chore: add Sonar analysis

.github/workflows/publish-docker.yml

@@ -39,6 +39,16 @@ jobs:
           authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}'
           skipPush: ${{ github.event_name == 'pull_request' }}
 
+      - name: Coverage
+        run: |
+            nix develop --no-pure-eval --command just coverage
+
+      - name: Sonar analysis
+        uses: SonarSource/sonarqube-scan-action@v6
+        env:
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+          SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
+
       - name: Build Docker image with Nix
         run: |
           echo "Building Docker image..."

README.md

@@ -5,6 +5,21 @@ gitea: none
 
 # phundrak.com Backend
 
+<div align="center">
+  <a href="https://sonar.phundrak.com/dashboard?id=phundrak-backend">
+    <img src="https://sonar.phundrak.com/api/project_badges/measure?project=phundrak-backend&metric=coverage&token=sqb_bda24bf36825576d6c6b76048044e103339c3c5f" alt="Sonar Coverage" />
+  </a>
+  <a href="https://sonar.phundrak.com/dashboard?id=phundrak-backend">
+    <img src="https://sonar.phundrak.com/api/project_badges/measure?project=phundrak-backend&metric=alert_status&token=sqb_bda24bf36825576d6c6b76048044e103339c3c5f" alt="Sonar Quality Gate Status" />
+  </a>
+  <a href="#license">
+    <img src="https://img.shields.io/badge/License-AGPL--3.0-blue" alt="License" />
+  </a>
+  <a href="https://www.gnu.org/software/emacs/">
+    <img src="https://img.shields.io/badge/Made%20with-GNU%2FEmacs-blueviolet.svg?logo=GNU%20Emacs&logoColor=white" alt="Made with GNU/Emacs" />
+  </a>
+</div>
+
 The backend for [phundrak.com](https://phundrak.com), built with Rust and the [Poem](https://github.com/poem-web/poem) web framework.
 
 ## Features

sonar-project.properties

@@ -0,0 +1 @@
+sonar.projectKey=phundrak-backend