on:
  push:
    branches:
      - main
      - dev
      - "!renovate/**"
  pull_request:
    types: [opened, synchronize, reopened]

name: SonarQube Scan
jobs:
  sonarqube:
    name: SonarQube Trigger
    runs-on: ubuntu-latest
    steps:
      - name: Checking out
        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
        with:
          # Disabling shallow clone is recommended for improving relevancy of reporting
          fetch-depth: 0
      - name: SonarQube Scan
        uses: SonarSource/sonarqube-scan-action@13990a695682794b53148ff9f6a8b6e22e43955e # v3.1.0
        env:
          SONAR_HOST_URL: ${{ secrets.SONARQUBE_HOST }}
          SONAR_TOKEN: ${{ secrets.SONARQUBE_TOKEN }}

      # Check the Quality Gate status.
      - name: SonarQube Quality Gate check
        uses: sonarsource/sonarqube-quality-gate-action@master
        timeout-minutes: 2
        env:
          SONAR_HOST_URL: ${{ secrets.SONARQUBE_HOST }}
          SONAR_TOKEN: ${{ secrets.SONARQUBE_TOKEN }}