Add SonarCloud to CI workflow

.github/workflows/ci.yml

@@ -25,6 +25,11 @@ jobs:
             cache: npm
       - run: npm ci
       - run: npm run test:snapshot
+      # Upload coverage for sonarcube (only matching OS and one node version required)
+      - uses: actions/upload-artifact@v4
+        with:
+          name: code-coverage
+          path: coverage/
 
   sonarqube:
     name: run sonarqube
@@ -42,3 +47,22 @@ jobs:
         with:
           host: ${{ secrets.SONARQUBE_HOST }}
           login: ${{ secrets.SONARQUBE_DEV_INRUPT_COM_GITHUB_TOKEN }}
+
+  sonar-scan:
+    if: ${{ github.actor != 'dependabot[bot]' }}
+    needs: [unit-test]
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          # Sonar analysis needs the full history for features like automatic assignment of bugs. If the following step
+          # is not included the project will show a warning about incomplete information.
+          fetch-depth: 0
+      - uses: actions/download-artifact@v4
+        with:
+          name: code-coverage
+          path: coverage/
+      - uses: SonarSource/sonarcloud-github-action@v3
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}