PYSCAN-33: Setup SonarCloud analysis

Author: joke1196

.github/workflows/build-pr.yml

@@ -10,6 +10,10 @@ jobs:
   build:
 
     runs-on: ubuntu-latest
+    permissions:
+      id-token: write     # required by SonarSource/vault-action-wrapper
+      contents: read      # required by actions/checkout
+      pull-requests: read # required by SonarSource/sonarcloud-github-action
     strategy:
       fail-fast: false
 
@@ -37,7 +41,13 @@ jobs:
     - name: Check licensing
       run: |
         hatch run tool:license_check
-#    - name: SonarCloud Scan
-#      uses: SonarSource/sonarcloud-github-action@master
-#      env:
-#        SONAR_TOKEN: FIXME PYSCAN-33: Enable SonarCloud analysis
+    - id: secrets
+      uses: SonarSource/vault-action-wrapper@v2
+      with:
+        secrets: |
+          development/kv/data/sonarcloud token | sonarcloud_token;
+    - name: SonarCloud Scan
+      uses: SonarSource/sonarcloud-github-action@master
+      env:
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        SONAR_TOKEN: ${{ fromJSON(steps.secrets.outputs.vault).sonarcloud_token }}

pyproject.toml

@@ -50,8 +50,8 @@ dependencies = [
 
 [tool.hatch.envs.test.scripts]
 test = "pytest tests/"
-cov = "pytest --cov-report=term-missing --cov-config=pyproject.toml --cov=src/py_sonar_scanner --cov-branch tests"
-cov_xml = "pytest --cov-report=xml:coverage.xml --cov-config=pyproject.toml --cov=src/py_sonar_scanner --cov-branch tests"
+cov = "pytest --cov-report=term-missing --cov-config=pyproject.toml --cov=src --cov-branch tests"
+cov_xml = "pytest --cov-report=xml:coverage.xml --cov-config=pyproject.toml --cov=src --cov-branch tests"
 
 [[tool.hatch.envs.test.matrix]]
 python = ["3.8", "3.9", "3.10", "3.11", "3.12"]
@@ -82,3 +82,8 @@ addopts = [
 [tool.black]
 line-length = 120
 target-version = ["py38", "py39", "py310", "py311", "py312"]
+
+
+[tool.coverage.run]
+branch = true
+relative_files = true