CodeScan SCA Settings

Updated 3 months ago by Copado Solutions

Unlike PMD, where rules live in Copado, CodeScan rules are defined in a CodeScan account.

If you want to integrate all the functionality included in your CodeScan license with Copado, you need to configure a new Static Code Analysis Settings record in Copado and link it to your CodeScan account.

Follow these steps to create SCA Settings for CodeScan:

  1. Log in to the org where Copado is installed.
  2. Navigate to the Static Code Analysis Settings tab and then click on New to create a new record.
  3. Select CodeScan as record type:

  1. This will open a new Static Code Analysis Settings record:

  1. Give your settings a name.
  2. Select a version depending on your CodeScan license: Cloud or on-premise SonarQube.
  3. Enter a CodeScan token created in your CodeScan account. For more information about how to create a token, check out the article How to Create a CodeScan Token.
  4. Type the URL to access your CodeScan:
    1. For CodeScan cloud version use If you select Cloud as CodeScan Version, you will need to fill in the Cloud Organization field with the organization key that exists under My Organizations in
    2. If you have CodeScan on-premise, you need to expose the machine where CodeScan is installed and include the URL in this field.
  5. Click on Save.

Once you have completed all the steps above, add your Static Code Analysis Settings to your pipeline:

From now on, whenever you run a static code analysis from a User Story or a Credential record associated to an environment inside this pipeline, it will take these SCA settings and will create a new Static Code Analysis Results record with the scan details and a link to the CodeScan results.

How did we do?