name: SonarCloud Analysis

on:
  push:
    branches: [ main, feature/* ]
  pull_request:
    branches: [ main ]
    types: [opened, synchronize, reopened]
  workflow_dispatch:

permissions:
  contents: read
  pull-requests: read

concurrency:
  group: ${{ github.workflow }}-${{ github.ref }}
  cancel-in-progress: true

jobs:
  sonarcloud:
    name: SonarCloud
    runs-on: ubuntu-latest

    steps:
      - name: Checkout code
        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
        with:
          fetch-depth: 0  # Shallow clones should be disabled for a better relevancy of analysis

      - name: SonarCloud Scan
        uses: SonarSource/sonarcloud-github-action@master
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}  # Needed to get PR information, if any
          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
        with:
          args: >
            -Dsonar.projectKey=wpallstars_wp-plugin-starter-template-for-ai-coding
            -Dsonar.organization=wpallstars
            -Dsonar.sources=.
            -Dsonar.tests=tests
            -Dsonar.sourceEncoding=UTF-8
            -Dsonar.cpd.exclusions=tests/**
            -Dsonar.exclusions=vendor/**,node_modules/**,tests/**,bin/**,build/**,dist/**,.github/**,.git/**,cypress/**,playground/**,.wiki/**
            -Dsonar.php.coverage.reportPaths=coverage.xml
            -Dsonar.php.tests.reportPath=test-report.xml
            -Dsonar.verbose=true