We want to run a analysis on ALL our Code using SonarCloud through our Azure DevOps Pipelines. Right now we have the built in SonarCloud Market place tasks being used for most built projects using .net, java, etc. However when we run it against our IAC code which is Pulumi it only picks up one or two files and not all the Typecript or YAMl files within the repo. I think it has to do with the ADO Scanner that is built into the tasks, but wanted to see if anyone has found a work around or know of a way to include their entire repo in the analysis?
Welcome to the community. Thank you for your request.
Currently, our IAC offering supports Terraform providers from AWS, Azure, and GCP. We also support CloudFormation and CDK for Python. Unfortunately, Pulumi is not one of them.
Feel free to create an insight with your use case on our portal. This way we can include it in our roadmap planning.
Hey Nils, So the link sends me to a board asking me to sign into my JumpCloud account. Which I do not have. Wondering if there is another way to get it on your backlog? Thanks for the info it’s very useful.