diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index d232096b..46c16a11 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -6,15 +6,10 @@ on: pull_request: types: [opened, synchronize, reopened] jobs: - sonarcloud: - name: SonarCloud + trigger: + name: Trigger Sonar runs-on: ubuntu-latest steps: - uses: actions/checkout@v3 with: - fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis - - name: SonarCloud Scan - uses: SonarSource/sonarcloud-github-action@master - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any - SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} \ No newline at end of file + fetch-depth: 0 \ No newline at end of file diff --git a/.github/workflows/sonar.yml b/.github/workflows/sonar.yml new file mode 100644 index 00000000..e6c3e608 --- /dev/null +++ b/.github/workflows/sonar.yml @@ -0,0 +1,27 @@ +name: Sonar +on: + workflow_run: + workflows: [Build] + types: [completed] +jobs: + sonar: + name: Sonar + runs-on: ubuntu-latest + if: github.event.workflow_run.conclusion == 'success' + steps: + - uses: actions/checkout@v3 + with: + repository: ${{ github.event.workflow_run.head_repository.full_name }} + ref: ${{ github.event.workflow_run.head_branch }} + fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis + - name: SonarCloud Scan + uses: sonarsource/sonarcloud-github-action@master + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} + with: + args: > + -Dsonar.scm.revision=${{ github.event.workflow_run.head_sha }} + -Dsonar.pullrequest.key=${{ github.event.workflow_run.pull_requests[0].number }} + -Dsonar.pullrequest.branch=${{ github.event.workflow_run.pull_requests[0].head.ref }} + -Dsonar.pullrequest.base=${{ github.event.workflow_run.pull_requests[0].base.ref }}