ci: Add SonarCloud scan to code-test workflow (#62)

# Pull Request ## Description This change integrates SonarCloud scanning into the CI/CD pipeline and configures the project for SonarCloud analysis. The following modifications have been made: 1. Added a new step in the `code-test.yml` workflow to run SonarCloud scanning after unit tests. 2. Created a `sonar-project.properties` file to configure SonarCloud analysis settings. The SonarCloud integration will provide automated code quality and security analysis for the project. It uses the official SonarCloud GitHub Action and requires `GITHUB_TOKEN` and `SONAR_TOKEN` secrets to be set up in the repository. These changes will enhance the project's code quality monitoring and help identify potential issues early in the development process. fixes #48
JackPlowman · Sep 29, 2024 · eebec1a · eebec1a
1 parent cb3760f
commit eebec1a
Show file tree

Hide file tree

Showing 2 changed files with 13 additions and 0 deletions.
diff --git a/.github/workflows/code-test.yml b/.github/workflows/code-test.yml
@@ -37,6 +37,12 @@ jobs:
       - name: Run Unit Tests
         run: just unit-test
 
+      - name: SonarCloud Scan
+        uses: SonarSource/[email protected]
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+
   validate-schema:
     name: Validate Schema
     runs-on: ubuntu-latest

diff --git a/sonar-project.properties b/sonar-project.properties
@@ -0,0 +1,7 @@
+sonar.organization=jackplowman
+sonar.projectKey=JackPlowman_github-stats-analyser
+
+sonar.sources=.
+
+sonar.python.version=3.12
+sonar.python.coverage.reportPaths=coverage.xml