We have a process to produce any violations related to secrets in code. These violations can be in any type of code files, for example XML, jsom, configs or c#, Java code files. Our scanner runs as part of VSTS build pipeline and produces a json file with list of issues. We would like to post these issues to sonarqube without writing any rules again.
Is there a sample or easy way to achieve this?
