Merge pull request #3803 from amvanbaren/update-sonar-workflow

Update Sonar workflow

Author: amvanbaren

.github/workflows/main.yml

@@ -1,74 +1,19 @@
 name: Sonar
 on:
-  workflow_run:
-    workflows: [Build]
-    types: [completed]
+  push:
+    branches:
+      - main
+  pull_request:
+      types: [opened, synchronize, reopened]
 jobs:
   sonar:
     name: Sonar
     runs-on: ubuntu-latest
-    if: github.event.workflow_run.conclusion == 'success'
     steps:
-    - name: Create artifacts directory
-      run: mkdir -p ${{ runner.temp }}/artifacts
-    - name: Download PR number artifact
-      if: github.event.workflow_run.event == 'pull_request'
-      uses: dawidd6/action-download-artifact@v6
-      with:
-        workflow: Build
-        run_id: ${{ github.event.workflow_run.id }}
-        path: ${{ runner.temp }}/artifacts
-        name: PR_NUMBER
-    - name: Read PR_NUMBER.txt
-      if: github.event.workflow_run.event == 'pull_request'
-      id: pr_number
-      uses: juliangruber/read-file-action@v1
-      with:
-        path: ${{ runner.temp }}/artifacts/PR_NUMBER.txt
-    - name: Request GitHub API for PR data
-      if: github.event.workflow_run.event == 'pull_request'
-      uses: octokit/[email protected]
-      id: get_pr_data
-      with:
-        route: GET /repos/{full_name}/pulls/{number}
-        number: ${{ steps.pr_number.outputs.content }}
-        full_name: ${{ github.event.repository.full_name }}
-      env:
-        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
     - uses: actions/checkout@v4
       with:
-          repository: ${{ github.event.workflow_run.head_repository.full_name }}
-          ref: ${{ github.event.workflow_run.head_branch }}
-          fetch-depth: 0
-    - name: Checkout base branch
-      if: github.event.workflow_run.event == 'pull_request'
-      env:
-        HEAD_BRANCH: ${{ github.event.workflow_run.head_branch }}
-      run: |
-        git remote add upstream ${{ github.event.repository.clone_url }}
-        git fetch upstream
-        git checkout -B ${{ fromJson(steps.get_pr_data.outputs.data).base.ref }} upstream/${{ fromJson(steps.get_pr_data.outputs.data).base.ref }}
-        git checkout $HEAD_BRANCH
-        git clean -ffdx && git reset --hard HEAD
-    - name: SonarCloud Scan on PR
-      if: github.event.workflow_run.event == 'pull_request'
-      uses: sonarsource/sonarcloud-github-action@master
+        fetch-depth: 0
+    - name: SonarCloud Scan
+      uses: SonarSource/sonarqube-scan-action@master
       env:
-        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
-      with:
-        args: >
-          -Dsonar.scm.revision=${{ github.event.workflow_run.head_sha }}
-          -Dsonar.pullrequest.key=${{ fromJson(steps.get_pr_data.outputs.data).number }}
-          -Dsonar.pullrequest.branch=${{ fromJson(steps.get_pr_data.outputs.data).head.ref }}
-          -Dsonar.pullrequest.base=${{ fromJson(steps.get_pr_data.outputs.data).base.ref }}
-    - name: SonarCloud Scan on push
-      if: github.event.workflow_run.event == 'push' && github.event.workflow_run.head_repository.full_name == github.event.repository.full_name
-      uses: sonarsource/sonarcloud-github-action@master
-      env:
-        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
-      with:
-        args: >
-          -Dsonar.scm.revision=${{ github.event.workflow_run.head_sha }}
-          -Dsonar.branch.name=${{ github.event.workflow_run.head_branch }}