# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json
name: Sonarcloud

on:
  # Do not run on pull-request because the required tokens
  # cannot be read from there.
  push:
    # Explicitly specifying this results in tags being ignored, which is the goal.
    branches: ["**"]
    paths:
      - .github/workflows/sonarcloud.yml
      - sonar-project.properties
      - "src/**"

env:
  dotnetVersion: "7.0.x"

jobs:
  sonarcloud:
    name: SonarCloud
    runs-on: ubuntu-latest
    env:
      DOTNET_ROLL_FORWARD: LatestMajor
      GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
    steps:
      - name: Get Source Code
        uses: actions/checkout@v3
        with:
          fetch-depth: 0 # avoid shallow clone for GitVersion

      # GH Runners come with Java 11, which is deprecated by Sonarcloud
      - name: Setup Java
        uses: actions/setup-java@v3
        with:
          java-version: 20
          java-package: jre
          distribution: temurin

      - name: Setup dotnet
        uses: actions/setup-dotnet@v3
        with:
          dotnet-version: ${{ env.dotnetVersion }}

      - name: Install Tooling
        run: |
          dotnet tool install --global dotnet-sonarscanner
          dotnet tool install --global GitVersion.Tool

      - name: Perform Scan
        run: pwsh ci/RunSonarScan.ps1 -SonarToken "${{ secrets.SONAR_TOKEN }}"