wdipl-actions/.gitea/workflows/quality.yml

name: SonarQube Analysis

on:
  workflow_call:
    inputs:
      project_key:
        type: string
        required: true
      wait_for_quality_gate:
        type: string
        default: false

    secrets:
      SONARQUBE_HOST:
        required: true
      SONARQUBE_TOKEN:
        required: true

jobs:
  sonarqube:
    runs-on: ubuntu-latest

    container:
      image: sonarsource/sonar-scanner-cli:12.0.0.3214_8.0.1
      options: --user root

    steps:
      - name: Checkout Code
        uses: actions/checkout@v3

      - name: Run SonarQube Scan
        env:
          SONAR_HOST_URL: ${{ secrets.SONARQUBE_HOST }}
          SONAR_TOKEN: ${{ secrets.SONARQUBE_TOKEN }}
        run: |
          sonar-scanner \
            -Dsonar.projectKey=${{ inputs.project_key }} \
            -Dsonar.projectName=${{ inputs.project_key }} \
            -Dsonar.sources=. \
            -Dsonar.exclusions=node_modules/**,dist/**,coverage/** \
            -Dsonar.qualitygate.wait=${{ inputs.wait_for_quality_gate }}