Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
25 changes: 8 additions & 17 deletions .github/workflows/sonar.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -16,30 +16,21 @@
- uses: actions/checkout@v4
with:
fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis
- name: Install sonar-scanner and build-wrapper
env:
SONAR_HOST_URL: ${{secrets.SONAR_HOST_URL}}
uses: SonarSource/sonarqube-github-c-cpp@v1
- name: Set up JDK 17
uses: actions/setup-java@v2
with:
java-version: '17'
distribution: 'temurin'
- name: Set up Node.js
uses: actions/setup-node@v4
with:
node-version: '18'
- name: Install Build Wrapper
uses: SonarSource/sonarqube-scan-action/install-build-wrapper@v7.0.0

Check warning on line 20 in .github/workflows/sonar.yaml

View check run for this annotation

Sonar-Nautilus / SonarQube Code Analysis

Use full commit SHA hash for this dependency.

[S7637] Using external GitHub actions and workflows without a commit reference is security-sensitive See more on https://nautilus.sonarqube.org/project/issues?id=SonarSource-Demos_opencv&pullRequest=3&issues=bbae2dce-7ce9-46a2-8752-9a638063f1cf&open=bbae2dce-7ce9-46a2-8752-9a638063f1cf
- name: Run build-wrapper
run: |
rm -rf build
mkdir build
cd build
cmake ..
cmake -DCMAKE_BUILD_TYPE=Release -DCMAKE_EXPORT_COMPILE_COMMANDS=ON .
cmake -DCMAKE_BUILD_TYPE=Release -DCMAKE_EXPORT_COMPILE_COMMANDS=ON -DBUILD_JAVA=OFF -DBUILD_opencv_java=OFF .
cd ..
- name: Run sonar-scanner
- name: Run SonarQube scan
uses: SonarSource/sonarqube-scan-action@v7.0.0

Check warning on line 30 in .github/workflows/sonar.yaml

View check run for this annotation

Sonar-Nautilus / SonarQube Code Analysis

Use full commit SHA hash for this dependency.

[S7637] Using external GitHub actions and workflows without a commit reference is security-sensitive See more on https://nautilus.sonarqube.org/project/issues?id=SonarSource-Demos_opencv&pullRequest=3&issues=300cd175-b4ce-4b70-bc17-74810a6b324b&open=300cd175-b4ce-4b70-bc17-74810a6b324b
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
SONAR_HOST_URL: ${{secrets.SONAR_HOST_URL}}
run: |
sonar-scanner
with:
args: >
-X
2 changes: 1 addition & 1 deletion sonar-project.properties
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
sonar.projectKey=SonarSource-Demos_opencv_552f564f-bcdb-47eb-abb2-4ba7feb428ee
sonar.projectKey=SonarSource-Demos_opencv
sonar.cfamily.compile-commands=build/compile_commands.json
sonar.exclusions=**/*.java