# Name of the workflow, visible in the Gitea Actions UI
name: Sonar analyzer

# Defines the events that trigger this workflow
on:
  # Trigger on pushes to the 'master' branch
  push:
    branches:
      - main

# Definition of the jobs to be executed in the workflow
jobs:
  # Define the 'build' job
  build:
    # Name displayed for the job in the Gitea Actions UI
    name: Sonar analyzer
    runs-on: ubuntu-latest

    # Definition of the steps within the 'build' job
    steps:
      # Step to checkout the repository code
      # fetch-depth: 0 is important for SonarQube to analyze the full history
      - name: Checkout code
        uses: actions/checkout@v4
        with:
          fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis

      # Step to run the SonarQube scan action
      # This action handles the SonarQube scanner execution within a container
      - name: Analyze with SonarQube
        uses: SonarSource/sonarqube-scan-action@v5
        # Environment variables required by the SonarQube scan action
        env:
          # SONAR_TOKEN and SONAR_HOST_URL must be configured as secrets in your Gitea repository
          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
          SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}

      # Optional step: Check the Quality Gate status
      # Uncomment these lines if you want the job to fail if the Quality Gate is red.
      # This is common practice to prevent merging/deploying code that doesn't meet quality standards.
      - name: Wait for Quality Gate status
        uses: SonarSource/sonarqube-quality-gate-action@v1
        timeout-minutes: 5 # Maximum time to wait for the Quality Gate status
        env:
          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}