name: Sonarcloud-scan
on:
  workflow_dispatch:
  push:
    branches:
      - master
jobs:
  build_and_scan:
    runs-on: ubuntu-latest
    name: Build and scan
    steps:
      - uses: actions/checkout@v2
      - uses: actions/setup-node@v2
      - run: rm .npmrc
      - run: echo "//npm.pkg.github.com/:_authToken=${{ secrets.GITHUB_TOKEN }}" > ~/.npmrc 
      - run: echo "@sdxmessaging:registry=https://npm.pkg.github.com" >> ~/.npmrc 
      - run: npm ci
      - run: npm run coverage
      - name: SonarCloud Scan
        uses: SonarSource/sonarcloud-github-action@master
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any
          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}