gnodet commented on PR #22346: URL: https://github.com/apache/camel/pull/22346#issuecomment-4175665408
Apologies for the confusion with CAMEL-22752 — I missed that it had been closed. That said, I think this PR is actually a direct implementation of what CAMEL-23274 describes. The two-workflow `workflow_run` pattern (used by Apache Ignite and Kvrocks) addresses the main constraints you identified: - **Token security**: the `SONAR_TOKEN` is only used in the second workflow, which runs in the main repo context via `workflow_run` — fork code never has access to it - **Execution time**: tested end-to-end on [gnodet/camel#10](https://github.com/gnodet/camel/pull/10) — build ~12 min, scan ~16 min (~28 min total, not hours) - **Infrastructure**: uses the existing SonarCloud project (`apache_camel`) and `SONAR_TOKEN` secret — no Docker/local server needed Happy to discuss if you see issues with this approach or if the priority doesn't justify it right now. This is a draft PR, so no rush. _Claude Code on behalf of Guillaume Nodet_ -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
