Skip to content

fix: SonarCloud for forks #27700

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 9 commits into from
Oct 17, 2024
Merged

fix: SonarCloud for forks #27700

merged 9 commits into from
Oct 17, 2024

Conversation

@itsyoboieltr
Copy link
Contributor

@itsyoboieltr itsyoboieltr commented Oct 8, 2024
edited by github-actions bot
Loading

Description

Open in GitHub Codespaces

This PR fixes SonarCloud for forks.

Related issues

Fixes: #27135

Manual testing steps

  1. SonarCloud analysis is successfully reported from a fork

Screenshots/Recordings

Not applicable

Pre-merge author checklist

Pre-merge reviewer checklist

  • I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed).
  • I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots.

@itsyoboieltr itsyoboieltr requested a review from a team as a code owner October 8, 2024 14:15
@github-actions github-actions bot added the team-extension-platform Extension Platform team label Oct 8, 2024
@github-actions
Copy link
Contributor

github-actions bot commented Oct 8, 2024

CLA Signature Action: All authors have signed the CLA. You may need to manually re-run the blocking PR check if it doesn't pass in a few minutes.

@metamaskbot
Copy link
Collaborator

metamaskbot commented Oct 8, 2024

Builds ready [ef659fa]
Page Load Metrics (1921 ± 68 ms)
PlatformPageMetricMin (ms)Max (ms)Average (ms)StandardDeviation (ms)MarginOfError (ms)
ChromeHomefirstPaint17052293191813263
domContentLoaded16552284187414067
load17062299192114168
domInteractive267446178
Bundle size diffs
  • background: 0 Bytes (0.00%)
  • ui: 0 Bytes (0.00%)
  • common: 0 Bytes (0.00%)

@legobeat legobeat mentioned this pull request Oct 8, 2024
Closed
@legobeat legobeat requested a review from a team October 8, 2024 23:58
@metamaskbot
Copy link
Collaborator

metamaskbot commented Oct 9, 2024

Builds ready [422b95e]
Page Load Metrics (1928 ± 161 ms)
PlatformPageMetricMin (ms)Max (ms)Average (ms)StandardDeviation (ms)MarginOfError (ms)
ChromeHomefirstPaint156730901927337162
domContentLoaded152130541900329158
load156230931928335161
domInteractive16151493316
Bundle size diffs
  • background: 0 Bytes (0.00%)
  • ui: 0 Bytes (0.00%)
  • common: 0 Bytes (0.00%)

@legobeat
Copy link
Contributor

legobeat commented Oct 9, 2024

Passing CI run targeting this branch: #27713

@legobeat

This comment was marked as resolved.

Sign in to view
@itsyoboieltr
Copy link
Contributor Author

itsyoboieltr commented Oct 9, 2024
edited
Loading

@legobeat

If I understand correctly how workflow_run works, it is expected that SonarCloud does not run for this PR.

  1. We need to use workflow_run, so that we can run SonarCloud for forks without exposing our sonar token
  2. workflow_run is only triggered on the default branch. The changes are still on the feature branch, this means that SonarCloud won't be triggered.
  3. We need to disable the checks, merge, and then see if the job is getting triggered or not.

@metamaskbot
Copy link
Collaborator

metamaskbot commented Oct 9, 2024

Builds ready [56d1c5a]
Page Load Metrics (1809 ± 73 ms)
PlatformPageMetricMin (ms)Max (ms)Average (ms)StandardDeviation (ms)MarginOfError (ms)
ChromeHomefirstPaint75922161744268129
domContentLoaded15922072177413766
load16452232180915173
domInteractive188642189
Bundle size diffs
  • background: 0 Bytes (0.00%)
  • ui: 0 Bytes (0.00%)
  • common: 0 Bytes (0.00%)

legobeat
legobeat previously approved these changes Oct 10, 2024
View reviewed changes
@metamaskbot
Copy link
Collaborator

metamaskbot commented Oct 10, 2024

Builds ready [ccc72b0]
Page Load Metrics (1797 ± 94 ms)
PlatformPageMetricMin (ms)Max (ms)Average (ms)StandardDeviation (ms)MarginOfError (ms)
ChromeHomefirstPaint29722031708376180
domContentLoaded15532179177518991
load15612272179719694
domInteractive257844157
Bundle size diffs
  • background: 0 Bytes (0.00%)
  • ui: 0 Bytes (0.00%)
  • common: 0 Bytes (0.00%)

@legobeat legobeat requested review from a team, HowardBraham and matthewwalsh0 October 10, 2024 07:43
HowardBraham
HowardBraham previously approved these changes Oct 10, 2024
View reviewed changes
matthewwalsh0
matthewwalsh0 previously approved these changes Oct 10, 2024
View reviewed changes
@HowardBraham
Copy link
Contributor

HowardBraham commented Oct 10, 2024

Oh whoops, this has to be manually force merged by an admin, because it's failing SonarCloud -- chicken and egg

NicholasEllul
NicholasEllul reviewed Oct 10, 2024
View reviewed changes
Copy link
Contributor

@NicholasEllul NicholasEllul left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we add a notice comment somewhere in this action along the lines of

This GitHub action will checkout and scan third party code. Please ensure that any changes to this action do not perform actions that may result in code from that branch being executed such as installing dependencies or running build scripts.

This will ensure that in the future we don't unintentionally introduce behaviour that may result in third party code being executed in the context of this workflow.

@itsyoboieltr itsyoboieltr dismissed stale reviews from legobeat and HowardBraham via e6b7619 October 16, 2024 18:32
@itsyoboieltr itsyoboieltr self-assigned this Oct 16, 2024
@Gudahtt Gudahtt removed the DO-NOT-MERGE Pull requests that should not be merged label Oct 16, 2024
Gudahtt
Gudahtt reviewed Oct 16, 2024
View reviewed changes
@itsyoboieltr itsyoboieltr requested a review from Gudahtt October 16, 2024 19:30
Gudahtt
Gudahtt reviewed Oct 16, 2024
View reviewed changes
@itsyoboieltr itsyoboieltr requested a review from Gudahtt October 16, 2024 19:39
Gudahtt
Gudahtt reviewed Oct 16, 2024
View reviewed changes
Gudahtt
Gudahtt previously approved these changes Oct 16, 2024
View reviewed changes
Copy link
Member

@Gudahtt Gudahtt left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

@legobeat @Gudahtt
Update .github/workflows/sonarcloud.yml
6fed39b 
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
@legobeat legobeat requested a review from Gudahtt October 16, 2024 20:40
@metamaskbot
Copy link
Collaborator

metamaskbot commented Oct 16, 2024

Builds ready [6fed39b]
Page Load Metrics (1859 ± 204 ms)
PlatformPageMetricMin (ms)Max (ms)Average (ms)StandardDeviation (ms)MarginOfError (ms)
ChromeHomefirstPaint151133581869408196
domContentLoaded149123771760228109
load150033751859426204
domInteractive17104452311
backgroundConnect8999104219105
firstReactRender46246965426
getState5169384421
initialActions01000
loadScripts10621702130616981
setupStore10282426431
uiStartup169740402178672323
Bundle size diffs
  • background: 0 Bytes (0.00%)
  • ui: 0 Bytes (0.00%)
  • common: 0 Bytes (0.00%)

@legobeat legobeat requested a review from a team October 16, 2024 21:50
@HowardBraham HowardBraham added this pull request to the merge queue Oct 17, 2024
Merged via the queue into develop with commit 55d0972 Oct 17, 2024
76 checks passed
@HowardBraham HowardBraham deleted the fix-sonarcloud-on-forks branch October 17, 2024 03:53
@github-actions github-actions bot locked and limited conversation to collaborators Oct 17, 2024
@metamaskbot metamaskbot added the release-12.7.0 Issue or pull request that will be included in release 12.7.0 label Oct 17, 2024
@gauthierpetetin gauthierpetetin added release-12.6.0 Issue or pull request that will be included in release 12.6.0 and removed release-12.7.0 Issue or pull request that will be included in release 12.7.0 labels Oct 21, 2024
jvbriones
jvbriones reviewed Oct 28, 2024
View reviewed changes
.github/workflows/main.yml
name: Run tests
uses: ./.github/workflows/run-tests.yml

sonarcloud:
Copy link
Contributor

@jvbriones jvbriones Oct 28, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi @HowardBraham, why it was removed from the main workflow? we do want to analyze develop branch

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

@jvbriones jvbriones jvbriones left review comments

@Gudahtt Gudahtt Gudahtt approved these changes

@matthewwalsh0 matthewwalsh0 Awaiting requested review from matthewwalsh0

@danjm danjm Awaiting requested review from danjm

@NicholasEllul NicholasEllul Awaiting requested review from NicholasEllul

@rekmarks rekmarks Awaiting requested review from rekmarks

@HowardBraham HowardBraham Awaiting requested review from HowardBraham

+1 more reviewer

@legobeat legobeat legobeat approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

@itsyoboieltr itsyoboieltr

Labels

release-12.6.0 Issue or pull request that will be included in release 12.6.0 team-extension-platform Extension Platform team

Projects

PR review queue
Archived in project

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Fix ci to allow running jobs for forks