Update danger workflows#88
Conversation
There was a problem hiding this comment.
Pull request overview
This PR modernizes the Danger workflow setup by migrating from an inline workflow configuration to reusable shared workflows, and adds a new workflow to handle Danger PR comments. The changes also update the ruby-grape-danger gem to version 0.3.0 and include a minor indentation fix.
Key changes:
- Refactored Danger workflows to use shared workflow definitions from an external repository
- Added a new
danger-comment.ymlworkflow triggered on workflow completion - Updated
ruby-grape-dangergem from version 0.2.1 to 0.3.0
Reviewed changes
Copilot reviewed 4 out of 5 changed files in this pull request and generated 4 comments.
Show a summary per file
| File | Description |
|---|---|
.github/workflows/danger.yml |
Simplified workflow by replacing inline steps with a call to a shared reusable workflow |
.github/workflows/danger-comment.yml |
New workflow that handles Danger comments via workflow_run trigger |
Gemfile |
Updated ruby-grape-danger gem version constraint to ~> 0.3.0 |
CHANGELOG.md |
Added changelog entry documenting the danger workflow updates |
lib/grape-swagger/entity/parser.rb |
Fixed indentation of a line within a code block for consistency |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| # the token is public, has public_repo scope and belongs to the grape-bot user owned by @dblock, this is ok | ||
| TOKEN=$(echo -n Z2hwX2lYb0dPNXNyejYzOFJyaTV3QUxUdkNiS1dtblFwZTFuRXpmMwo= | base64 --decode) | ||
| DANGER_GITHUB_API_TOKEN=$TOKEN bundle exec danger --verbose | ||
| uses: numbata/danger-pr-comment/.github/workflows/danger-run.yml@main |
There was a problem hiding this comment.
The workflow references "numbata/danger-pr-comment" repository, but the PR description states the changes "reuse shared workflows from the ruby-grape/danger repository". This inconsistency between the description and the actual implementation should be clarified. Either the workflow reference should be updated to use the ruby-grape organization repository, or the PR description should be corrected to match the actual repository being used.
| uses: numbata/danger-pr-comment/.github/workflows/danger-run.yml@main | |
| uses: ruby-grape/danger/.github/workflows/danger-run.yml@main |
|
|
||
| jobs: | ||
| comment: | ||
| uses: numbata/danger-pr-comment/.github/workflows/danger-comment.yml@main |
There was a problem hiding this comment.
The workflow references "numbata/danger-pr-comment" repository, but the PR description states the changes "reuse shared workflows from the ruby-grape/danger repository". This inconsistency between the description and the actual implementation should be clarified. Either the workflow reference should be updated to use the ruby-grape organization repository, or the PR description should be corrected to match the actual repository being used.
| uses: numbata/danger-pr-comment/.github/workflows/danger-comment.yml@main | |
| uses: ruby-grape/danger/.github/workflows/danger-comment.yml@main |
| # the token is public, has public_repo scope and belongs to the grape-bot user owned by @dblock, this is ok | ||
| TOKEN=$(echo -n Z2hwX2lYb0dPNXNyejYzOFJyaTV3QUxUdkNiS1dtblFwZTFuRXpmMwo= | base64 --decode) | ||
| DANGER_GITHUB_API_TOKEN=$TOKEN bundle exec danger --verbose | ||
| uses: numbata/danger-pr-comment/.github/workflows/danger-run.yml@main |
There was a problem hiding this comment.
The workflow references use @main which always pulls the latest version of the shared workflow. This could introduce unexpected breaking changes or behavior modifications. Consider pinning to a specific version tag or commit SHA for more stable and predictable builds.
| uses: numbata/danger-pr-comment/.github/workflows/danger-run.yml@main | |
| uses: numbata/danger-pr-comment/.github/workflows/danger-run.yml@v1 |
|
|
||
| jobs: | ||
| comment: | ||
| uses: numbata/danger-pr-comment/.github/workflows/danger-comment.yml@main |
There was a problem hiding this comment.
The workflow references use @main which always pulls the latest version of the shared workflow. This could introduce unexpected breaking changes or behavior modifications. Consider pinning to a specific version tag or commit SHA for more stable and predictable builds.
| uses: numbata/danger-pr-comment/.github/workflows/danger-comment.yml@main | |
| uses: numbata/danger-pr-comment/.github/workflows/danger-comment.yml@v1 |
The changes simplify the workflow setup by reusing shared workflows from the
ruby-grape/dangerrepository, and add a new workflow to handle Danger comments.