Skip to content

Commit 7c736c9

Browse files
samatstariongroupsamatstariongroup
committed
[Update] GH action to avoid secret expanding secrets in the run blocks
1 parent a58d0ef commit 7c736c9

1 file changed

Lines changed: 3 additions & 4 deletions

File tree

.github/workflows/CodeQuality.yml

Lines changed: 3 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -31,11 +31,10 @@ jobs:
3131

3232
- name: Sonarqube Begin
3333
env:
34-
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any
3534
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
3635
run: |
3736
dotnet tool install --global dotnet-sonarscanner
38-
dotnet sonarscanner begin /k:"STARIONGROUP_EcoreNetto" /o:"stariongroup" /d:sonar.token="${{ secrets.SONAR_TOKEN }}" /d:sonar.host.url="https://sonarcloud.io" /d:sonar.cs.opencover.reportsPaths="./CoverageResults/coverage.opencover.xml"
37+
dotnet sonarscanner begin /k:"STARIONGROUP_EcoreNetto" /o:"stariongroup" /d:sonar.token="$SONAR_TOKEN" /d:sonar.host.url="https://sonarcloud.io" /d:sonar.cs.opencover.reportsPaths="./CoverageResults/coverage.opencover.xml"
3938
4039
- name: Build
4140
run: dotnet build --no-restore /p:ContinuousIntegrationBuild=true
@@ -44,6 +43,6 @@ jobs:
4443
run: dotnet test EcoreNetto.sln --no-restore --no-build --verbosity normal /p:CollectCoverage=true /p:CoverletOutput="../CoverageResults/" /p:MergeWith="../CoverageResults/coverage.json" /p:CoverletOutputFormat=\"opencover,json\"
4544

4645
- name: Sonarqube end
47-
run: dotnet sonarscanner end /d:sonar.login="${{ secrets.SONAR_TOKEN }}"
4846
env:
49-
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
47+
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
48+
run: dotnet sonarscanner end /d:sonar.login="$GITHUB_TOKEN"

0 commit comments

Comments
 (0)