From eb66556d7549dabf5bebbad88717f72f51cc3356 Mon Sep 17 00:00:00 2001
From: amvanbaren <amvanbaren@hotmail.com>
Date: Thu, 16 Nov 2023 16:46:57 +0200
Subject: [PATCH] Supply sonar with PR info

---
 .github/workflows/main.yml  | 14 +++++--
 .github/workflows/sonar.yml | 73 ++++++++++++++++++++++++++++++-------
 2 files changed, 69 insertions(+), 18 deletions(-)

diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
index 46c16a11..63161dfe 100644
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@@ -6,10 +6,16 @@ on:
   pull_request:
     types: [opened, synchronize, reopened]
 jobs:
-  trigger:
-    name: Trigger Sonar
+  pr:
+    name: Save PR Info
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
+      - name: Save PR number to file
+        if: github.event_name == 'pull_request'
+        run: echo ${{ github.event.number }} > PR_NUMBER.txt
+      - name: Archive PR number
+        if: github.event_name == 'pull_request'
+        uses: actions/upload-artifact@v3
         with:
-          fetch-depth: 0
\ No newline at end of file
+          name: PR_NUMBER
+          path: PR_NUMBER.txt
\ No newline at end of file
diff --git a/.github/workflows/sonar.yml b/.github/workflows/sonar.yml
index e6c3e608..30eea3c8 100644
--- a/.github/workflows/sonar.yml
+++ b/.github/workflows/sonar.yml
@@ -9,19 +9,64 @@ jobs:
     runs-on: ubuntu-latest
     if: github.event.workflow_run.conclusion == 'success'
     steps:
-      - uses: actions/checkout@v3
-        with:
+    - name: Download PR number artifact
+      if: github.event.workflow_run.event == 'pull_request'
+      uses: dawidd6/action-download-artifact@v2
+      with:
+        workflow: Build
+        run_id: ${{ github.event.workflow_run.id }}
+        name: PR_NUMBER
+    - name: Read PR_NUMBER.txt
+      if: github.event.workflow_run.event == 'pull_request'
+      id: pr_number
+      uses: juliangruber/read-file-action@v1
+      with:
+        path: ./PR_NUMBER.txt
+    - name: Request GitHub API for PR data
+      if: github.event.workflow_run.event == 'pull_request'
+      uses: octokit/request-action@v2.x
+      id: get_pr_data
+      with:
+        route: GET /repos/{full_name}/pulls/{number}
+        number: ${{ steps.pr_number.outputs.content }}
+        full_name: ${{ github.event.repository.full_name }}
+      env:
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+    - uses: actions/checkout@v3
+      with:
           repository: ${{ github.event.workflow_run.head_repository.full_name }}
           ref: ${{ github.event.workflow_run.head_branch }}
-          fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis
-      - name: SonarCloud Scan
-        uses: sonarsource/sonarcloud-github-action@master
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
-        with:
-          args: >
-            -Dsonar.scm.revision=${{ github.event.workflow_run.head_sha }}
-            -Dsonar.pullrequest.key=${{ github.event.workflow_run.pull_requests[0].number }}
-            -Dsonar.pullrequest.branch=${{ github.event.workflow_run.pull_requests[0].head.ref }}
-            -Dsonar.pullrequest.base=${{ github.event.workflow_run.pull_requests[0].base.ref }}
+          fetch-depth: 0
+    - name: Checkout base branch
+      if: github.event.workflow_run.event == 'pull_request'
+      run: |
+        git remote add upstream ${{ github.event.repository.clone_url }}
+        git fetch upstream
+        git checkout -B ${{ fromJson(steps.get_pr_data.outputs.data).base.ref }} upstream/${{ fromJson(steps.get_pr_data.outputs.data).base.ref }}
+        git checkout ${{ github.event.workflow_run.head_branch }}
+        git clean -ffdx && git reset --hard HEAD
+    - name: SonarCloud Scan on PR
+      if: github.event.workflow_run.event == 'pull_request'
+      uses: sonarsource/sonarcloud-github-action@master
+      env:
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+      with:
+        args: >
+          -Dsonar.scm.revision=${{ github.event.workflow_run.head_sha }}
+          -Dsonar.pullrequest.key=${{ fromJson(steps.get_pr_data.outputs.data).number }}
+          -Dsonar.pullrequest.branch=${{ fromJson(steps.get_pr_data.outputs.data).head.ref }}
+          -Dsonar.pullrequest.base=${{ fromJson(steps.get_pr_data.outputs.data).base.ref }}
+      env:
+        SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+    - name: SonarCloud Scan on push
+      if: github.event.workflow_run.event == 'push' && github.event.workflow_run.head_repository.full_name == github.event.repository.full_name
+      uses: sonarsource/sonarcloud-github-action@master
+      env:
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+      with:
+        args: >
+          -Dsonar.scm.revision=${{ github.event.workflow_run.head_sha }}
+          -Dsonar.branch.name=${{ github.event.workflow_run.head_branch }}