ci: add SonarQube scan with secret token

.woodpecker.yml

@@ -58,6 +58,16 @@ steps:
       - npm test
     depends_on: [install]
 
+  - name: sonar
+    image: bash
+    environment:
+      SONAR_TOKEN:
+        from_secret: sonar_token
+    commands:
+      - export PATH="/opt/sonar-scanner-6.2.1.4610-linux-x64/bin:$PATH"
+      - sonar-scanner -Dsonar.token=$SONAR_TOKEN
+    depends_on: [lint, test]
+
   # Uncomment when deploy script is set up on VPS:
   #
   # - name: deploy

sonar-project.properties

@@ -0,0 +1,6 @@
+sonar.projectKey=ai-template
+sonar.projectName=AI Template
+sonar.host.url=https://sonar.spektrtest.online
+
+sonar.sources=apps/web,apps/api
+sonar.exclusions=**/node_modules/**,**/.next/**,**/dist/**,**/coverage/**,**/*.config.*,**/public/**