name: SonarQube on: workflow_run: workflows: [ "Tests" ] types: - completed jobs: sonarqube: name: SonarQube runs-on: ubuntu-latest steps: - uses: actions/checkout@v2 with: fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis # There's a 'download artifact' action, but it hasn't been updated for the workflow_run action # (https://github.com/actions/download-artifact/issues/60) so instead we get this mess: - name: Download Coverage Report uses: actions/github-script@v3.1.0 if: github.event.workflow_run.conclusion == 'success' with: script: | const artifacts = await github.actions.listWorkflowRunArtifacts({ owner: context.repo.owner, repo: context.repo.repo, run_id: ${{ github.event.workflow_run.id }}, }); const matchArtifact = artifacts.data.artifacts.filter((artifact) => { return artifact.name == "coverage" })[0]; const download = await github.actions.downloadArtifact({ owner: context.repo.owner, repo: context.repo.repo, artifact_id: matchArtifact.id, archive_format: 'zip', }); const fs = require('fs'); fs.writeFileSync('${{github.workspace}}/coverage.zip', Buffer.from(download.data)); - name: Extract Coverage Report run: unzip -d coverage coverage.zip && rm coverage.zip if: github.event.workflow_run.conclusion == 'success' - name: SonarCloud Scan uses: SonarSource/sonarcloud-github-action@master env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}