IGNITE-23820 Restore 'checkout' in sonar-pr-from-fork-build.yml (#1…

…1721)
apache · Dec 25, 2024 · d6d8b06 · d6d8b06
1 parent 510fa7b
commit d6d8b06
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 0 deletions.
diff --git a/.github/workflows/sonar-pr-from-fork-build.yml b/.github/workflows/sonar-pr-from-fork-build.yml
@@ -32,6 +32,10 @@ jobs:
     name: Build artifacts for Sonar Analysis
     runs-on: ubuntu-latest
     steps:
+      - uses: actions/checkout@v4
+        with:
+          persist-credentials: false
+
       - name: Set up JDK11
         uses: actions/setup-java@v4
         with:

diff --git a/.github/workflows/sonar-pr-from-fork-scan.yml b/.github/workflows/sonar-pr-from-fork-scan.yml
@@ -90,6 +90,14 @@ jobs:
             # "fetch-depth: 0" is needed for Sonar's new code detection, blame information and issue backdating
             # see more details at https://community.sonarsource.com/t/git-fetch-depth-implications/75260
 
+      - name: Checkout PR base branch
+        run: |
+          git remote add upstream https://github.com/apache/ignite
+          git fetch upstream
+          git checkout -B $pr_base_ref upstream/$pr_base_ref
+          git checkout ${{ github.event.workflow_run.head_sha }}
+          git clean -ffdx && git reset --hard HEAD
+
       - name: Download compiled classes artifact
         uses: actions/download-artifact@v4
         with: