name: Sonar
permissions:
  contents: read
  pull-requests: write
on:
  push:
    branches:
      - production
  pull_request:
    branches:
      - production
    types: [opened, synchronize, reopened]
jobs:
  sonarqube:
    name: SonarQube
    runs-on: node24
    steps:
      - name: Setup Node environment
        uses: actions/setup-node@v4
        with:
          node-version: "24"
      - name: Code checkout
        uses: actions/checkout@v4
        with:
          fetch-depth: 0
      - name: Install dependencies
        run: npm ci
      - name: Run tests and generate coverage
        run: npm run coverage
        # continue-on-error: true
        env:
          CI: true
      - name: Build site
        env:
          NODE_ENV: production
          NITRO_PRESET: node_cluster
          NITRO_CLUSTER_WORKERS: 4
        run: npm run build
      - name: Upload build artifacts
        uses: actions/upload-artifact@v3
        with:
          name: output
          path: .output/
          overwrite: true
          include-hidden-files: true
      #- name: SonarQube Scan
      #  uses: SonarSource/sonarqube-scan-action@v6
      #  env:
      #    SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
      #
  docker-work:
    name: Docker stuff
    needs: sonarqube
    runs-on: [self-hosted, node24, docker]
    container: none
    steps:
      - name: Code checkout
        uses: actions/checkout@v4
        with:
          fetch-depth: 0
      - name: Download build artifacts
        uses: actions/download-artifact@v3
        with:
          name: output
          path: ./output
      - name: check docker
        run: |
          docker --version
          docker info
      - name: Build Docker image (pray)
        run: |
          docker build --network=host -f ./devops/Dockerfile -t glowing-fiesta:latest .
      - name: List Docker images (for verification)
        run: docker images

###