Hello!
After switching to pull_request_target Github trigger event, sonarcloud bot stopped to post a comment in pull request. Also Sonar Cloud Code Analysis pull request check disappeared.
- ALM used: GitHub
- CI system used GitHub Actions
This is how the relevant jobs of the workflow look like:
on:
pull_request_target:
branches:
- master
types:
- opened
- reopened
- edited
- synchronize
jobs:
pr-check-auth-code-service:
runs-on: ubuntu-latest
steps:
# Downloads a copy of the code in your repository before running CI tests
- name: Check out repository code
uses: actions/checkout@v2
with:
ref: ${{ github.event.pull_request.head.sha }}
ssh-key: ${{ secrets.PRIVATE_GITHUB_SSH_PRIVATE_KEY }}
fetch-depth: 0
persist-credentials: false
submodules: recursive
- name: SonarCloud Scan
uses: SonarSource/sonarcloud-github-action@master
env:
GITHUB_TOKEN: ${{ secrets.PRIVATE_GITHUB_TOKEN }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
with:
projectBaseDir: auth-code-service
args: >
-Dsonar.host.url=https://sonarcloud.io
-Dsonar.organization=***
-Dsonar.projectKey=ps-auth-code-service
-Dsonar.go.coverage.reportPaths=coverage.out
-Dsonar.pullrequest.key=${{ github.event.pull_request.number }}
-Dsonar.pullrequest.branch=${{ github.event.pull_request.head.ref }}
-Dsonar.scm.revision=${{ github.event.pull_request.head.sha }}
The configuration is done according to recommendations from GitHub comments stopped working in GitHub action after switch to pull_request_target.
The background task id that is connected with the analysis that comment was not delivered to the pull request is: AXzBZqufSPwfurilYH_p
Please help to solve this issue.
Thank you.