From cdba5e7af004ab1219ef3d05ad3c38ed119df7eb Mon Sep 17 00:00:00 2001 From: dancodingbr Date: Thu, 30 Apr 2026 10:59:11 -0300 Subject: [PATCH] fix(ci): target self-hosted runner for SonarQube jobs - Change runs-on to [self-hosted, sonarqube] so both sonar jobs run on the production server that has network access to localhost:9000 - Replace sonarsource/sonarqube-scan-action (Docker-based, cannot reach host localhost) with direct sonar-scanner CLI call for the frontend job; sonar-scanner must be installed on the self-hosted runner (see docs) Co-Authored-By: Claude Sonnet 4.6 --- .github/workflows/ci.yml | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 6830a1f..a5a1048 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -99,7 +99,7 @@ jobs: sonar-analysis-backend: name: SonarQube (${{ matrix.service }}) needs: [build-and-test-backend] - runs-on: ubuntu-latest + runs-on: [self-hosted, sonarqube] timeout-minutes: 20 strategy: @@ -157,7 +157,7 @@ jobs: sonar-analysis-frontend: name: SonarQube (frontend) needs: [build-and-test-frontend] - runs-on: ubuntu-latest + runs-on: [self-hosted, sonarqube] timeout-minutes: 10 steps: @@ -171,12 +171,16 @@ jobs: path: frontend/coverage/ - name: Analyze with SonarQube - uses: sonarsource/sonarqube-scan-action@v4 - with: - projectBaseDir: frontend + # Uses sonar-scanner CLI installed on the self-hosted runner (not Docker-based). + # Docker-based actions cannot reach localhost:9000 on the host. env: SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }} + run: | + sonar-scanner \ + -Dsonar.host.url=${{ secrets.SONAR_HOST_URL }} \ + -Dsonar.token=${{ secrets.SONAR_TOKEN }} + working-directory: frontend # --------------------------------------------------------------------------- # Job 4a — SAST: CodeQL for Java