ci: подключить SonarCloud без sonar-project.properties

- Sonar scan настроен через args в workflow

- Добавлены SONAR_ORGANIZATION и SONAR_PROJECT_KEY через GitHub Variables

- Скан выполняется только при наличии SONAR_TOKEN и переменных

Author: RomanVetrov

.github/workflows/ci.yml

@@ -24,6 +24,8 @@ jobs:
     steps:
       - name: Checkout
         uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
 
       - name: Setup Python
         uses: actions/setup-python@v5
@@ -88,6 +90,23 @@ jobs:
       - name: Run tests with coverage
         run: uv run pytest -q --cov=app --cov-report=term-missing --cov-report=xml --junitxml=pytest.xml
 
+      - name: SonarCloud Scan
+        if: ${{ secrets.SONAR_TOKEN != '' && vars.SONAR_PROJECT_KEY != '' && vars.SONAR_ORGANIZATION != '' }}
+        uses: SonarSource/sonarqube-scan-action@v5
+        with:
+          args: >
+            -Dsonar.projectKey=${{ vars.SONAR_PROJECT_KEY }}
+            -Dsonar.organization=${{ vars.SONAR_ORGANIZATION }}
+            -Dsonar.host.url=https://sonarcloud.io
+            -Dsonar.sources=app
+            -Dsonar.tests=tests
+            -Dsonar.test.inclusions=tests/**/*.py
+            -Dsonar.python.coverage.reportPaths=coverage.xml
+            -Dsonar.python.xunit.reportPath=pytest.xml
+        env:
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
       - name: Upload coverage report
         uses: actions/upload-artifact@v4
         with: