Update code-linting.yml

micro5k · Jan 29, 2025 · 54d5af5 · 54d5af5
1 parent cd5604c
commit 54d5af5
Showing 1 changed file with 5 additions and 51 deletions.
diff --git a/.github/workflows/code-linting.yml b/.github/workflows/code-linting.yml
@@ -29,61 +29,15 @@ jobs:
       - name: "JSON and YAML - Validator"
         uses: GrantBirki/json-yaml-validate@v3
 
-  codacy:
-    name: "Codacy"
+  sonarqube:
+    name: "SonarQube"
     if: "${{ github.ref == 'refs/heads/main' && github.event_name != 'pull_request' && github.repository_owner == 'micro5k' }}"
     runs-on: ubuntu-latest
-    concurrency:
-      group: "${{ github.repository_id }}-${{ github.workflow }}-codacy"
-      cancel-in-progress: true
-    permissions:
-      security-events: write
 
     steps:
       - name: "Checkout sources"
         uses: actions/checkout@v4
-      - name: "Run Codacy analysis"
-        uses: codacy/codacy-analysis-cli-action@v4
         with:
-          # Check https://github.com/codacy/codacy-analysis-cli#project-token to get your project token from your Codacy repository
-          # You can also omit the token and run the tools that support default configurations
-          # project-token: ${{ secrets.CODACY_PROJECT_TOKEN }}
-          verbose: true
-          output: results.sarif
-          format: sarif
-          # Adjust severity of non-security issues
-          gh-code-scanning-compat: true
-          # Force 0 exit code to allow SARIF file generation
-          # This will hand over control about PR rejection to the GitHub side
-          max-allowed-issues: 2147483647
-          upload: false
-      - name: "Upload SARIF results file"
-        uses: github/codeql-action/upload-sarif@v3
-        with:
-          sarif_file: "results.sarif"
-          category: "Codacy"
-
-  sonarcloud:
-    name: "SonarCloud"
-    if: "${{ github.ref == 'refs/heads/main' && github.event_name != 'pull_request' && github.repository_owner == 'micro5k' }}"
-    runs-on: ubuntu-latest
-
-    steps:
-      - name: "Checkout sources"
-        uses: actions/checkout@v4
-        with:
-          fetch-depth: "0"
-      - name: "Remove build.gradle"
-        shell: bash
-        run: |
-          # Removing build.gradle...
-          rm -f build.gradle
-      - name: "Run SonarCloud scan"
-        uses: SonarSource/sonarcloud-github-action@v4
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any
-          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
-        # with:
-        #   args: >
-        #     -Dsonar.exclusions=build.gradle
-        #     -Dsonar.verbose=true
+          fetch-depth: "0" # Shallow clones should be disabled for a better relevancy of analysis
+      - name: "SonarQube scan"
+        uses: SonarSource/sonarqube-scan-action@v4