Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Skip SonarCloud analysis of PRs from forked repositories #926

Merged
merged 1 commit into from
Dec 18, 2023
Merged

Skip SonarCloud analysis of PRs from forked repositories #926

merged 1 commit into from
Dec 18, 2023

Conversation

Stephan202
Copy link
Member

@Stephan202 Stephan202 commented Dec 17, 2023
edited
Loading

This issue was observed in the context of #925. I added a commit there to validate that the new condition indeed skips the check. For this PR the SonarCloud analysis should run 👀 🤞

Suggested commit message:

Skip SonarCloud analysis of PRs from forked repositories (#926)

Because such analysis will fail due to unavailability of the relevant
secrets. Working around this is nontrivial and a likely source of
security issues.

@Stephan202 Stephan202 added this to the 0.15.0 milestone Dec 17, 2023
@Stephan202 Stephan202 requested a review from rickie December 17, 2023 19:46
@Stephan202 Stephan202 mentioned this pull request Dec 17, 2023
Merged
3 tasks
@github-actions GitHub Actions
Copy link

Looks good. No mutations were possible for these changes.
Mutation testing report by Pitest. Review any surviving mutants by inspecting the line comments under Files changed.

@Stephan202 @rickie
Skip SonarCloud analysis of PRs from forked repositories
be8eb0e 
Because such analysis will fail due to unavailability of the relevant
secrets. Working around this is nontrivial and a likely source of
security issues.
@rickie rickie force-pushed the sschroevers/skip-sonarcloud-analysis-for-forks branch from e5f93fd to be8eb0e Compare December 18, 2023 06:51
@github-actions GitHub Actions
Copy link

Looks good. No mutations were possible for these changes.
Mutation testing report by Pitest. Review any surviving mutants by inspecting the line comments under Files changed.

@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed

Kudos, no new issues were introduced!

0 New issues
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarCloud

@rickie rickie added the chore A task not related to code (build, formatting, process, ...) label Dec 18, 2023
@Stephan202 Stephan202 merged commit ff3be8a into master Dec 18, 2023
16 checks passed
@Stephan202 Stephan202 deleted the sschroevers/skip-sonarcloud-analysis-for-forks branch December 18, 2023 07:34
@Stephan202 Stephan202 mentioned this pull request Feb 11, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mohamedsamehsalah mohamedsamehsalah mohamedsamehsalah approved these changes

@rickie rickie rickie approved these changes

@timtebeek timtebeek timtebeek approved these changes

Assignees
No one assigned
Labels
chore A task not related to code (build, formatting, process, ...)
Milestone
0.15.0
Development

Successfully merging this pull request may close these issues.
4 participants
@Stephan202 @timtebeek @rickie @mohamedsamehsalah