codequality.yml

name: Code Quality

on: push

permissions:
  contents: read # This is required for actions/checkout
  actions: read # Required by CodeQL
  security-events: write # Required by CodeQL
  
jobs:
  code-scanning:
    runs-on: ubuntu-latest

    steps:
    - uses: actions/checkout@v4
      with:
        fetch-depth: 0  # Shallow clones should be disabled for a better relevancy of analysis

    - name: Set up JDK 17
      uses: actions/setup-java@v4
      with:
        java-version: 17
        distribution: 'zulu' # Alternative distribution options are available.

    - name: Install SonarCloud scanner
      shell: bash
      run: dotnet tool install --global dotnet-sonarscanner

    - name: Initialize CodeQL
      uses: github/codeql-action/init@v3
      with:
        languages: 'csharp'

    - name: Begin SonarScanner
      shell: bash
      env:
        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}  # Needed to get PR information, if any
        SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
      run: |
        cd src
        dotnet sonarscanner begin /k:"frasermolyneux_portal-repository" /o:"frasermolyneux" /d:sonar.token="${{ secrets.SONAR_TOKEN }}" /d:sonar.host.url="https://sonarcloud.io"
        
    - uses: frasermolyneux/actions/dotnet-ci@main
      with:
        dotnet-version: 9.0.x
        src-folder: "src"
        majorMinorVersion: "1.1"

    - name: End SonarScanner
      shell: bash
      env:
        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}  # Needed to get PR information, if any
        SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
      run: |
        cd src
        dotnet sonarscanner end /d:sonar.token="${{ secrets.SONAR_TOKEN }}"

    - name: Perform CodeQL Analysis
      uses: github/codeql-action/analyze@v3
      with:
        category: "/language:'csharp'"