Refine Qodana config and workflow: improve bootstrap logic and pass linter image via args

- Updated bootstrap step to support POSIX `sh` compatibility and refine Maven fallback logic.
- Replaced deprecated `image` input with `args` to pass the linter image in the workflow.

.github/workflows/qodana_code_quality.yml

@@ -1,9 +1,16 @@
 name: Qodana
 on:
   workflow_dispatch:
+    inputs:
+      target_ref:
+        description: 'Branch, tag, or commit SHA to analyze (default: develop)'
+        required: false
+        default: 'develop'
+        type: string
   pull_request:
   push:
     branches: # Specify your branches here
+      - master
       - main # The 'main' branch
       - develop
       - 'releases/*' # The release branches
@@ -16,14 +23,35 @@ jobs:
       pull-requests: write
       checks: write
     steps:
-      - uses: actions/checkout@v3
+      # Checkout for pull_request events: use the PR head SHA for accurate analysis
+      - name: Checkout (pull_request)
+        if: ${{ github.event_name == 'pull_request' }}
+        uses: actions/checkout@v4
         with:
-          ref: ${{ github.event.pull_request.head.sha }}  # to check out the actual pull request commit, not the merge commit
+          ref: ${{ github.event.pull_request.head.sha }}
           fetch-depth: 0  # a full history is required for pull request analysis
+
+      # Checkout for manual runs: use the selected branch/ref (default: develop)
+      - name: Checkout (workflow_dispatch)
+        if: ${{ github.event_name == 'workflow_dispatch' }}
+        uses: actions/checkout@v4
+        with:
+          ref: ${{ inputs.target_ref }}
+          fetch-depth: 0
+
+      # Checkout for push events (e.g., merges to develop): use the current commit
+      - name: Checkout (push)
+        if: ${{ github.event_name == 'push' }}
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
       - name: 'Qodana Scan'
         uses: JetBrains/qodana-action@v2025.2
         with:
-          pr-mode: false
+          # Enable PR-specific reporting only for pull_request events
+          pr-mode: ${{ github.event_name == 'pull_request' }}
+          # Pass the linter image via args (the action does not support an `image` input)
+          args: --image jetbrains/qodana-jvm:2025.2
         env:
           QODANA_TOKEN: ${{ secrets.QODANA_TOKEN_268690425 }}
           QODANA_ENDPOINT: 'https://qodana.cloud'

CODE_OF_CONDUCT.md

@@ -0,0 +1,5 @@
+# Contributor Code of Conduct
+
+This project adheres to No Code of Conduct.  We are all adults.  We accept anyone's contributions.  Nothing else matters.
+
+For more information please visit the [No Code of Conduct](https://nocodeofconduct.com) homepage.

qodana.yaml

@@ -6,5 +6,25 @@ version: "1.0"
 linter: jetbrains/qodana-jvm:2025.2
 profile:
   name: qodana.recommended
+bootstrap: |
+  # Generate sources (including protobuf) so Qodana resolves imports correctly
+  # Prefer Maven Wrapper if present; fall back to system mvn (POSIX sh compatible)
+  # Ensure mvnw is executable if present
+  if [ -f ./mvnw ]; then chmod +x ./mvnw || true; fi
+  if [ -x ./mvnw ]; then
+    ./mvnw -B -q -DskipTests -DskipITs=true generate-sources || true
+  elif [ -f ./mvnw ]; then
+    sh ./mvnw -B -q -DskipTests -DskipITs=true generate-sources || true
+  elif command -v mvn >/dev/null 2>&1; then
+    mvn -B -q -DskipTests -DskipITs=true generate-sources || true
+  else
+    echo "[Qodana bootstrap] Maven not available; skipping source generation"
+  fi
 include:
-  - name: CheckDependencyLicenses
+  - name: CheckDependencyLicenses
+exclude:
+  # Exclude generated sources from inspections to reduce noise
+  - name: All
+    paths:
+      - target/generated-sources/**
+      - target/protoc-dependencies/**