From 199fd8b1b486f39fd574ccbf13d4f6dfe2bc3e51 Mon Sep 17 00:00:00 2001
From: Kostas Apostolopoulos <kostas.apostolopoulos@vechain.org>
Date: Wed, 25 Oct 2023 16:40:41 +0100
Subject: [PATCH] Refactor build workflow and add SonarCloud analysis

- Rename the file `gitleaks.yml` to `build.yml` for clarity.
- Update the workflow name from "gitleaks" to "Build".
- Modify the event triggers to include pull request events of types: opened, synchronize, reopened.
- Add a new job named "sonarcloud" for SonarCloud analysis.
- Configure SonarCloud steps to checkout code and perform the scan.
---
 .github/workflows/build.yml    | 32 ++++++++++++++++++++++++++++++++
 .github/workflows/gitleaks.yml | 18 ------------------
 2 files changed, 32 insertions(+), 18 deletions(-)
 create mode 100644 .github/workflows/build.yml
 delete mode 100644 .github/workflows/gitleaks.yml

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
new file mode 100644
index 0000000..8556588
--- /dev/null
+++ b/.github/workflows/build.yml
@@ -0,0 +1,32 @@
+name: Build
+on:
+  push:
+    branches:
+      - main
+  pull_request:
+    types: [opened, synchronize, reopened]
+jobs:
+  gitleaks:
+    name: gitleaks
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+      - uses: gitleaks/gitleaks-action@v2
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          GITLEAKS_LICENSE: ${{ secrets.GITLEAKS_LICENSE}}
+
+  sonarcloud:
+    name: SonarCloud
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+        with:
+          fetch-depth: 0  # Shallow clones should be disabled for a better relevancy of analysis
+      - name: SonarCloud Scan
+        uses: SonarSource/sonarcloud-github-action@master
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
\ No newline at end of file
diff --git a/.github/workflows/gitleaks.yml b/.github/workflows/gitleaks.yml
deleted file mode 100644
index 8e0416b..0000000
--- a/.github/workflows/gitleaks.yml
+++ /dev/null
@@ -1,18 +0,0 @@
-name: gitleaks
-on: 
-    pull_request:
-    push:
-      branches:
-        - 'main'
-jobs:
-  scan:
-    name: gitleaks
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v3
-        with:
-          fetch-depth: 0
-      - uses: gitleaks/gitleaks-action@v2
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          GITLEAKS_LICENSE: ${{ secrets.GITLEAKS_LICENSE}}