Snyk and Sonar.yml

vivek28058 · Oct 24, 2024 · 13e237b · 13e237b
1 parent a9e1b1b
commit 13e237b
Showing 1 changed file with 20 additions and 0 deletions.
diff --git a/.github/workflows/Snyk.yml b/.github/workflows/Snyk.yml
@@ -42,8 +42,28 @@ jobs:
       - name: BDD test
         run: npm run test:bdd
 
+ ## Snyk integration
+
       - name: Run Snyk to check for vulnerabilities
         uses: snyk/actions/maven@master
         continue-on-error: true
         env:
           SNYK_TOKEN: ${{secrets.SNYK_TOKEN}}
+
+ ## Sonar Cloud Integration
+
+      - name: Install SonarCloud Scanner
+        run: npm install -g sonar-scanner
+
+      - name: Run SonarCloud Scan
+        env:
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}  # SonarCloud token stored as a GitHub secret
+        run: |
+          sonar-scanner \
+          -Dsonar.projectKey=your_project_key \
+          -Dsonar.organization=your_organization_key \
+          -Dsonar.sources=. \
+          -Dsonar.host.url=https://sonarcloud.io \
+          -Dsonar.login=${{ secrets.SONAR_TOKEN }}
+
+