Skip to content

Bump github/codeql-action/analyze from b0c4fd77f6c559021d78430ec4d0d169ae74a4eb to dd903d2e4f5405488e5ef1422510ee31c8b32357 #1836

Bump github/codeql-action/analyze from b0c4fd77f6c559021d78430ec4d0d169ae74a4eb to dd903d2e4f5405488e5ef1422510ee31c8b32357

Bump github/codeql-action/analyze from b0c4fd77f6c559021d78430ec4d0d169ae74a4eb to dd903d2e4f5405488e5ef1422510ee31c8b32357 #1836

Workflow file for this run

name: SonarCloud
on:
push:
branches:
- main
pull_request:
branches:
- '**'
jobs:
sonar:
# PRs from forks do not have access to workflow secrets so Sonarqube fails.
# Therefore we are skipping this job on forks.
if: contains(github.event.pull_request.head.repo.url, '/repos/zowe/cics-for-zowe-client')
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4
with:
fetch-depth: 0
- name: Use Node.js 20.x
uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
with:
node-version: 20
- name: Install Dependencies
run: npm ci
- name: Update Dependencies
id: npm-update
uses: zowe-actions/octorelease/script@e0672bf28f74f36219713afe75915ea2dc7bf85b # v1
with:
config-dir: .github
script: npmUpdate
- name: Build Source
id: build
run: npm run build
- name: SonarCloud Scan
uses: sonarsource/sonarqube-scan-action@fd88b7d7ccbaefd23d8f36f73b59db7a3d246602 # v6
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}