Must-share information (formatted with Markdown):
-
which versions are you using (SonarQube, Scanner, Plugin, and any relevant extension)
We are leveraging Sonar marketplace action - Official SonarQube Scan · Actions · GitHub Marketplace -
what are you trying to achieve
We are trying to implement Github action for SonarScan -
what have you tried so far to achieve this
We have leverage SonarMarket place action available for Github to achieve this.
Only issue is - Sonar action use docker container to perform the step which run as root. There are 2 issues - 1. Security risk 2. It is not able to cleanup the file causing issues for job.
Thanks