SonarQube supports analysis of YAML files detected as GitHub Actions.
The analysis is searches for workflows located in **/.github/workflows/** and composite actions in **/actions.yml.
**/.github/workflows/**
**/actions.yml
Add commentDiscover and update the YAML properties in Your Project > Administration > General Settings > Languages > GitHub Actions.
Add commentYou can deactivate the analysis of GitHub Actions by setting the sonar.githubactions.activate property to false.
sonar.githubactions.activate
false
Last updated 3 months ago
Was this helpful?
