SonarQube Enterprise 7.9.1 LGPL v3
Export Issues (Bugs & Vulnerabilities) to Excel (or Excel digestible) format
Good day all. So this is my first time using SonarQube, with limited experience with Coverity (so relatively new to Code Analysis).
As stated above we have SQ Enterprise, and I would like to export our current list of Issues to an Excel report. This will allow us to review the current list of issues with our security person (who doesn’t have access to the development environment) and prioritize resolution. I’ve struggled to understand the proper way to do this. I would expect with Enterprise Edition a feature such as report export would be provided.
I’ve seen some discussions of a pluggin, but unless they are packaged with the product (already approved) that is not an option for us. Specifically because we have to go through a lengthy approval process and we are on a shorter timeline at this stage.
I have also seen mention of using the webApi, and was able to export a JSON file using ‘localhost:port/api/issues/search?project=MYPROJ’. However the output wasn’t something I was able to use in Excel. If this is the way to go can you please provide some guidance on how to utilize this in Excel to actually produce a list of vulnerabilities.
So recap:
- Does SonarQube Enterprise 7.9 have an integrated report capability (for Issues)?
- The pluggins available for report, are they stand-alone or package with SQ & just need installed? (obviously stand-alone would need additional approvals which we likely won’t get in time)
- Using the api, how can I generate/obtain the Issues (bugs, vulnerabilties, etc.) in a format Excel can ingest?
Thanks
Cyber