From f8f81b2ffeaa1b409cfa0fc3ee5a82d50beee50d Mon Sep 17 00:00:00 2001
From: carmithersh <carmith@jfrog.com>
Date: Sun, 9 Feb 2025 17:41:42 +0200
Subject: [PATCH] CCS-4 create sonar evidence only on successfull analysis
 result

---
 .github/workflows/sonar-evidence-example.yml | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/sonar-evidence-example.yml b/.github/workflows/sonar-evidence-example.yml
index 042385a..a75aa54 100644
--- a/.github/workflows/sonar-evidence-example.yml
+++ b/.github/workflows/sonar-evidence-example.yml
@@ -49,6 +49,7 @@ jobs:
           distribution: 'temurin' # You can also use 'temurin', 'zulu', etc.
 
       - name: Run SonarScanner
+        id: run-sonar-scanner
         env:
           SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
         run: |
@@ -63,7 +64,14 @@ jobs:
           ./examples/sonar-scan-example/bin/sonar-scan-extractor-linux-amd64  --reportTaskFile=$PWD/.scannerwork/report-task.txt --FailOnAnalysisFailure > predicate.json || true
           EXIT_CODE=$?
           echo "Sonar scan extractor exist code: $EXIT_CODE"
-          echo "::set-output name=create_sonar_evidence::$EXIT_CODE"
+          echo "Sonar scan report:"
+          cat $PWD/.scannerwork/report-task.txt
+          echo "Sonar scan extractor output:" 
+          cat predicate.json
+          echo "Sonar scan extractor log:" 
+          cat sonar-scan.log
+          
+          echo echo "create-sonar-evidence=$EXIT_CODE" >> $GITHUB_OUTPUT 
           
 
       - name: Log in to Artifactory Docker Registry
@@ -100,7 +108,7 @@ jobs:
         
 
       - name: Create evidence
-        if: ${{ steps.run-sonar-scanner.outputs.exit_code }}
+        if: ${{ steps.run-sonar-scanner.outputs.create-sonar-evidence == 0 }}
         run: |          
           # Attach evidence onto build using JFrog CLI                
           jf evd create \