|
1 | | -# Runs DangerJS with a pre-configured set of rules on a Pull Request. |
2 | | -on: |
3 | | - workflow_call: |
4 | | - inputs: |
5 | | - _workflow_version: |
6 | | - description: 'Internal: specify github-workflows (this repo) revision to use when checking out scripts.' |
7 | | - type: string |
8 | | - required: false |
9 | | - default: v2 # Note: update when publishing a new version |
10 | | - outputs: |
11 | | - outcome: |
12 | | - description: Whether the Danger run finished successfully. Possible values are success, failure, cancelled, or skipped. |
13 | | - value: ${{ jobs.danger.outputs.outcome }} |
14 | | - |
15 | | -jobs: |
16 | | - danger: |
17 | | - runs-on: ubuntu-latest |
18 | | - outputs: |
19 | | - outcome: ${{ steps.danger.outcome }} |
20 | | - steps: |
21 | | - - uses: actions/checkout@v3 |
22 | | - with: |
23 | | - fetch-depth: 0 |
24 | | - |
25 | | - - name: Download dangerfile.js |
26 | | - run: wget https://raw.githubusercontent.com/getsentry/github-workflows/${{ inputs._workflow_version }}/danger/dangerfile.js -P ${{ runner.temp }} |
27 | | - |
28 | | - # Using a pre-built docker image in GitHub container registry instaed of NPM to reduce possible attack vectors. |
29 | | - - name: Run DangerJS |
30 | | - id: danger |
31 | | - run: | |
32 | | - docker run \ |
33 | | - --volume ${{ github.workspace }}:/github/workspace \ |
34 | | - --volume ${{ runner.temp }}:${{ runner.temp }} \ |
35 | | - --workdir /github/workspace \ |
36 | | - --user $UID \ |
37 | | - -e "INPUT_ARGS" -e "GITHUB_JOB" -e "GITHUB_REF" -e "GITHUB_SHA" -e "GITHUB_REPOSITORY" -e "GITHUB_REPOSITORY_OWNER" -e "GITHUB_RUN_ID" -e "GITHUB_RUN_NUMBER" -e "GITHUB_RETENTION_DAYS" -e "GITHUB_RUN_ATTEMPT" -e "GITHUB_ACTOR" -e "GITHUB_TRIGGERING_ACTOR" -e "GITHUB_WORKFLOW" -e "GITHUB_HEAD_REF" -e "GITHUB_BASE_REF" -e "GITHUB_EVENT_NAME" -e "GITHUB_SERVER_URL" -e "GITHUB_API_URL" -e "GITHUB_GRAPHQL_URL" -e "GITHUB_REF_NAME" -e "GITHUB_REF_PROTECTED" -e "GITHUB_REF_TYPE" -e "GITHUB_WORKSPACE" -e "GITHUB_ACTION" -e "GITHUB_EVENT_PATH" -e "GITHUB_ACTION_REPOSITORY" -e "GITHUB_ACTION_REF" -e "GITHUB_PATH" -e "GITHUB_ENV" -e "GITHUB_STEP_SUMMARY" -e "RUNNER_OS" -e "RUNNER_ARCH" -e "RUNNER_NAME" -e "RUNNER_TOOL_CACHE" -e "RUNNER_TEMP" -e "RUNNER_WORKSPACE" -e "ACTIONS_RUNTIME_URL" -e "ACTIONS_RUNTIME_TOKEN" -e "ACTIONS_CACHE_URL" -e GITHUB_ACTIONS=true -e CI=true \ |
38 | | - -e GITHUB_TOKEN="${{ github.token }}" \ |
39 | | - -e DANGER_DISABLE_TRANSPILATION="true" \ |
40 | | - ghcr.io/danger/danger-js:11.1.2 \ |
41 | | - --failOnErrors --dangerfile ${{ runner.temp }}/dangerfile.js |
| 1 | +# Runs DangerJS with a pre-configured set of rules on a Pull Request. |
| 2 | +on: |
| 3 | + workflow_call: |
| 4 | + inputs: |
| 5 | + _workflow_version: |
| 6 | + description: 'Internal: specify github-workflows (this repo) revision to use when checking out scripts.' |
| 7 | + type: string |
| 8 | + required: false |
| 9 | + default: v2 # Note: update when publishing a new version |
| 10 | + outputs: |
| 11 | + outcome: |
| 12 | + description: Whether the Danger run finished successfully. Possible values are success, failure, cancelled, or skipped. |
| 13 | + value: ${{ jobs.danger.outputs.outcome }} |
| 14 | + |
| 15 | +jobs: |
| 16 | + danger: |
| 17 | + runs-on: ubuntu-latest |
| 18 | + outputs: |
| 19 | + outcome: ${{ steps.danger.outcome }} |
| 20 | + steps: |
| 21 | + - uses: actions/checkout@v3 |
| 22 | + with: |
| 23 | + fetch-depth: 0 |
| 24 | + |
| 25 | + - name: Download dangerfile.js |
| 26 | + run: wget https://raw.githubusercontent.com/getsentry/github-workflows/${{ inputs._workflow_version }}/danger/dangerfile.js -P ${{ runner.temp }} |
| 27 | + |
| 28 | + # Using a pre-built docker image in GitHub container registry instaed of NPM to reduce possible attack vectors. |
| 29 | + - name: Run DangerJS |
| 30 | + id: danger |
| 31 | + run: | |
| 32 | + docker run \ |
| 33 | + --volume ${{ github.workspace }}:/github/workspace \ |
| 34 | + --volume ${{ runner.temp }}:${{ runner.temp }} \ |
| 35 | + --workdir /github/workspace \ |
| 36 | + --user $UID \ |
| 37 | + -e "INPUT_ARGS" -e "GITHUB_JOB" -e "GITHUB_REF" -e "GITHUB_SHA" -e "GITHUB_REPOSITORY" -e "GITHUB_REPOSITORY_OWNER" -e "GITHUB_RUN_ID" -e "GITHUB_RUN_NUMBER" -e "GITHUB_RETENTION_DAYS" -e "GITHUB_RUN_ATTEMPT" -e "GITHUB_ACTOR" -e "GITHUB_TRIGGERING_ACTOR" -e "GITHUB_WORKFLOW" -e "GITHUB_HEAD_REF" -e "GITHUB_BASE_REF" -e "GITHUB_EVENT_NAME" -e "GITHUB_SERVER_URL" -e "GITHUB_API_URL" -e "GITHUB_GRAPHQL_URL" -e "GITHUB_REF_NAME" -e "GITHUB_REF_PROTECTED" -e "GITHUB_REF_TYPE" -e "GITHUB_WORKSPACE" -e "GITHUB_ACTION" -e "GITHUB_EVENT_PATH" -e "GITHUB_ACTION_REPOSITORY" -e "GITHUB_ACTION_REF" -e "GITHUB_PATH" -e "GITHUB_ENV" -e "GITHUB_STEP_SUMMARY" -e "RUNNER_OS" -e "RUNNER_ARCH" -e "RUNNER_NAME" -e "RUNNER_TOOL_CACHE" -e "RUNNER_TEMP" -e "RUNNER_WORKSPACE" -e "ACTIONS_RUNTIME_URL" -e "ACTIONS_RUNTIME_TOKEN" -e "ACTIONS_CACHE_URL" -e GITHUB_ACTIONS=true -e CI=true \ |
| 38 | + -e GITHUB_TOKEN="${{ github.token }}" \ |
| 39 | + -e DANGER_DISABLE_TRANSPILATION="true" \ |
| 40 | + ghcr.io/danger/danger-js:11.1.2 \ |
| 41 | + --failOnErrors --dangerfile ${{ runner.temp }}/dangerfile.js |
0 commit comments