From 086fd43c122ba122262e15b463b5e2967729d60e Mon Sep 17 00:00:00 2001
From: Vinod Anandan <vinod@owasp.org>
Date: Tue, 24 Nov 2020 00:18:38 +0000
Subject: [PATCH 1/2] Enable SonarCloud scan

---
 .github/workflows/sonarcloud.yml | 39 ++++++++++++++++++++++++++++++++
 pom.xml                          |  3 ---
 2 files changed, 39 insertions(+), 3 deletions(-)
 create mode 100644 .github/workflows/sonarcloud.yml

diff --git a/.github/workflows/sonarcloud.yml b/.github/workflows/sonarcloud.yml
new file mode 100644
index 0000000000000..5e09df621f317
--- /dev/null
+++ b/.github/workflows/sonarcloud.yml
@@ -0,0 +1,39 @@
+name: Sonarcloud Analysis
+on:
+  push:
+    branches:
+      - main
+  pull_request_target:
+    types: [opened, synchronize, reopened]
+jobs:
+  build:
+    name: Build
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+        with:
+          fetch-depth: 0  # Shallow clones should be disabled for a better relevancy of analysis
+      - name: Set up JDK 11
+        uses: actions/setup-java@v1
+        with:
+          java-version: 11
+      - name: Get Date
+        id: get-date
+        run: |
+          echo "::set-output name=date::$(/bin/date -u "+%Y-%m")"
+        shell: bash
+      - name: Cache SonarCloud packages
+        uses: actions/cache@v2
+        with:
+          path: ~/.sonar/cache
+          key: ${{ runner.os }}-sonar-${{ steps.get-date.outputs.date }}
+      - name: Cache Maven packages
+        uses: actions/cache@v2
+        with:
+          path: ~/.m2
+          key: ${{ runner.os }}-m2-${{ steps.get-date.outputs.date }}
+      - name: Build and analyze
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+        run: ./mvnw -e -B --settings .github/mvn-settings.xml -Dquickly-ci install org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.organization=quarkusio -Dsonar.projectKey=quarkusio_quarkus -Dsonar.host.url=https://sonarcloud.io -Dsonar.projectName=Quarkus -Dsonar.java.libraries=/home/runner/.m2/repository/**/*.jar
diff --git a/pom.xml b/pom.xml
index ab3e6de852b22..88cc3c32c3ac7 100644
--- a/pom.xml
+++ b/pom.xml
@@ -57,9 +57,6 @@
         <skipDocs>false</skipDocs>
         <skip.gradle.tests>false</skip.gradle.tests>
 
-        <sonar.projectKey>quarkusio_quarkus</sonar.projectKey>
-        <sonar.organization>quarkusio</sonar.organization>
-        <sonar.host.url>https://sonarcloud.io</sonar.host.url>
     </properties>
 
     <modules>

From ea3987449d85a5af641d36ea74cafc638fb2b883 Mon Sep 17 00:00:00 2001
From: Guillaume Smet <guillaume.smet@gmail.com>
Date: Thu, 1 Apr 2021 13:47:33 +0200
Subject: [PATCH 2/2] For now, only enable manual builds of the workflow

---
 .github/workflows/sonarcloud.yml | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/.github/workflows/sonarcloud.yml b/.github/workflows/sonarcloud.yml
index 5e09df621f317..3ab3a3c5f8613 100644
--- a/.github/workflows/sonarcloud.yml
+++ b/.github/workflows/sonarcloud.yml
@@ -1,10 +1,11 @@
 name: Sonarcloud Analysis
 on:
-  push:
-    branches:
-      - main
-  pull_request_target:
-    types: [opened, synchronize, reopened]
+#  push:
+#    branches:
+#      - main
+#  pull_request_target:
+#    types: [opened, synchronize, reopened]
+  workflow_dispatch:
 jobs:
   build:
     name: Build