add SonarQube scan

Author: hathach

.github/workflows/static_analysis.yml

@@ -127,7 +127,7 @@ jobs:
       - name: Upload SARIF
         uses: github/codeql-action/upload-sarif@v4
         with:
-          sarif_file: pvs-${{ matrix.board }}.sarif
+          sarif_file: pvs-studio-${{ matrix.board }}.sarif
           category: PVS-Studio
 
       - name: Upload artifact
@@ -173,8 +173,7 @@ jobs:
         uses: SonarSource/sonarqube-scan-action@v6
         env:
           SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
-          SONAR_ROOT_CERT: ${{ secrets.SONAR_ROOT_CERT }}
         with:
           # Consult https://docs.sonarsource.com/sonarqube-server/latest/analyzing-source-code/scanners/sonarscanner/ for more information and options
           args: >
-            --define sonar.cfamily.compile-commands="${{ env.BUILD_WRAPPER_OUT_DIR }}/compile_commands.json"
+            --define sonar.cfamily.compile-commands=${{ env.BUILD_WRAPPER_OUT_DIR }}/compile_commands.json

sonar-project.properties

@@ -0,0 +1,14 @@
+sonar.projectKey=hathach_tinyusb
+sonar.organization=hathach
+
+
+# This is the name and version displayed in the SonarCloud UI.
+sonar.projectName=tinyusb
+sonar.projectVersion=0.19.0
+
+
+# Path is relative to the sonar-project.properties file. Replace "\" by "/" on Windows.
+#sonar.sources=.
+
+# Encoding of the source code. Default is default system encoding
+#sonar.sourceEncoding=UTF-8