This repo contains just a pipeline that analyzes code in some repositories that I don't own, but I'm interested in.
It uses SonarCloud for the analysis.
Here are the analysis results.
I recommend you to set up your own SonarCloud analysis on every repo. It helps preventing bugs and security issues.
It is pretty straightforward - just register in SonarCloud and follow the prompts. There are also tons of tutorials to help you. For example this one and this one
Very useful is the option to integrate SonarCloud code quality check on pull requests. That way, you can reject pull requests with detected problems.
Running the pipeline
It runs weekly on schedule, but it can also be run manually here.
- Add a new config
- in the pipeline > input > options
- in the config generator
- Commit + push
- Run the workflow manually for the new repo