From 2fa2d71cea465ba96ed6d647a79465a1ea6ff204 Mon Sep 17 00:00:00 2001 From: Steven Sheehy <17552371+steven-sheehy@users.noreply.github.com> Date: Thu, 20 Feb 2025 12:44:21 -0600 Subject: [PATCH] Disable dependency check and sonar workflows (#10442) Temporarily disable dependency check and sonar workflows until they work again --------- Signed-off-by: Steven Sheehy --- .github/workflows/security.yml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml index 5da71152f0..a969ec3be5 100644 --- a/.github/workflows/security.yml +++ b/.github/workflows/security.yml @@ -25,7 +25,7 @@ jobs: dependencies: name: Dependency Check runs-on: hiero-mirror-node-linux-large - if: ${{ github.event_name == 'push' || github.event.pull_request.head.repo.full_name == github.repository }} + if: false # ${{ github.event_name == 'push' || github.event.pull_request.head.repo.full_name == github.repository }} steps: - name: Harden Runner uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0 @@ -61,6 +61,7 @@ jobs: env: NVD_API_KEY: ${{ secrets.NVD_API_KEY }} run: ./gradlew dependencyCheckAggregate + timeout-minutes: 20 - name: Upload report uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0 @@ -107,7 +108,7 @@ jobs: args: ./... sonar: - if: github.event_name == 'push' || (github.event.pull_request.head.repo.full_name == github.repository && github.actor != 'dependabot[bot]') + if: false # github.event_name == 'push' || (github.event.pull_request.head.repo.full_name == github.repository && github.actor != 'dependabot[bot]') name: SonarCloud runs-on: hiero-mirror-node-linux-large steps: @@ -147,6 +148,7 @@ jobs: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} run: ./gradlew build sonar -x test + timeout-minutes: 10 snyk: if: github.event_name == 'push' || (github.event.pull_request.head.repo.full_name == github.repository && github.actor != 'dependabot[bot]')