Unable to get api/issues/gitlab_sast_export in SonarQube 10.7

I have installed sonarqube community build 10.7 on K8s. But after integrating gitlab with sonarqube along with sonarscanner on the cicd pipelines, I am unable to get the sast report.

Hey @ShinyDhas

GET api/issues/gitlab_sast_export is only available in Developer Edition and higher. It’s a mistake that it’s shown in the analysis tutorial for SonarQube Community Build, and I’ve flagged this for attention.

You should remove this from your build.

sonarqube-vulnerability-report:
  stage: sonarqube-vulnerability-report
  script:
    - 'curl -u "${SONAR_TOKEN}:" "${SONAR_HOST_URL}/api/issues/gitlab_sast_export?projectKey=fa&branch=${CI_COMMIT_BRANCH}&pullRequest=${CI_MERGE_REQUEST_IID}" -o gl-sast-sonar-report.json'
  allow_failure: true
  rules:
    - if: $CI_PIPELINE_SOURCE == 'merge_request_event'
    - if: $CI_COMMIT_BRANCH == 'master'
    - if: $CI_COMMIT_BRANCH == 'main'
    - if: $CI_COMMIT_BRANCH == 'develop'
  artifacts:
    expire_in: 1 day
    reports:
      sast: gl-sast-sonar-report.json

Hello @ShinyDhas @Colin ,

Indeed that is correct, thank you for reporting this issue. I’ve created SONAR-23880 to fix it.

The ticket is already in progress and we will aim to include this fix in the next release.

1 Like