I am using Sonarqube with Github Actions. I have found a problem when using the sonarqube-scan-action when the workflow trigger is not pull_request.
I have configured a comment trigger for my Sonar Scan by using the issue_comment (types: created) trigger. This is a trigger that executes the workflow whenever a PR or Issue receives a new comment.
Whenever the workflow executes via this trigger the PR autoconfiguration does not work properly and sonarqube-scan-action proceeds to scan the default main branch from the repo. This is because by default issue_comment events execute the workflow via the main branch and not directly on the target PR.
We can circumvent this by manually checking out the repo on the PR:
- name: Check out repo
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Checkout PR Branch
run: |
gh pr checkout ${{ github.event.issue.number }}
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: SonarQube Scan
uses: sonarsource/sonarqube-scan-action@master
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
Even though we are locally checked into the PR, the scanner action still scans the main branch and does not detect the PR so no results can be seen there.
Is there any way to force the PR configuration on the sonarqube-scan-action to take my target PR, scan the correct code and set the results?
This would also be necessary for the quality gate action: GitHub - SonarSource/sonarqube-quality-gate-action.
Versions:
- SonarQube: v10.6 (92116)
- Sonar Scan Action: latest (master)
- Sonar Quality Gate Action: latest (master)