mirror of
https://github.com/SonarSource/sonarqube-scan-action.git
synced 2026-01-30 16:33:24 +03:00
Compare commits
1 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
2f77a1ec69 |
2
.github/workflows/PullRequestClosed.yml
vendored
2
.github/workflows/PullRequestClosed.yml
vendored
@@ -7,7 +7,7 @@ on:
|
|||||||
jobs:
|
jobs:
|
||||||
PullRequestClosed_job:
|
PullRequestClosed_job:
|
||||||
name: Pull Request Closed
|
name: Pull Request Closed
|
||||||
runs-on: github-ubuntu-latest-s
|
runs-on: ubuntu-latest-large
|
||||||
permissions:
|
permissions:
|
||||||
id-token: write
|
id-token: write
|
||||||
pull-requests: read
|
pull-requests: read
|
||||||
|
|||||||
2
.github/workflows/PullRequestCreated.yml
vendored
2
.github/workflows/PullRequestCreated.yml
vendored
@@ -7,7 +7,7 @@ on:
|
|||||||
jobs:
|
jobs:
|
||||||
PullRequestCreated_job:
|
PullRequestCreated_job:
|
||||||
name: Pull Request Created
|
name: Pull Request Created
|
||||||
runs-on: github-ubuntu-latest-s
|
runs-on: ubuntu-latest-large
|
||||||
permissions:
|
permissions:
|
||||||
id-token: write
|
id-token: write
|
||||||
# For external PR, ticket should be created manually
|
# For external PR, ticket should be created manually
|
||||||
|
|||||||
2
.github/workflows/RequestReview.yml
vendored
2
.github/workflows/RequestReview.yml
vendored
@@ -7,7 +7,7 @@ on:
|
|||||||
jobs:
|
jobs:
|
||||||
RequestReview_job:
|
RequestReview_job:
|
||||||
name: Request review
|
name: Request review
|
||||||
runs-on: github-ubuntu-latest-s
|
runs-on: ubuntu-latest-large
|
||||||
permissions:
|
permissions:
|
||||||
id-token: write
|
id-token: write
|
||||||
# For external PR, ticket should be moved manually
|
# For external PR, ticket should be moved manually
|
||||||
|
|||||||
2
.github/workflows/SubmitReview.yml
vendored
2
.github/workflows/SubmitReview.yml
vendored
@@ -7,7 +7,7 @@ on:
|
|||||||
jobs:
|
jobs:
|
||||||
SubmitReview_job:
|
SubmitReview_job:
|
||||||
name: Submit Review
|
name: Submit Review
|
||||||
runs-on: github-ubuntu-latest-s
|
runs-on: ubuntu-latest-large
|
||||||
permissions:
|
permissions:
|
||||||
id-token: write
|
id-token: write
|
||||||
pull-requests: read
|
pull-requests: read
|
||||||
|
|||||||
2
.github/workflows/qa-deprecated-c-cpp.yml
vendored
2
.github/workflows/qa-deprecated-c-cpp.yml
vendored
@@ -12,7 +12,7 @@ jobs:
|
|||||||
name: Action outputs
|
name: Action outputs
|
||||||
strategy:
|
strategy:
|
||||||
matrix:
|
matrix:
|
||||||
os: [github-ubuntu-latest-s, github-windows-latest-s, macos-latest, macos-13]
|
os: [ubuntu-latest-large, windows-latest-large, macos-latest, macos-13]
|
||||||
cache: [true, false]
|
cache: [true, false]
|
||||||
include:
|
include:
|
||||||
- arch: X64
|
- arch: X64
|
||||||
|
|||||||
@@ -12,7 +12,7 @@ jobs:
|
|||||||
name: Action outputs
|
name: Action outputs
|
||||||
strategy:
|
strategy:
|
||||||
matrix:
|
matrix:
|
||||||
os: [github-ubuntu-latest-s, github-windows-latest-s, macos-latest, macos-13]
|
os: [ubuntu-latest-large, windows-latest-large, macos-latest, macos-13]
|
||||||
cache: [true, false]
|
cache: [true, false]
|
||||||
include:
|
include:
|
||||||
- arch: X64
|
- arch: X64
|
||||||
|
|||||||
66
.github/workflows/qa-main.yml
vendored
66
.github/workflows/qa-main.yml
vendored
@@ -12,9 +12,8 @@ jobs:
|
|||||||
name: >
|
name: >
