From 08898bf100cdebdf23bef59f82da92cccccb5604 Mon Sep 17 00:00:00 2001
From: John Niang <johnniang@foxmail.com>
Date: Wed, 15 Nov 2023 15:14:55 +0800
Subject: [PATCH 1/2] Integrate with SonarCloud

---
 .github/workflows/halo.yaml | 11 +++++++++++
 api/build.gradle            |  9 +++++++++
 build.gradle                | 13 +++++++++++++
 3 files changed, 33 insertions(+)
 create mode 100644 build.gradle

diff --git a/.github/workflows/halo.yaml b/.github/workflows/halo.yaml
index 3c61b7650..3d41f64fd 100644
--- a/.github/workflows/halo.yaml
+++ b/.github/workflows/halo.yaml
@@ -33,6 +33,12 @@ jobs:
           distribution: 'temurin'
           cache: 'gradle'
           java-version: 17
+      - name: Cache SonarCloud packages
+        uses: actions/cache@v3
+        with:
+          path: ~/.sonar/cache
+          key: ${{ runner.os }}-sonar
+          restore-keys: ${{ runner.os }}-sonar
       - uses: dorny/paths-filter@v2
         id: changes
         with:
@@ -43,6 +49,11 @@ jobs:
         run: ./gradlew check
       - name: Upload coverage reports to Codecov
         uses: codecov/codecov-action@v3
+      - name: Analyze code
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}  # Needed to get PR information, if any
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+        run: ./gradlew sonar --info
       - name: Setup console environment
         if: steps.changes.outputs.console == 'true'
         uses: halo-sigs/actions/admin-env-setup@main
diff --git a/api/build.gradle b/api/build.gradle
index 102a50883..c04f50aad 100644
--- a/api/build.gradle
+++ b/api/build.gradle
@@ -1,6 +1,7 @@
 plugins {
     id 'java-library'
     id 'halo.publish'
+    id 'jacoco'
     id "io.freefair.lombok" version "8.4"
 }
 
@@ -80,4 +81,12 @@ java {
 
 tasks.named('test') {
     useJUnitPlatform()
+    finalizedBy jacocoTestReport
+}
+
+tasks.named('jacocoTestReport') {
+    reports {
+        xml.required = true
+        html.required = false
+    }
 }
diff --git a/build.gradle b/build.gradle
new file mode 100644
index 000000000..d87dd7583
--- /dev/null
+++ b/build.gradle
@@ -0,0 +1,13 @@
+plugins {
+    id "org.sonarqube" version "4.4.1.3373"
+}
+
+group = "run.halo.app"
+
+sonar {
+    properties {
+        property "sonar.projectKey", "halo-dev_halo"
+        property "sonar.organization", "halo-dev"
+        property "sonar.host.url", "https://sonarcloud.io"
+    }
+}

From c5dd569aa7cdf3f3079c778fb52e4abe05f660c4 Mon Sep 17 00:00:00 2001
From: John Niang <johnniang@foxmail.com>
Date: Thu, 16 Nov 2023 15:37:59 +0800
Subject: [PATCH 2/2] Disable code scanning for pull requests (#4863)

---
 .github/workflows/halo.yaml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.github/workflows/halo.yaml b/.github/workflows/halo.yaml
index 3d41f64fd..b4304e2a0 100644
--- a/.github/workflows/halo.yaml
+++ b/.github/workflows/halo.yaml
@@ -50,6 +50,7 @@ jobs:
       - name: Upload coverage reports to Codecov
         uses: codecov/codecov-action@v3
       - name: Analyze code
+        if: ${{ github.event_name == 'push' }} # Due to inability to access secrets during PR, only the code pushed into the branch can be analyzed.
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}  # Needed to get PR information, if any
           SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}