GA: Ikke kjør sonar analyse ved dependabot PR (#395)

navikt · Nov 8, 2022 · e404d56 · e404d56
1 parent bd05348
commit e404d56
Showing 1 changed file with 11 additions and 3 deletions.
diff --git a/.github/workflows/build-pr.yml b/.github/workflows/build-pr.yml
@@ -16,6 +16,8 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
       - name: Setup maven
         uses: whelk-io/maven-settings-xml-action@v20
         with:
@@ -32,9 +34,15 @@ jobs:
 
       - name: Hent tag
         run: echo "TAG=$(date +%Y.%m.%d.%H%M%S)-$(echo $GITHUB_SHA | cut -c1-7)" >> $GITHUB_ENV
+
       - name: Build
-        env:
-          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
         run: |
           echo "Building $TAG"
-          mvn jacoco:prepare-agent package jacoco:report sonar:sonar -e -B -s settings.xml -Drevision=$TAG
+          mvn package -e -B -s settings.xml -Drevision=$TAG
+
+      - name: Sonar analyse
+        if: github.actor != 'dependabot[bot]'
+        run: |
+          mvn jacoco:report org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -e -B -s settings.xml -Drevision=$TAG
+        env:
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}