name: SonarQube .NET Analysis (Reusable)

on:
  workflow_call:
    inputs:
      sonar-project-key:
        description: "SonarQube project key (/k:)"
        required: true
        type: string
      working-directory:
        description: "Path where dotnet build is executed (relative to repo root)"
        required: false
        default: "."
        type: string
      dotnet-version:
        description: ".NET SDK version"
        required: false
        default: "10.0.x"
        type: string
      build-command:
        description: "Build command to execute"
        required: false
        default: "dotnet build"
        type: string
    secrets:
      SONAR_HOST:
        description: "SonarQube server URL (e.g. https://sonarqube.mycompany.com)"
        required: true
      SONAR_TOKEN:
        description: "SonarQube token for the project"
        required: true

jobs:
  sonar-analysis:
    runs-on: ubuntu-latest
    env:
      DOTNET_CLI_TELEMETRY_OPTOUT: "1"

    steps:
      - name: Checkout
        uses: actions/checkout@v6

      - name: Setup .NET
        uses: actions/setup-dotnet@v5
        with:
          dotnet-version: ${{ inputs.dotnet-version }}

      - name: Install SonarScanner for .NET
        run: dotnet tool install --global dotnet-sonarscanner

      - name: Add .NET global tools to PATH
        run: echo "$HOME/.dotnet/tools" >> "$GITHUB_PATH"

      - name: SonarQube Begin
        working-directory: ${{ inputs.working-directory }}
        run: |
          dotnet sonarscanner begin \
            /k:"${{ inputs.sonar-project-key }}" \
            /d:sonar.host.url="${{ secrets.SONAR_HOST }}" \
            /d:sonar.token="${{ secrets.SONAR_TOKEN }}"

      - name: Build
        working-directory: ${{ inputs.working-directory }}
        run: ${{ inputs.build-command }}

      - name: SonarQube End
        working-directory: ${{ inputs.working-directory }}
        run: |
          dotnet sonarscanner end \
            /d:sonar.token="${{ secrets.SONAR_TOKEN }}"