CI Setup
To make Danger run, add following lines to the appcenter-pre-build.sh
file:
- cd $APPCENTER_SOURCE_DIRECTORY
- npm install -g danger
- swift build
- swift run danger-swift ci
Token Setup
Add the DANGER_GITHUB_API_TOKEN
to your environment variables.
CI Setup
Install dependencies and add a danger step to your bitbucket-pipelines.yml
.
For improving the performance, you may need to cache node_modules
.
image: node:10.15.0
pipelines:
pull-requests:
"**":
- step:
caches:
- node
script:
- export LANG="C.UTF-8"
- yarn install
- yarn danger ci
definitions:
caches:
node: node_modules
Token Setup
You can either add DANGER_BITBUCKETCLOUD_USERNAME
, DANGER_BITBUCKETCLOUD_PASSWORD
or add DANGER_BITBUCKETCLOUD_OAUTH_KEY
, DANGER_BITBUCKETCLOUD_OAUTH_SECRET
CI Setup
Install dependencies and add a danger step to your bitbucket-pipelines.yml
.
For improving the performance, you may need to cache node_modules
.
image: node:10.15.0
pipelines:
pull-requests:
"**":
- step:
caches:
- node
script:
- export LANG="C.UTF-8"
- yarn install
- yarn danger ci
definitions:
caches:
node: node_modules
Token Setup
You can either add DANGER_BITBUCKETCLOUD_USERNAME
, DANGER_BITBUCKETCLOUD_PASSWORD
or add DANGER_BITBUCKETCLOUD_OAUTH_KEY
, DANGER_BITBUCKETCLOUD_OAUTH_SECRET
CI Setup
No instructions yet, but basically:
- Install Danger JS globally
- Run
swift build
- Run
swift run danger-swift ci
Token Setup
You need to add the platform environment variables, to do this,
go to your repo's secrets, which should look like: https://www.bitrise.io/app/[app_id]#/workflow
and secrets tab.
You should make sure to check the case "Expose for Pull Requests?".
CI Setup
Buddybuild has an integration for Danger JS already built-in.
Token Setup
Login to buddybuild and select your app. Go to your App Settings and
in the Build Settings menu on the left, choose Environment Variables.
GitHub
Add the DANGER_GITHUB_API_TOKEN
to your build user's ENV.
CI Setup
To make Danger run:
- Create a new pipeline named, DangerJS, which is triggered on every push
- Add a NodeJS environment as an Action
- Go into it, head over to the bash editor and type the following
yarn install && yarn danger ci
- or your npm script
- Set the
DANGER_GITHUB_API_TOKEN
at the Variables section
- You're done 🎉
CI Setup
With BuildKite you run the server yourself, so you will want to run it as a part of your build process.
It is common to have build steps, so we would recommend adding this to your script:
echo "--- Running Danger"
[swift run] danger-swift ci
Token Setup
GitHub
As this is self-hosted, you will need to add the API tokens to your build user's ENV. The alternative
is to pass in the token as a prefix to the command DANGER_GITHUB_API_TOKEN="123" [swift run] danger-swift ci
.
CI Setup
For setting up Circle CI, we recommend turning on "Only Build pull requests." in "Advanced Setting." Without this enabled,
it is really tricky for Danger to know whether you are in a pull request or not, as the environment metadata
isn't reliable.
Add some build steps to make Danger Swift work:
- run:
name: Installing Danger JS
command: npm install -g danger
- run:
name: Compiling Danger
command: swift build
- run:
name: Running Danger Swift
command: swift run danger-swift ci
We'd also recommend adding both .build
and ~/.danger-swift
to your build cache too.
Token Setup
There is no difference here for OSS vs Closed, add your DANGER_GITHUB_API_TOKEN
to the Environment variable settings page.
CI Setup
You need to edit your .cirrus.yml
to add a script
like this:
danger_script:
- yarn danger ci
Token Setup
You need to add the DANGER_GITHUB_API_TOKEN
environment variable, to do this,
go to your repo's settings, by clicking the gear at https://cirrus-ci.com/github/[user]/[repo]
.
Generate the encrypted value, and add it to your env
block.
Once you have added it, trigger a build.
CI Setup
In CodeBuild, make sure to correctly forward CODEBUILD_BUILD_ID, CODEBUILD_SOURCE_VERSION, CODEBUILD_SOURCE_REPO_URL and DANGER_GITHUB_API_TOKEN.
Token Setup
Add your DANGER_GITHUB_API_TOKEN
to your project. Edit -> Environment -> Additional configuration -> Create a parameter
Note that currently, there seems to be no totally reliable way to get the branch
name from CodeBuild. Sometimes CODEBUILD_SOURCE_VERSION
contains the
PR number in the format pr/123, but not always. Other times it may contain
a commit hash. CODEBUILD_WEBHOOK_TRIGGER
will contain the pr number on the
same format, but only for the first event, for subsequent events it should
contain the branch number in the format branch/my-branch. So here we attempt
to determine the PR number from one of the environment variables and if
unsuccessful fall back to calling the API to find the PR for the branch.
