CI: Add GHA merge worklow that runs SonarCloud scan

Change-Id: Iec9381c3038ec54a680199c151d82097875ad64e
Signed-off-by: Jessica Wagantall <>
diff --git a/.github/workflows/gerrit-novote-merge.yaml b/.github/workflows/gerrit-novote-merge.yaml
new file mode 100644
index 0000000..ebc3c8c
--- /dev/null
+++ b/.github/workflows/gerrit-novote-merge.yaml
@@ -0,0 +1,114 @@
+name: Gerrit Merge
+# yamllint disable-line rule:truthy
+  workflow_dispatch:
+    inputs:
+        description: "Branch that change is against"
+        required: true
+        type: string
+        description: "The ID for the change"
+        required: true
+        type: string
+        description: "The Gerrit number"
+        required: true
+        type: string
+        description: "URL to the change"
+        required: true
+        type: string
+        description: "Type of Gerrit event"
+        required: true
+        type: string
+        description: "The patch number for the change"
+        required: true
+        type: string
+        description: "The revision sha"
+        required: true
+        type: string
+        description: "Project in Gerrit"
+        required: true
+        type: string
+        description: "Gerrit refspec of change"
+        required: true
+        type: string
+    secrets:
+        description: "Sonar Cloud access token"
+        required: true
+  # yamllint disable-line rule:line-length
+  group: gerrit-merge-${{ github.workflow }}-${{ github.event.inputs.GERRIT_CHANGE_ID || github.run_id }}
+  cancel-in-progress: true
+  notify:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Notify job start
+        # yamllint disable-line rule:line-length
+        uses: lfit/gerrit-review-action@9627b9a144f2a2cad70707ddfae87c87dce60729  # v0.8
+        with:
+          host: ${{ vars.GERRIT_SERVER }}
+          username: ${{ vars.GERRIT_SSH_USER }}
+          key: ${{ secrets.GERRIT_SSH_PRIVKEY }}
+          known_hosts: ${{ vars.GERRIT_KNOWN_HOSTS }}
+          gerrit-change-number: ${{ inputs.GERRIT_CHANGE_NUMBER }}
+          gerrit-patchset-number: ${{ inputs.GERRIT_PATCHSET_NUMBER }}
+          vote-type: clear
+          comment-only: true
+      - name: Allow replication
+        run: sleep 10s
+  call-sonarcloud-scan:
+    runs-on: ubuntu-latest
+    needs: notify
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          ref: ${{ inputs.GERRIT_BRANCH }}
+          submodules: "true"
+      - name: Run SonarCloud Scan
+        uses: sonarsource/sonarcloud-github-action@master
+        env:
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+        with:
+          args: >
+            -Dsonar.organization=o-ran-sc
+            -Dsonar.projectBaseDir=.
+            -Dsonar.projectKey=o-ran-sc_sim-a1-interface
+            -Dsonar.projectName=sim-a1-interface
+            -Dsonar.python.coverage.reportPaths=./coverage.xml
+            -Dsonar.sources=near-rt-ric-simulator
+            -Dsonar.verbose=true
+  report-status:
+    if: ${{ always() }}
+    needs: [notify, call-sonarcloud-scan]
+    runs-on: ubuntu-latest
+    steps:
+      - name: Get workflow conclusion
+        uses: technote-space/workflow-conclusion-action@v3
+      - name: Report workflow conclusion
+        # yamllint disable-line rule:line-length
+        uses: lfit/gerrit-review-action@9627b9a144f2a2cad70707ddfae87c87dce60729  # v0.8
+        with:
+          host: ${{ vars.GERRIT_SERVER }}
+          username: ${{ vars.GERRIT_SSH_USER }}
+          key: ${{ secrets.GERRIT_SSH_PRIVKEY }}
+          known_hosts: ${{ vars.GERRIT_KNOWN_HOSTS }}
+          gerrit-change-number: ${{ inputs.GERRIT_CHANGE_NUMBER }}
+          gerrit-patchset-number: ${{ inputs.GERRIT_PATCHSET_NUMBER }}
+          vote-type: ${{ env.WORKFLOW_CONCLUSION }}
+          comment-only: true