name: SonarQube Analysis

on:
  schedule:
    - cron: '0 2 * * *'  # Nightly at 02:00 UTC
  workflow_dispatch:       # Allow manual trigger

jobs:
  sonarqube:
    runs-on: ubuntu-latest
    container:
      image: gitea.siegeln.net/cameleer/cameleer-build:1
      credentials:
        username: cameleer
        password: ${{ secrets.REGISTRY_TOKEN }}
    steps:
      - uses: actions/checkout@v4
        with:
          fetch-depth: 0  # Full history for blame data

      - name: Cache Maven dependencies
        uses: actions/cache@v4
        with:
          path: ~/.m2/repository
          key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
          restore-keys: ${{ runner.os }}-maven-

      - name: Build, Test and Analyze
        run: >-
          mvn clean verify sonar:sonar --batch-mode
          -Dsurefire.excludes="**/AuthControllerTest.java,**/TenantControllerTest.java,**/LicenseControllerTest.java,**/AuditRepositoryTest.java,**/CameleerSaasApplicationTest.java,**/EnvironmentControllerTest.java,**/AppControllerTest.java,**/DeploymentControllerTest.java,**/AgentStatusControllerTest.java"
          -Dsonar.host.url=${{ secrets.SONAR_HOST_URL }}
          -Dsonar.token=${{ secrets.SONAR_TOKEN }}
          -Dsonar.projectKey=cameleer-saas
          -Dsonar.projectName="Cameleer SaaS"