From 3d1d52b151d59ac24960360b228ca7791121c793 Mon Sep 17 00:00:00 2001
From: sievdokymov-virtru
 <100794336+sievdokymov-virtru@users.noreply.github.com>
Date: Wed, 20 Sep 2023 17:59:08 +0300
Subject: [PATCH] Sonar Cloud analysis + coverage gathering (#33)

---
 .github/workflows/sonarcloud.yml | 62 ++++++++++++++++++++++++++++++++
 sonar-project.properties         | 17 +++++++++
 2 files changed, 79 insertions(+)
 create mode 100644 .github/workflows/sonarcloud.yml
 create mode 100644 sonar-project.properties

diff --git a/.github/workflows/sonarcloud.yml b/.github/workflows/sonarcloud.yml
new file mode 100644
index 0000000..1faae41
--- /dev/null
+++ b/.github/workflows/sonarcloud.yml
@@ -0,0 +1,62 @@
+name: SonarCloud
+on:
+  push:
+    branches:
+      - main
+  pull_request:
+    types:
+      - opened
+      - synchronize
+      - reopened
+
+jobs:
+  gotest:
+    name: 'Generate Golang Test Reports'
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+
+    steps:
+
+      - name: 'Checkout repo'
+        uses: actions/checkout@v3
+
+      - name: 'Setup Go'
+        uses: actions/setup-go@v3
+        with:
+          go-version: '${{ inputs.go-version }}'
+          cache: true
+
+      - name: 'Generate Golang Test Reports'
+        run: go test -v -coverprofile coverage.out -json ./... | tee coverage.json
+
+      - name: 'Archive Golang Test Results'
+        uses: actions/upload-artifact@v3
+        with:
+          name: code-coverage-report
+          path: coverage.*
+          retention-days: 1
+
+  sonarcloud:
+    name: 'SonarCloud'
+    runs-on: ubuntu-latest
+    needs: [gotest]
+    permissions:
+      contents: read
+
+    steps:
+      - name: 'Checkout repo'
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+
+      - name: 'Download Code Coverage Report'
+        uses: actions/download-artifact@v3
+        with:
+          name: code-coverage-report
+
+      - name: 'SonarCloud Scan'
+        uses: SonarSource/sonarcloud-github-action@master
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}  # Needed to get PR information, if any
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
\ No newline at end of file
diff --git a/sonar-project.properties b/sonar-project.properties
new file mode 100644
index 0000000..f4acf5c
--- /dev/null
+++ b/sonar-project.properties
@@ -0,0 +1,17 @@
+# must be unique in a given SonarQube instance
+sonar.projectKey=opentdf_backend-go
+sonar.organization=opentdf
+
+# Path is relative to the sonar-project.properties file. Replace "\" by "/" on Windows.
+# This property is optional if sonar.modules is set.
+sonar.sources=pkg
+sonar.exclusions=**/*_test.go,**/mock_*.go,cmd/*.go
+
+sonar.tests=.
+sonar.test.inclusions=**/*_test.go
+
+sonar.go.coverage.reportPaths=coverage.out
+sonar.go.tests.reportPaths=coverage.json
+
+# Encoding of the source code. Default is default system encoding
+sonar.sourceEncoding=UTF-8
\ No newline at end of file