Add SonarCloud workflow with coverage + test results

Runs pytest with --cov to generate coverage.xml, then pushes to
SonarCloud for analysis. Badges on README auto-update with counts.

Setup: add SONAR_TOKEN secret from sonarcloud.io project settings.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

Author: aksOps

.github/workflows/sonarcloud.yml

@@ -0,0 +1,39 @@
+name: SonarCloud Analysis
+
+on:
+  push:
+    branches: [main]
+  pull_request:
+    branches: [main]
+  workflow_dispatch:
+
+permissions:
+  contents: read
+
+jobs:
+  sonarcloud:
+    name: SonarCloud Scan
+    runs-on: ubuntu-latest
+    continue-on-error: true
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: "3.12"
+
+      - name: Install project + test deps
+        run: pip install -e ".[dev]"
+
+      - name: Run tests with coverage
+        run: |
+          pytest tests/ --cov=code_intelligence --cov-report=xml:coverage.xml --junitxml=test-results.xml -q || true
+
+      - name: SonarCloud Scan
+        uses: SonarSource/sonarqube-scan-action@v5
+        env:
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

sonar-project.properties

@@ -0,0 +1,11 @@
+sonar.projectKey=RandomCodeSpace_code-iq
+sonar.organization=randomcodespace
+sonar.projectName=code-iq
+
+sonar.sources=src/code_intelligence
+sonar.tests=tests
+sonar.python.version=3.11,3.12,3.13
+sonar.sourceEncoding=UTF-8
+
+sonar.python.coverage.reportPaths=coverage.xml
+sonar.python.xunit.reportPath=test-results.xml