This is an automated email from the ASF dual-hosted git repository.
tuhaihe pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/cloudberry.git
The following commit(s) were added to refs/heads/main by this push:
new e4805bda61d CI: fix SonarQube action to use ASF-approved pinned version
e4805bda61d is described below
commit e4805bda61dc56588ea1ce6ef3312d6e3e114b72
Author: Dianjin Wang <[email protected]>
AuthorDate: Mon Jul 13 14:06:30 2026 +0800
CI: fix SonarQube action to use ASF-approved pinned version
The sonarqube workflow failed because `@v6` of both
SonarSource/sonarqube-scan-action and its install-build-wrapper
sub-action are not in the ASF allowed actions list.
Pin both actions to commit 713881670b6b3676cda39549040e2d88c70d582e
(v8.2.0), the latest approved version from
apache/infrastructure-actions/actions.yml that has no expiry
constraint.
---
.github/workflows/sonarqube.yml | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/.github/workflows/sonarqube.yml b/.github/workflows/sonarqube.yml
index 126b00a8d68..7abd2c258d1 100644
--- a/.github/workflows/sonarqube.yml
+++ b/.github/workflows/sonarqube.yml
@@ -83,7 +83,7 @@ jobs:
fi
- name: Install Build Wrapper
- uses: SonarSource/sonarqube-scan-action/install-build-wrapper@v6
+ uses:
SonarSource/sonarqube-scan-action/install-build-wrapper@713881670b6b3676cda39549040e2d88c70d582e
# v8.2.0
- name: Run Build Wrapper
run: |
@@ -123,7 +123,7 @@ jobs:
- name: SonarQube Scan
if: ${{ github.event_name != 'pull_request' }}
- uses: SonarSource/sonarqube-scan-action@v6
+ uses:
SonarSource/sonarqube-scan-action@713881670b6b3676cda39549040e2d88c70d582e #
v8.2.0
env:
SONAR_TOKEN: ${{ secrets.SONARCLOUD_TOKEN }}
with:
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]