Skip to content
I2::Dev::Sonar-Dojo

I2::Dev::Sonar-Dojo #3

Sign in to view logs

I2::Dev::Sonar-Dojo

I2::Dev::Sonar-Dojo #3

Workflow file for this run

.github/workflows/iroha2-dev-sonar-dojo.yml at aaeab13
name: I2::Dev::Sonar-Dojo
on:
workflow_run:
workflows: ["I2::Dev::Tests"]
types: [completed]
concurrency:
group: ${{ github.workflow }}-${{ github.actor }}
cancel-in-progress: true
jobs:
sonarqube-defectdojo:

Check failure on line 13 in .github/workflows/iroha2-dev-sonar-dojo.yml

View workflow run for this annotation

GitHub Actions / I2::Dev::Sonar-Dojo

Invalid workflow file 

The workflow is not valid. .github/workflows/iroha2-dev-sonar-dojo.yml (Line: 13, Col: 3): The workflow must contain at least one job with no dependencies.
if: ${{ always() }}
needs: [workspace_analysis_clippy, with_coverage]
runs-on: ubuntu-latest
container:
image: hyperledger/iroha2-ci:nightly-2024-04-18
steps:
- uses: actions/checkout@v4
- name: Download clippy and lcov artifact reports
uses: actions/download-artifact@v4
with:
path: lints
merge-multiple: true
run-id: ${{ github.event.workflow_run.id }}
github-token: ${{ secrets.GITHUB_TOKEN }}
- name: SonarQube
uses: sonarsource/sonarqube-scan-action@master
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
with:
args: >
-Dcommunity.rust.clippy.reportPaths=lints/clippy.json
-Dcommunity.rust.lcov.reportPaths=lints/lcov.info
- name: DefectDojo
id: defectdojo
uses: C4tWithShell/[email protected]
with:
token: ${{ secrets.DEFECTOJO_TOKEN }}
defectdojo_url: ${{ secrets.DEFECTOJO_URL }}
product_type: iroha2
engagement: ${{ github.ref_name }}
tools: "SonarQube API Import,Github Vulnerability Scan"
sonar_projectKey: hyperledger:iroha
github_token: ${{ secrets.GITHUB_TOKEN }}
github_repository: ${{ github.repository }}
product: ${{ github.repository }}
environment: Test
reports: '{"Github Vulnerability Scan": "github.json"}'