|
||||||
No inputs
|
No inputs
|
||||||
strategy:
|
strategy:
|
||||||
fail-fast: false
|
|
||||||
matrix:
|
matrix:
|
||||||
os: [ github-ubuntu-latest-s, macos-latest ]
|
os: [ ubuntu-latest-large, macos-latest ]
|
||||||
runs-on: ${{ matrix.os }}
|
runs-on: ${{ matrix.os }}
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v5
|
- uses: actions/checkout@v5
|
||||||
@@ -32,9 +31,8 @@ jobs:
|
|||||||
name: >
|
name: >
|
||||||
'args' input
|
'args' input
|
||||||
strategy:
|
strategy:
|
||||||
fail-fast: false
|
|
||||||
matrix:
|
matrix:
|
||||||
os: [ github-ubuntu-latest-s, github-windows-latest-s, macos-latest ]
|
os: [ ubuntu-latest-large, windows-latest-large, macos-latest ]
|
||||||
runs-on: ${{ matrix.os }}
|
runs-on: ${{ matrix.os }}
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v5
|
- uses: actions/checkout@v5
|
||||||
@@ -50,15 +48,14 @@ jobs:
|
|||||||
- name: Assert
|
- name: Assert
|
||||||
run: |
|
run: |
|
||||||
./test/assertFileContains ./output.properties "sonar.someArg=aValue"
|
./test/assertFileContains ./output.properties "sonar.someArg=aValue"
|
||||||
./test/assertFileContains ./output.properties "sonar.anotherArgWithSpaces=Another Value"
|
./test/assertFileContains ./output.properties 'sonar.anotherArgWithSpaces="Another Value"'
|
||||||
./test/assertFileContains ./output.properties "sonar.argWithSingleQuotes=Another Value"
|
./test/assertFileContains ./output.properties "sonar.argWithSingleQuotes='Another Value'"
|
||||||
argsInputInjectionTest:
|
argsInputInjectionTest:
|
||||||
name: >
|
name: >
|
||||||
'args' input with command injection will fail
|
'args' input with command injection will fail
|
||||||
strategy:
|
strategy:
|
||||||
fail-fast: false
|
|
||||||
matrix:
|
matrix:
|
||||||
os: [ github-ubuntu-latest-s, github-windows-latest-s, macos-latest ]
|
os: [ ubuntu-latest-large, windows-latest-large, macos-latest ]
|
||||||
args: [ -Dsonar.someArg=aValue && echo "Injection", -Dsonar.someArg="value\"; whoami; echo \"" ]
|
args: [ -Dsonar.someArg=aValue && echo "Injection", -Dsonar.someArg="value\"; whoami; echo \"" ]
|
||||||
runs-on: ${{ matrix.os }}
|
runs-on: ${{ matrix.os }}
|
||||||
steps:
|
steps:
|
||||||
@@ -66,7 +63,6 @@ jobs:
|
|||||||
with:
|
with:
|
||||||
token: ${{ secrets.GITHUB_TOKEN }}
|
token: ${{ secrets.GITHUB_TOKEN }}
|
||||||
- name: Run action with args
|
- name: Run action with args
|
||||||
id: runTest
|
|
||||||
uses: ./
|
uses: ./
|
||||||
continue-on-error: true
|
continue-on-error: true
|
||||||
with:
|
with:
|
||||||
@@ -84,9 +80,8 @@ jobs:
|
|||||||
name: >
|
name: >
|
||||||
'args' input with backticks injection does not execute command
|
'args' input with backticks injection does not execute command
|
||||||
strategy:
|
strategy:
|
||||||
fail-fast: false
|
|
||||||
matrix:
|
matrix:
|
||||||
os: [ github-ubuntu-latest-s, github-windows-latest-s, macos-latest ]
|
os: [ ubuntu-latest-large, windows-latest-large, macos-latest ]
|
||||||
runs-on: ${{ matrix.os }}
|
runs-on: ${{ matrix.os }}
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v5
|
- uses: actions/checkout@v5
|
||||||
@@ -114,7 +109,7 @@ jobs:
|
|||||||
'args' input with dollar command injection does not execute command
|
'args' input with dollar command injection does not execute command
|
||||||
strategy:
|
strategy:
|
