This is an automated email from the ASF dual-hosted git repository.
jleroux pushed a commit to branch trunk
in repository https://gitbox.apache.org/repos/asf/ofbiz-framework.git
The following commit(s) were added to refs/heads/trunk by this push:
new 15923dd14a Deletes sonarcloud yml and properties
15923dd14a is described below
commit 15923dd14a326a091a30f695979a42eb02f6272b
Author: Jacques Le Roux <jacques.le.r...@les7arts.com>
AuthorDate: Sun Mar 10 10:37:34 2024 +0100
Deletes sonarcloud yml and properties
It needs
-Dsonar.projectKey=
-Dsonar.organization=
and that depends on Infra. Now that we have GH codeQL working we can forget
sonarcloud
---
.github/workflows/sonarcloud.yml | 68 ----------------------------------------
.sonarcloud.properties | 3 --
2 files changed, 71 deletions(-)
diff --git a/.github/workflows/sonarcloud.yml b/.github/workflows/sonarcloud.yml
deleted file mode 100644
index 802d0b401d..0000000000
--- a/.github/workflows/sonarcloud.yml
+++ /dev/null
@@ -1,68 +0,0 @@
-# This workflow uses actions that are not certified by GitHub.
-# They are provided by a third-party and are governed by
-# separate terms of service, privacy policy, and support
-# documentation.
-
-# This workflow helps you trigger a SonarCloud analysis of your code and
populates
-# GitHub Code Scanning alerts with the vulnerabilities found.
-# Free for open source project.
-
-# 1. Login to SonarCloud.io using your GitHub account
-
-# 2. Import your project on SonarCloud
-# * Add your GitHub organization first, then add your repository as a new
project.
-# * Please note that many languages are eligible for automatic analysis,
-# which means that the analysis will start automatically without the
need to set up GitHub Actions.
-# * This behavior can be changed in Administration > Analysis Method.
-#
-# 3. Follow the SonarCloud in-product tutorial
-# * a. Copy/paste the Project Key and the Organization Key into the args
parameter below
-# (You'll find this information in SonarCloud. Click on "Information"
at the bottom left)
-#
-# * b. Generate a new token and add it to your Github repository's secrets
using the name SONAR_TOKEN
-# (On SonarCloud, click on your avatar on top-right > My account >
Security
-# or go directly to https://sonarcloud.io/account/security/)
-
-# Feel free to take a look at our documentation
(https://docs.sonarcloud.io/getting-started/github/)
-# or reach out to our community forum if you need some help
(https://community.sonarsource.com/c/help/sc/9)
-
-name: SonarCloud analysis
-
-on:
- push:
- branches: [ "trunk", "release*" ]
- pull_request:
- branches: [ "trunk" ]
- workflow_dispatch:
-
-permissions:
- pull-requests: read # allows SonarCloud to decorate PRs with analysis results
-
-jobs:
- Analysis:
- runs-on: ubuntu-latest
-
- steps:
- - name: Analyze with SonarCloud
-
- # You can pin the exact commit or the version.
- # uses:
SonarSource/sonarcloud-github-action@de2e56b42aa84d0b1c5b622644ac17e505c9a049
- uses:
SonarSource/sonarcloud-github-action@de2e56b42aa84d0b1c5b622644ac17e505c9a049
- env:
- GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR
information
- SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} # Generate a token on
Sonarcloud.io, add it to the secrets of this repo with the name SONAR_TOKEN
(Settings > Secrets > Actions > add new repository secret)
- with:
- # Additional arguments for the sonarcloud scanner
- args:
- # Unique keys of your project and organization. You can find them
in SonarCloud > Information (bottom-left menu)
- # mandatory
- -Dsonar.projectKey=
- -Dsonar.organization=
- # Comma-separated paths to directories containing main source
files.
- #-Dsonar.sources= # optional, default is project base directory
- # When you need the analysis to take place in a directory other
than the one from which it was launched
- #-Dsonar.projectBaseDir= # optional, default is .
- # Comma-separated paths to directories containing test source
files.
- #-Dsonar.tests= # optional. For more info about Code Coverage,
please refer to https://docs.sonarcloud.io/enriching/test-coverage/overview/
- # Adds more detail to both client and server-side analysis logs,
activating DEBUG mode for the scanner, and adding client-side environment
variables and system properties to the server-side log of analysis report
processing.
- #-Dsonar.verbose= # optional, default is false
diff --git a/.sonarcloud.properties b/.sonarcloud.properties
deleted file mode 100644
index 8e09d226c4..0000000000
--- a/.sonarcloud.properties
+++ /dev/null
@@ -1,3 +0,0 @@
-
-# Exclude jquery files stored to the ofbiz-framework repository. These appear
to cause warning around code duplication.
-sonar.exclusions=themes/common-theme/webapp/common-theme/js/jquery/**/*
