Merge pull request #12 from wpallstars/configure-code-quality-tools

Configure SonarCloud and Codacy with proper settings

.github/workflows/code-quality.yml

@@ -36,8 +36,65 @@ jobs:
           composer run phpcbf -- --dry-run
         continue-on-error: true
 
-  # SonarCloud job temporarily removed due to Java version compatibility issues
-  # Will be re-added in a future PR with proper configuration
+  sonarcloud:
+    name: SonarCloud Analysis
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
 
-  # Codacy job temporarily removed due to GitHub Actions compatibility issues
-  # Will be re-added in a future PR with proper configuration
+      - name: Set up JDK 17
+        uses: actions/setup-java@v3
+        with:
+          java-version: 17
+          distribution: 'temurin'
+
+      - name: Cache SonarCloud packages
+        uses: actions/cache@v3
+        with:
+          path: ~/.sonar/cache
+          key: ${{ runner.os }}-sonar
+          restore-keys: ${{ runner.os }}-sonar
+
+      - name: SonarCloud Scan
+        uses: SonarSource/sonarcloud-github-action@v2.0.2
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+        with:
+          args: >
+            -Dsonar.projectKey=wpallstars_wp-plugin-starter-template-for-ai-coding
+            -Dsonar.organization=wpallstars
+            -Dsonar.sources=.
+            -Dsonar.exclusions=vendor/**,node_modules/**,tests/**,bin/**,build/**,dist/**
+            -Dsonar.sourceEncoding=UTF-8
+        continue-on-error: true
+
+  codacy:
+    name: Codacy Analysis
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: Run Codacy Analysis CLI
+        uses: codacy/codacy-analysis-cli-action@v4.3.0
+        with:
+          project-token: ${{ secrets.CODACY_PROJECT_TOKEN }}
+          verbose: true
+          output: results.sarif
+          format: sarif
+          # Adjust the below patterns based on your project structure
+          gh-code-scanning-compat: true
+          max-allowed-issues: 2147483647
+        continue-on-error: true
+
+      - name: Upload SARIF results file
+        uses: github/codeql-action/upload-sarif@v2
+        with:
+          sarif_file: results.sarif
+        continue-on-error: true

sonar-project.properties

@@ -1,17 +1,27 @@
+# Required metadata
 sonar.projectKey=wpallstars_wp-plugin-starter-template-for-ai-coding
 sonar.organization=wpallstars
-
-# This is the name and version displayed in the SonarCloud UI.
 sonar.projectName=wp-plugin-starter-template-for-ai-coding
 sonar.projectVersion=0.1.10
 
-# Path is relative to the sonar-project.properties file
+# Path to source directories
 sonar.sources=.
+
+# Path to test directories (comment if no test)
+sonar.tests=tests
+
+# Source encoding
+sonar.sourceEncoding=UTF-8
+
+# Exclusions for copy-paste detection
+sonar.cpd.exclusions=tests/**
+
+# Exclude directories and files
+sonar.exclusions=vendor/**,node_modules/**,tests/**,bin/**,build/**,dist/**,.github/**,.git/**
+
+# PHP specific configuration
 sonar.php.coverage.reportPaths=coverage.xml
 sonar.php.tests.reportPath=test-report.xml
 
-# Encoding of the source code. Default is default system encoding
-sonar.sourceEncoding=UTF-8
-
-# Exclude directories
-sonar.exclusions=vendor/**,node_modules/**,tests/**,bin/**,build/**,dist/**
+# Additional parameters
+sonar.verbose=true