Skip to content

BUILD-9094 local action #87

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
wants to merge 3 commits into
base: master
Choose a base branch
from
Draft

BUILD-9094 local action #87

wants to merge 3 commits into from

Conversation

julien-carsique-sonarsource
Copy link
Contributor

@julien-carsique-sonarsource julien-carsique-sonarsource commented Sep 10, 2025
edited by atlassian bot
Loading

@julien-carsique-sonarsource julien-carsique-sonarsource force-pushed the fix/jcarsique/BUILD-9094-localAction branch 12 times, most recently from 2e95f73 to 55dd5d8 Compare September 11, 2025 07:59
@julien-carsique-sonarsource julien-carsique-sonarsource force-pushed the fix/jcarsique/BUILD-9094-localAction branch 9 times, most recently from 64e0c49 to a508ace Compare September 19, 2025 17:03
@julien-carsique-sonarsource julien-carsique-sonarsource force-pushed the fix/jcarsique/BUILD-9094-localAction branch from a508ace to a2e7664 Compare October 17, 2025 15:47
github-advanced-security[bot]
github-advanced-security bot found potential problems Oct 17, 2025
View reviewed changes
get-build-number/action.yml
- id: setup
shell: bash
run: |
script_path="${{ inputs.SCRIPT_PATH }}"

Check failure

Code scanning / SonarCloud

GitHub Actions should not be vulnerable to script injections High

Change this action to not use user-controlled data directly in a run block. See more on SonarQube Cloud
@sonarqubecloud SonarQubeCloud
Copy link

🤖 Pull Request summary

Updates GitHub Actions to support dynamic script path resolution for shared actions.

Key changes to review:

  • Added SCRIPT_PATH input parameter to get-build-number action
  • Introduced symbolic link creation in .actions directory for action reusability
  • Added extensive debug logging (likely temporary for troubleshooting)
  • Modified script execution to use dynamic path resolution

Start review with: get-build-number/action.yml

💬 Please send your feedback

Quality Gate Failed Quality Gate failed

Failed conditions
1 New issue

See analysis details on SonarQube Cloud

Catch issues before they fail your Quality Gate with our IDE extension SonarQube for IDE

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@julien-carsique-sonarsource