||||||
matrix:
|
matrix:
|
||||||
os: [ github-ubuntu-latest-s, github-windows-latest-s, macos-latest ]
|
os: [ ubuntu-latest-large, windows-latest-large, macos-latest ]
|
||||||
runs-on: ${{ matrix.os }}
|
runs-on: ${{ matrix.os }}
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v5
|
- uses: actions/checkout@v5
|
||||||
@@ -141,7 +136,7 @@ jobs:
|
|||||||
'args' input with other command injection variants does not execute command
|
'args' input with other command injection variants does not execute command
|
||||||
strategy:
|
strategy:
|
||||||
matrix:
|
matrix:
|
||||||
os: [ github-ubuntu-latest-s, github-windows-latest-s, macos-latest ]
|
os: [ ubuntu-latest-large, windows-latest-large, macos-latest ]
|
||||||
runs-on: ${{ matrix.os }}
|
runs-on: ${{ matrix.os }}
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v5
|
- uses: actions/checkout@v5
|
||||||
@@ -171,7 +166,7 @@ jobs:
|
|||||||
'projectBaseDir' input
|
'projectBaseDir' input
|
||||||
strategy:
|
strategy:
|
||||||
matrix:
|
matrix:
|
||||||
os: [ github-ubuntu-latest-s, github-windows-latest-s, macos-latest ]
|
os: [ ubuntu-latest-large, windows-latest-large, macos-latest ]
|
||||||
runs-on: ${{ matrix.os }}
|
runs-on: ${{ matrix.os }}
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v5
|
- uses: actions/checkout@v5
|
||||||
@@ -192,7 +187,7 @@ jobs:
|
|||||||
scannerVersionTest:
|
scannerVersionTest:
|
||||||
name: >
|
name: >
|
||||||
'scannerVersion' input
|
'scannerVersion' input
|
||||||
runs-on: github-ubuntu-latest-s # assumes default RUNNER_ARCH for linux is X64
|
runs-on: ubuntu-latest-large # assumes default RUNNER_ARCH for linux is X64
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v5
|
- uses: actions/checkout@v5
|
||||||
with:
|
with:
|
||||||
@@ -212,7 +207,7 @@ jobs:
|
|||||||
scannerBinariesUrlTest:
|
scannerBinariesUrlTest:
|
||||||
name: >
|
name: >
|
||||||
'scannerBinariesUrl' input with invalid URL
|
'scannerBinariesUrl' input with invalid URL
|
||||||
runs-on: github-ubuntu-latest-s # assumes default RUNNER_ARCH for linux is X64
|
runs-on: ubuntu-latest-large # assumes default RUNNER_ARCH for linux is X64
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v5
|
- uses: actions/checkout@v5
|
||||||
with:
|
with:
|
||||||
@@ -240,7 +235,7 @@ jobs:
|
|||||||
scannerBinariesUrlIsEscapedWithWget:
|
scannerBinariesUrlIsEscapedWithWget:
|
||||||
name: >
|
name: >
|
||||||
'scannerBinariesUrl' is escaped with wget so special chars are not injected in the download command
|
'scannerBinariesUrl' is escaped with wget so special chars are not injected in the download command
|
||||||
runs-on: github-ubuntu-latest-s
|
runs-on: ubuntu-latest-large
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v5
|
- uses: actions/checkout@v5
|
||||||
with:
|
with:
|
||||||
@@ -261,7 +256,7 @@ jobs:
|
|||||||
scannerBinariesUrlIsEscapedWithCurl:
|
scannerBinariesUrlIsEscapedWithCurl:
|
||||||
name: >
|
name: >
|
||||||
'scannerBinariesUrl' is escaped with curl so special chars are not injected in the download command
|
'scannerBinariesUrl' is escaped with curl so special chars are not injected in the download command
|
||||||
runs-on: github-ubuntu-latest-s
|
runs-on: ubuntu-latest-large
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v5
|
- uses: actions/checkout@v5
|
||||||
with:
|
with:
|
||||||
@@ -290,7 +285,7 @@ jobs:
|
|||||||
dontFailGradleTest:
|
dontFailGradleTest:
|
||||||
name: >
|
name: >
|
||||||
Don't fail on Gradle project
|
Don't fail on Gradle project
|
||||||
runs-on: github-ubuntu-latest-s
|
runs-on: ubuntu-latest-large
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v5
|
- uses: actions/checkout@v5
|
||||||
with:
|
with:
|
||||||
@@ -311,7 +306,7 @@ jobs:
|
|||||||
dontFailGradleKotlinTest:
|
dontFailGradleKotlinTest:
|
||||||
name: >
|
name: >
|
||||||
Don't fail on Kotlin Gradle project
|
Don't fail on Kotlin Gradle project
|
||||||
runs-on: github-ubuntu-latest-s
|
runs-on: ubuntu-latest-large
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v5
|
- uses: actions/checkout@v5
|
||||||
with:
|
with:
|
||||||
@@ -332,7 +327,7 @@ jobs:
|
|||||||
dontFailMavenTest:
|
dontFailMavenTest:
|
||||||
name: >
|
name: >
|
||||||
Don't fail on Maven project
|
Don't fail on Maven project
|
||||||
runs-on: github-ubuntu-latest-s
|
runs-on: ubuntu-latest-large
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v5
|
- uses: actions/checkout@v5
|
||||||
with:
|
with:
|
||||||
@@ -351,7 +346,7 @@ jobs:
|
|||||||
run: |
|
run: |
|
||||||
./test/assertFileExists ./output.properties
|
./test/assertFileExists ./output.properties
|
||||||
runAnalysisTest:
|
runAnalysisTest:
|
||||||
runs-on: github-ubuntu-latest-s
|
runs-on: ubuntu-latest-large
|
||||||
services:
|
services:
|
||||||
sonarqube:
|
sonarqube:
|
||||||
image: sonarqube:lts-community
|
image: sonarqube:lts-community
|
||||||
@@ -385,9 +380,8 @@ jobs:
|
|||||||
name: >
|
name: >
|
||||||
'RUNNER_DEBUG' is used
|
'RUNNER_DEBUG' is used
|
||||||
strategy:
|
strategy:
|
||||||
fail-fast: false
|
|
||||||
matrix:
|
matrix:
|
||||||
os: [ github-ubuntu-latest-s, github-windows-latest-s, macos-latest ]
|
os: [ ubuntu-latest-large, windows-latest-large, macos-latest ]
|
||||||
runs-on: ${{ matrix.os }}
|
runs-on: ${{ matrix.os }}
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v5
|
- uses: actions/checkout@v5
|
||||||
@@ -405,7 +399,7 @@ jobs:
|
|||||||
run: |
|
run: |
|
||||||
./test/assertFileContains ./output.properties "sonar.verbose=true"
|
./test/assertFileContains ./output.properties "sonar.verbose=true"
|
||||||
runAnalysisWithCacheTest:
|
runAnalysisWithCacheTest:
|
||||||
runs-on: github-ubuntu-latest-s
|
runs-on: ubuntu-latest-large
|
||||||
services:
|
services:
|
||||||
sonarqube:
|
sonarqube:
|
||||||
image: sonarqube:lts-community
|
image: sonarqube:lts-community
|
||||||
@@ -445,9 +439,8 @@ jobs:
|
|||||||
name: >
|
name: >
|
||||||
'SONARCLOUD_URL' is used
|
'SONARCLOUD_URL' is used
|
||||||
strategy:
|
strategy:
|
||||||
fail-fast: false
|
|
||||||
matrix:
|
matrix:
|
||||||
os: [ github-ubuntu-latest-s, github-windows-latest-s, macos-latest ]
|
os: [ ubuntu-latest-large, windows-latest-large, macos-latest ]
|
||||||
runs-on: ${{ matrix.os }}
|
runs-on: ${{ matrix.os }}
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v5
|
- uses: actions/checkout@v5
|
||||||
@@ -466,7 +459,7 @@ jobs:
|
|||||||
./test/assertFileContains ./output.properties "sonar.scanner.sonarcloudUrl=mirror.sonarcloud.io"
|
./test/assertFileContains ./output.properties "sonar.scanner.sonarcloudUrl=mirror.sonarcloud.io"
|
||||||
dontFailWhenMissingWgetButCurlAvailable:
|
dontFailWhenMissingWgetButCurlAvailable:
|
||||||
name: Don't fail when missing wget but curl available
|
name: Don't fail when missing wget but curl available
|
||||||
runs-on: github-ubuntu-latest-s
|
runs-on: ubuntu-latest-large
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v5
|
- uses: actions/checkout@v5
|
||||||
with:
|
with:
|
||||||
@@ -492,7 +485,7 @@ jobs:
|
|||||||
./test/assertFileExists ./output.properties
|
./test/assertFileExists ./output.properties
|
||||||
dontFailWhenMissingCurlButWgetAvailable:
|
dontFailWhenMissingCurlButWgetAvailable:
|
||||||
name: Don't fail when missing curl but wget available
|
name: Don't fail when missing curl but wget available
|
||||||
runs-on: github-ubuntu-latest-s
|
runs-on: ubuntu-latest-large
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v5
|
- uses: actions/checkout@v5
|
||||||
with:
|
with:
|
||||||
@@ -519,7 +512,7 @@ jobs:
|
|||||||
./test/assertFileExists ./output.properties
|
./test/assertFileExists ./output.properties
|
||||||
failWhenBothWgetAndCurlMissing:
|
failWhenBothWgetAndCurlMissing:
|
||||||
name: Fail when both wget and curl are missing
|
name: Fail when both wget and curl are missing
|
||||||
runs-on: github-ubuntu-latest-s
|
runs-on: ubuntu-latest-large
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v5
|
- uses: actions/checkout@v5
|
||||||
with:
|
with:
|
||||||
@@ -552,7 +545,7 @@ jobs:
|
|||||||
curlPerformsRedirect:
|
curlPerformsRedirect:
|
||||||
name: >
|
name: >
|
||||||
curl performs redirect when scannerBinariesUrl returns 3xx
|
curl performs redirect when scannerBinariesUrl returns 3xx
|
||||||
runs-on: github-ubuntu-latest-s
|
runs-on: ubuntu-latest-large
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v5
|
- uses: actions/checkout@v5
|
||||||
with:
|
with:
|
||||||
@@ -585,9 +578,8 @@ jobs:
|
|||||||
name: >
|
name: >
|
||||||
'SONAR_ROOT_CERT' is converted to truststore
|
'SONAR_ROOT_CERT' is converted to truststore
|
||||||
strategy:
|
strategy:
|
||||||
fail-fast: false
|
|
||||||
matrix:
|
matrix:
|
||||||
os: [ github-ubuntu-latest-s, github-windows-latest-s, macos-latest ]
|
os: [ ubuntu-latest-large, windows-latest-large, macos-latest ]
|
||||||
runs-on: ${{ matrix.os }}
|
runs-on: ${{ matrix.os }}
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v5
|
- uses: actions/checkout@v5
|
||||||
@@ -639,7 +631,7 @@ jobs:
|
|||||||
analysisWithSslCertificate:
|
analysisWithSslCertificate:
|
||||||
name: >
|
name: >
|
||||||
Analysis takes into account 'SONAR_ROOT_CERT'
|
Analysis takes into account 'SONAR_ROOT_CERT'
|
||||||
runs-on: github-ubuntu-latest-s
|
runs-on: ubuntu-latest-large
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v5
|
- uses: actions/checkout@v5
|
||||||
with:
|
with:
|
||||||
@@ -747,7 +739,7 @@ jobs:
|
|||||||
overridesScannerLocalFolderWhenPresent: # can happen in uncleaned self-hosted runners
|
overridesScannerLocalFolderWhenPresent: # can happen in uncleaned self-hosted runners
|
||||||
name: >
|
name: >
|
||||||
'SCANNER_LOCAL_FOLDER' is cleaned with warning when present
|
'SCANNER_LOCAL_FOLDER' is cleaned with warning when present
|
||||||
runs-on: github-ubuntu-latest-s
|
runs-on: ubuntu-latest-large
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v5
|
- uses: actions/checkout@v5
|
||||||
with:
|
with:
|
||||||
@@ -781,7 +773,7 @@ jobs:
|
|||||||
updateTruststoreWhenPresent: # can happen in uncleaned self-hosted runners
|
updateTruststoreWhenPresent: # can happen in uncleaned self-hosted runners
|
||||||
name: >
|
name: >
|
||||||
truststore.p12 is updated when present
|
truststore.p12 is updated when present
|
||||||
runs-on: github-ubuntu-latest-s
|
runs-on: ubuntu-latest-large
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v5
|
- uses: actions/checkout@v5
|
||||||
with:
|
with:
|
||||||
@@ -910,7 +902,7 @@ jobs:
|
|||||||
scannerVersionValidationTest:
|
scannerVersionValidationTest:
|
||||||
name: >
|
name: >
|
||||||
'scannerVersion' input validation
|
'scannerVersion' input validation
|
||||||
runs-on: github-ubuntu-latest-s
|
runs-on: ubuntu-latest-large
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v5
|
- uses: actions/checkout@v5
|
||||||
with:
|
with:
|
||||||
|
|||||||
8
.github/workflows/qa-scripts.yml
vendored
8
.github/workflows/qa-scripts.yml
vendored
@@ -10,7 +10,7 @@ on:
|
|||||||
jobs:
|
jobs:
|
||||||
create-install-dir-test:
|
create-install-dir-test:
|
||||||
name: create_install_path.sh
|
name: create_install_path.sh
|
||||||
runs-on: github-ubuntu-latest-s
|
runs-on: ubuntu-latest-large
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v5
|
- uses: actions/checkout@v5
|
||||||
with:
|
with:
|
||||||
@@ -107,7 +107,7 @@ jobs:
|
|||||||
grep "=== Script failed ===" output
|
grep "=== Script failed ===" output
|
||||||
setup-script-test:
|
setup-script-test:
|
||||||
name: configure_paths.sh
|
name: configure_paths.sh
|
||||||
runs-on: github-ubuntu-latest-s
|
runs-on: ubuntu-latest-large
|
||||||
env:
|
env:
|
||||||
INSTALL_PATH: 'install-directory'
|
INSTALL_PATH: 'install-directory'
|
||||||
SONAR_HOST_URL: 'http://sonar-host.com'
|
SONAR_HOST_URL: 'http://sonar-host.com'
|
||||||
@@ -250,7 +250,7 @@ jobs:
|
|||||||
grep "=== Script failed ===" output
|
grep "=== Script failed ===" output
|
||||||
download-script-test:
|
download-script-test:
|
||||||
name: download.sh
|
name: download.sh
|
||||||
runs-on: github-ubuntu-latest-s
|
runs-on: ubuntu-latest-large
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v5
|
- uses: actions/checkout@v5
|
||||||
with:
|
with:
|
||||||
@@ -319,7 +319,7 @@ jobs:
|
|||||||
grep "=== Script failed ===" output
|
grep "=== Script failed ===" output
|
||||||
fetch-latest-version-test:
|
fetch-latest-version-test:
|
||||||
name: fetch_latest_version.sh
|
name: fetch_latest_version.sh
|
||||||
runs-on: github-ubuntu-latest-s
|
runs-on: ubuntu-latest-large
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v5
|
- uses: actions/checkout@v5
|
||||||
with:
|
with:
|
||||||
|
|||||||
2
.github/workflows/update-tags.yml
vendored
2
.github/workflows/update-tags.yml
vendored
@@ -7,7 +7,7 @@ on:
|
|||||||
|
|
||||||
jobs:
|
jobs:
|
||||||
generate:
|
generate:
|
||||||
runs-on: github-ubuntu-latest-s
|
runs-on: ubuntu-latest-large
|
||||||
permissions:
|
permissions:
|
||||||
contents: write
|
contents: write
|
||||||
|
|
||||||
|
|||||||
4
.github/workflows/version_update.yml
vendored
4
.github/workflows/version_update.yml
vendored
@@ -7,7 +7,7 @@ on:
|
|||||||
jobs:
|
jobs:
|
||||||
check-version:
|
check-version:
|
||||||
name: Check for sonar-scanner version update
|
name: Check for sonar-scanner version update
