sonar

Bump the serilog group with 2 updates #483

	name: sonar
	on:
	push:
	branches:
	- main
	paths:
	- "src/**"
	- "tests/**"
	- "*/.props"
	- "**/packages.lock.json"
	- ".config/dotnet-tools.json"
	- "global.json"
	- ".github/workflows/sonar.yml"
	pull_request:
	branches:
	- main
	paths:
	- "src/**"
	- "tests/**"
	- "*/.props"
	- "**/packages.lock.json"
	- ".config/dotnet-tools.json"
	- "global.json"
	- ".github/workflows/sonar.yml"
	workflow_dispatch:
	concurrency:
	group: ${{ github.workflow }}-${{ github.ref }}
	cancel-in-progress: true
	jobs:
	sonarcloud:
	runs-on: ubuntu-latest
	permissions:
	contents: read
	steps:
	- uses: actions/checkout@v6
	with:
	fetch-depth: 0
	- name: Setup .NET
	uses: actions/setup-dotnet@v5
	with:
	global-json-file: ./global.json
	cache: true
	cache-dependency-path: "**/packages.lock.json"
	- name: Set up JDK
	uses: actions/setup-java@v5
	with:
	java-version: 17
	distribution: "zulu"
	- name: Install tools
	run: dotnet tool restore
	- name: Build and analyze with coverage
	env:
	SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
	USE_MOCK_SERVER: ${{ vars.USE_MOCK_SERVER }}
	run: \|
	dotnet tool run dotnet-sonarscanner begin \
	/k:"Tsingis_bitcoin-web-api" \
	/o:"tsingis" \
	/d:sonar.token="${{ env.SONAR_TOKEN }}" \
	/d:sonar.host.url="https://sonarcloud.io" \
	/d:sonar.cs.vscoveragexml.reportsPaths="coverage.xml" \
	/d:sonar.scanner.scanAll=false

	dotnet restore --locked-mode
	dotnet build --no-restore
	dotnet tool run dotnet-coverage collect \
	"dotnet test --no-restore --no-build" -f xml -o "coverage.xml"

	dotnet tool run dotnet-sonarscanner end \
	/d:sonar.token="${{ env.SONAR_TOKEN }}"

Provide feedback