name: sonar-scan

on:
  push:
    branches: [master]
  pull_request:
    branches: [master]

# Cancel old PR builds when pushing new commits.
concurrency:
  group: sonar-scan-${{ github.event.pull_request.number || github.ref }}
  cancel-in-progress: true

jobs:
  sonar-scan:
    runs-on: ubuntu-latest
    env:
      BUILD_WRAPPER_OUT_DIR: build_wrapper_output_directory # Directory where build-wrapper output will be placed
    steps:
      - uses: actions/checkout@v4
        with:
          fetch-depth: 0  # Shallow clones should be disabled for a better relevancy of analysis
          submodules: recursive
      - name: Install Build Wrapper
        uses: SonarSource/sonarqube-scan-action/install-build-wrapper@v6
      - name: Install dependencies and prepare build
        run: |
          .github/scripts/sonar-prepare
      - name: Run Build Wrapper
        run: |
          build-wrapper-linux-x86-64 --out-dir ${{ env.BUILD_WRAPPER_OUT_DIR }} .github/scripts/sonar-build
      - name: Ensure compile_commands.json is generated
        run: ls -l "${{ env.BUILD_WRAPPER_OUT_DIR }}/compile_commands.json"
      - name: SonarQube Scan
        if: github.event_name == 'push'
        uses: SonarSource/sonarqube-scan-action@v6
        env:
          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
        with:
          args: >
            --define "sonar.cfamily.compile-commands=${{ env.BUILD_WRAPPER_OUT_DIR }}/compile_commands.json"