Misc fixes (#390)

wikkyk · web-flow · commit 1be3462a99ac · 2025-01-30T11:48:02.000+01:00
* dependabot: also scan hack/tools

* test: switch to sonarqube-scan-action
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -16,6 +16,11 @@ updates:
       - sigs.k8s.io/cluster-api
       - sigs.k8s.io/cluster-api/test
 
+- package-ecosystem: "gomod"
+  directory: "/hack/tools"
+  schedule:
+    interval: "daily"
+
 - package-ecosystem: "docker"
   directory: "/"
   schedule:
diff --git a/.github/workflows/test-external.yml b/.github/workflows/test-external.yml
@@ -21,7 +21,7 @@ jobs:
           go-version-file: go.mod
       - run: "make verify"
       - run: "make test"
-      - uses: SonarSource/sonarcloud-github-action@v4.0.0
+      - uses: SonarSource/sonarqube-scan-action@v4.1.0
         with:
          args: >
            -Dsonar.pullrequest.key=${{ github.event.pull_request.number }}
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
@@ -18,7 +18,7 @@ jobs:
           go-version-file: go.mod
       - run: "make verify"
       - run: "make test"
-      - uses: SonarSource/sonarcloud-github-action@v4.0.0
+      - uses: SonarSource/sonarqube-scan-action@v4.1.0
         if: ${{ github.event_name == 'push' }}
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
