Skip to content

Suspended executions poc#22980

Open
cedric-cordenier wants to merge 10 commits into
developfrom
suspended-executions-poc
Open

Suspended executions poc#22980
cedric-cordenier wants to merge 10 commits into
developfrom
suspended-executions-poc

Add enginefleet

f026d68
Select commit
Loading
Failed to load commit list.
CL-sonarqube-production / SonarQube Code Analysis failed Jul 9, 2026 in 1m 12s

Quality Gate failed

Failed conditions
2 Security Hotspots
C Reliability Rating on New Code (required ≥ A)

See analysis details on SonarQube

Catch issues before they fail your Quality Gate with our IDE extension SonarQube for IDE SonarQube for IDE

Annotations

Check warning on line 136 in core/services/workflows/cmd/enginefleet/docker/run.sh

See this annotation in the file changed.

@cl-sonarqube-production cl-sonarqube-production / SonarQube Code Analysis

Assign this positional parameter to a local variable.

[S7679] Function parameters should be assigned to local variables with descriptive names
 See more on https://sonarqube.main.prod.cldev.sh/project/issues?id=smartcontractkit_chainlink&pullRequest=22980&issues=ae9d8da6-bdbe-4e1d-97fd-97256240a599&open=ae9d8da6-bdbe-4e1d-97fd-97256240a599

Check warning on line 102 in core/services/workflows/cmd/enginefleet/evm_write.go

See this annotation in the file changed.

@cl-sonarqube-production cl-sonarqube-production / SonarQube Code Analysis

File is not properly formatted

[goimports.bug.major] null
 See more on https://sonarqube.main.prod.cldev.sh/project/issues?id=smartcontractkit_chainlink&pullRequest=22980&issues=d9292939-e01c-4f72-ac00-31e2088f171a&open=d9292939-e01c-4f72-ac00-31e2088f171a

Check warning on line 26 in core/services/workflows/cmd/enginefleet/main.go

See this annotation in the file changed.

@cl-sonarqube-production cl-sonarqube-production / SonarQube Code Analysis

G108: Profiling endpoint is automatically exposed on /debug/pprof

[gosec] Issue raised by gosec
 See more on https://sonarqube.main.prod.cldev.sh/project/issues?id=smartcontractkit_chainlink&pullRequest=22980&issues=de5a266b-b130-4cc2-b37d-282b5bdff0d0&open=de5a266b-b130-4cc2-b37d-282b5bdff0d0

Check warning on line 21 in core/services/workflows/cmd/enginefleet/docker/Dockerfile

See this annotation in the file changed.

@cl-sonarqube-production cl-sonarqube-production / SonarQube Code Analysis

Not disabling redirects might allow for redirections to insecure websites. Make sure it is safe here.

[S6506] Allowing downgrades to a clear-text protocol is security-sensitive
 See more on https://sonarqube.main.prod.cldev.sh/project/issues?id=smartcontractkit_chainlink&pullRequest=22980&issues=d75ec4b6-510a-4ff9-bd70-7860c2e1942c&open=d75ec4b6-510a-4ff9-bd70-7860c2e1942c

Check warning on line 42 in core/services/workflows/cmd/enginefleet/docker/Dockerfile

See this annotation in the file changed.

@cl-sonarqube-production cl-sonarqube-production / SonarQube Code Analysis

Sort these package names alphanumerically.

[S7018] Arguments in long RUN instructions should be sorted
 See more on https://sonarqube.main.prod.cldev.sh/project/issues?id=smartcontractkit_chainlink&pullRequest=22980&issues=411f80e1-011b-4287-b87e-ed00a1680cad&open=411f80e1-011b-4287-b87e-ed00a1680cad

Check warning on line 17 in core/services/workflows/cmd/enginefleet/docker/Dockerfile

See this annotation in the file changed.

@cl-sonarqube-production cl-sonarqube-production / SonarQube Code Analysis

Sort these package names alphanumerically.

[S7018] Arguments in long RUN instructions should be sorted
 See more on https://sonarqube.main.prod.cldev.sh/project/issues?id=smartcontractkit_chainlink&pullRequest=22980&issues=6483f29f-a779-4bb6-ba5a-952497dd7697&open=6483f29f-a779-4bb6-ba5a-952497dd7697

Check warning on line 160 in core/services/workflows/cmd/enginefleet/main.go

See this annotation in the file changed.

@cl-sonarqube-production cl-sonarqube-production / SonarQube Code Analysis

exitAfterDefer: os.Exit will exit, and `defer func(){...}(...)` will not run

[gocritic.bug.major] Issue raised by gocritic
 See more on https://sonarqube.main.prod.cldev.sh/project/issues?id=smartcontractkit_chainlink&pullRequest=22980&issues=0c85ebd9-78a3-42a7-8ef1-807756921839&open=0c85ebd9-78a3-42a7-8ef1-807756921839

Check warning on line 141 in core/services/workflows/cmd/enginefleet/main.go

See this annotation in the file changed.

@cl-sonarqube-production cl-sonarqube-production / SonarQube Code Analysis

shadow: declaration of "err" shadows declaration at line 106

[shadow] Shadowed variables
 See more on https://sonarqube.main.prod.cldev.sh/project/issues?id=smartcontractkit_chainlink&pullRequest=22980&issues=5b40df25-9001-4d5c-871b-47317958208e&open=5b40df25-9001-4d5c-871b-47317958208e

Check warning on line 34 in core/services/workflows/cmd/enginefleet/docker/Dockerfile

See this annotation in the file changed.

@cl-sonarqube-production cl-sonarqube-production / SonarQube Code Analysis

The "debian" image runs with "root" as the default user. Make sure it is safe here.

[S6471] Running containers as a privileged user is security-sensitive
 See more on https://sonarqube.main.prod.cldev.sh/project/issues?id=smartcontractkit_chainlink&pullRequest=22980&issues=5190d329-cc41-40ef-bc4b-40d493a74a31&open=5190d329-cc41-40ef-bc4b-40d493a74a31