feat: SonarQube

Signed-off-by: Lennart Krauch <[email protected]>

.github/workflows/sonarqube.yaml

@@ -0,0 +1,19 @@
+name: Build
+on:
+  push:
+    branches:
+      - master
+  pull_request:
+    types: [opened, synchronize, reopened]
+jobs:
+  sonarqube:
+    name: SonarQube
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0  # Shallow clones should be disabled for a better relevancy of analysis
+      - name: SonarQube Scan
+        uses: SonarSource/sonarqube-scan-action@v4
+        env:
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}

sonar-project.properties

@@ -0,0 +1,13 @@
+sonar.projectKey=scrumlr_scrumlr
+sonar.organization=scrumlr
+
+# This is the name and version displayed in the SonarCloud UI.
+#sonar.projectName=scrumlr
+#sonar.projectVersion=1.0
+
+
+# Path is relative to the sonar-project.properties file. Replace "\" by "/" on Windows.
+#sonar.sources=.
+
+# Encoding of the source code. Default is default system encoding
+#sonar.sourceEncoding=UTF-8