feat: GitHub Actions set

.github/workflows/test-reusable-sonarqube.yml

@@ -0,0 +1,38 @@
+name: Test SonarQube Scan
+
+on:
+  workflow_call:
+    secrets:
+      SONAR_TOKEN:
+        description: Token for SonarQube
+        required: true
+
+permissions:
+  contents: read
+
+jobs:
+  test-sonarqube:
+    name: Test SonarQube Scan
+    runs-on: ${{ vars.AWS_RG_NAME_PRO }}
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        with:
+          fetch-depth: 0
+
+      - name: Setup Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: 24
+
+      - name: Validate Sonar token
+        run: |
+          if [ -z "${{ secrets.SONAR_TOKEN }}" ]; then
+            echo "ERROR SONAR_TOKEN is empty or unavailable for this event."
+            exit 1
+          fi
+
+      - name: SonarQube Scan
+        uses: SonarSource/sonarqube-scan-action@a31c9398be7ace6bbfaf30c0bd5d415f843d45e9 # v7.0.0
+        env:
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}

.github/workflows/test-sonarqube.yml

@@ -0,0 +1,20 @@
+name: Test SonarQube
+
+on:
+  push:
+    branches:
+      - master
+  pull_request:
+    branches:
+      - master
+
+permissions:
+  contents: read
+  actions: read
+
+jobs:
+  sonarqube:
+    name: Test SonarQube Scan
+    uses: ./.github/workflows/test-reusable-sonarqube.yml
+    secrets:
+      SONAR_TOKEN: ${{ secrets.WZ_SONAR_TOKEN }}

sonar-scanner.properties → sonar-project.properties

@@ -4,7 +4,6 @@ sonar.projectVersion=1.0
 sonar.projectBaseDir=/usr/src
 sonar.python.coverage.reportPaths=/src/coverage.xml
 sonar.host.url=https://sonarqube.aplazame.org/
-sonar.password=
 sonar.ws.timeout=600
 sonar.log.level=DEBUG
 ActiveQualityGate=false