kyverno/.github/workflows/sonarcloud.yaml

name: Sonarcloud workflow

on:
  push:
    branches:
      - 'main'
      - 'release*'

jobs:
  sonarcloud:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # pin@v2
        with:
          # Disabling shallow clone is recommended for improving relevancy of reporting
          fetch-depth: 0
      - name: SonarCloud Scan
        uses: sonarsource/sonarcloud-github-action@cb201f3b2d7a38231a8c042dfea4539c8bea180b # pin@master
        env:
          GITHUB_TOKEN: ${{ secrets.ACCESS_TOKEN }}
          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}