sonarcloud: quality gate

.github/workflows/node.js.yml

@@ -44,3 +44,16 @@ jobs:
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           GITLEAKS_LICENSE: ${{secrets.BAL_GITLEAKS_LICENSE}}
+
+  sonarcloud:
+    name: SonarCloud
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+        with:
+          fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis
+      - name: SonarCloud Scan
+        uses: SonarSource/sonarcloud-github-action@master
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}

sonar-project.properties

@@ -0,0 +1,14 @@
+sonar.projectKey=incubateur-territoires_bal-validateur
+sonar.organization=incubateur-territoires
+sonar.qualitygate.wait=true
+
+# This is the name and version displayed in the SonarCloud UI.
+#sonar.projectName=BAL Validateur
+#sonar.projectVersion=1.0
+
+
+# Path is relative to the sonar-project.properties file. Replace "\" by "/" on Windows.
+#sonar.sources=.
+
+# Encoding of the source code. Default is default system encoding
+#sonar.sourceEncoding=UTF-8