ci: SonarCloud advisory (non-blocking main CI)

[KooshaPari]

User description

SonarCloud advisory: sonar-project.properties disables autoscan App check; sonarcloud.yml uses continue-on-error.

---

Note

Low Risk
CI-only addition with read-only repo permissions and non-blocking scans; requires SONAR_TOKEN secret configuration.

Overview
Adds advisory SonarCloud analysis via GitHub Actions on pushes and PRs targeting main, master, and develop.

The new sonarcloud.yml workflow checks out full history (fetch-depth: 0), runs SonarSource/sonarqube-scan-action, and uses continue-on-error: true so scan failures do not block merges. sonar-project.properties wires the repo to SonarCloud with sonar.organization=kooshapari and sonar.projectKey=KooshaPari_BytePort.

^{Reviewed by Cursor Bugbot for commit 29e6928. Bugbot is set up for automated code reviews on this repo. Configure here.}

---

CodeAnt-AI Description

Add a non-blocking SonarCloud scan to main branch CI

What Changed

• Runs SonarCloud checks on pushes and pull requests for main, master, and develop
• Keeps the scan advisory so failed code quality checks do not block merges
• Connects the repository to SonarCloud so results can be reported for this project

Impact

✅ Earlier code quality feedback
✅ Fewer blocked merges from advisory scans
✅ Coverage for main branch pull requests

💡 Usage Guide

Checking Your Pull Request

Every time you make a pull request, our system automatically looks through it. We check for security issues, mistakes in how you're setting up your infrastructure, and common code problems. We do this to make sure your changes are solid and won't cause any trouble later.

Talking to CodeAnt AI

Got a question or need a hand with something in your pull request? You can easily get in touch with CodeAnt AI right here. Just type the following in a comment on your pull request, and replace "Your question here" with whatever you want to ask:

@codeant-ai ask: Your question here

This lets you have a chat with CodeAnt AI about your pull request, making it easier to understand and improve your code.

Example

@codeant-ai ask: Can you suggest a safer alternative to storing this secret?

Preserve Org Learnings with CodeAnt

You can record team preferences so CodeAnt AI applies them in future reviews. Reply directly to the specific CodeAnt AI suggestion (in the same thread) and replace "Your feedback here" with your input:

@codeant-ai: Your feedback here

This helps CodeAnt AI learn and adapt to your team's coding style and standards.

Example

@codeant-ai: Do not flag unused imports.

Retrigger review

Ask CodeAnt AI to review the PR again, by typing:

@codeant-ai: review

Check Your Repository Health

To analyze the health of your code repository, visit our dashboard at https://app.codeant.ai. This tool helps you identify potential issues and areas for improvement in your codebase, ensuring your repository maintains high standards of code health.

[gemini-code-assist]

Warning

You have reached your daily quota limit. Please wait up to 24 hours and I will start processing your requests again!

[codeant-ai]

CodeAnt AI is reviewing your PR.

---

Thanks for using CodeAnt! 🎉

We're free for open-source projects. if you're enjoying it, help us grow by sharing.

Share on X ·
Reddit ·
LinkedIn

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[codeant-ai]

CodeAnt AI finished reviewing your PR.