workflow.yml
name: SCA-TEST0306 - DIFF ONLY
on:
pull_request:
branches:
- TEST-0306
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: Checkout pull request branch
uses: actions/checkout@v2
with:
ref: ${{ github.event.pull_request.head.ref }}
- name: Fetch repository
run: git fetch
- name: Get diff of code changes
run: git diff --name-only origin/${{ github.event.pull_request.base.ref }} -- ${{ github.event.pull_request.head.ref }} > files_changed.txt
- name: Sonar Scan
uses: docker://sonarsource/sonar-scanner-cli:latest
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
In properties file:
sonar.projectKey=**********
sonar.exclusions=force-app/main/default/staticresources/**, force-app/main/default/contentassets/**, lib/**, config/**, LICENSE/**, Release Folders/**, scripts/**, **/.png**/.jgp,**/.jpeg,**/.jar,**/.svg,**/.tar,**/.zip
sonar.inclusions=$(cat files_changed.txt | tr '\n' ',')
SONAR_RUNNER_OPTS="-Xmx3062m -XX:MaxPermSize=512m -XX:ReservedCodeCacheSize=128m"
During scan it says:
INFO: SCM collecting changed files in the branch (done) | time=224ms
INFO: Indexing files...
INFO: Project configuration:
INFO: Included sources: $(cat files_changed.txt | tr '
' ', ')
INFO: Excluded sources: force-app/main/default/staticresources/**, force-app/main/default/contentassets/**, lib/**, config/**, LICENSE/**, Release Folders/**, scripts/**, **/.png**/.jgp, **/.jpeg, **/.jar, **/.svg, **/.tar, **/.zip
INFO: Excluded sources for coverage: sonar.coverage.exclusions=**/*.*
INFO: 0 files indexed
INFO: 250910 files ignored because of inclusion/exclusion patterns
INFO: 0 files ignored because of scm ignore settings
Hi Everyone, Can you please help me where I am going wrong ?
My goal is to do analysis on changes part of the commit only on my PR