Cybersecurity
DevOps Cloud
IT Operations Cloud
Octane integration with SonarQube via Jenkins.
SonarQube integration does not push existing vulnerabilities to Octane.
By default, any existing vulnerabilities detected in SonarQube will not be pushed to Octane. When a pipeline is created in Octane for the Jenkins job that handles SonarQube vulnerabilities, the vulnerabilities_baseline value is set to the time of pipeline creation. Only new vulnerabilities detected after that time will be discovered and pushed to Octane and the vulnerabilities_baseline value is then updated accordingly.