I’m currently working on integrating SonarQube analysis into our Jenkins pipeline, and I’m encountering difficulties in generating a JSON report of the analysis results. Our team requires this JSON format for further processing and integration with our internal systems.
Here’s a summary of what I’m trying to achieve:
I’m using a Jenkins pipeline script to trigger SonarQube analysis on our projects.
I need to generate a JSON report of the analysis results within the Jenkins pipeline.
Despite my attempts, I haven’t been successful in obtaining the JSON report. Instead, I receive an HTML response.
I appreciate your advice on using webhooks for integrating SonarQube with DefectDojo. However, I’m not quite familiar with how to set up webhooks for this purpose.
Could you please provide some guidance or resources on how to configure webhooks in SonarQube and utilize them effectively with DefectDojo?
I actually once asked the question of how Sonarqube works with DefectDojo in 2020, but did not receive a satisfactory answer at the time
Discussions on GitHub indicated efforts to create a dedicated API for extracting data from Sonarqube for DefectDojo, although ultimately it was decided not to proceed with this approach
This discussion also mentions some tool generating html reports in Sonarqube
Another Github issue highlighted a problem with setting up the integration due to connection errors and
made some proposals
There’s also a community post from 2023 without a solution
I have not done any further research into this matter.
Right now I see no evidence of a Sonarqube integration at https://www.defectdojo.org/
