Allow manual trigger of Sonar code quality check

.github/workflows/code-quality.yml

@@ -14,18 +14,12 @@
 
 name: Code Quality Check
 
-on:
-  # Analysis done to check for security and quality are often taken care of by vendor tools, such as SonarCloud, CodeQL, etc.
-  # We will not run these in PR pipelins for the following reasons:
-  # 1. In terms of quality checks, these analysis are often already covered by code checks (e.g. eslint) already set to run
-  #    for PRs
-  # 2. Security checks are included meaning that these checks will have to go through a huge libraries of vulnerability checks
-  #    from vendor, which could take up huge amount of time to run, which is not suitable to have in PR unless absolutely necessary.
-  #    However, most of the problems detected by these checks are often security warnings and some other niche problems that we might
-  #    or might not necessarily have to deal with (false positive, or belongs to test-only codepath)
-  push:
-    branches:
-      - master
+on: [workflow_dispatch]
+  # NOTE: currently, this is failing, we need further investigation to fix this build, for now, we will
+  # disable this code quality check to save resource
+  # push:
+  #   branches:
+  #     - master
 
 env:
   SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}