GitHub Actions: Don't trigger SonarCloud for PRs but workflow_dispatch

They turns green if the PR comes from an outside collaborator because all steps are skipped if the SONAR_TOKEN is not set. I'd rather not run static analysis on PRs overall than having it turn out green.
2025-02-02 20:51:27 +01:00 · 2023-05-07 19:00:12 +02:00 · 2023-05-07 19:00:12 +02:00 · fa355cbdcc
commit fa355cbdcc
parent f00f157bfb
1 changed files with 2 additions and 7 deletions
--- a/.github/workflows/sonarcloud.yml
+++ b/.github/workflows/sonarcloud.yml
@ -2,9 +2,8 @@ name: SonarCloud

 on:
  push:
-    branches: [ master, development, development-v3 ]
-  pull_request:
-    types: [ opened, synchronize, reopened ]
+    branches: [ master, development ]
+  workflow_dispatch:

 permissions: read-all

@ -18,23 +17,19 @@ jobs:

    steps:
      - uses: actions/checkout@v3
-        if: ${{ env.SONAR_TOKEN != null }}
        with:
          fetch-depth: 0

      - name: Prepare Workspace
-        if: ${{ env.SONAR_TOKEN != null }}
        uses: ./.github/actions/setup_project_workspace

      - name: 'Cache: SonarCloud'
-        if: ${{ env.SONAR_TOKEN != null }}
        uses: actions/cache@v3
        with:
          path: ~/.sonar/cache
          key: ${{ runner.os }}-sonar

      - name: Analyze project
-        if: ${{ env.SONAR_TOKEN != null }}
        run: >
          mvn -B \
            verify \