sonarcloud.yml

name: SonarCloud Analysis

# Run this workflow on commits to the development branch
on:
  push:
    branches:
      - development
  pull_request:
    branches:
      - development
      - main
jobs:
  sonarcloud:
    runs-on: ubuntu-latest

    steps:
      - name: Checkout repository
        uses: actions/checkout@v4
      - name: Set up JDK 17
        uses: actions/setup-java@v4
        with:
          distribution: 'zulu'
          java-version: '17'
      - name: Load local Maven repository cache
        uses: actions/cache@v4
        with:
          path: ~/.m2/repository
          key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
          restore-keys: |
            ${{ runner.os }}-maven-

      # Build the project using Maven
      - name: Build with Maven
        run: mvn clean install

      # Run SonarCloud analysis
      - name: SonarCloud Scan
        env:
          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} # Use the token stored in GitHub secrets
        run: mvn sonar:sonar