From 464aaa5f4e58a5cf9603159603364f31d90ce73e Mon Sep 17 00:00:00 2001
From: Brandon Geraci <brandon.geraci@gmail.com>
Date: Thu, 19 Feb 2026 19:07:31 -0600
Subject: [PATCH] Add SonarCloud scanning to CI

Configure SonarCloud analysis with sonar-project.properties and add a scan
step at the end of the CI workflow so every push and PR gets static analysis
coverage.
---
 .github/workflows/ci.yml | 5 +++++
 sonar-project.properties | 5 +++++
 2 files changed, 10 insertions(+)
 create mode 100644 sonar-project.properties

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 613c113..91942ff 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -46,3 +46,8 @@ jobs:
         with:
           name: plugin-wasm
           path: target/wasm32-wasip1/release/unity_format_plugin.wasm
+
+      - name: SonarCloud Scan
+        uses: SonarSource/sonarqube-scan-action@v5
+        env:
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
diff --git a/sonar-project.properties b/sonar-project.properties
new file mode 100644
index 0000000..8d37024
--- /dev/null
+++ b/sonar-project.properties
@@ -0,0 +1,5 @@
+sonar.projectKey=artifact-keeper_artifact-keeper-example-plugin
+sonar.organization=artifact-keeper
+sonar.sources=src
+sonar.exclusions=target/**
+sonar.sourceEncoding=UTF-8