From d70e2f69ee4957268496af4f4fd718c523d7c0ce Mon Sep 17 00:00:00 2001
From: Edward Thomson <ethomson@edwardthomson.com>
Date: Mon, 25 May 2026 16:46:57 +0100
Subject: [PATCH] ci: drop coverity, add sonarqube

Coverity has appeared to stop working with no status updates. Remove it.

Add SonarQube.
---
 .github/workflows/nightly.yml | 26 +++++++++++++-------------
 1 file changed, 13 insertions(+), 13 deletions(-)

diff --git a/.github/workflows/nightly.yml b/.github/workflows/nightly.yml
index d7a6c64c9..93dbb0b86 100644
--- a/.github/workflows/nightly.yml
+++ b/.github/workflows/nightly.yml
@@ -447,31 +447,31 @@ jobs:
       with:
         paths: 'test-results-*/*.xml'
 
-  coverity:
+  sonarqube:
     # Only run scheduled workflows on the main repository; prevents people
     # from using build minutes on their forks.
     if: github.repository == 'libgit2/libgit2'
 
-    name: Coverity
+    name: SonarQube
     runs-on: ubuntu-latest
     steps:
     - name: Check out repository
       uses: actions/checkout@v4
       with:
-        path: source
         fetch-depth: 0
-    - name: Set up container
-      uses: ./source/.github/actions/download-or-build-container
+    - name: Run SonarQube
+      uses: SonarSource/sonarqube-scan-action@v8
       with:
-        registry: ${{ env.docker-registry }}
-        config-path: ${{ env.docker-config-path }}
-        container: xenial
-        github_token: ${{ secrets.github_token }}
-      if: matrix.platform.container.name != ''
-    - name: Run Coverity
-      run: source/ci/coverity.sh
+        args: >
+          -Dsonar.organization=libgit2_libgit2
+          -Dsonar.organization=libgit2
+          -Dsonar.projectKey=libgit2
+          -Dsonar.projectName=libgit2
+          -Dsonar.sources=src
+          -Dsonar.tests=tests
+          -Dsonar.test.exclusions="tests/resources/**/*"
       env:
-        COVERITY_TOKEN: ${{ secrets.coverity_token }}
+        SONAR_TOKEN: ${{ secrets.sonar_token }}
 
   codeql:
     # Only run scheduled workflows on the main repository; prevents people