Added in the sonar scan job (#19)

* Added in the sonar scan job

Author: TaylorHalf

Diff for: .github/workflows/pr-checks.yml

@@ -0,0 +1,40 @@
+name: PR-checks
+
+on:
+ push:
+   branches: ['develop']
+ pull_request:
+   branches: ['develop']
+
+jobs:
+  scanner:
+    permissions:
+      id-token: write
+      contents: write
+      pull-requests: write
+    runs-on: X64
+    steps:
+      - uses: actions/checkout@v3
+      - uses: actions/setup-node@v4
+        with:
+          node-version-file: '.nvmrc'
+      - uses: aws-actions/configure-aws-credentials@v4
+        with:
+          role-to-assume: ${{ secrets.CVS_MGMT_AWS_ROLE }}
+          aws-region: ${{ secrets.DVSA_AWS_REGION }}
+          role-session-name: 'cvs-tsk-transform-tech-records'
+      - uses: aws-actions/aws-secretsmanager-get-secrets@v1
+        with:
+          secret-ids: sonarqube-gha
+          parse-json-secrets: true
+      - name: Install dependencies
+        run: npm ci
+      - name: Run SonarQube scanner
+        run: |
+         npm run test && \
+         npm run sonar-scanner -- \
+         -Dsonar.host.url=${{ env.SONARQUBE_GHA_URL }} \
+         -Dsonar.token=${{ env.SONARQUBE_GHA_TOKEN }} \
+         -Dsonar.login=${{ env.SONARQUBE_GHA_TOKEN }} \
+         -Dsonar.projectName=${{ github.repository }} \
+         -Dsonar.projectVersion=1.0.${{ github.run_id }}