Merge pull request #830 from terrestris/dependabot/npm_and_yarn/seman… #241

	name: On push main

	on:
	push:
	branches:
	- main

	jobs:
	sonarqube:
	if: ${{ github.actor != 'dependabot[bot]' }}
	name: SonarQube Trigger
	runs-on: ubuntu-latest
	steps:
	- name: Checkout sources 🔰
	uses: actions/checkout@v4
	with:
	# Disabling shallow clone is recommended for improving relevancy of reporting
	fetch-depth: 0

	- name: Setup Node.js 🧮
	uses: actions/setup-node@v4
	with:
	node-version: 20

	- name: Cache Node.js modules 💾
	uses: actions/cache@v4
	with:
	path: ~/.npm
	key: ${{ runner.OS }}-node-${{ hashFiles('**/package-lock.json') }}
	restore-keys: \|
	${{ runner.OS }}-node-
	${{ runner.OS }}-

	- name: Install dependencies ⏬
	run: npm ci

	- name: Test code ✅
	run: npm run test
	env:
	CI: true

	- name: Get shogun-admin version 🔖
	run: \|
	echo "sonar.projectVersion=$(node -pe "require('./package.json').version")" >> ./sonar-project.properties

	- name: SonarQube Scan 🔬
	uses: SonarSource/[email protected]
	with:
	projectBaseDir: .
	env:
	SONAR_TOKEN: ${{ secrets.SONARQUBE_TOKEN }}
	SONAR_HOST_URL: ${{ secrets.SONARQUBE_HOST }}

Provide feedback