Remove SonarCloud from CI workflow

[Copilot]

SonarCloud integration in the GitHub Actions workflow was failing. Removing in favor of SonarCloud's Automatic Analysis feature, which doesn't require CI integration.

Changes

Removed SonarCloud steps:

• JDK 17 setup
• SonarQube cache actions
• SonarQube scanner installation
• dotnet-sonarscanner begin/end analysis commands

Replaced with standard .NET workflow:

• Setup .NET 10 SDK
• Restore dependencies
• Build in Release configuration
• Run tests with normal verbosity

Security:

• Added explicit permissions: contents: read to limit GITHUB_TOKEN scope

Before:

- name: Build and analyze
  env:
    SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
  run: |
    .\.sonar\scanner\dotnet-sonarscanner begin /k:"rrusson_DarkClippy" /o:"rrusson" ...
    dotnet build
    .\.sonar\scanner\dotnet-sonarscanner end ...

After:

- name: Restore dependencies
  run: dotnet restore

- name: Build
  run: dotnet build --no-restore -c Release

- name: Run tests
  run: dotnet test --no-build -c Release --verbosity normal

Original prompt

Problem

The .github/workflows/build.yml workflow is failing because of SonarCloud configuration issues. We want to remove SonarCloud from the CI pipeline and use SonarCloud's Automatic Analysis instead.

Solution

Update .github/workflows/build.yml to remove all SonarCloud-specific steps and keep only the essential build and test workflow.

Changes needed:

1. Remove these steps:

   • Set up JDK 17 (only needed for SonarCloud)
   • Cache SonarQube Cloud packages
   • Cache SonarQube Cloud scanner
   • Install SonarQube Cloud scanner
   • Build and analyze step (with SonarCloud begin/end commands)

2. Replace with clean build/test steps:

   • Checkout code (keep existing)
   • Setup .NET 10 SDK
   • Restore dependencies
   • Build in Release configuration
   • Run tests

3. Update workflow name from "SonarQube" to "Build and Test"

Expected result:

name: Build and Test
on:
  push:
    branches:
      - master
  pull_request:
    types: [opened, synchronize, reopened]

jobs:
  build:
    name: Build and Test
    runs-on: windows-latest
    
    steps:
      - name: Checkout code
        uses: actions/checkout@v4
        with:
          fetch-depth: 0

      - name: Setup .NET 10 SDK
        uses: actions/setup-dotnet@v4
        with:
          dotnet-version: '10.0.x'

      - name: Restore dependencies
        run: dotnet restore

      - name: Build
        run: dotnet build --no-restore -c Release

      - name: Run tests
        run: dotnet test --no-build -c Release --verbosity normal

This will create a clean CI pipeline that validates the code builds and tests pass without SonarCloud failures.

This pull request was created from Copilot chat.

---

✨ Let Copilot coding agent set things up for you — coding agent works faster and does higher quality work when set up for your repo.

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[rrusson]

LGTM

[Copilot]

Pull request overview

This PR simplifies the CI/CD workflow by removing SonarCloud integration and replacing it with a standard .NET build and test pipeline. The change addresses failing SonarCloud configuration issues by relying on SonarCloud's Automatic Analysis feature instead.

Changes:

• Removed all SonarCloud-specific setup steps (JDK 17, cache actions, scanner installation, and analysis commands)
• Replaced with a clean .NET workflow using .NET 10 SDK for restore, build, and test operations
• Added explicit permissions: contents: read to limit GITHUB_TOKEN scope for security
• Updated workflow name from "SonarQube" to "Build and Test"

[Copilot]

The fetch-depth: 0 setting fetches the entire Git history and is typically used for SonarCloud analysis to calculate accurate blame information and new code detection. Since SonarCloud has been removed from the CI workflow, this setting is no longer necessary and can be removed or changed to the default shallow clone behavior (fetch-depth: 1) to improve checkout performance.

Suggested change

	fetch-depth: 0
	fetch-depth: 1