Skip to content

Update danger workflows#88

Merged
numbata merged 5 commits into
ruby-grape:masterfrom
numbata:danger-flow-fix
Dec 25, 2025
Merged

Update danger workflows#88
numbata merged 5 commits into
ruby-grape:masterfrom
numbata:danger-flow-fix

Conversation

@numbata

@numbata numbata commented Dec 25, 2025

Copy link
Copy Markdown
Collaborator

The changes simplify the workflow setup by reusing shared workflows from the ruby-grape/danger repository, and add a new workflow to handle Danger comments.

@numbata numbata self-assigned this Dec 25, 2025

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR modernizes the Danger workflow setup by migrating from an inline workflow configuration to reusable shared workflows, and adds a new workflow to handle Danger PR comments. The changes also update the ruby-grape-danger gem to version 0.3.0 and include a minor indentation fix.

Key changes:

  • Refactored Danger workflows to use shared workflow definitions from an external repository
  • Added a new danger-comment.yml workflow triggered on workflow completion
  • Updated ruby-grape-danger gem from version 0.2.1 to 0.3.0

Reviewed changes

Copilot reviewed 4 out of 5 changed files in this pull request and generated 4 comments.

Show a summary per file
File Description
.github/workflows/danger.yml Simplified workflow by replacing inline steps with a call to a shared reusable workflow
.github/workflows/danger-comment.yml New workflow that handles Danger comments via workflow_run trigger
Gemfile Updated ruby-grape-danger gem version constraint to ~> 0.3.0
CHANGELOG.md Added changelog entry documenting the danger workflow updates
lib/grape-swagger/entity/parser.rb Fixed indentation of a line within a code block for consistency

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

# the token is public, has public_repo scope and belongs to the grape-bot user owned by @dblock, this is ok
TOKEN=$(echo -n Z2hwX2lYb0dPNXNyejYzOFJyaTV3QUxUdkNiS1dtblFwZTFuRXpmMwo= | base64 --decode)
DANGER_GITHUB_API_TOKEN=$TOKEN bundle exec danger --verbose
uses: numbata/danger-pr-comment/.github/workflows/danger-run.yml@main

Copilot AI Dec 25, 2025

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The workflow references "numbata/danger-pr-comment" repository, but the PR description states the changes "reuse shared workflows from the ruby-grape/danger repository". This inconsistency between the description and the actual implementation should be clarified. Either the workflow reference should be updated to use the ruby-grape organization repository, or the PR description should be corrected to match the actual repository being used.

Suggested change
uses: numbata/danger-pr-comment/.github/workflows/danger-run.yml@main
uses: ruby-grape/danger/.github/workflows/danger-run.yml@main

Copilot uses AI. Check for mistakes.

jobs:
comment:
uses: numbata/danger-pr-comment/.github/workflows/danger-comment.yml@main

Copilot AI Dec 25, 2025

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The workflow references "numbata/danger-pr-comment" repository, but the PR description states the changes "reuse shared workflows from the ruby-grape/danger repository". This inconsistency between the description and the actual implementation should be clarified. Either the workflow reference should be updated to use the ruby-grape organization repository, or the PR description should be corrected to match the actual repository being used.

Suggested change
uses: numbata/danger-pr-comment/.github/workflows/danger-comment.yml@main
uses: ruby-grape/danger/.github/workflows/danger-comment.yml@main

Copilot uses AI. Check for mistakes.
# the token is public, has public_repo scope and belongs to the grape-bot user owned by @dblock, this is ok
TOKEN=$(echo -n Z2hwX2lYb0dPNXNyejYzOFJyaTV3QUxUdkNiS1dtblFwZTFuRXpmMwo= | base64 --decode)
DANGER_GITHUB_API_TOKEN=$TOKEN bundle exec danger --verbose
uses: numbata/danger-pr-comment/.github/workflows/danger-run.yml@main

Copilot AI Dec 25, 2025

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The workflow references use @main which always pulls the latest version of the shared workflow. This could introduce unexpected breaking changes or behavior modifications. Consider pinning to a specific version tag or commit SHA for more stable and predictable builds.

Suggested change
uses: numbata/danger-pr-comment/.github/workflows/danger-run.yml@main
uses: numbata/danger-pr-comment/.github/workflows/danger-run.yml@v1

Copilot uses AI. Check for mistakes.

jobs:
comment:
uses: numbata/danger-pr-comment/.github/workflows/danger-comment.yml@main

Copilot AI Dec 25, 2025

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The workflow references use @main which always pulls the latest version of the shared workflow. This could introduce unexpected breaking changes or behavior modifications. Consider pinning to a specific version tag or commit SHA for more stable and predictable builds.

Suggested change
uses: numbata/danger-pr-comment/.github/workflows/danger-comment.yml@main
uses: numbata/danger-pr-comment/.github/workflows/danger-comment.yml@v1

Copilot uses AI. Check for mistakes.
@numbata numbata merged commit dd9a3e5 into ruby-grape:master Dec 25, 2025
17 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants