Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[GHA] Do not run sonarcloud on forks #1142

Closed
wants to merge 5 commits into from
Closed

[GHA] Do not run sonarcloud on forks #1142

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
b0cf2d1
[GHA] Do not run sonarcloud on forks
hazendaz Dec 26, 2023
7d8acbc
[GHA] Add comment as to why running on project owner only
hazendaz Dec 28, 2023
5ed244a
[GHA] Update all versions and use major only (which is always latest)
hazendaz Dec 31, 2023
926b605
[GHA] Add comment as to why ran on 'main' branch only
hazendaz Dec 31, 2023
b1831eb
[GHA] Do not run github-pages unless on main repo
hazendaz Dec 31, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions .github/workflows/build.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,9 +20,9 @@ jobs:
runs-on: ${{ matrix.os }}

steps:
- uses: actions/checkout@v3
- uses: actions/checkout@v4

- uses: actions/setup-java@v3
- uses: actions/setup-java@v4
with:
java-version: ${{ matrix.java }}
distribution: adopt
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/codecov.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,14 +15,14 @@ jobs:
runs-on: ubuntu-latest

steps:
- uses: actions/checkout@v3
- uses: actions/checkout@v4

- uses: actions/setup-java@v3
- uses: actions/setup-java@v4
with:
java-version: 11
distribution: adopt

- name: Generate code coverage
run: mvn --batch-mode test

- uses: codecov/codecov-action@v3.1.0
- uses: codecov/codecov-action@v3
8 changes: 5 additions & 3 deletions .github/workflows/github-pages.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,20 +8,22 @@ on:

jobs:
build:
# Do not run on forks as unnecessary
if: github.repository_owner == 'damianszczepanik'
runs-on: ubuntu-latest

steps:
- uses: actions/checkout@v3
- uses: actions/checkout@v4

- uses: actions/setup-java@v3
- uses: actions/setup-java@v4
with:
java-version: 11
distribution: adopt

- name: Generate demo report
run: mvn --batch-mode test

- uses: peaceiris/actions-gh-pages@v3.7.3
- uses: peaceiris/actions-gh-pages@v3
with:
external_repository: damianszczepanik/damianszczepanik.github.io
personal_token: ${{ secrets.GH_PAGES_UPLOAD }}
Expand Down
8 changes: 5 additions & 3 deletions .github/workflows/sonarcloud.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,18 +4,20 @@ on:
push:
branches:
- master
# do not validate pull requests because SONAR_TOKEN is available only for project owner
# Community version only allows running against 'main' branch, see https://docs.sonarsource.com/sonarqube/latest/devops-platform-integration/github-integration/

jobs:
build:
# Do not run sonar on forks because SONAR_TOKEN is available only for project owner
if: github.repository_owner == 'damianszczepanik'
Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

  1. leave comments in the code why is that
  2. with this change there is no need to have branch limitation in line 5-6

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Added variation of the first comment above 'if'. Adjusted the original. I think you do still want it only running against master, that is unless you are looking at pull requests. I can only speak for repos I work on and all simply run on master and nothing else. If you are looking to more broadly look at those then sure, will remove that.

Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In general - agree with you. My experience is that sonar quite frequently has problem with authentication because of token that is lost somehow. Quite often I did not notice the problem with sonar token and for a long time sonar was not working. Having this on PR (even for myself ) gives opportunity to find such issues earlier :)
Best would be to process sonar against every PR to see tech debt earlier but I was not able to do that :(

Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Also this allows me to run sonar on fix-branch before fix goes to master so I can perform the validation and confirm the fix before it goes to master :)

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@damianszczepanik Per https://docs.sonarsource.com/sonarqube/latest/devops-platform-integration/github-integration/, unless you are a paying customer ($160 a year), its not possible to run on pull requests. So I've adjusted this a bit to indicate that and point to the documentation.

runs-on: ubuntu-latest

steps:
- uses: actions/checkout@v3
- uses: actions/checkout@v4
with:
fetch-depth: 0 # Fetch all history for .GitInfo and .Lastmod

- uses: actions/setup-java@v3
- uses: actions/setup-java@v4
with:
java-version: 11
distribution: adopt
Expand Down