trivy-to-sonarqube

Install

npm i trivy-to-sonarqube -g

Generate trivy report

trivy fs --ignorefile .trivyignore  -f json -o trivy-report.json  .
trivy config --ignorefile .trivyignore  -f json -o trivy-report.json  .
trivy image --ignorefile .trivyignore  -f json -o trivy-report.json  my-docker-image

Convert data to sonarqube generic issue format

trivy-to-sonarqube -f trivy-report.json -o ./my-sonarqube-report.json

Run sonar-scaner witch additional params

 sonar-scanner 
      -Dsonar.projectKey=MyProject
      -Dsonar.host.url=my-host.com
      -Dsonar.login=${SONARQUBE_TOKEN}
      -Dsonar.sources=.
      -Dsonar.externalIssuesReportPaths=./trivy-report.json

trivy-to-sonarqube

Install

Generate trivy report

Convert data to sonarqube generic issue format

Run sonar-scaner witch additional params

Readme

Keywords

Package Sidebar

Install

Repository

Homepage

Weekly Downloads

Version

License

Unpacked Size

Total Files

Last publish

Collaborators

trivy-to-sonarqube

Install

Generate trivy report

Convert data to sonarqube generic issue format

Run sonar-scaner witch additional params

Readme

Keywords

Package Sidebar

Install

Repository

Homepage

DownloadsWeekly Downloads

Version

License

Unpacked Size

Total Files

Last publish

Collaborators

Weekly Downloads