name: SonarQube Analysis

on:
  push:
    branches:
      - main
      - master
  pull_request:
    branches:
      - main
      - master
    types:
      - opened
      - synchronize
      - reopened

jobs:
  sonarqube:
    name: SonarQube Scan
    runs-on: ubuntu-latest

    steps:
      - name: Checkout repository
        uses: actions/checkout@v3
        with:
          fetch-depth: 0

      - name: Run SonarScanner (Docker v12)
        run: |
          # Extract repository name safely
          PROJECT_KEY=$(echo "$GITEA_REPOSITORY" | awk -F/ '{print $2}')

          echo "Using project key: $PROJECT_KEY"

          docker run --rm \
            -v "$PWD:/usr/src" \
            -w /usr/src \
            -e SONAR_HOST_URL=${{ secrets.SONARQUBE_HOST }} \
            -e SONAR_TOKEN=${{ secrets.SONARQUBE_TOKEN }} \
            sonarsource/sonar-scanner-cli:12 \
            -Dsonar.projectKey=$PROJECT_KEY \
            -Dsonar.projectName=$PROJECT_KEY \
            -Dsonar.sources=. \
            -Dsonar.exclusions=node_modules/**,dist/**,coverage/** \
            -Dsonar.qualitygate.wait=true