From 6b42ee70e17194a91a656f1e551069723779607b Mon Sep 17 00:00:00 2001
From: Will Sciaroni <wsciaroni@protonmail.com>
Date: Wed, 23 Oct 2024 18:23:00 -0500
Subject: [PATCH] Allow Static Analysis on Pull Requests from Forks (#49)

* Add two-stage analysis process

* REVERTME: Set to my repo for testing

* Revert "REVERTME: Set to my repo for testing"

This reverts commit b2ed4f9417514a7cd14187329586777d67db71bd.
---
 ...droid-sonarcloud.yml => android-build.yml} | 12 ++++++---
 .github/workflows/sonarcloud-android.yml      | 26 +++++++++++++++++++
 2 files changed, 34 insertions(+), 4 deletions(-)
 rename .github/workflows/{android-sonarcloud.yml => android-build.yml} (87%)
 create mode 100644 .github/workflows/sonarcloud-android.yml

diff --git a/.github/workflows/android-sonarcloud.yml b/.github/workflows/android-build.yml
similarity index 87%
rename from .github/workflows/android-sonarcloud.yml
rename to .github/workflows/android-build.yml
index 711138cd..64cde01e 100644
--- a/.github/workflows/android-sonarcloud.yml
+++ b/.github/workflows/android-build.yml
@@ -1,4 +1,4 @@
-name: Android Build And SonarCloud Analysis
+name: Android Build
 on:
   push:
     branches:
@@ -11,6 +11,9 @@ jobs:
   build:
     name: Build and analyze
     runs-on: ubuntu-latest
+    defaults:
+      run:
+        working-directory: android-src/KV4PHT
     steps:
       - uses: actions/checkout@v4
         with:
@@ -33,13 +36,14 @@ jobs:
           key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle') }}
           restore-keys: ${{ runner.os }}-gradle
       - name: Grant execute permission for gradlew
-        run: chmod +x ./android-src/KV4PHT/gradlew
+        run: chmod +x ./gradlew
       - name: Build and analyze
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}  # Needed to get PR information, if any
           SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
-        run: ./gradlew build sonar --info
-        working-directory: android-src/KV4PHT
+        run: ./gradlew check --stacktrace
+      - name: 'Prepare Sonar analysis'
+        uses: evaristegalois11/sonar-fork-analysis@v1.2.0
       - name: Upload APK
         if: startsWith(github.ref, 'refs/tags')
         uses: AButler/upload-release-assets@v3.0
diff --git a/.github/workflows/sonarcloud-android.yml b/.github/workflows/sonarcloud-android.yml
new file mode 100644
index 00000000..d9b496f1
--- /dev/null
+++ b/.github/workflows/sonarcloud-android.yml
@@ -0,0 +1,26 @@
+name: 'Sonar'
+on:
+  workflow_run:
+    workflows: [ 'Android Build' ]
+    types:
+      - completed
+jobs:
+  sonar:
+    name: 'Sonar analysis'
+    runs-on: ubuntu-latest
+    defaults:
+      run:
+        working-directory: android-src/KV4PHT
+    if: ${{ github.event.workflow_run.conclusion == 'success' }}
+    permissions:
+      actions: read # Required to download artifacts
+    steps:
+      - name: 'Sonar analysis'
+        uses: wsciaroni/sonar-fork-analysis@v1.2.1-rc
+        with:
+          distribution: 'zulu'
+          java-version: 17
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+          sonar-token: ${{ secrets.SONAR_TOKEN }}
+          project-key: VanceVagell_kv4p-ht
+          working-directory: ./android-src/KV4PHT/