Merge pull request #289 from 0xPolygonHermez/security-update

Security update

.github/workflows/sonarqube.yml

@@ -1,22 +1,24 @@
-name: SonarQube analysis
-
+name: Security Build
 on:
   push:
     branches:
+      - main
       - develop
-
+      - staging
+  workflow_dispatch: {}
+  pull_request:
+    types: [opened, synchronize, reopened]
+
 jobs:
-  sonarqube:
+  sonarcloud:
+    name: SonarCloud
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v2
-      with:
-        # Disabling shallow clone is recommended for improving relevancy of reporting.
-        fetch-depth: 0
-
-    # Triggering SonarQube analysis as results of it are required by Quality Gate check.
-    - name: SonarQube Scan
-      uses: sonarsource/sonarqube-scan-action@master
-      env:
-        SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
-        SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
+      - uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+      - name: SonarCloud Scan
+        uses: SonarSource/sonarcloud-github-action@master
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}

sonar-project.properties

@@ -1 +1,2 @@
-sonar.projectKey=zkevm-bridge-ui
+sonar.projectKey=0xPolygonHermez_zkevm-bridge-ui
+sonar.organization=0xPolygonHermez