SonarQube supports analysis of YAML files detected as GitHub Actions.
The analysis is searches for workflows located in **/.github/workflows/** and composite actions in **/actions.yml.
**/.github/workflows/**
**/actions.yml
Discover and update the YAML properties in Your Project > Administration > General Settings > Languages > GitHub Actions.
You can deactivate the analysis of GitHub Actions by setting the sonar.githubactions.activate property to false.
sonar.githubactions.activate
false
Last updated 1 month ago
Was this helpful?
