mirror of
https://github.com/kyverno/kyverno.git
synced 2024-12-14 11:57:48 +00:00
6cb54a475c
* fix: reduce token permissions Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix: reduce token permissions Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
34 lines
942 B
YAML
34 lines
942 B
YAML
name: Sonarcloud workflow
|
|
|
|
permissions: {}
|
|
|
|
on:
|
|
push:
|
|
branches:
|
|
- 'main'
|
|
- 'release*'
|
|
|
|
concurrency:
|
|
group: ${{ github.workflow }}-${{ github.ref }}
|
|
cancel-in-progress: true
|
|
|
|
jobs:
|
|
sonarcloud:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
|
|
- name: Check secret
|
|
id: checksecret
|
|
uses: ./.github/actions/is-defined
|
|
with:
|
|
value: ${{ secrets.SONAR_TOKEN }}
|
|
- name: Setup build env
|
|
if: steps.checksecret.outputs.result == 'true'
|
|
uses: ./.github/actions/setup-build-env
|
|
- name: SonarCloud Scan
|
|
if: steps.checksecret.outputs.result == 'true'
|
|
uses: sonarsource/sonarcloud-github-action@db501078e936e4b4c8773d1bb949ba9ddb7b6b6a # v1.9
|
|
env:
|
|
GITHUB_TOKEN: ${{ secrets.ACCESS_TOKEN }}
|
|
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
|