dnsjava
diff --git a/‎.github/actions/download-artifact/action.yml
-1 b/‎.github/actions/download-artifact/action.yml
-1
diff --git a/‎.github/actions/prepare-analysis/action.yml
+44 b/‎.github/actions/prepare-analysis/action.yml
+44
diff --git a/‎.github/workflows/analyze.yml
+59 b/‎.github/workflows/analyze.yml
+59
diff --git a/‎.github/workflows/build-pr.yml
-51 b/‎.github/workflows/build-pr.yml
-51
diff --git a/‎.github/workflows/build.yml
+19-45 b/‎.github/workflows/build.yml
+19-45
diff --git a/‎.github/workflows/junit-report.yml
-41 b/‎.github/workflows/junit-report.yml
-41
diff --git a/‎.github/workflows/sonar-pr.yml
-75 b/‎.github/workflows/sonar-pr.yml
-75
@@ -22,7 +22,6 @@ runs:
 
     - name: Extract artifacts
       run: |
-        ls -R .
         for t in ${{ inputs.name }}*.tar
         do
           tar -xvf "${t}"
 
@@ -0,0 +1,44 @@
+name: Prepare code analysis
+description: Prepare the working directory for SonarQube code analysis
+
+runs:
+  using: composite
+  steps:
+    - name: Get reports
+      uses: ./.github/actions/download-artifact
+      with:
+        name: reports
+
+    - name: Get coverage
+      uses: ./.github/actions/download-artifact
+      with:
+        name: merged-coverage
+
+    - name: Get classes
+      uses: ./.github/actions/download-artifact
+      with:
+        name: classes
+
+    - name: Create paths for JUnit reporting
+      id: junit_paths
+      shell: bash
+      run: |
+        report_paths=""
+        check_name=""
+        for file in target/surefire-reports-*
+        do
+          report_paths="${file}/TEST-*.xml"$'\n'"${report_paths}"
+          check_name="JUnit Report ${file##target/surefire-reports-}"$'\n'"${check_name}"
+        done
+        echo "report_paths<<EOF"$'\n'"${report_paths}EOF" >> $GITHUB_OUTPUT
+        echo "check_name<<EOF"$'\n'"${check_name}EOF" >> $GITHUB_OUTPUT
+
+    - name: Publish Test Report
+      uses: mikepenz/action-junit-report@v3
+      with:
+        commit: ${{ github.event.workflow_run.head_sha }}
+        report_paths: ${{ steps.junit_paths.outputs.report_paths }}
+        check_name: ${{ steps.junit_paths.outputs.check_name }}
+        require_tests: true
+        check_retries: true
+        detailed_summary: true
@@ -0,0 +1,59 @@
+name: Analyze PR
+
+on:
+  workflow_run:
+    workflows:
+      - 'Build'
+    types:
+      - completed
+
+permissions:
+  pull-requests: read
+  contents: read
+  checks: write
+
+jobs:
+  analyze:
+    name: Analyze Code
+    if: github.event.workflow_run.conclusion == 'success' && github.event.workflow_run.head_repository.fork
+    runs-on: ubuntu-latest
+    steps:
+      - name: echo
+        run: echo "${{ toJson(github.event) }}"
+
+      - name: Checkout base
+        uses: actions/checkout@v3
+        with:
+          repository: ${{ github.event.head_repository.full_name }}
+          ref: ${{ github.event.workflow_run.head_sha }}
+          path: base
+
+      - name: Checkout PR
+        uses: actions/checkout@v3
+        with:
+          repository: ${{ github.event.workflow_run.repository.full_name }}
+          # for Sonar
+          fetch-depth: 0
+
+      - name: Get analysis data
+        uses: ./base/.github/actions/prepare-analysis
+
+      - name: Set up JDK
+        uses: actions/setup-java@v3
+        with:
+          java-version: ${{ env.BUILD_JAVA_VERSION }}
+          distribution: temurin
+
+      - name: Run SonarQube
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+        shell: bash
+        run: |
+          cp -f base/pom.xml .
+          mvn -B \
+          -Dsonar.scm.revision=${{ github.event.workflow_run.head_sha }} \
+          -Dsonar.pullrequest.key=${{ github.event.workflow_run.pull_requests[0].number }} \
+          -Dsonar.pullrequest.branch=${{ github.event.workflow_run.pull_requests[0].head.ref }} \
+          -Dsonar.pullrequest.base=${{ github.event.workflow_run.pull_requests[0].base.ref }} \
+          org.sonarsource.scanner.maven:sonar-maven-plugin:sonar
@@ -55,7 +55,7 @@ jobs:
 
       - name: Upload classes
         uses: ./.github/actions/upload-artifact
-        if: matrix.java == env.BUILD_JAVA_VERSION && matrix.arch == 'x64' && matrix.os == 'ubuntu-latest'
+        if: always() && matrix.java == env.BUILD_JAVA_VERSION && matrix.arch == 'x64' && matrix.os == 'ubuntu-latest'
         with:
           name: classes
           path: target/*classes
@@ -102,67 +102,41 @@ jobs:
           name: classes
 
       - name: Merge and output
-        run: |
-          mvn -B jacoco:merge jacoco:report
-          ls -R target
+        run: mvn -B jacoco:merge jacoco:report
 
       - name: Upload
         uses: ./.github/actions/upload-artifact
         with:
           name: merged-coverage
-          path: target/site/jacoco/jacoco.xml
+          path: |
+            target/site/jacoco
+            target/jacoco.exec
+
+      - name: Save PR number to file
+        if: github.event_name == 'pull_request'
+        run: echo ${{ github.event.number }} > pr_number.txt
+
+      - name: Archive PR number
+        if: github.event_name == 'pull_request'
+        uses: actions/upload-artifact@v3
+        with:
+          name: pr_number
+          path: pr_number.txt
 
   analyze:
     name: Analyze Code
     runs-on: ubuntu-latest
     needs: coverage
+    if: github.event_name == 'push'
     steps:
       - name: Checkout
         uses: actions/checkout@v3
         with:
           # for Sonar
           fetch-depth: 0
 
-      - name: Get reports
-        uses: ./.github/actions/download-artifact
-        with:
-          name: reports
-
-      - name: Get coverage
-        uses: ./.github/actions/download-artifact
-        with:
-          name: merged-coverage
-
-      - name: Get classes
-        uses: ./.github/actions/download-artifact
-        with:
-          name: classes
-
-      - name: Display structure of downloaded files
-        run: ls -R
-
-      - name: Create paths for JUnit reporting
-        id: junit_paths
-        run: |
-          report_paths=""
-          check_name=""
-          for file in target/surefire-reports-*
-          do
-            report_paths="${file}/TEST-*.xml"$'\n'"${report_paths}"
-            check_name="JUnit Report ${file##target/surefire-reports-}"$'\n'"${check_name}"
-          done
-          echo "report_paths<<EOF"$'\n'"${report_paths}EOF" >> $GITHUB_OUTPUT
-          echo "check_name<<EOF"$'\n'"${check_name}EOF" >> $GITHUB_OUTPUT
-
-      - name: Publish Test Report
-        uses: mikepenz/action-junit-report@v3
-        with:
-          commit: ${{ github.event.workflow_run.head_sha }}
-          report_paths: ${{ steps.junit_paths.outputs.report_paths }}
-          check_name: ${{ steps.junit_paths.outputs.check_name }}
-          require_tests: true
-          check_retries: true
-          detailed_summary: true
+      - name: Get analysis data
+        uses: ./.github/actions/prepare-analysis
 
       - name: Set up JDK
         uses: actions/setup-java@v3