Add SonarCloud integration to GitHub Actions

The GitHub Actions pipeline now includes a step to perform a SonarCloud scan. The new "SonarCloud Scan" step will utilize the SonarSource sonarcloud-github-action, and takes advantage of GITHUB and SONAR tokens stored as secrets. Additionally, a new 'sonar-project.properties' file has been added, configuring the project for SonarCloud analysis.
JBZoo · Apr 10, 2024 · 164ec99 · 164ec99
1 parent b1b91c4
commit 164ec99
Show file tree

Hide file tree

Showing 2 changed files with 17 additions and 0 deletions.
diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
@@ -65,6 +65,12 @@ jobs:
           COVERALLS_REPO_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         run: make report-coveralls --no-print-directory || true
 
+      - name: SonarCloud Scan
+        uses: SonarSource/sonarcloud-github-action@master
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+
       - name: Upload Artifacts
         uses: actions/upload-artifact@v4
         continue-on-error: true

diff --git a/sonar-project.properties b/sonar-project.properties
@@ -0,0 +1,11 @@
+sonar.projectKey=jbzoo
+sonar.projectName=CSV Blueprint
+sonar.organization=JBZoo
+
+sonar.sources=./src
+sonar.tests=./tests
+sonar.language=php
+sonar.sourceEncoding=UTF-8
+sonar.exclusions=./schema-examples/full.php
+
+sonar.php.coverage.reportPaths=build/coverage_xml/main.xml