Update .gitea/workflows/sonar-scan.yaml

.gitea/workflows/sonar-scan.yaml

@@ -4,12 +4,10 @@ on:
   push:
   pull_request:
 
-# Cancel in-progress runs for the same branch/PR
 concurrency:
   group: ${{ github.workflow }}-${{ github.ref }}
   cancel-in-progress: true
 
-# Least-privilege permissions
 permissions:
   contents: read
   pull-requests: read
@@ -18,19 +16,24 @@ jobs:
   build:
     name: Build and analyze
     runs-on: ubuntu-latest
-    
+
     steps:
       - uses: actions/checkout@v4
         with:
           fetch-depth: 0
 
-      - uses: sonarsource/sonarqube-scan-action@v3
+      - uses: actions/setup-java@v4
+        with:
+          distribution: temurin
+          java-version: 17
+          cache: maven
+
+      - name: Build and analyze
+        run: ./mvnw -B verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.projectKey=demo-platform
         env:
           SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
           SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
-          SONAR_SCANNER_JSON_PARAMS: '{"sonar.projectKey":"demo-platform"}'
 
-      # Fail the build if Quality Gate is red
       - uses: sonarsource/sonarqube-quality-gate-action@v1
         timeout-minutes: 5
         env: