-
-
Notifications
You must be signed in to change notification settings - Fork 5
41 lines (38 loc) · 2.38 KB
/
danger.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
# Runs DangerJS with a pre-configured set of rules on a Pull Request.
on:
workflow_call:
inputs:
_workflow_version:
description: 'Internal: specify github-workflows (this repo) revision to use when checking out scripts.'
type: string
required: false
default: v2 # Note: update when publishing a new version
outputs:
outcome:
description: Whether the Danger run finished successfully. Possible values are success, failure, cancelled, or skipped.
value: ${{ jobs.danger.outputs.outcome }}
jobs:
danger:
runs-on: ubuntu-latest
outputs:
outcome: ${{ steps.danger.outcome }}
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Download dangerfile.js
run: wget https://raw.githubusercontent.com/getsentry/github-workflows/${{ inputs._workflow_version }}/danger/dangerfile.js -P ${{ runner.temp }}
# Using a pre-built docker image in GitHub container registry instaed of NPM to reduce possible attack vectors.
- name: Run DangerJS
id: danger
run: |
docker run \
--volume ${{ github.workspace }}:/github/workspace \
--volume ${{ runner.temp }}:${{ runner.temp }} \
--workdir /github/workspace \
--user $UID \
-e "INPUT_ARGS" -e "GITHUB_JOB" -e "GITHUB_REF" -e "GITHUB_SHA" -e "GITHUB_REPOSITORY" -e "GITHUB_REPOSITORY_OWNER" -e "GITHUB_RUN_ID" -e "GITHUB_RUN_NUMBER" -e "GITHUB_RETENTION_DAYS" -e "GITHUB_RUN_ATTEMPT" -e "GITHUB_ACTOR" -e "GITHUB_TRIGGERING_ACTOR" -e "GITHUB_WORKFLOW" -e "GITHUB_HEAD_REF" -e "GITHUB_BASE_REF" -e "GITHUB_EVENT_NAME" -e "GITHUB_SERVER_URL" -e "GITHUB_API_URL" -e "GITHUB_GRAPHQL_URL" -e "GITHUB_REF_NAME" -e "GITHUB_REF_PROTECTED" -e "GITHUB_REF_TYPE" -e "GITHUB_WORKSPACE" -e "GITHUB_ACTION" -e "GITHUB_EVENT_PATH" -e "GITHUB_ACTION_REPOSITORY" -e "GITHUB_ACTION_REF" -e "GITHUB_PATH" -e "GITHUB_ENV" -e "GITHUB_STEP_SUMMARY" -e "RUNNER_OS" -e "RUNNER_ARCH" -e "RUNNER_NAME" -e "RUNNER_TOOL_CACHE" -e "RUNNER_TEMP" -e "RUNNER_WORKSPACE" -e "ACTIONS_RUNTIME_URL" -e "ACTIONS_RUNTIME_TOKEN" -e "ACTIONS_CACHE_URL" -e GITHUB_ACTIONS=true -e CI=true \
-e GITHUB_TOKEN="${{ github.token }}" \
-e DANGER_DISABLE_TRANSPILATION="true" \
ghcr.io/danger/danger-js:11.3.1 \
--failOnErrors --dangerfile ${{ runner.temp }}/dangerfile.js