Initial documentation, pipeline and save zap scan as a markdown #7

	name: Validate - SonarQube

	on:
	push:
	branches: [ "main" ]
	pull_request:
	branches: [ "main" ]
	workflow_dispatch:

	permissions:
	pull-requests: read

	jobs:
	Analysis:
	runs-on: ubuntu-latest

	steps:
	- uses: actions/checkout@v4
	with:
	fetch-depth: 0

	- name: Set up JDK 17
	uses: actions/setup-java@v4
	with:
	java-version: 17
	distribution: 'zulu'

	- name: Install SonarCloud scanners
	run: dotnet tool install --global dotnet-sonarscanner

	- name: Install SonarCloud coverage
	run: dotnet tool install --global dotnet-coverage

	- name: Set Node.js 20.x
	uses: actions/setup-node@v4
	with:
	node-version: 20.x

	- name: Run install
	uses: borales/actions-yarn@v5
	with:
	cmd: install
	dir: ./src/web/CareLeavers.Web

	- name: Run Gulp Dev
	working-directory: ./src/web/CareLeavers.Web
	run: gulp dev

	- name: Build, Test and Analyze
	working-directory: ./src
	env:
	SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
	run: \|
	dotnet-sonarscanner begin \
	/k:DFE-Digital_care-leavers \
	/o:dfe-digital \
	/d:sonar.qualitygate.wait=true \
	/d:sonar.cs.vscoveragexml.reportsPaths=coverage.xml \
	/d:sonar.coverage.exclusions=/Program.cs,/.html,/.json,*/.scss,/wwwroot/ \
	/d:sonar.token="${{ secrets.SONAR_TOKEN }}" \
	/d:sonar.dotnet.excludeTestProjects=true \
	/d:sonar.host.url="https://sonarcloud.io" \
	/d:sonar.scanner.scanAll=false
	dotnet build --no-incremental
	dotnet-coverage collect --settings dotnet-cover-config.xml -f xml -o coverage.xml "dotnet test"
	dotnet-sonarscanner end /d:sonar.token="${{ secrets.SONAR_TOKEN }}"

Provide feedback