Run sonar scan in separate job #322
Conversation
This allows to run add sonar-specific conditions (e.g. not running the scan with dependabot) at a job level, rather than doing it for each step.
|
The latest updates on your projects. Learn more about Vercel for Git ↗︎
|
NSeydoux
changed the title
There was a problem hiding this comment.
I agree the upload is still conditional, so have we really gained enough? The separation is good but we still have a conditional in the main workflow steps and we've added the artifact upload, download and an additional checkout.
I really appreciate the effort in getting Sonar embedded into the CI process and investigating these options, but ultimately, I think it is up to the devtools team to decide what suits you best for maintaining it.
|
I would say that moving sonar to an isolated job is a first step towards moving it to a shared workflow, so I think even if the gain is minimal here, it is going in the right direction. |
| # Sonar analysis needs the full history for features like automatic assignment of bugs. If the following step | ||
| # is not included the project will show a warning about incomplete information. |
There was a problem hiding this comment.
I was suggesting a minor change to this comment as it no longer refers to a separate step, just the parameter. Perhaps instead of my previous suggestion, the simplest change would be from following step to following option.
.github/workflows/ci.yml
Outdated
| - uses: actions/upload-artifact@v3 | ||
| if: ${{ matrix.os == 'ubuntu-latest' && matrix.node-version == '16.x' }} | ||
| with: | ||
| name: code-coverage |
There was a problem hiding this comment.
perhaps:
| name: code-coverage | |
| name: code-coverage-${matrix.os}-${matrix.node-version} |
This allows to run add sonar-specific conditions (e.g. not running the scan with dependabot) at a job level, rather than doing it for each step.