Triggering a Custom Script on Specific SAST Output

I am trying to trigger specific actions in SonarQube Source Code Analysis Tools (SAST) every time a specific message/vulnerability is found.
Although I havent tried it, one of the solution that I can think of is to export the results to a file and monitor the changes through those files periodically.
Is there another way to do it?

Hi,

Welcome to the community!

Your best bet is to leverage a webhook to trigger an external process that will look for the vulnerability after each analysis and trigger the actions you need. Presumably, that external process will use the issue search web service to look for issues raised by certain rules. You’ll find on-board web service documentation in a link in your footer.

 
HTH,
Ann

1 Like

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.