feat: add SonarCloud implementation (#42)

* add devsecops_pipeline.py

* add devsecops-pipeline workflow

* replace sonarqube with bandit

* edit cron job

* add comment for the cron job

* add Git Guardian workflow

* edit Git Guardian workflow

* edit Git Guardian workflow

* edit Git Guardian workflow

* edit Git Guardian workflow

* edit Git Guardian workflow

* edit Git Guardian workflow

* edit Git Guardian workflow

* edit Git Guardian workflow

* edit Git Guardian workflow

* edit README file

* edit DevSecOps pipeline

* edit release badge

* add .gitignore file

* add PR Title Linter

* add status badge for PR Linter

* add SonarCloud implementation

* edit sonar-project.properties

* add SonarCloud badge

.github/workflows/sonarcloud.yml

@@ -0,0 +1,30 @@
+name: SonarCloud Analysis
+
+on:
+  # Trigger analysis when pushing to your main branches, and when creating a pull request.
+  push:
+    branches:
+      - main
+      - dev
+  pull_request:
+    types: [opened, synchronize, reopened]
+
+jobs:
+  sonar-scan:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Set up JDK 17
+        uses: actions/setup-java@v4
+        with:
+            java-version: '17'
+            distribution: 'temurin'
+            java-package: 'jdk'
+
+      - name: SonarCloud Scan
+        uses: sonarsource/sonarcloud-github-action@v3 # Ex: v2.1.0, See the latest version at https://github.com/marketplace/actions/sonarcloud-scan
+        env:
+            SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}

README.md

@@ -1,5 +1,5 @@
 # $\color{Cerulean}{Python\}$ $\color{Goldenrod}{Examples\}$
-[![GitGuardian scan](https://github.com/meleksabit/My-Python-Examples/actions/workflows/gitguardian.yml/badge.svg)](https://github.com/meleksabit/My-Python-Examples/actions/workflows/gitguardian.yml)
+[![SonarCloud Analysis](https://github.com/meleksabit/My-Python-Examples/actions/workflows/sonarcloud.yml/badge.svg)](https://github.com/meleksabit/My-Python-Examples/actions/workflows/sonarcloud.yml) [![GitGuardian scan](https://github.com/meleksabit/My-Python-Examples/actions/workflows/gitguardian.yml/badge.svg)](https://github.com/meleksabit/My-Python-Examples/actions/workflows/gitguardian.yml)
 [![CodeQL](https://github.com/meleksabit/My-Python-Examples/actions/workflows/codeql.yml/badge.svg)](https://github.com/meleksabit/My-Python-Examples/actions/workflows/codeql.yml)
 [![Bandit](https://github.com/meleksabit/My-Python-Examples/actions/workflows/bandit.yml/badge.svg)](https://github.com/meleksabit/My-Python-Examples/actions/workflows/bandit.yml)
 [![DevSecOps Pipeline](https://github.com/meleksabit/My-Python-Examples/actions/workflows/devsecops-pipeline.yml/badge.svg)](https://github.com/meleksabit/My-Python-Examples/actions/workflows/devsecops-pipeline.yml) [![PR Title Check](https://github.com/meleksabit/My-Python-Examples/actions/workflows/pr-title-linter.yml/badge.svg)](https://github.com/meleksabit/My-Python-Examples/actions/workflows/pr-title-linter.yml) [![GitHub Release](https://img.shields.io/github/v/release/meleksabit/My-Python-Examples)](https://github.com/meleksabit/My-Python-Examples/releases)

sonar-project.properties

@@ -0,0 +1,10 @@
+# Required project settings
+sonar.organization=meleksabit
+sonar.projectKey=meleksabit_My-Python-Examples
+sonar.projectName=My-Python-Examples
+sonar.host.url=https://sonarcloud.io
+
+# Optional configuration
+sonar.sources=.
+sonar.language=python   # (or your project's primary language)
+sonar.sourceEncoding=UTF-8