|
||||||
runs-on: github-ubuntu-latest-s
|
runs-on: ubuntu-latest-large
|
||||||
outputs:
|
outputs:
|
||||||
should_update: ${{ steps.version-check.outputs.should_update }}
|
should_update: ${{ steps.version-check.outputs.should_update }}
|
||||||
new-version: ${{ steps.latest-version.outputs.sonar-scanner-version }}
|
new-version: ${{ steps.latest-version.outputs.sonar-scanner-version }}
|
||||||
@@ -43,7 +43,7 @@ jobs:
|
|||||||
update-version:
|
update-version:
|
||||||
name: Prepare pull request for sonar-scanner version update
|
name: Prepare pull request for sonar-scanner version update
|
||||||
needs: check-version
|
needs: check-version
|
||||||
runs-on: github-ubuntu-latest-s
|
runs-on: ubuntu-latest-large
|
||||||
permissions:
|
permissions:
|
||||||
contents: write
|
contents: write
|
||||||
pull-requests: write
|
pull-requests: write
|
||||||
|
|||||||
21
action.yml
21
action.yml
@@ -31,6 +31,9 @@ runs:
|
|||||||
env:
|
env:
|
||||||
INPUT_PROJECTBASEDIR: ${{ inputs.projectBaseDir }}
|
INPUT_PROJECTBASEDIR: ${{ inputs.projectBaseDir }}
|
||||||
INPUT_SCANNERVERSION: ${{ inputs.scannerVersion }}
|
INPUT_SCANNERVERSION: ${{ inputs.scannerVersion }}
|
||||||
|
- name: Vulnerability warning
|
||||||
|
shell: bash
|
||||||
|
run: echo "::warning title=Vulnerability warning::This version of the SonarQube Scanner GitHub Action is no longer supported and contains a security vulnerability. Please update your workflow to use sonarsource/sonarqube-scan-action@v6 for the latest security patches and features. For more information visit https://community.sonarsource.com/gha-v6-update"
|
||||||
- name: Load Sonar Scanner CLI from cache
|
- name: Load Sonar Scanner CLI from cache
|
||||||
id: sonar-scanner-cli
|
id: sonar-scanner-cli
|
||||||
uses: actions/cache@0400d5f644dc74513175e3cd8d07132dd4860809 #v4.2.4
|
uses: actions/cache@0400d5f644dc74513175e3cd8d07132dd4860809 #v4.2.4
|
||||||
@@ -51,19 +54,9 @@ runs:
|
|||||||
run: echo "${RUNNER_TEMP}/sonar-scanner-cli-${{ inputs.scannerVersion }}-${{ runner.os }}-${{ runner.arch }}/bin" >> $GITHUB_PATH
|
run: echo "${RUNNER_TEMP}/sonar-scanner-cli-${{ inputs.scannerVersion }}-${{ runner.os }}-${{ runner.arch }}/bin" >> $GITHUB_PATH
|
||||||
shell: bash
|
shell: bash
|
||||||
- name: Run SonarScanner
|
- name: Run SonarScanner
|
||||||
uses: satackey/action-js-inline@v0.0.2
|
run: ${GITHUB_ACTION_PATH}/scripts/run-sonar-scanner.sh
|
||||||
with:
|
shell: bash
|
||||||
required-packages: "string-argv"
|
|
||||||
script: |
|
|
||||||
const core = require('@actions/core')
|
|
||||||
const exec = require('@actions/exec')
|
|
||||||
const { parseArgsStringToArgv } = require('string-argv');
|
|
||||||
|
|
||||||
const IS_WINDOWS = process.platform === 'win32'
|
|
||||||
const runnerTemp = process.env.RUNNER_TEMP
|
|
||||||
|
|
||||||
var args = parseArgsStringToArgv(core.getInput('args'));
|
|
||||||
|
|
||||||
exec.exec(IS_WINDOWS ? 'sonar-scanner.bat' : 'sonar-scanner', args);
|
|
||||||
env:
|
env:
|
||||||
INPUT_ARGS: ${{ inputs.args }}
|
INPUT_ARGS: ${{ inputs.args }}
|
||||||
|
INPUT_PROJECTBASEDIR: ${{ inputs.projectBaseDir }}
|
||||||
|
SONAR_SCANNER_JRE: ${{ runner.temp }}/sonar-scanner-cli-${{ inputs.scannerVersion }}-${{ runner.os }}-${{ runner.arch }}/jre
|
||||||
|
|||||||
Reference in New Issue
Block a user