Migrate CI

.forgejo/workflows/sonarqube.yml

@@ -0,0 +1,38 @@
+name: SonarQube
+
+on:
+  push:
+    branches:
+      - master
+
+jobs:
+  sonarqube:
+    name: SonarQube
+    runs-on: docker
+
+    container:
+      image: alpine
+
+    steps:
+      - name: "Setup env"
+        run: apk add --no-cache git nodejs bash curl jq
+
+      - name: "Get repo"
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0  # Shallow clones should be disabled for a better relevancy of analysis
+
+      - name: "SonarQube Scan"
+        uses: https://github.com/sonarsource/sonarqube-scan-action@master
+        env:
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+          SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
+
+      # If you wish to fail your job when the Quality Gate is red, uncomment the
+      # following lines. This would typically be used to fail a deployment.
+      - name: "SonarQube Quality gate"
+        uses: https://github.com/sonarsource/sonarqube-quality-gate-action@master
+        timeout-minutes: 5
+        env:
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+          SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}

.gitlab-ci.yml

@@ -1,25 +0,0 @@
-include:
-  - template: Security/SAST.gitlab-ci.yml
-
-image: node:latest
-
-cache:
-  paths:
-    - node_modules/
-
-build:
-  stage: build
-  script:
-    - apt-get update && apt-get install -y python
-    - npm install
-    - npm run build
-
-sast:
-  stage: test
-  artifacts:
-    name: sast
-    paths:
-      - gl-sast-report.json
-    reports:
-      sast: gl-sast-report.json
-    when: always

.semgrepignore

@@ -1,26 +0,0 @@
-# Ignore git items
-.gitignore
-.git/
-:include .gitignore
-
-# Common large paths
-node_modules/
-build/
-dist/
-vendor/
-.env/
-.venv/
-.tox/
-*.min.js
-
-# Common test paths
-test/
-tests/
-*_test.go
-
-# Semgrep rules folder
-.semgrep
-
-# Semgrep-action log folder
-.semgrep_logs/
-

sonar-project.properties

@@ -0,0 +1 @@
+sonar.projectKey=administrator