Correct PR workflow to work for PRs from forked repositories

.fossa.yml

@@ -1,4 +1,7 @@
 version: 3
+project:
+  locator: custom+46664/github.com/OptimumCode/json-schema-validator
+  id: https://github.com/OptimumCode/json-schema-validator
 targets:
   only:
     - type: gradle

.github/workflows/pr-compliance-check.yml

@@ -0,0 +1,82 @@
+name: "Check PR complains with requirements"
+
+on:
+  pull_request_target:
+  workflow_run:
+    workflows: ['Run tests for PR']
+    types: [completed]
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.event.workflow_run.pull_requests[0].number }}
+  cancel-in-progress: true
+
+jobs:
+  reviewdog:
+    if: github.event_name == 'workflow_run'
+    strategy:
+      matrix:
+        include:
+          - tool: ktlint
+          - tool: detekt
+    permissions:
+      pull-requests: write
+    runs-on: ubuntu-latest
+    steps:
+    - name: 'Checkout Repository'
+      uses: actions/checkout@v4
+    - name: Download benchmark results
+      uses: dawidd6/action-download-artifact@v6
+      with:
+        name: style-reports
+        path: reports/
+        run_id: ${{ github.event.workflow_run.id }}
+    - name: Setup reviewdog
+      uses: reviewdog/action-setup@v1
+      with:
+        reviewdog_version: latest
+    - name: Run reviewdog ${{ matrix.tool }}
+      env:
+        REVIEWDOG_GITHUB_API_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        CI_PULL_REQUEST: ${{ github.event.pull_request[0].number }}
+        CI_REPO_OWNER: ${{ github.repository_owner }}
+        CI_REPO_NAME: ${{ github.event.repository.name }}
+        CI_COMMIT: ${{ github.event.workflow_run.pull_requests[0].head.repo }}
+      run: echo reports/${{ matrix.tool }}-reviewdog.out | reviewdog -tee -reporter=github-pr-review
+  danger-check:
+    if: github.event_name == 'pull_request_target'
+    runs-on: ubuntu-latest
+    permissions:
+      pull-requests: write
+      statuses: write
+    steps:
+      - name: 'Checkout Repository'
+        uses: actions/checkout@v4
+      - name: Danger
+        uses: danger/[email protected]
+        with:
+          run-mode: ci
+          dangerfile: Dangerfile.df.kts
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+  upload-coverage:
+    runs-on: ubuntu-latest
+    if: github.event.workflow_run.actor.name != 'dependabot[bot]' && github.repository == 'OptimumCode/json-schema-validator' && github.event.workflow_run.conclusion == 'success'
+    steps:
+      - name: 'Checkout Repository'
+        uses: actions/checkout@v4
+        with:
+          repository: ${{ github.event.workflow_run.head_repository.full_name }}
+          ref: ${{ github.event.workflow_run.head_sha }}
+      - name: Download benchmark results
+        uses: dawidd6/action-download-artifact@v6
+        with:
+          name: coverage-reports
+          path: reports/
+          run_id: ${{ github.event.workflow_run.id }}
+      - name: Upload coverage reports to Codecov
+        uses: codecov/codecov-action@v4
+        with:
+          override_branch: ${{ github.event.workflow_run.pull_requests[0].head.ref }}
+          override_commit: ${{ github.event.workflow_run.pull_requests[0].head.sha }}
+          override_pr: ${{ github.event.workflow_run.pull_requests[0].number }}
+          token: ${{ secrets.CODECOV_TOKEN }}

.github/workflows/pull_request.yml

@@ -1,4 +1,4 @@
-name: "Check the PR"
+name: "Run tests for PR"
 
 on:
   pull_request:
@@ -13,11 +13,9 @@ concurrency:
 jobs:
   dump-unicode-data:
     uses: ./.github/workflows/unicode-dump.yml
-  reviewdog:
+  collect-output-reviewdog:
     needs:
       - dump-unicode-data
-    permissions:
-      pull-requests: write
     runs-on: ubuntu-latest
     steps:
     - name: 'Checkout Repository'
@@ -48,32 +46,18 @@ jobs:
       uses: gradle/actions/setup-gradle@v4
       with:
         gradle-version: wrapper
-    - name: Setup reviewdog
-      uses: reviewdog/action-setup@v1
+    - name: Run ktlint
+      run: ./gradlew ktlintCheck --console plain > ktlint-reviewdog.out 2>&1 || true
+    - name: Run detekt
+      run: ./gradlew -q detekt detektAll --console plain > detekt-reviewdog.out 2>&1 || true
+    - name: Collect output for reviewdog
+      uses: actions/upload-artifact@v4
       with:
-        reviewdog_version: latest
-    - name: Run reviewdog
-      env:
-        REVIEWDOG_GITHUB_API_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-      run: reviewdog -tee -reporter=github-pr-review
+        name: style-reports
+        path: '*-reviewdog.out'
   check-pr:
     needs:
       - dump-unicode-data
     uses: ./.github/workflows/build-and-test.yml
     with:
       collect-code-coverage: true
-  danger-check:
-    runs-on: ubuntu-latest
-    permissions:
-      pull-requests: write
-      statuses: write
-    steps:
-      - name: 'Checkout Repository'
-        uses: actions/checkout@v4
-      - name: Danger
-        uses: danger/[email protected]
-        with:
-          run-mode: ci
-          dangerfile: Dangerfile.df.kts
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}