Skip to content

Commit 0b11825

Browse files
arielr-ltAriel Rolfo
andauthored
Skip SonarQube scan for Dependabot PRs (#1023)
Dependabot PRs don't have access to repository secrets, so SONAR_TOKEN is always empty and the scan fails. Skip it for dependabot[bot] actor. Co-authored-by: Ariel Rolfo <arielr-lt+username@users.noreply.github.com>
1 parent 02b7fc0 commit 0b11825

1 file changed

Lines changed: 1 addition & 1 deletion

File tree

.github/workflows/test.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -73,7 +73,7 @@ jobs:
7373

7474
- name: SonarQube scan
7575
uses: sonarsource/sonarqube-scan-action@v6.0.0
76-
if: always()
76+
if: always() && github.actor != 'dependabot[bot]'
7777
env:
7878
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
7979
SONAR_HOST_URL: ${{ vars.SONAR_HOST_URL }}

0 commit comments

Comments
 (0)