -Verbose -AllowClobber -Force

    Note: you can also install a specific version using the -RequiredVersion parameter at line 2.
    Note: you can also improve that script according to your needs as well as save it in a file you include in your repository to best fit your pipeline.
    Note: that module installation task must be included once agent phase

    Using PnP PowerShell

    In your scripts leveraging PnP PowerShell, before calling any command related to that module, make sure you include the following line.

    Import-Module SharePointPnPPowerShellOnline -Scope "Local"

    Uninstalling PnP PowerShell

    Note: this step is optional if you are using the VSTS Hosted Agent and is only provided to people using custom agents on which they do not want to / can not install PnP PowerShell globally
    To avoid conflicts if your scripts require a specific version of PnP PowerShell, it is a good practice to cleanup after your build/release is done.
    In order to do so simply add another PowerShell task and in the inline script section copy the script bellow.

    get-installedmodule SharePointPnPPowerShellOnline | ? {$_.InstalledLocation -like "*"+$home+"*"} | Uninstall-Module  -Force

    Note: this is a repost of a wiki page I created on the PnP PowerShell repo
    • 9/10/2017
  • Determine your technical debt using SonarQube - Conclusion

    Installing and setting up SonarQube may seem quite complex and tedious.

    I hope that this series has helped you to go faster implementing it.

    Now, you can clearly identify your technical debt and take actions to improve the quality of your developments.

    It is obvious that when a thousand problems appear in the code at once, it can be discouraging, just keep this in mind:

    -          There are false positives, make a first pass to ignore/exclude those

    -          Try to have a policy like "no commit should make the situation worse" or even better "each commit must correct all the problems on the edited files” Which will allow you to improve the situation little by little.

    -          Some organizations prefer to do one or two sprints of technical debt solving to get a fresh start


    How about you? did you find this useful? feel free to comment.

    • 6/10/2017
  • Determine your technical debt using SonarQube - Bonus SonarLint extension configuration

    TL; DR

    You can display SonarQube static analysis results live in Visual Studio error and information console using the same rules set as the SonarQube project.

    Installing the extension

    Just go to and proceed with the installation.

    Binding the Visual Studio solution to the SonarQube analysis

    From the Team Explorer click SonarQube

    Click on connect.

    (if you obtain a certificate error, you must install the self-signed certificate of the SonarQube server on your machine)

    To generate a personal access token, refer to the following documentation

    Enter the token in the SonarQube login prompt as well as the server url

    Double click on the SonarQube project that you want to bind to the Visual Studio solution

    The errors detected by SonarQube static analysis now show up as a warning in the error console as well as in the intellisense.

    JavaScripts Projects

    There are cases where you'll be only working on JavaScript/TypeScript using an editor lighter than the full version of Visual Studio, for example Visual Studio code. With SonarQube, the static analysis for JavaScripts projects, primarily relies on ESlint and TSlint. To have static analysis work from within your code editor, you only need to install the corresponding extensions and add a few configuration files in your source base.

    If you want to analyze TypeScript, you'll also need to install the TS Plugin, you'll find all the details here

    • 4/10/2017
  • Determine your technical debt using SonarQube - Monitoring the results

    TL; DR

    Static analysis errors will appear as of the warnings in the compilation section. A static analysis badge will also appear on the build report and you'll be able to have detailed and comprehensive information from SonarQube.

    Information incorporated with the build

    When displaying the details of a build, you'll now find a new section dedicated to SonarQube. Within that section, besides the quality badge, you'll also find a link to the static analysis results details. Also under the build section, all static analysis critical issues will show up as warnings.

     Note: that only shows up for the msbuild kind of projects.

    Details available in SonarQube

    From your SonarQube web portal, you'll find detailed static analysis results indicating how the code got better or worse. Using SonarQube you can build new dashboard that will help you have a clear vision at glance of your code quality and how to improve it.

    • 2/10/2017