From b93cf50d16c870a76656d81e60139f475a286842 Mon Sep 17 00:00:00 2001
From: Ryan Dens <ryandens735@gmail.com>
Date: Tue, 20 Feb 2024 08:41:03 -0800
Subject: [PATCH 1/2] :construction_worker: Upload sonar analysis to Pixee when
 it is complete and conditionally trigger PR analysis if it is a PR

---
 .github/workflows/sonar_pixee.yml | 40 +++++++++++++++++++++++++++++++
 1 file changed, 40 insertions(+)
 create mode 100644 .github/workflows/sonar_pixee.yml

diff --git a/.github/workflows/sonar_pixee.yml b/.github/workflows/sonar_pixee.yml
new file mode 100644
index 00000000..1e9c7e22
--- /dev/null
+++ b/.github/workflows/sonar_pixee.yml
@@ -0,0 +1,40 @@
+name: "Publish Sonar JSON to Pixee"
+on:
+  check_run:
+    types: [completed]
+
+permissions:
+  contents: read
+  id-token: write
+
+jobs:
+  publish:
+    name: "Publish Sonar JSON to Pixee"
+    runs-on: ubuntu-latest
+    if: ${{ github.event.check_run.name == 'SonarCloud Code Analysis' }}
+    steps:
+      - name: "Publish Sonar JSON to Pixee"
+        shell: bash
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: |
+          PR_NUMBER=${{ join(github.event.check_run.pull_requests.*.number, '') }}
+          URL="https://sonarcloud.io/api/issues/search?componentKeys=pixee_codemodder-python&resolved=false"
+          
+          if [ -n "$PR_NUMBER" ]; then
+            URL="${URL}&pullRequest=$PR_NUMBER"
+          fi
+
+          curl -v "$URL" -o sonar_issues.json
+          cat sonar_issues.json
+          ANALYSIS_SHA=${{ github.event.check_run.head_sha }}
+          SECRET=$(curl -H "Authorization: bearer $ACTIONS_ID_TOKEN_REQUEST_TOKEN" "$ACTIONS_ID_TOKEN_REQUEST_URL&audience=https://app.pixee.ai" | jq -j '.value')
+          API_RESPONSE=$(curl -v -X PUT -H "Authorization: Bearer $SECRET" -H "Content-Type: multipart/form-data" -F "file=@sonar_issues.json" "https://api.pixee.ai/analysis-input/pixee/codemodder-python/$ANALYSIS_SHA/sonar")
+          echo "$API_RESPONSE"
+
+      - name: "Trigger Pixee Analysis"
+        if : ${{ toJson(github.event.check_run.pull_requests) != '[]' }}
+        run: |
+          SECRET=$(curl -H "Authorization: bearer $ACTIONS_ID_TOKEN_REQUEST_TOKEN" "$ACTIONS_ID_TOKEN_REQUEST_URL&audience=https://app.pixee.ai" | jq -j '.value')
+          API_RESPONSE=$(curl -v -X POST -H "Authorization: Bearer $SECRET" "https://api.pixee.ai/analysis-input/pixee/codemodder-python/${{ github.event.check_run.pull_requests[0].number }}")
+          echo $API_RESPONSE

From 6aa84a3a13bb0e8d113c9f3d94e956982d0a594d Mon Sep 17 00:00:00 2001
From: Ryan Dens <ryandens735@gmail.com>
Date: Tue, 20 Feb 2024 08:44:54 -0800
Subject: [PATCH 2/2] :art: fix lint

---
 .github/workflows/sonar_pixee.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/sonar_pixee.yml b/.github/workflows/sonar_pixee.yml
index 1e9c7e22..2bc7c554 100644
--- a/.github/workflows/sonar_pixee.yml
+++ b/.github/workflows/sonar_pixee.yml
@@ -20,7 +20,7 @@ jobs:
         run: |
           PR_NUMBER=${{ join(github.event.check_run.pull_requests.*.number, '') }}
           URL="https://sonarcloud.io/api/issues/search?componentKeys=pixee_codemodder-python&resolved=false"
-          
+
           if [ -n "$PR_NUMBER" ]; then
             URL="${URL}&pullRequest=$PR_NUMBER"
           fi