Hi, we are using Sonarcloud also with our open source project JUnit pioneer.
There is the option, that Sonarcloud comments on a MR see Add timeout to main build (#322) by beatngu13 · Pull Request #323 · junit-pioneer/junit-pioneer · GitHub . But overall the configuration has some downsides with forks.
- you need to provide the token for forks, hence that you can not store it in a secret.
- if somebody in a fork opens a pr within this fork, you might get a comment on the main repository with an pull request with the same ID (quiet annoying, thats why we turned off this information)
- you can also wait for the quality gate to fail when you run a github action, so you get some kind of breaking build.
I hope this helps a little bit 