Always run Sonar scan against the master branch

[lukaszlenart]

No description provided.

[kusalk]

I think we need to check the branch name (github.ref) and PR target branch (github.base_ref), and if either of those match 'master', run the workflow else skip it

[sepe81]

It would also be nice if the step "SonarCloud / Scan (push)" in the master of forked projects is skipped, as this always fails otherwise.

Error:  Failed to execute goal org.sonarsource.scanner.maven:sonar-maven-plugin:4.0.0.4121:sonar (default-cli) on project struts2-parent: Project not found. Please check the 'sonar.projectKey' and 'sonar.organization' properties, the 'SONAR_TOKEN' environment variable, or contact the project administrator to check the permissions of the user the token belongs to

[sepe81]

I guess you removed -B b/c of https://stackoverflow.com/a/23659360 and semi-redundant --no-transfer-progress?

[sepe81]

@lukaszlenart Maybe rebase with master and give it another try?

[sepe81]

We could use java-version: 21 on L:42

[sepe81]

This looks promising. I would love to give it a try after the merge.

[sepe81]

One last thing: @lukaszlenart any idea how to address #921 (comment) b/c every fork also has a master branch but no sonar credentials ({"Message": "User is not authorized to access this resource with an explicit deny"}).

[lukaszlenart]

forks

Isn't already addressed with this if on top?

if: ${{ !github.event.pull_request.head.repo.fork }}

[sepe81]

Isn't already addressed with this if on top?

It doesn't seem to work. The step in this run is executed in my fork, but I don't understand why.

[lukaszlenart]

It doesn't seem to work. The step in this run is executed in my fork, but I don't understand why.

What about now?

[sepe81]

Happy to try it after merge.

[sepe81]

I got a green build. Thank you so much.