.cursor/rules/default.mdc

@@ -0,0 +1,13 @@
+---
+alwaysApply: true
+---
+
+MCP предоставляет ассистенту доступ к данным SonarQube. Используй инструменты для:
+Поиска проблем: search_sonar_issues_in_projects
+Проверки статуса: get_project_quality_gate_status, get_system_status, get_system_health
+Анализа кода: analyze_code_snippet, get_raw_source
+Работы с задачами: change_sonar_issue_status
+Получения метрик: get_component_measures, search_metrics
+Получение документации по библиотекам: use context7
+Не гадай — запрашивай данные. Уточняй ключи проектов и issue. Действуй точно, опираясь на информацию из SonarQube.
+Текущий проект ChatBot

.cursor/rules/sonarqube_mcp_instructions.mdc

@@ -0,0 +1,47 @@
+---
+description: SonarQube MCP Server usage guidelines
+globs:
+alwaysApply: true
+---
+
+These are some guidelines when using the SonarQube MCP server.
+
+# Important Tool Guidelines
+
+## Basic usage
+- When starting a new task, disable automatic analysis with the `toggle_automatic_analysis` tool if it exists.
+- When you are done generating code at the very end of the task, re-enable automatic analysis with the `toggle_automatic_analysis` tool if it exists.
+Then call the `analyze_file_list` tool if it exists.
+
+## Project Keys
+- When a user mentions a project key, use `search_my_sonarqube_projects` first to find the exact project key
+- Don't guess project keys - always look them up
+
+## Code Language Detection
+- When analyzing code snippets, try to detect the programming language from the code syntax
+- If unclear, ask the user or make an educated guess based on syntax
+
+## Branch and Pull Request Context
+- Many operations support branch-specific analysis
+- If user mentions working on a feature branch, include the branch parameter
+- Pull request analysis is available for PR-specific insights
+
+## Code Issues and Violations
+- After fixing issues, do not attempt to verify them using `search_sonar_issues_in_projects`, as the server will not yet reflect the updates
+
+# Common Troubleshooting
+
+## Authentication Issues
+- SonarQube requires USER tokens (not project tokens)
+- When the error `SonarQube answered with Not authorized` occurs, verify the token type
+
+## Project Not Found
+- Use `search_my_sonarqube_projects` to confirm available projects
+- Check if user has access to the specific project
+- Verify project key spelling and format
+
+## Code Analysis Issues
+- Ensure programming language is correctly specified
+- Remind users that snippet analysis doesn't replace full project scans
+- Provide full file content for better analysis results
+- Mention that code snippet analysis tool has limited capabilities compared to full SonarQube scans

.gitea/workflows/publish-docker.yml

@@ -1,7 +1,10 @@
 name: Publish Docker Image
 
 on:
-  push:
+  workflow_run:
+    workflows: ["SonarQube", "Tests"]
+    types:
+      - completed
     branches:
       - master
 
@@ -9,6 +12,8 @@ jobs:
   publish:
     name: Build and Publish to Harbor
     runs-on: ubuntu-latest
+    # Запускаем только если предыдущий workflow успешно завершился
+    if: ${{ github.event.workflow_run.conclusion == 'success' }}
     steps:
       - name: Checkout code
         uses: actions/checkout@v4