Skip to content

Commit 9b45135

Browse files
committed
Incorporate feedback from an internal team
1 parent a22451b commit 9b45135

3 files changed

Lines changed: 10 additions & 4 deletions

File tree

.github/actions/perform-static-analysis/action.yaml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -15,5 +15,6 @@ runs:
1515
shell: bash
1616
if: steps.check.outputs.secret_exist == 'true'
1717
run: |
18+
export BRANCH_NAME=${GITHUB_HEAD_REF:-$(echo $GITHUB_REF | sed 's#refs/heads/##')}
1819
export SONAR_TOKEN=${{ inputs.sonar_token }}
1920
./scripts/reports/perform-static-analysis.sh

.github/actions/scan-dependencies/action.yaml

Lines changed: 6 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -24,7 +24,9 @@ runs:
2424
steps:
2525
- name: "Generate SBOM"
2626
shell: bash
27-
run: BUILD_DATETIME=${{ inputs.build_datetime }} ./scripts/reports/generate-sbom.sh
27+
run: |
28+
export BUILD_DATETIME=${{ inputs.build_datetime }}
29+
./scripts/reports/generate-sbom.sh
2830
- name: "Compress SBOM report"
2931
shell: bash
3032
run: zip sbom-report.json.zip sbom-report.json
@@ -35,7 +37,9 @@ runs:
3537
path: ./sbom-report.json.zip
3638
- name: "Scan vulnerabilities"
3739
shell: bash
38-
run: BUILD_DATETIME=${{ inputs.build_datetime }} ./scripts/reports/scan-vulnerabilities.sh
40+
run: |
41+
export BUILD_DATETIME=${{ inputs.build_datetime }}
42+
./scripts/reports/scan-vulnerabilities.sh
3943
- name: "Compress vulnerabilities report"
4044
shell: bash
4145
run: zip vulnerabilities-report.json.zip vulnerabilities-report.json

scripts/reports/perform-static-analysis.sh

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -9,7 +9,8 @@ set -e
99
# $ ./perform-static-analysis.sh
1010
#
1111
# Expects:
12-
# SONAR_TOKEN=token # SonarCloud token
12+
# BRANCH_NAME=branch-name # Branch to report on
13+
# SONAR_TOKEN=token # SonarCloud token
1314
#
1415
# Options:
1516
# VERBOSE=true # Show all the executed commands, default is `false`
@@ -33,7 +34,7 @@ function create-report() {
3334
--volume $PWD:/usr/src \
3435
sonarsource/sonar-scanner-cli:$image_version \
3536
-Dproject.settings=/usr/src/scripts/config/sonar-scanner.properties \
36-
-Dsonar.branch.name="$(git rev-parse --abbrev-ref HEAD)" \
37+
-Dsonar.branch.name="${BRANCH_NAME:-$(git rev-parse --abbrev-ref HEAD)}" \
3738
-Dsonar.token="$(echo $SONAR_TOKEN)"
3839
}
3940

0 commit comments

Comments
 (0)