From 4bb6a9e6b1ee6265c72719e27355ef28c5c6e5ab Mon Sep 17 00:00:00 2001
From: Tomuta Gabriel <gabriel.tomuta@elektrobit.com>
Date: Wed, 20 May 2026 13:43:48 +0300
Subject: [PATCH 1/2] Add SonarQube config and workflow file

---
 .github/workflows/sonarcloud.yml | 45 ++++++++++++++++++++++++++++++++
 sonar-project.properties         | 25 ++++++++++++++++++
 2 files changed, 70 insertions(+)
 create mode 100644 .github/workflows/sonarcloud.yml
 create mode 100644 sonar-project.properties

diff --git a/.github/workflows/sonarcloud.yml b/.github/workflows/sonarcloud.yml
new file mode 100644
index 0000000..bba7ff4
--- /dev/null
+++ b/.github/workflows/sonarcloud.yml
@@ -0,0 +1,45 @@
+# Copyright (c) 2026 Elektrobit Automotive GmbH
+#
+# This program and the accompanying materials are made available under the
+# terms of the Apache License, Version 2.0 which is available at
+# https://www.apache.org/licenses/LICENSE-2.0.
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+
+name: SonarCloud Analysis
+
+on:
+  pull_request:
+  push:
+    branches:
+      - main
+      - release-**
+
+concurrency:
+  group: "sonarcloud-${{ github.head_ref || github.ref }}"
+  cancel-in-progress: true
+
+jobs:
+  sonarcloud:
+    name: SonarCloud Scan
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+        with:
+          fetch-depth: 0
+
+      - uses: ./.github/actions/ci-setup
+
+      - name: Run coverage
+        run: python3 run_checks.py --cov
+
+      - name: SonarCloud Scan
+        uses: SonarSource/sonarqube-scan-action@59db25f34e16620e48ab4bb9e4a5dce155cb5432 # v8.0.0
+        env:
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
diff --git a/sonar-project.properties b/sonar-project.properties
new file mode 100644
index 0000000..280d586
--- /dev/null
+++ b/sonar-project.properties
@@ -0,0 +1,25 @@
+# Copyright (c) 2026 Elektrobit Automotive GmbH
+#
+# This program and the accompanying materials are made available under the
+# terms of the Apache License, Version 2.0 which is available at
+# https://www.apache.org/licenses/LICENSE-2.0.
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+
+sonar.projectKey=eclipse-ankaios_ankaios-sdk-python
+sonar.organization=eclipse-ankaios
+
+sonar.sources=ankaios_sdk
+sonar.tests=tests
+sonar.exclusions=**/*_pb2.py,**/*_pb2_grpc.py
+
+# Coverage: Cobertura XML generated by pytest-cov
+sonar.python.coverage.reportPaths=reports/coverage/cov_report.xml
+
+sonar.sourceEncoding=UTF-8

From 7c493cd9ae5778b8431e3e2079b0df768c0b9599 Mon Sep 17 00:00:00 2001
From: Tomuta Gabriel <gabriel.tomuta@elektrobit.com>
Date: Wed, 20 May 2026 16:57:54 +0300
Subject: [PATCH 2/2] Improve SonarQube properties and checks

---
 .github/workflows/sonarcloud.yml |  9 +++++++++
 sonar-project.properties         | 13 ++++++++++++-
 2 files changed, 21 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/sonarcloud.yml b/.github/workflows/sonarcloud.yml
index bba7ff4..d9c86ec 100644
--- a/.github/workflows/sonarcloud.yml
+++ b/.github/workflows/sonarcloud.yml
@@ -36,9 +36,18 @@ jobs:
 
       - uses: ./.github/actions/ci-setup
 
+      - name: Run unit tests
+        run: python3 run_checks.py --utest
+
       - name: Run coverage
         run: python3 run_checks.py --cov
 
+      - name: Run lint
+        run: python3 run_checks.py --lint
+
+      - name: Run pep8 codestyle check
+        run: python3 run_checks.py --pep8
+
       - name: SonarCloud Scan
         uses: SonarSource/sonarqube-scan-action@59db25f34e16620e48ab4bb9e4a5dce155cb5432 # v8.0.0
         env:
diff --git a/sonar-project.properties b/sonar-project.properties
index 280d586..9c94fb5 100644
--- a/sonar-project.properties
+++ b/sonar-project.properties
@@ -12,14 +12,25 @@
 #
 # SPDX-License-Identifier: Apache-2.0
 
-sonar.projectKey=eclipse-ankaios_ankaios-sdk-python
+sonar.projectKey=eclipse-ankaios_ank-sdk-python
 sonar.organization=eclipse-ankaios
 
 sonar.sources=ankaios_sdk
 sonar.tests=tests
 sonar.exclusions=**/*_pb2.py,**/*_pb2_grpc.py
 
+sonar.python.version=3.10
+
 # Coverage: Cobertura XML generated by pytest-cov
 sonar.python.coverage.reportPaths=reports/coverage/cov_report.xml
 
+# Pylint: parseable-format report generated by run_checks.py --lint
+sonar.python.pylint.reportPaths=reports/pylint/pylint_report.txt
+
+# PEP 8: pycodestyle shares Flake8's output format (file:line:col: Ecode message)
+sonar.python.flake8.reportPaths=reports/codestyle/codestyle_report.txt
+
+# Unit test execution results (JUnit XML generated by run_checks.py --utest)
+sonar.python.xunit.reportPath=reports/utest/utest_report.xml
+
 sonar.sourceEncoding=UTF-8