Is it possible to initiate a code scan via API call instead of build task by providing source code TFS Path or git path. Or source code path to a local folder
After the scan is completed, can the sonarQube emails report
Can the SonarQube creates TFS bug for each security issue it finds
Analysis doesn’t take place within SonarQube, so there’s no API to call.
Some emails are/can be sent after analysis, but the available scopes are limited to Issues, Quality Gate status and background task failures. The entire “report” isn’t one of the choices.