name: Sonarqube Scanner

on:
  push:
    branches:
      - main


jobs:
  build:
    name: Build and analyze
    runs-on: docker
    
    steps:
      - uses: actions/checkout@v4
        with:
          fetch-depth: 0  # Shallow clones should be disabled for a better relevancy of analysis

      - name: Download SonarQube Scanner
        env:
          SONAR_SCANNER_VERSION: ${{ vars.SONAR_SCANNER_VERSION }}
        run: |-
          apk --no-cache add curl unzip;
          curl --create-dirs -sSLo /tmp/sonar-scanner.zip https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-$SONAR_SCANNER_VERSION.zip;
          unzip -o /tmp/sonar-scanner.zip -d /tmp/;

      - name: Check if SonarQube Scanner is available
        env:
          SONAR_SCANNER_HOME: ${{ vars.SONAR_SCANNER_HOME }}
        run: |-
          test -f $SONAR_SCANNER_HOME/bin/sonar-scanner;

      - name: Verify SonarQube Scanner installation
        env:
          SONAR_SCANNER_HOME: ${{ vars.SONAR_SCANNER_HOME }}
        run: |-
          java -version;
          $SONAR_SCANNER_HOME/bin/sonar-scanner --version

      - name: Run sonar-scanner
        env:
          SONAR_SCANNER_HOME: ${{ vars.SONAR_SCANNER_HOME }}
          SONAR_HOST_URL: ${{ vars.SONAR_HOST_URL }}
          SONAR_PROJECT_KEY: ${{ vars.SONAR_PROJECT_KEY }}
          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
        run: |-
          $SONAR_SCANNER_HOME/bin/sonar-scanner \
            -Dsonar.projectKey=$SONAR_PROJECT_KEY \
            -Dsonar.sources=. \
            -Dsonar.host.url=$SONAR_HOST_URL \
            -Dsonar.javascript.lcov.reportPaths=coverage/js/lcov.info \
            -Dsonar.php.coverage.reportPaths=coverage/php-clover.xml

      # If you wish to fail your job when the Quality Gate is red, uncomment the
      # following lines. This would typically be used to fail a deployment.
      # - uses: SonarSource/sonarqube-quality-gate-action@v1
      #   timeout-minutes: 5
      #   env:
      #     SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}