Add .gitea/workflows/sonarscan.yml

.gitea/workflows/sonarscan.yml

@@ -0,0 +1,64 @@
+name: SonarQube Quality Gate
+
+on:
+  push:
+    branches:
+      - testing
+      - main
+
+  pull_request:
+    branches:
+      - testing
+      - main
+
+env:
+  SONAR_HOST_URL: ${{ secrets.SONARQUBE_HOST }}
+  SONAR_TOKEN: ${{ secrets.SONARQUBE_TOKEN }}
+
+jobs:
+  sonarqube:
+    name: SonarQube Scan
+    runs-on: ubuntu-latest
+
+    container:
+      image: sonarsource/sonar-scanner-cli:latest
+      options: --user root
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+
+      - name: Set project metadata
+        run: |
+          echo "PROJECT_KEY=${{ gitea.repository }}" >> $GITHUB_ENV
+          echo "PROJECT_NAME=${{ gitea.repository }}" >> $GITHUB_ENV
+
+      - name: Run SonarQube Scan
+        run: |
+          sonar-scanner \
+            -Dsonar.projectKey=$PROJECT_KEY \
+            -Dsonar.projectName=$PROJECT_NAME \
+            -Dsonar.sources=. \
+            -Dsonar.host.url=$SONAR_HOST_URL \
+            -Dsonar.token=$SONAR_TOKEN \
+            -Dsonar.exclusions=node_modules/**,dist/**,coverage/** \
+            -Dsonar.qualitygate.wait=true \
+            -Dsonar.branch.name=${{ gitea.ref_name }}
+
+      # PR-specific configuration
+      - name: SonarQube PR Analysis
+        if: gitea.event_name == 'pull_request'
+        run: |
+          sonar-scanner \
+            -Dsonar.projectKey=$PROJECT_KEY \
+            -Dsonar.projectName=$PROJECT_NAME \
+            -Dsonar.sources=. \
+            -Dsonar.host.url=$SONAR_HOST_URL \
+            -Dsonar.token=$SONAR_TOKEN \
+            -Dsonar.exclusions=node_modules/**,dist/**,coverage/** \
+            -Dsonar.qualitygate.wait=true \
+            -Dsonar.pullrequest.key=${{ gitea.event.pull_request.number }} \
+            -Dsonar.pullrequest.branch=${{ gitea.head_ref }} \
+            -Dsonar.pullrequest.base=${{ gitea.base_ref }}