Sonarque can't analyze contributions due to some GitHub limitations in sharing repository secrets.
Everything points out that we need to use a different workflow to share our secrets, using either pull_request_target or workflow_run. Some security considerations are required to pay attention to avoid the secrets to be leaked.
To enhance security, we should manually run every CI for outside contributors.
Potential workarounds:
Sonarque can't analyze contributions due to some GitHub limitations in sharing repository secrets.
Everything points out that we need to use a different workflow to share our secrets, using either
pull_request_targetorworkflow_run. Some security considerations are required to pay attention to avoid the secrets to be leaked.To enhance security, we should manually run every CI for outside contributors.
Potential workarounds: