trackevery-day/.gitea/workflows/sonarqube.yml

on:
  push:
    branches:
      - main
      - dev
      - "!renovate/**"
  pull_request:
    types: [opened, synchronize, reopened]

name: SonarQube Scan
jobs:
  sonarqube:
    name: SonarQube Trigger
    runs-on: ubuntu-latest
    steps:
      - name: Checking out
        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
        with:
          # Disabling shallow clone is recommended for improving relevancy of reporting
          fetch-depth: 0
      - name: SonarQube Scan
        uses: SonarSource/sonarqube-scan-action@94d4f8ac4aaefccd7fb84bff00b0aeb2d65fcd49 # v4.0.0
        env:
          SONAR_HOST_URL: ${{ secrets.SONARQUBE_HOST }}
          SONAR_TOKEN: ${{ secrets.SONARQUBE_TOKEN }}

      # Check the Quality Gate status.
      - name: SonarQube Quality Gate check
        uses: sonarsource/sonarqube-quality-gate-action@master
        timeout-minutes: 2
        env:
          SONAR_HOST_URL: ${{ secrets.SONARQUBE_HOST }}
          SONAR_TOKEN: ${{ secrets.SONARQUBE_TOKEN }}
add linting, sonarqube, renovate 2024-08-18 20:14:17 +02:00			`on:`
			`push:`
			`branches:`
			`- main`
			`- dev`
			`- "!renovate/**"`
			`pull_request:`
			`types: [opened, synchronize, reopened]`

			`name: SonarQube Scan`
			`jobs:`
			`sonarqube:`
			`name: SonarQube Trigger`
			`runs-on: ubuntu-latest`
			`steps:`
			`- name: Checking out`
chore(deps): update actions/checkout digest to 11bd719 2024-10-26 02:01:49 +02:00			`uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4`
add linting, sonarqube, renovate 2024-08-18 20:14:17 +02:00			`with:`
			`# Disabling shallow clone is recommended for improving relevancy of reporting`
			`fetch-depth: 0`
			`- name: SonarQube Scan`
chore(deps): update sonarsource/sonarqube-scan-action action to v4 (#9) This PR contains the following updates: \| Package \| Type \| Update \| Change \| \|---\|---\|---\|---\| \| [SonarSource/sonarqube-scan-action](https://github.com/SonarSource/sonarqube-scan-action) \| action \| major \| `v3.1.0` -> `v4.0.0` \| --- ### Release Notes <details> <summary>SonarSource/sonarqube-scan-action (SonarSource/sonarqube-scan-action)</summary> ### [`v4.0.0`](https://github.com/SonarSource/sonarqube-scan-action/releases/tag/v4.0.0) [Compare Source](https://github.com/SonarSource/sonarqube-scan-action/compare/v3.1.0...v4.0.0) #### What's Changed - SQSCANGHA-46 Replace the Docker action by a composite action by [@henryju](https://github.com/henryju) and [@antonioaversa](https://github.com/antonioaversa) in https://github.com/SonarSource/sonarqube-scan-action/pull/145 This new major version removes Docker, moving to a [composite action](https://docs.github.com/en/actions/sharing-automations/creating-actions/creating-a-composite-action). This has multiple benefits: - you can now use our GitHub action with Java and Dart project, which previously didn’t support it due to Docker isolation - your run won’t fail anymore in peak workload scenarios due to the Docker image hitting the rate limit on DockerHub - the scan won’t need to run the scan as a root user, as recommended by GitHub for operations happening in a Docker container - you will be able to run the action as part of your workflow on any Operating System We expect no issues for the vast majority of users, and we encourage you to move to the new version. You can read more about this new release [here](https://community.sonarsource.com/t/the-upcoming-release-of-github-action-for-sonarqube-v-4-0-0-remove-docker/130180). Full Changelog: https://github.com/SonarSource/sonarqube-scan-action/compare/v3.1.0...v4.0.0 </details> --- ### Configuration 📅 Schedule: Branch creation - "every weekend" (UTC), Automerge - At any time (no schedule defined). 🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied. ♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 Ignore: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOC4xMTAuMiIsInVwZGF0ZWRJblZlciI6IjM4LjExMC4yIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119--> Reviewed-on: https://git.schulze.network/schulze/trackevery-day/pulls/9 Co-authored-by: Renovate Bot <renovatebot@schulze.network> Co-committed-by: Renovate Bot <renovatebot@schulze.network> 2024-11-18 13:38:56 +01:00			`uses: SonarSource/sonarqube-scan-action@94d4f8ac4aaefccd7fb84bff00b0aeb2d65fcd49 # v4.0.0`
add linting, sonarqube, renovate 2024-08-18 20:14:17 +02:00			`env:`
			`SONAR_HOST_URL: ${{ secrets.SONARQUBE_HOST }}`
			`SONAR_TOKEN: ${{ secrets.SONARQUBE_TOKEN }}`

			`# Check the Quality Gate status.`
			`- name: SonarQube Quality Gate check`
			`uses: sonarsource/sonarqube-quality-gate-action@master`
			`timeout-minutes: 2`
			`env:`
			`SONAR_HOST_URL: ${{ secrets.SONARQUBE_HOST }}`
			`SONAR_TOKEN: ${{ secrets.SONARQUBE_TOKEN }}`