name: SonarQube Analysis

on:
  push:
    branches:
      - main

jobs:
  sonar:
    runs-on: ubuntu-latest

    steps:
      - name: Checkout repository
        uses: actions/checkout@v4

      - name: Define project key
        run: |
          echo "PROJECT_KEY=${GITHUB_REPOSITORY##*/}" >> "$GITHUB_ENV"

      - name: Create SonarQube project if needed
        run: |
          curl -s -u "${{ secrets.SONAR_ADMIN_TOKEN }}:" \
            -X POST \
            "http://sonarqube:9000/api/projects/create" \
            --data-urlencode "name=${PROJECT_KEY}" \
            --data-urlencode "project=${PROJECT_KEY}" \
            || true

      - name: Run SonarScanner
        run: |
          docker run --rm \
            --network dev-platform_default \
            -e SONAR_HOST_URL="http://sonarqube:9000" \
            -e SONAR_TOKEN="${{ secrets.SONAR_ADMIN_TOKEN }}" \
            -v "$PWD:/usr/src" \
            sonarsource/sonar-scanner-cli \
              -Dsonar.projectKey="${PROJECT_KEY}" \
              -Dsonar.projectName="${PROJECT_KEY}" \
              -Dsonar.sources=. \
              -Dsonar.sourceEncoding=UTF-8