# SPDX-FileCopyrightText: 2021-2024 Winni Neessen # # SPDX-License-Identifier: CC0-1.0 name: SonarQube permissions: read-all on: push: branches: - main # or the name of your main branch paths: - '**.go' - 'go.*' - '.github/workflow/sonarqube.yml' - 'codecov.yml' jobs: build: name: Build runs-on: ubuntu-latest steps: - uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5 # v2.7.0 with: fetch-depth: 0 - uses: sonarsource/sonarqube-scan-action@94d4f8ac4aaefccd7fb84bff00b0aeb2d65fcd49 # master env: SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }} # If you wish to fail your job when the Quality Gate is red, uncomment the # following lines. This would typically be used to fail a deployment. - uses: sonarsource/sonarqube-quality-gate-action@8406f4f1edaffef38e9fb9c53eb292fc1d7684fa # master timeout-minutes: 5 env: SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}