Update sonarqube.yml

Added API token for tests (via secrets) and excluded the example code
This commit is contained in:
Winni Neessen 2022-05-07 14:35:35 +02:00 committed by GitHub
parent 2467a860e1
commit 68f9edf0a4
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -3,6 +3,8 @@ on:
push: push:
branches: branches:
- main # or the name of your main branch - main # or the name of your main branch
env:
HIBP_API_KEY: ${{ secrets.HIBP_API_KEY }}
jobs: jobs:
build: build:
name: Build name: Build
@ -19,12 +21,12 @@ jobs:
- name: Run unit Tests - name: Run unit Tests
run: | run: |
go test -v -race --coverprofile=./cov.out ./... go test -v -race --coverprofile=./cov.out .
- name: Run Gosec Security Scanner - name: Run Gosec Security Scanner
uses: securego/gosec@master uses: securego/gosec@master
with: with:
args: '-no-fail -fmt sonarqube -out report.json ./...' args: '-no-fail -fmt sonarqube -out report.json .'
- uses: sonarsource/sonarqube-scan-action@master - uses: sonarsource/sonarqube-scan-action@master
env: env: