We are currently using TFS 2008 for source control and continuous integration.
We use FXCop to check for checking performance and security warnings. The Architect or senior developer runs FX Cop at the end of a sprint or before a delivery.
We would like this to run as part of the CI and fail the build if there is a warning, what is the best way to do this?
You could take a look at the code analysis features within Visual Studio, which is supported for use in a continuous integration environment.
Assuming you're building through MSBuild and regular projects/solutions, you can configure FXCop to run as part of every build (both client and server). In your project's properties dialogue, look at the "Code Analysis" tab. Note that this can be set separately for debug and release builds, so you could just set them to errors for Release builds if that makes your developers' life easier.
These FXCop settings allow you to define that violations appear as errors instead of warnings in the build. You mkight also want to enable the TFS policy that requires code analysis to have been run with a defined set of rules before the checkin is valid - that'll save you some red builds by forcing developers to fix violations before checkin.
I do recommend turning all of these things on - if you're aiming for this level of quality (which is no bad idea), it's good to be doing as much as you can pre-checkin.