-
Notifications
You must be signed in to change notification settings - Fork 0
41 lines (36 loc) · 1.3 KB
/
code-scan.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
name: Code Scan
on:
workflow_call:
secrets:
SONAR_HOST_URL:
required: true
SONAR_TOKEN:
required: true
jobs:
scan:
name: scan
runs-on: ubuntu-latest
steps:
- name: Checking out
uses: actions/checkout@v4.2.2
with:
# Disabling shallow clone is recommended for improving relevancy of reporting
fetch-depth: 0
- name: SonarQube Scan
uses: sonarsource/sonarqube-scan-action@v3
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
# Check the Quality Gate status.
- name: SonarQube Quality Gate check
id: sonarqube-quality-gate-check
uses: sonarsource/sonarqube-quality-gate-action@v1.1.0
# Force to fail step after specific time.
timeout-minutes: 5
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
# Optionally you can use the output from the Quality Gate in another step.
# The possible outputs of the `quality-gate-status` variable are `PASSED`, `WARN` or `FAILED`.
- name: "SonarQube Quality Gate status"
run: echo "The Quality Gate status is ${{ steps.sonarqube-quality-gate-check.outputs.quality-gate-status }}"