.github/workflows/sonarcloud.yml

name: Sonarcloud
on:
  workflow_dispatch:
  push:
    branches:
      - main
    paths-ignore: ['.vscode/**']
  pull_request:
    types: [opened, synchronize, reopened]
    paths-ignore: ['.vscode/**']


permissions:
  contents: read
  pull-requests: read

env:
  SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}

jobs:
  checksecret:
    name: check if SONAR_TOKEN is set in github secrets
    runs-on: ubuntu-latest
    outputs:
      is_SONAR_TOKEN_set: ${{ steps.checksecret_job.outputs.is_SONAR_TOKEN_set }}
    steps:
      - name: Check whether unity activation requests should be done
        id: checksecret_job
        run: |
            echo "is_SONAR_TOKEN_set=${{ env.SONAR_TOKEN != '' }}" >> $GITHUB_OUTPUT
  build:
    needs: [checksecret]
    if: needs.checksecret.outputs.is_SONAR_TOKEN_set == 'true'
    name: Build
    runs-on: windows-latest
    steps:
      - name: Set up JDK 17
        uses: actions/setup-java@v4
        with:
          distribution: 'adopt'
          java-version: 17
      - name: Setup .NET
        uses: actions/setup-dotnet@v4
        with:
          dotnet-version: 8.0.x
      - uses: actions/checkout@v4
        with:
          fetch-depth: 0  # Shallow clones should be disabled for a better relevancy of analysis
      - name: Cache SonarCloud packages
        uses: actions/cache@v4
        with:
          path: ~/.sonar/cache
          key: ${{ runner.os }}-sonar
          restore-keys: ${{ runner.os }}-sonar
      - name: Cache SonarCloud scanner
        id: cache-sonar-scanner
        uses: actions/cache@v4
        with:
          path: ./.sonar/scanner
          key: ${{ runner.os }}-sonar-scanner
          restore-keys: ${{ runner.os }}-sonar-scanner
      - name: Install SonarCloud scanner
        if: steps.cache-sonar-scanner.outputs.cache-hit != 'true'
        shell: pwsh
        run: |
          New-Item -Path ./.sonar/scanner -ItemType Directory
          dotnet tool update dotnet-sonarscanner --tool-path ./.sonar/scanner
      - name: Build and analyze
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}  # Needed to get PR information, if any
          CollectCoverage: true
          CoverletOutputFormat: 'opencover' # https://github.com/microsoft/vstest/issues/4014#issuecomment-1307913682
        shell: pwsh
        run: |
          ./.sonar/scanner/dotnet-sonarscanner begin /k:"microsoft_OpenAPI.NET" /o:"microsoft" /d:sonar.login="${{ secrets.SONAR_TOKEN }}" /d:sonar.host.url="https://sonarcloud.io" /d:sonar.cs.opencover.reportsPaths="test/**/coverage.opencover.xml"
          dotnet workload restore
          dotnet build
          dotnet test Microsoft.OpenApi.sln --no-build --verbosity normal /p:CollectCoverage=true /p:CoverletOutputFormat=opencover
          ./.sonar/scanner/dotnet-sonarscanner end /d:sonar.login="${{ secrets.SONAR_TOKEN }}"