upgrade deprecated sonarcloud-github-action -> sonarqube-scan-action

SonarScanner This action is deprecated and will be removed in a future release. Please use the sonarqube-scan-action action instead. The sonarqube-scan-action is a drop-in replacement for this action.
2025-05-25 15:24:46 +02:00 · 2025-05-25 15:24:46 +02:00 · 25078694cd
commit 25078694cd
parent 4288bf1d39
2 changed files with 14 additions and 14 deletions
--- a/.github/workflows/js.yml
+++ b/.github/workflows/js.yml
@ -43,7 +43,7 @@ jobs:
        run: |
          wget https://raw.githubusercontent.com/microsoft/sarif-js-sdk/refs/heads/main/packages/eslint-formatter-sarif/sarif.js -O node_modules/sarif.cjs
          bun i utf8 lodash jschardet
-          bunx eslint . --format node_modules/sarif.cjs -o results.sarif
+          bun eslint . --format node_modules/sarif.cjs -o results.sarif
        continue-on-error: true

      - name: upload eslint sarif output for Security tab and inline results
--- a/.github/workflows/sonarqube.yml
+++ b/.github/workflows/sonarqube.yml
@ -1,4 +1,4 @@
-name: Sonar
+name: SonarQube Scan

 # Run on push in any branch and changes in PRs.
 on:
@ -10,25 +10,25 @@ permissions:
  contents: read

 jobs:
-  sonarcloud:
+  sonarqube:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
        with:
          # Disabling shallow clone is recommended for improving relevancy of reporting. Otherwise sonarcloud will show a warning.
          fetch-depth: 0
-      - uses: actions/setup-node@v4
-        with:
-          cache: "npm"
-      - name: Install dev dependencies which includde ESLint + plugins
-        run: npm install --only=dev
-      - name: Run ESLint
+
+      - uses: oven-sh/setup-bun@v2
+      - name: bun install
+        run: bun install
+
+      - name: eslint (json output)
        continue-on-error: true
-        run: npx eslint . -f json -o eslint_report.json
-      - name: Fix ESLint paths
+        run: bun eslint . -f json -o eslint_report.json
+      - name: fix paths for SonarCloud
        run: sed -i 's+/home/runner/work/free-games-claimer/free-games-claimer+/github/workspace+g' eslint_report.json
-      - name: SonarCloud Scan
-        uses: sonarsource/sonarcloud-github-action@master
+
+      - name: SonarQube Scan
+        uses: SonarSource/sonarqube-scan-action@5.2.0
        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}