fix sonar workflow

.github/workflows/prune-caches.yml

@@ -16,8 +16,8 @@ jobs:
       - uses: actions/checkout@v4
       - name: "Add link to trigger workflow to summary"
         run: >
-          echo 'Trigger: [${{ github.event.workflow_run.display_title }} [
-          ${{ github.event.workflow_run.event }} 
+          echo 'Trigger: [${{ github.event.workflow_run.display_title }}
+          [${{ github.event.workflow_run.event }}
           ${{ github.event.workflow_run.head_branch }}]](
           ${{ github.event.workflow_run.html_url }})' >> $GITHUB_STEP_SUMMARY
       - run: .github/prune-caches.sh ccache-self-sufficiency

.github/workflows/sonar.yml

@@ -14,14 +14,10 @@ jobs:
     steps:
       - name: "Add link to trigger workflow to summary"
         run: >
-          echo 'Trigger: [${{ github.event.workflow_run.display_title }} [
-          ${{ github.event.workflow_run.event }} 
+          echo 'Trigger: [${{ github.event.workflow_run.display_title }}
+          [${{ github.event.workflow_run.event }}
           ${{ github.event.workflow_run.head_branch }}]](
           ${{ github.event.workflow_run.html_url }})' >> $GITHUB_STEP_SUMMARY
-      - name: Install sonar-scanner
-        uses: SonarSource/sonarcloud-github-c-cpp@v2
-        with:
-          cache-binaries: false
       - name: Dump GitHub context
         env:
           GITHUB_CONTEXT: ${{ toJson(github) }}
@@ -57,7 +53,8 @@ jobs:
           script: |
             const fs = require('fs');
             const pr_number = Number(fs.readFileSync('static-analysis/PR-NUMBER'));
-            const { data: pr_meta } = await github.pulls.get({
+            core.setOutput("pr-number", pr_number);
+            const { data: pr_meta } = await github.rest.pulls.get({
               owner: '${{ github.event.workflow_run.repository.owner.login }}',
               repo: '${{ github.event.workflow_run.repository.name }}',
               pull_number: pr_number,
@@ -66,8 +63,10 @@ jobs:
             if ('${{ github.event.workflow_run.head_commit.id }}' != pr_meta.head.sha) {
               core.setFailed('Triggering workflow commit sha does not match claimed PR head commit sha!');
             }
+            core.setOutput("base-ref", pr_meta.base.ref);
             return pr_meta;
-      - name: Dump GitHub context 2
+      - name: Dump GitHub context with PR Metadata
+        if: github.event.workflow_run.event == 'pull_request'
         env:
           GITHUB_CONTEXT: ${{ toJson(github) }}
           STEPS_CONTEXT: ${{ toJson(steps) }}
@@ -82,19 +81,24 @@ jobs:
         run: |
           git remote add upstream ${{ github.event.repository.clone_url }}
           git fetch upstream
-          git checkout -B ${{ steps.pr-info.outputs.result.base.ref }} upstream/${{ steps.pr-info.outputs.result.base.ref }}
+          git checkout -B ${{ steps.pr-info.outputs.base-ref }} upstream/${{ steps.pr-info.outputs.base-ref }}
           git checkout ${{ github.event.workflow_run.head_branch }}
-          git clean -ffdx && git reset --hard HEAD
-          git reset --hard upstream/${{ steps.pr-info.outputs.result.base.ref }} sonar-project.properties
+          git checkout upstream/${{ steps.pr-info.outputs.base-ref }} -- sonar-project.properties
+
+      - name: Install sonar-scanner
+        uses: SonarSource/sonarcloud-github-c-cpp@v2
+        with:
+          cache-binaries: false
 
       - name: SonarCloud PR Scan
         if: github.event.workflow_run.event == 'pull_request'
         run: >
           sonar-scanner
           -Dsonar.links.ci=https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}
-          -Dsonar.pullrequest.key=${{ steps.pr-info.outputs.result.number }}
+          -Dsonar.scm.revision=${{ github.event.workflow_run.head_sha }}
+          -Dsonar.pullrequest.key=${{ steps.pr-info.outputs.pr-number }}
           -Dsonar.pullrequest.branch=${{ github.event.workflow_run.head_branch }}
-          -Dsonar.pullrequest.base=${{ steps.pr-info.outputs.result.base.ref }}
+          -Dsonar.pullrequest.base=${{ steps.pr-info.outputs.base-ref }}
           -Dproject.settings=sonar-project.properties
         env:
           SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}