sonarscan.yml

name: SonarCloud Analysis

on:
  push:
    branches:
      - master
  pull_request:
    branches:
      - master
  workflow_dispatch:

concurrency:
  group: ${{ github.workflow }}-${{ github.ref }}
  cancel-in-progress: true

permissions:
  contents: read

env:
  SONARSCANNER: "true"
  COLLECT_COVERAGE: "1"

jobs:
  build:
    name: SonarCloud Scan
    runs-on: ubuntu-latest
    permissions:
      contents: read
      packages: read
    if: |
      github.event_name == 'workflow_dispatch' ||
      github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name == github.event.pull_request.base.repo.full_name && github.event.sender.login != 'dependabot[bot]' ||
      github.event_name == 'push' && !contains(github.event.head_commit.message, '[ci skip]')
    steps:
      - name: Run SonarCloud analysis
        uses: myrotvorets/composite-actions/node-sonarscan@master
        with:
          sonar-token: ${{ secrets.SONAR_TOKEN }}
          registry-url: https://npm.pkg.github.com