apg-go/.github/workflows/sonarqube.yml
Winni Neessen 0e2df1fe07
Update workflows to trigger on specific file changes
The update limits the GolangCI, Codecov, SonarQube, and Docker workflow triggers to only fire when specific related files are modified. By focusing on relevant paths like '**.go', 'go.*' and respective workflow files, we enhance the efficiency of our CI/CD process.
2024-03-25 19:32:40 +01:00

33 lines
1.1 KiB
YAML

# SPDX-FileCopyrightText: 2021-2024 Winni Neessen <wn@neessen.dev>
#
# SPDX-License-Identifier: CC0-1.0
name: SonarQube
permissions: read-all
on:
push:
branches:
- main # or the name of your main branch
paths:
- '**.go'
- 'go.*'
- '.github/workflow/sonarqube.yml'
- 'codecov.yml'
jobs:
build:
name: Build
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5 # v2.7.0
with:
fetch-depth: 0
- uses: sonarsource/sonarqube-scan-action@9ad16418d1dd6d28912bc0047ee387e90181ce1c # master
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
# If you wish to fail your job when the Quality Gate is red, uncomment the
# following lines. This would typically be used to fail a deployment.
- uses: sonarsource/sonarqube-quality-gate-action@f9fe214a5be5769c40619de2fff2726c36d2d5eb # master
timeout-minutes: 5
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}