# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json
name: Sonarcloud

on:
  # Do not run on pull-request because the required tokens
  # cannot be read from there.
  push:
    # Explicitly specifying this results in tags being ignored, which is the goal.
    branches: ["**"]
    paths:
      - .github/workflows/sonarcloud.yml
      - sonar-project.properties
      - "src/**"
      - "tests/**"

env:
  dotnetVersion: 8.0.x

jobs:
  sonarcloud:
    name: SonarCloud
    runs-on: ubuntu-latest
    steps:
      - name: Get Source Code
        uses: actions/checkout@v4
        with:
          fetch-depth: 0 # avoid shallow clone for GitVersion and Sonar analysis

      # GH Runners come with Java 11, which is deprecated by Sonarcloud
      - name: Setup Java
        uses: actions/setup-java@v4
        with:
          java-version: 20
          java-package: jre
          distribution: temurin

      - name: Setup dotnet
        uses: actions/setup-dotnet@v4
        with:
          dotnet-version: ${{ env.dotnetVersion }}

      - name: Install Tooling
        run: dotnet tool restore

      - name: Perform Scan
        run: pwsh ci/RunSonarScan.ps1 -SonarToken "${{ secrets.SONAR_TOKEN }}"