galovics commented on PR #2307: URL: https://github.com/apache/fineract/pull/2307#issuecomment-1114789308
@ptuomola @vidakovic just a note for you guys since you've probably seen that the Sonarqube builds for PRs are failing. Here's the reason why: upon a fork PR's GH Action, the action doesn't have access to the repo's configured secrets and this is mentioned in the GH docs: ``` Note: With the exception of GITHUB_TOKEN, secrets are not passed to the runner when a workflow is triggered from a forked repository. ``` Meaning that the Sonarqube related secrets (including the token as well) are inaccessible unless the forkee's repo has the same set of secrets. I limited the sonarqube action to run after a PR merge and only on the develop branch for now. A proper solution would be to go back to Travis (or to any other external system where the secrets are not managed by GH) and run the sonar scan there but we gotta be careful not running into the same walls as originally; like with Travis, build slowness with the free pricing plan. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
