-
Notifications
You must be signed in to change notification settings - Fork 3
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Run sonar scan in separate job #322
Conversation
This allows to run add sonar-specific conditions (e.g. not running the scan with dependabot) at a job level, rather than doing it for each step.
The latest updates on your projects. Learn more about Vercel for Git ↗︎
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I agree the upload is still conditional, so have we really gained enough? The separation is good but we still have a conditional in the main workflow steps and we've added the artifact upload, download and an additional checkout.
I really appreciate the effort in getting Sonar embedded into the CI process and investigating these options, but ultimately, I think it is up to the devtools team to decide what suits you best for maintaining it.
I would say that moving sonar to an isolated job is a first step towards moving it to a shared workflow, so I think even if the gain is minimal here, it is going in the right direction. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM with minor suggestion
# Sonar analysis needs the full history for features like automatic assignment of bugs. If the following step | ||
# is not included the project will show a warning about incomplete information. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I was suggesting a minor change to this comment as it no longer refers to a separate step, just the parameter. Perhaps instead of my previous suggestion, the simplest change would be from following step
to following option
.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
One minor improvement, but LGTM
.github/workflows/ci.yml
Outdated
- uses: actions/upload-artifact@v3 | ||
if: ${{ matrix.os == 'ubuntu-latest' && matrix.node-version == '16.x' }} | ||
with: | ||
name: code-coverage |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
perhaps:
name: code-coverage | |
name: code-coverage-${matrix.os}-${matrix.node-version} |
This allows to run add sonar-specific conditions (e.g. not running the scan with dependabot) at a job level, rather than doing it for each step.