- ALM used - Bitbucket Cloud,
- CI system used - Bitbucket Cloud
- Scanner command - using Bitbucket Pipe for sonar scanner :
pipe: sonarsource/sonarcloud-scan:1.4.0 - Languages of the repository - Salesforce codebase, Apex classes, xmls, triggers,etc.
Need to create a webhook that calls SonarCloud WebAPI to get the analysis results from SonarCloud. The APIs given on the https://sonarcloud.io/web_api doesn’t give details of any such API that can pull the results of analysis. The only API I found is api/project_analyses and api/project_branches. From the response example of these APIs I can see the quality gate status and the count of bugs/vulnerability/code smells but none of these give details on what bugs, vulnerability and security hotspots are found in analysis. Do we have any API in SonarCloud that gives the details of what bugs/vulnerability/code smells/security hotspots are found in the analysis done on a branch? Also, is any such API available in SonarQube if not available in SonarCloud?