Fix SonarQube scan in CI

.github/actions/sonar-scan/action.yml

@@ -0,0 +1,46 @@
+name: 'Sonar scan'
+description: 'Triggers a Sonarqube scan'
+inputs:
+  sonar-token:
+    description: 'Sonarqube token'
+    required: true
+  sonar-host-url:
+    description: 'Sonarqube host url'
+    required: false
+    default: 'https://sonarqube.amalgama.co'
+  sonar-scanner-version:
+    description: 'The version of the SonarScanner to use'
+    required: false
+    default: '5.0.1.3006'
+  working-directory:
+    description: 'The working directory where to run the action'
+    required: false
+    default: '.'
+runs:
+  using: "composite"
+  steps:
+    - name: Download and install the SonarScanner
+      env:
+        SONAR_SCANNER_VERSION: ${{ inputs.sonar-scanner-version }}
+      shell: bash
+      run: |
+        mkdir -p $HOME/.sonar/
+        curl -sSLo $HOME/.sonar/sonar-scanner.zip https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-${{ env.SONAR_SCANNER_VERSION }}-linux.zip
+        unzip -qq -o $HOME/.sonar/sonar-scanner.zip -d $HOME/.sonar/
+        echo "$HOME/.sonar/sonar-scanner-${{ env.SONAR_SCANNER_VERSION }}-linux/bin" >> $GITHUB_PATH
+      working-directory: ${{ inputs.working-directory }}
+    - name: SonarQube analysis
+      env:
+        SONAR_TOKEN: ${{ inputs.sonar-token }}
+        SONAR_HOST_URL: ${{ inputs.sonar-host-url }}
+      shell: bash
+      run: sonar-scanner
+      working-directory: ${{ inputs.working-directory }}
+    - name: SonarQube Quality Gate check
+      env:
+        SONAR_TOKEN: ${{ inputs.sonar-token }}
+        SONAR_HOST_URL: ${{ inputs.sonar-host-url }}
+      id: sonarqube-quality-gate-check
+      uses: sonarsource/sonarqube-quality-gate-action@master
+      with:
+        scanMetadataReportFile: ${{ inputs.working-directory }}/.scannerwork/report-task.txt

.github/workflows/ci.yml

@@ -11,47 +11,42 @@ jobs:
   build:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - uses: ./.github/actions/install-yarn-dependencies
   lint:
     runs-on: ubuntu-latest
     needs: [build]
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - uses: ./.github/actions/install-yarn-dependencies
       - run: yarn lint
   test:
     runs-on: ubuntu-latest
     needs: [lint]
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - uses: ./.github/actions/install-yarn-dependencies
       - run: yarn test --ci --forceExit --detectOpenHandles
-      - uses: actions/upload-artifact@v3
+      - uses: actions/upload-artifact@v4
         with:
           name: reports
           path: reports/
   sonar:
+    name: Run sonar scanner
     runs-on: ubuntu-latest
-    needs: [test]
+    needs: [ test ]
     steps:
-      - uses: actions/checkout@v3
-        with:
-          # Disabling shallow clone is recommended for improving relevancy of reporting.
-          fetch-depth: 0
-
-      # Triggering SonarQube analysis as results of it are required by Quality Gate check.
-      - name: SonarQube Scan
-        uses: sonarsource/sonarqube-scan-action@master
-        env:
-          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
-          SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
-
-      # Check the Quality Gate status.
-      - name: SonarQube Quality Gate check
-        id: sonarqube-quality-gate-check
-        uses: sonarsource/sonarqube-quality-gate-action@master
-        # Force to fail step after specific time.
-        timeout-minutes: 5
-        env:
-          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+    - name: Checking out
+      uses: actions/checkout@v4
+      with:
+        # Disabling shallow clone is recommended for improving relevancy of reporting
+        fetch-depth: 0
+    - name: Download test coverage report artifact
+      uses: actions/download-artifact@v4
+      with:
+        name: reports
+        path: reports/
+    - name: Run scan
+      uses: ./.github/actions/sonar-scan
+      with:
+        sonar-token: ${{ secrets.SONAR_TOKEN }}