From 0f02f272a38c452bf7476e1dc2170fffe95a82e7 Mon Sep 17 00:00:00 2001
From: sievdokymov-virtru
 <100794336+sievdokymov-virtru@users.noreply.github.com>
Date: Thu, 27 Jul 2023 14:54:11 +0300
Subject: [PATCH] Add Sonar Cloud analysis with getting Code Coverage (#216)

---
 .github/workflows/build.yaml |  5 +++++
 lib/package.json             |  2 +-
 sonar-project.properties     | 20 ++++++++++++++++++++
 3 files changed, 26 insertions(+), 1 deletion(-)
 create mode 100644 sonar-project.properties

diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml
index 9993cdc9..dd5d34a5 100644
--- a/.github/workflows/build.yaml
+++ b/.github/workflows/build.yaml
@@ -40,6 +40,11 @@ jobs:
         with:
           name: opentdf-client-lib
           path: ./lib/opentdf-client-*.tgz
+      - name: SonarCloud Scan
+        uses: SonarSource/sonarcloud-github-action@master
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
 
   web-app:
     needs:
diff --git a/lib/package.json b/lib/package.json
index d9856fd1..9ddc5540 100644
--- a/lib/package.json
+++ b/lib/package.json
@@ -43,7 +43,7 @@
   "scripts": {
     "build": "npm run clean && tsc && tsc --project tsconfig.commonjs.json && ../scripts/add-module-types.sh",
     "clean": "rm -rf {build,coverage,dist}",
-    "coverage:merge": "for x in mocha wtr; do cp coverage/$x/coverage-final.json coverage/$x.json; done; nyc report --reporter text -t coverage --lines 75 --statements 75 --branches 70 --functions 65 --check-coverage >coverage/coverage.txt",
+    "coverage:merge": "for x in mocha wtr; do cp coverage/$x/coverage-final.json coverage/$x.json; done; nyc report --reporter text --reporter lcov -t coverage --lines 75 --statements 75 --branches 70 --functions 65 --check-coverage >coverage/coverage.txt",
     "doc": "typedoc --out dist/docs src/index.ts",
     "format": "prettier --write \"{src,tdf3,tests}/**/*.ts\"",
     "license-check": "license-checker-rseidelsohn --production --onlyAllow 'Apache-2.0; BSD; CC-BY-4.0; ISC; MIT'",
diff --git a/sonar-project.properties b/sonar-project.properties
new file mode 100644
index 00000000..78d352f2
--- /dev/null
+++ b/sonar-project.properties
@@ -0,0 +1,20 @@
+# must be unique in a given SonarQube instance
+sonar.projectKey=opentdf_client-web
+
+# Path is relative to the sonar-project.properties file. Replace "\" by "/" on Windows.
+# This property is optional if sonar.modules is set.
+sonar.sources=lib/src,lib/tdf3,web-app/src,web-app/public
+
+sonar.host.url=https://sonarcloud.io
+sonar.organization=opentdf
+
+# code coverage
+sonar.javascript.lcov.reportPaths=lib/coverage/lcov.info
+# sonar.tests=tests
+
+# Encoding of the source code. Default is default system encoding
+sonar.sourceEncoding=UTF-8
+
+# Ignore generated files during analysis
+# Also, ignore healthz file since it is itself a test, and does not need testing.
+# sonar.exclusions=public/js/*.js,public/css/*.css,lib/app/routes/healthz.js
\ No newline at end of file