From 243439beb0dfdf5294c7369a8c4545ccfea46f4a Mon Sep 17 00:00:00 2001
From: Feng Yu <abcfy2@163.com>
Date: Mon, 6 Mar 2023 16:31:19 +0800
Subject: [PATCH 1/2] =?UTF-8?q?ci:=20=F0=9F=8E=A1=20add=20sonar=20cloud=20?=
 =?UTF-8?q?scan=20in=20CI?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Details: https://smarttokenlabs.atlassian.net/browse/TKS-809

✅ Closes: https://smarttokenlabs.atlassian.net/browse/TKS-809
---
 .github/workflows/build-examples.yml | 96 +++++++++++++++++-----------
 sonar-project.properties             | 12 ++++
 2 files changed, 70 insertions(+), 38 deletions(-)
 create mode 100644 sonar-project.properties

diff --git a/.github/workflows/build-examples.yml b/.github/workflows/build-examples.yml
index 6d3f1289d..0eb51b763 100644
--- a/.github/workflows/build-examples.yml
+++ b/.github/workflows/build-examples.yml
@@ -2,8 +2,13 @@ name: Build examples
 #description: Build all examples
 
 on:
+  push:
+    branches:
+      - main
+      - staging
   pull_request:
-    branches: [ main, staging ]
+    branches:
+      - "*"
   workflow_dispatch:
     inputs:
       negotiatorBranch:
@@ -23,41 +28,56 @@ jobs:
     strategy:
       matrix:
         node-version: [16.x]
-    
+
+    steps:
+      - uses: actions/checkout@v3
+
+      - name: Use Node.js ${{ matrix.node-version }}
+        uses: actions/setup-node@v3
+        with:
+          node-version: ${{ matrix.node-version }}
+          cache: "npm"
+          cache-dependency-path: "**/package-lock.json"
+          registry-url: "https://npm.pkg.github.com"
+
+      - name: Build
+        run: |
+          echo "Github base ref: $GITHUB_BASE_REF"
+          echo "Requested branch: $NEGOTIATOR_BRANCH"
+
+          npm install
+
+          if [[ $GITHUB_BASE_REF == "staging" ]]; then 
+            echo "This is a staging branch PR, updating package.json files to use negotiator staging branch"
+            scripts/use_negotiator_branch.js staging
+          fi
+          if [[ ! -z $NEGOTIATOR_BRANCH && $NEGOTIATOR_BRANCH != "none" ]]; then
+            echo "Negotiator branch $NEGOTIATOR_BRANCH requested, updating package.json files"
+            scripts/use_negotiator_branch.js $NEGOTIATOR_BRANCH
+          fi
+
+          export BASE_PATH=/token-negotiator-examples/ecommerce-store-website
+          export MAX_PROCESSES=5
+
+          npm run install-examples
+          npm run clean
+          npm run build
+          npm run copy-artifacts
+        env:
+          NEGOTIATOR_BRANCH: ${{ inputs.negotiatorBranch }}
+          NODE_AUTH_TOKEN: ${{ github.token }}
+
+  sonarcloud:
+    needs:
+      - build
+    name: SonarCloud
+    runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v3
-
-    - name: Use Node.js ${{ matrix.node-version }}
-      uses: actions/setup-node@v3
-      with:
-        node-version: ${{ matrix.node-version }}
-        cache: 'npm'
-        cache-dependency-path: '**/package-lock.json'
-        registry-url: 'https://npm.pkg.github.com'
-
-    - name: Build
-      run: |
-        echo "Github base ref: $GITHUB_BASE_REF"
-        echo "Requested branch: $NEGOTIATOR_BRANCH"
-        
-        npm install
-        
-        if [[ $GITHUB_BASE_REF == "staging" ]]; then 
-          echo "This is a staging branch PR, updating package.json files to use negotiator staging branch"
-          scripts/use_negotiator_branch.js staging
-        fi
-        if [[ ! -z $NEGOTIATOR_BRANCH && $NEGOTIATOR_BRANCH != "none" ]]; then 
-          echo "Negotiator branch $NEGOTIATOR_BRANCH requested, updating package.json files"
-          scripts/use_negotiator_branch.js $NEGOTIATOR_BRANCH
-        fi
-        
-        export BASE_PATH=/token-negotiator-examples/ecommerce-store-website
-        export MAX_PROCESSES=5
-        
-        npm run install-examples
-        npm run clean
-        npm run build
-        npm run copy-artifacts
-      env:
-        NEGOTIATOR_BRANCH: ${{ inputs.negotiatorBranch }}
-        NODE_AUTH_TOKEN: ${{ github.token }}
+      - uses: actions/checkout@v3
+        with:
+          fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis
+      - name: SonarCloud Scan
+        uses: SonarSource/sonarcloud-github-action@master
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
diff --git a/sonar-project.properties b/sonar-project.properties
new file mode 100644
index 000000000..b3790f89d
--- /dev/null
+++ b/sonar-project.properties
@@ -0,0 +1,12 @@
+sonar.projectKey=TokenScript_token-negotiator-examples
+sonar.organization=tokenscript
+
+# This is the name and version displayed in the SonarCloud UI.
+#sonar.projectName=token-negotiator-examples
+#sonar.projectVersion=1.0
+
+# Path is relative to the sonar-project.properties file. Replace "\" by "/" on Windows.
+#sonar.sources=.
+
+# Encoding of the source code. Default is default system encoding
+#sonar.sourceEncoding=UTF-8

From 59c955339f8900e5e1dda551ed2cde98d48faace Mon Sep 17 00:00:00 2001
From: Feng Yu <abcfy2@163.com>
Date: Tue, 7 Mar 2023 11:23:35 +0800
Subject: [PATCH 2/2] =?UTF-8?q?ci:=20=F0=9F=8E=A1=20sonar=20cloud=20add=20?=
 =?UTF-8?q?exclude=20e2e-test-suite=20path?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 sonar-project.properties | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/sonar-project.properties b/sonar-project.properties
index b3790f89d..163e375af 100644
--- a/sonar-project.properties
+++ b/sonar-project.properties
@@ -1,6 +1,8 @@
 sonar.projectKey=TokenScript_token-negotiator-examples
 sonar.organization=tokenscript
 
+sonar.exclusions=e2e-test-suite/**
+
 # This is the name and version displayed in the SonarCloud UI.
 #sonar.projectName=token-negotiator-examples
 #sonar.projectVersion=1.0