cicd/sonarqube-scan-action
1
0
Fork 0
mirror of https://github.com/SonarSource/sonarqube-scan-action.git synced 2026-06-05 00:57:59 +03:00
Code Issues Packages Projects Releases Wiki Activity

SQSCANGHA-84 Remove outdated wget/curl references

Browse Source 
The action was refactored to use Node.js (@actions/tool-cache) for
downloads, which doesn't rely on wget or curl. Update the README and
QA workflow to reflect this.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Julien HENRY
2026-06-04 14:42:28 +02:00
parent 375c3f5c03
commit fc4fa78dd3
2 changed files with 11 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.github/workflows/qa-main.yml
+9 -25
View File
@@ -245,9 +245,9 @@ jobs:
- name: Assert Sonar Scanner CLI was not executed
run: |
./test/assertFileDoesntExist ./output.properties
scannerBinariesUrlIsEscapedWithWget:
scannerBinariesUrlCommandInjectionTest:
name: >
'scannerBinariesUrl' is escaped with wget so special chars are not injected in the download command
'scannerBinariesUrl' does not allow command injection via semicolons
runs-on: github-ubuntu-latest-s
steps:
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
@@ -266,22 +266,14 @@ jobs:
- name: Assert file.txt does not exist
run: |
./test/assertFileDoesntExist "$RUNNER_TEMP/sonarscanner/file.txt"
scannerBinariesUrlIsEscapedWithCurl:
scannerBinariesUrlCommandInjectionWithSpacesTest:
name: >
'scannerBinariesUrl' is escaped with curl so special chars are not injected in the download command
'scannerBinariesUrl' does not allow command injection via spaces and quotes
runs-on: github-ubuntu-latest-s
steps:
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
token: ${{ secrets.GITHUB_TOKEN }}
- name: Remove wget
run: sudo apt-get remove -y wget
- name: Assert wget is not available
run: |
if command -v wget 2>&1 >/dev/null
then
exit 1
fi
- name: Run action with scannerBinariesUrl
id: runTest
uses: ./
@@ -472,22 +464,14 @@ jobs:
run: |
./test/assertFileContains ./output.properties "sonar.host.url=mirror.sonarcloud.io"
./test/assertFileContains ./output.properties "sonar.scanner.sonarcloudUrl=mirror.sonarcloud.io"
curlPerformsRedirect:
scannerBinariesUrlRedirectFollowed:
name: >
curl performs redirect when scannerBinariesUrl returns 3xx
scannerBinariesUrl redirect (3xx) is followed
runs-on: github-ubuntu-latest-s
steps:
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
token: ${{ secrets.GITHUB_TOKEN }}
- name: Remove wget
run: sudo apt-get remove -y wget
- name: Assert wget is not available
run: |
if command -v wget 2>&1 >/dev/null
then
exit 1
fi
- name: Generate SSL certificates for nginx
run: ./generate-ssl.sh
working-directory: .github/qa-nginx-redirecting
@@ -841,8 +825,8 @@ jobs:
- projectBaseDirInputTest
- scannerVersionTest
- scannerBinariesUrlTest
- scannerBinariesUrlIsEscapedWithWget
- scannerBinariesUrlIsEscapedWithCurl
- scannerBinariesUrlCommandInjectionTest
- scannerBinariesUrlCommandInjectionWithSpacesTest
- dontFailGradleTest
- dontFailGradleKotlinTest
- dontFailMavenTest
@@ -850,7 +834,7 @@ jobs:
- runnerDebugUsedTest
- runAnalysisWithCacheTest
- overrideSonarcloudUrlTest
- curlPerformsRedirect
- scannerBinariesUrlRedirectFollowed
- useSslCertificate
- analysisWithSslCertificate
- updateTruststoreWhenPresent
README.md
+2 -2
View File
@@ -483,11 +483,11 @@ See also [example configurations of C++ projects for SonarQube Server](https://g
When running the action in a self-hosted runner or container, please ensure that the following programs are installed:
* **curl** or **wget**
* **unzip**
* **gpg**
* **dirmngr**
Note: `gpg` and `dirmngr` are only required for GPG signature verification (enabled by default). They can be omitted when setting `skipSignatureVerification: true`.
### Additional information
The `sonarqube-scan-action/install-build-wrapper` action installs `coreutils` if run on macOS.