From 5ba1ae2108c98b7af65a671871517873109cbe0a Mon Sep 17 00:00:00 2001 From: An Phi Date: Tue, 31 Oct 2023 11:26:20 -0400 Subject: [PATCH] Update code-quality.yml --- .github/workflows/code-quality.yml | 18 ++++++------------ 1 file changed, 6 insertions(+), 12 deletions(-) diff --git a/.github/workflows/code-quality.yml b/.github/workflows/code-quality.yml index 617cf73fea4..d7eab549541 100644 --- a/.github/workflows/code-quality.yml +++ b/.github/workflows/code-quality.yml @@ -14,18 +14,12 @@ name: Code Quality Check -on: - # Analysis done to check for security and quality are often taken care of by vendor tools, such as SonarCloud, CodeQL, etc. - # We will not run these in PR pipelins for the following reasons: - # 1. In terms of quality checks, these analysis are often already covered by code checks (e.g. eslint) already set to run - # for PRs - # 2. Security checks are included meaning that these checks will have to go through a huge libraries of vulnerability checks - # from vendor, which could take up huge amount of time to run, which is not suitable to have in PR unless absolutely necessary. - # However, most of the problems detected by these checks are often security warnings and some other niche problems that we might - # or might not necessarily have to deal with (false positive, or belongs to test-only codepath) - push: - branches: - - master +on: [workflow_dispatch] + # NOTE: currently, this is failing, we need further investigation to fix this build, for now, we will + # disable this code quality check to save resource + # push: + # branches: + # - master env: SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}