Update sonarqube.yml

Added API token for tests (via secrets) and excluded the example code
This commit is contained in:
Winni Neessen 2022-05-07 14:35:35 +02:00 committed by GitHub
parent 2467a860e1
commit 68f9edf0a4
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -3,6 +3,8 @@ on:
push:
branches:
- main # or the name of your main branch
env:
HIBP_API_KEY: ${{ secrets.HIBP_API_KEY }}
jobs:
build:
name: Build
@ -19,12 +21,12 @@ jobs:
- name: Run unit Tests
run: |
go test -v -race --coverprofile=./cov.out ./...
go test -v -race --coverprofile=./cov.out .
- name: Run Gosec Security Scanner
uses: securego/gosec@master
with:
args: '-no-fail -fmt sonarqube -out report.json ./...'
args: '-no-fail -fmt sonarqube -out report.json .'
- uses: sonarsource/sonarqube-scan-action@master
env: