#21: Add SonarCloud integration for code quality analysis

- Created GitHub Actions workflow for automated SonarCloud scans
- Updated .sonarcloud.properties with coverage reporting config
- Configured to run on push to master/main/release branches and PRs
- Uses existing SONAR_TOKEN secret and project key

Author: vlavrynovych

.github/workflows/sonarcloud.yml

@@ -0,0 +1,46 @@
+name: SonarCloud Analysis
+
+on:
+  push:
+    branches:
+      - master
+      - main
+      - 'release/**'
+  pull_request:
+    types: [opened, synchronize, reopened]
+
+jobs:
+  sonarcloud:
+    name: SonarCloud Scan
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0  # Shallow clones should be disabled for better analysis
+
+      - name: Setup Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: '20'
+          cache: 'npm'
+
+      - name: Install dependencies
+        run: npm ci
+
+      - name: Build
+        run: npm run build
+
+      - name: Run tests with coverage
+        run: npm run test:coverage
+
+      - name: SonarCloud Scan
+        uses: SonarSource/sonarqube-scan-action@v3
+        env:
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+          SONAR_HOST_URL: https://sonarcloud.io
+        with:
+          args: >
+            -Dsonar.organization=migration-script-runner
+            -Dsonar.projectKey=migration-script-runner_msr-firebase

.sonarcloud.properties

@@ -1,15 +1,20 @@
 # Path to sources
 sonar.sources=src
-sonar.exclusions=test
-#sonar.inclusions=
+sonar.exclusions=**/*.test.ts,**/*.spec.ts,**/test/**,**/dist/**,**/node_modules/**
 
 # Path to tests
 sonar.tests=test
-#sonar.test.exclusions=
-#sonar.test.inclusions=
+sonar.test.inclusions=**/*.test.ts,**/*.spec.ts
 
 # Source encoding
-#sonar.sourceEncoding=UTF-8
+sonar.sourceEncoding=UTF-8
+
+# Coverage paths
+sonar.javascript.lcov.reportPaths=reports/coverage/lcov.info
+sonar.typescript.lcov.reportPaths=reports/coverage/lcov.info
+
+# Language
+sonar.language=ts
 
 # Exclusions for copy-paste detection
-#sonar.cpd.exclusions=
+sonar.cpd.exclusions=**/*.test.ts,**/*.spec.ts