For my project I have Trivy set up to take care of scanning the built images for vulnerabilities. Trivy is set up to generate reports in Json and SARIF formats. I need to display these reports along with other code issues and hotspots that are shown in sonar cloud.
Can this type of task be done?
I have read about test execution parameters and how they can display things in sonarcloud. But all the content there is regard to some particular language like c or java or python. In my case, there is no language involved, just docker images.
Can anyone help me out by pointing me in the right direction?
Appreciate any help
Thanks in advance