Azure DevOps Tooling Installation

I require the installation of specific tooling within Microsoft Azure for Azure DevOps. Key Areas: 1. Branching: - Developers will be using both GitKraken and GitLens for creating or working on feature branches. - The tools will help visualize and manage branch history. - Pull Requests (PRs) will be used for code review and merging. 2. Static Code Analysis: - SonarCloud will be integrated into our Azure DevOps pipeline to assess code quality. - It should flag issues like code smells, vulnerabilities, and maintainability concerns. 3. Security Scanning: - Tools like Snyk or Checkmarx will be used for performing security scans on our codebase and dependencies. - The system should be set to report security vulnerabilities and fail the pipeline if critical issues are detected. 4. Dependency Scanning: - Dependabot or WhiteSource will be used to scan dependencies for vulnerabilities and license compliance issues. - The system should automatically raise suggested updates for outdated or vulnerable dependencies. Code Review Standards: During code reviews in Pull Requests, we need to enforce: - Code format guidelines. - Security best practices. Static Code Analysis Tool: We prefer using SonarCloud for code quality assessment. Ideal skills for this project include: - Extensive experience with Microsoft Azure and Azure DevOps. - Proficient in using GitKraken and GitLens. - Familiar with SonarCloud, Snyk, Checkmarx, Dependabot, and WhiteSource. - Strong understanding of code quality, security scanning, and dependency scanning. - Ability to set up and enforce code review standards.