add sonarqube scan

paul-gilber · Oct 26, 2023 · d827950 · d827950
1 parent 186bb86
commit d827950
Showing 1 changed file with 12 additions and 4 deletions.
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -15,18 +15,26 @@ jobs:
     uses: ./.github/workflows/lint.yml    # Workflow calls need to be executed as jobs
     with:
       yaml: true
+  sonarqube-scan:
+    runs-on: ubuntu-latest
+    steps:
+      - name: SonarQube Scan
+        uses: sonarsource/sonarqube-scan-action@master
+        env:
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+          SONAR_HOST_URL: https://sonarcloud.io/
   build:
-    needs: lint
+    needs: sonarqube-scan
     runs-on: ubuntu-latest
     steps:
       - name: Clone
         uses: actions/checkout@v4    # https://github.com/marketplace/actions/checkout
       - name: Set up QEMU
-        uses: docker/setup-qemu-action@v3
+        uses: docker/setup-qemu-action@v3    # https://github.com/marketplace/actions/docker-setup-qemu
       - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v3
+        uses: docker/setup-buildx-action@v3    # https://github.com/marketplace/actions/docker-setup-buildx
       - name: Build container image
-        uses: docker/build-push-action@v5
+        uses: docker/build-push-action@v5    # https://github.com/marketplace/actions/build-and-push-docker-images
         with:
           context: .
           file: Containerfile