Okay, I’ve finally managed it. @codyebberson’s version didn’t work for me, cause workflow_run event data doesn’t have pull request info and pull_requests array contains pull requests to fork and not to upstream.
So, this is my version with comments.
First of all you need to save PR number from pull_request event. You can achieve this by echoing data from event to file and upload it as artifact:
And then…
In a separate workflow with workflow_run trigger you need to:
download artifact from workflow that triggered the current workflow
read it to workflow data
get PR data via github rest api
checkout repo (from fork)
fetch base branch from upstream - this is important step! If you won’t do it, your “new lines of code” metric will be broken if fork has not synchronized base branch (and who do it nowdays?)
and at last - run analysis on push or on pull request grabbing all collected data
There is some room for improvement (fetch only selected branch from upstream, protect from pr from branch with the same name as base branch), but I hope this will help someone.
Thanks so much for sharing this @nixel2007 as I was stuck implementing the suggestions above!
I am almost there, but I am a bit stuck with one part which maybe you can help me with.
I’ve created the sonar.yml in the default branch:
I made some tweaks as we needed to specify some args and use a properties file for that, but otherwise it’s the same as yours without the platform-specific stuff, I think (as best I can tell, I’m no expert with GitHub Actions and not a developer!)
Then I have a PR I’m using to test which introduces the properties file and adds the parts to the tests.yml file we already have:
This is working great, it’s saving the PR number to the text file, and sonar.yml is picking this up.
The bit where I am struggling is that when it runs the scan on PR for example, it’s throwing up this error:
Warning: Unexpected input(s) ‘number’, ‘full_name’, valid inputs are [‘route’, ‘mediaType’]
It seems like it’s actually getting the information but maybe not in the right order? I’m not sure:
Run octokit/request-action@v2.x
with:
route: GET /repos/{full_name}/pulls/{number}
number: 13
full_name: RCheesley/mautic
mediaType: {}
env:
GITHUB_TOKEN: ***
GET /repos/{full_name}/pulls/{number}
> number: 13
> full_name: RCheesley/mautic
> mediaType: [object Object]
(node:1740) [DEP0005] DeprecationWarning: Buffer() is deprecated due to security and usability issues. Please use the Buffer.alloc(), Buffer.allocUnsafe(), or Buffer.from() methods instead.
< 200 346ms
On the PR the GitHub Actions I have reporting are showing like this:
Obvs as this is running on my own fork I had to make quite some tweaks to some of the files as we restrict our actions to running only on our main repo and our private security repo, and had to hard-code a couple of path changes to work on my own fork while I figured it out.
