diff --git a/.gitea/workflows/quality.yml b/.gitea/workflows/quality.yml index d983132..73675ed 100644 --- a/.gitea/workflows/quality.yml +++ b/.gitea/workflows/quality.yml @@ -29,13 +29,16 @@ jobs: - name: Checkout Code uses: actions/checkout@v3 + # Pass URL/token via env (scanner reads SONAR_HOST_URL / SONAR_TOKEN). Keeps secrets out of + # the rewritten run script and avoids WDIPL-Runner still resolving wrong secret names in -D lines. - name: Run SonarQube Scan + env: + SONAR_HOST_URL: ${{ secrets.SONARQUBE_HOST }} + SONAR_TOKEN: ${{ secrets.SONARQUBE_TOKEN }} run: | sonar-scanner \ -Dsonar.projectKey=${{ inputs.project_key }} \ -Dsonar.projectName=${{ inputs.project_key }} \ -Dsonar.sources=. \ - -Dsonar.host.url=${{ secrets.SONARQUBE_HOST }} \ - -Dsonar.token=${{ secrets.SONARQUBE_TOKEN }} \ -Dsonar.exclusions=node_modules/**,dist/**,coverage/** \ -Dsonar.qualitygate.wait=${{ inputs.wait_for_quality_gate == true || inputs.wait_for_quality_gate == 'true' }} \ No newline at end of file diff --git a/.gitea/workflows/qualitytest.yml b/.gitea/workflows/qualitytest.yml index a1ca2b9..056bfd5 100644 --- a/.gitea/workflows/qualitytest.yml +++ b/.gitea/workflows/qualitytest.yml @@ -24,12 +24,13 @@ jobs: - uses: actions/checkout@v3 - name: Run SonarQube Scan (with Quality Gate) + env: + SONAR_HOST_URL: ${{ secrets.SONARQUBE_HOST }} + SONAR_TOKEN: ${{ secrets.SONARQUBE_TOKEN }} run: | sonar-scanner \ -Dsonar.projectKey=${{ inputs.project_key }} \ -Dsonar.projectName=${{ inputs.project_key }} \ -Dsonar.sources=. \ - -Dsonar.host.url=${{ secrets.SONARQUBE_HOST }} \ - -Dsonar.token=${{ secrets.SONARQUBE_TOKEN }} \ -Dsonar.exclusions=node_modules/**,dist/**,coverage/** \ -Dsonar.qualitygate.wait=false \ No newline at end of file