Skip to content

Updating to common GitHub Action 1.0.5 #457

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
nikhil2611 wants to merge 4 commits into
base: main
Choose a base branch
from
Open

Updating to common GitHub Action 1.0.5 #457

nikhil2611 wants to merge 4 commits into from
+97 −19

Conversation

@nikhil2611
Copy link
Contributor

@nikhil2611 nikhil2611 commented Sep 16, 2025

This pull request updates the .github/workflows/ci-main-pull-request-stub.yml workflow file to improve configuration flexibility and security scanning coverage. The most important changes are grouped below:

Description

This pull request updates the CI workflow to STUB_VERSION 1.0.5 and enabled few fields like
This pull request updates the .github/workflows/ci-main-pull-request-stub.yml workflow configuration to improve automation and security scanning. The most important changes include updating the stub version, enabling BlackDuck SCA scanning, and making the workflow more dynamic and descriptive for project-specific and language-specific settings.

Versioning and Configuration Updates:

  • Bumped the STUB_VERSION environment variable from "1.0.4" to "1.0.5" to reflect the latest changes in the workflow.

Security and Quality Scans:

  • Enabled perform-blackduck-sca-scan by default to ensure BlackDuck SCA scanning is performed as part of the workflow.
  • Set perform-docker-scan to false to explicitly control Docker image scanning, clarifying intent for future changes.

Project and Language Dynamism:

  • Changed polaris-project-name to use the repository name dynamically with ${{ github.event.repository.name }} for more flexible project identification.
  • Added language: 'ruby' to specify the primary programming language for build and SonarQube analysis, improving accuracy of language-specific checks.

Types of changes

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to change)
  • Chore (non-breaking change that does not add functionality or fix an issue)

Checklist:

  • I have read the CONTRIBUTING document.
  • I have run the pre-merge tests locally and they pass.
  • I have updated the documentation accordingly.
  • I have added tests to cover my changes.
  • If Gemfile.lock has changed, I have used --conservative to do it and included the full output in the Description above.
  • All new and existing tests passed.
  • All commits have been signed-off for the Developer Certificate of Origin.

@nikhil2611 nikhil2611 requested review from a team as code owners September 16, 2025 08:51
@sonarqubecloud
Copy link

sonarqubecloud bot commented Sep 16, 2025

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@github-actions
Copy link

github-actions bot commented Sep 16, 2025

Simplecov Report

Covered Threshold
98.57% 90%

@sonarqubecloud
Copy link

sonarqubecloud bot commented Jan 13, 2026

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@nikhil2611