From 813b23f1dddc7508b20971a84ebe18d0536d0fa0 Mon Sep 17 00:00:00 2001
From: TS Security Bot <44610966+tssecurity@users.noreply.github.com>
Date: Thu, 29 Feb 2024 09:32:41 +0900
Subject: [PATCH] Add .github/sonar.yml

---
 .github/workflows/sonar.yml | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)
 create mode 100644 .github/workflows/sonar.yml

diff --git a/.github/workflows/sonar.yml b/.github/workflows/sonar.yml
new file mode 100644
index 0000000..4edeaf0
--- /dev/null
+++ b/.github/workflows/sonar.yml
@@ -0,0 +1,24 @@
+name: SonarQube
+on:
+  pull_request:
+  push:
+    branches:
+      - master
+
+jobs:
+  SonarQube:
+    runs-on: [self-hosted,ts-large-x64-docker-large]
+    steps:
+      - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
+      - name: fetching
+        if: contains(github.ref, 'pull')
+        run: |
+          git fetch origin ${{ github.event.pull_request.head.sha }}
+          git checkout ${{ github.event.pull_request.head.sha }}
+      - name: SonarQube Scan
+        uses: tradeshift/actions-sonarqube@v2
+        with:
+          ca-cert: ${{ secrets.MTLS_CACERT }}
+          client-cert: ${{ secrets.MTLS_CERT }}
+          client-key: ${{ secrets.MTLS_KEY }}
+          token: ${{ secrets.SONAR_TOKEN }}