CI Setup
To set up Danger on Codefresh, create a freestyle step in your Codefresh yaml configuration:
Danger:
title: Run Danger
image: node:latest
working_directory: ${{main_clone}}
entry_point: '/bin/bash'
cmd:
- '-ce'
- |
npm install -g yarn
yarn add danger --dev
yarn danger ci --failOnErrors
when:
steps:
- name: main_clone
on:
- success
The failOnErrors
option is required in order to ensure that the step fails properly when Danger fails. If you don't want this behavior, you can remove this option.
Don't forget to add the DANGER_GITHUB_API_TOKEN
variable to your pipeline settings so that Danger can properly post comments to your pull request.
CI Setup
To make Danger run, add a new step to the codeship-steps.yml
file:
- type: parallel:
...
- name: danger
service: web
command: [swift run] danger-swift ci
If you're using Codeship Classic, add [swift run] danger-swift ci
to your 'Test Commands'
Token Setup
You'll want to edit your codeship-services.yml
file to include a reference
to the Danger authentication token: DANGER_GITHUB_API_TOKEN
.
project_name:
...
environment:
- DANGER_GITHUB_API_TOKEN=[my_token]
If you're using Codeship Classic, add DANGER_GITHUB_API_TOKEN
to your
'Environment' settings.
Concourse CI Integration
https://concourse-ci.org/
CI Setup
With Concourse, you run the docker images yourself, so you will want to add [swift run] danger-swift ci
within one of your build jobs.
build:
image: golang
commands:
- ...
- [swift run] danger-swift ci
Environment Variable Setup
As this is self-hosted, you will need to add the CONCOURSE
environment variable export CONCOURSE=true
to your build environment,
as well as setting environment variables for PULL_REQUEST_ID
and REPO_SLUG
. Assuming you are using the github pull request resource
https://github.com/jtarchie/github-pullrequest-resource the id of the PR can be accessed from git config --get pullrequest.id
.
Token Setup
Once again as this is self-hosted, you will need to add DANGER_GITHUB_API_TOKEN
environment variable to the build environment.
The suggested method of storing the token is within the vault - https://concourse-ci.org/creds.html
CI Setup
You'll want to add danger to your existing Dockerfile.test
(or whatever you
have chosen as your sut
Dockerfile.)
...
CMD ["swift", "run", "danger-swift", "ci"]
Token Setup
GitHub
Your DANGER_GITHUB_API_TOKEN
will need to be exposed to the sut
part of your
docker-compose.yml
. This looks similar to:
sut:
...
environment:
- DANGER_GITHUB_API_TOKEN=[my_token]
CI Setup
With Drone, you run the docker images yourself, so you will want to add [swift run] danger-swift ci
at the end of
your .drone.yml
.
build:
image: golang
commands:
- ...
- [swift run] danger-swift ci
Token Setup
As this is self-hosted, you will need to add the DANGER_GITHUB_API_TOKEN
to your build user's ENV. The alternative
is to pass in the token as a prefix to the command DANGER_GITHUB_API_TOKEN="123" yarn danger ci
.
CI Setup
There are two ways to use Danger with GitHub Actions. If you include Danger as a dependency, then
you can call danger directly as another build-step after your tests:
name: CI
on: [pull_request]
jobs:
build:
runs-on: macos-latest
steps:
- uses: actions/checkout@master
- name: Build
run: swift build
- name: Test
run: swift test
- name: Danger
run: danger-swift ci
env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
If don't want to include the dependency then you can use Danger Swift via an action.
name: "Danger Swift"
on: [pull_request]
jobs:
build:
name: Danger JS
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v1
- name: Danger
uses: danger/swift@2.0.1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
Note it's likely the version number should change, but you get the point. This will run Danger
self-encapsulated inside a GitHub action.
You can pass additional CLI to Danger via an action via the args:
- uses: danger/...
with:
args: "--dangerfile artsy/peril-settings/org/allPRs.ts"
This runs the file org/allPRs.ts
from the repo artsy/peril-settings. This gives you the ability
to have Danger acting on non-pull-requests via GitHub Actions.
Token Setup
You need to make sure that the secret "GITHUB_TOKEN"
is
enabled in your workspace. This is so that Danger can connect
to GitHub.
- name: Danger JS
uses: danger/danger-js@9.1.6
env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
GitHub automatically creates a GITHUB_TOKEN
secret to use in your workflow.
You can use the GITHUB_TOKEN
to authenticate in a workflow run.
Using this token will post the danger comment as the github-actions
app user.
Note: secrets.GITHUB_TOKEN
will not be available for PRs from forks. This is a GitHub
security constraint, if you have an OSS app, we recommend using a personal token like below.
Using Personal Tokens
If you need to post the danger comment as some particular user or for some other reason
you need to use a personal token for danger then you can provide it in env as DANGER_GITHUB_API_TOKEN.
- name: Danger JS
uses: danger/danger-js@9.1.6
env: DANGER_GITHUB_API_TOKEN: ${{ secrets.DANGER_GITHUB_API_TOKEN }}
OSS Tokens
The security models for GitHub actions means that you cannot use secrets.GITHUB_TOKEN
in PRs from forks. This cna be tricky with OSS contributions. In these cases, create a
new GitHub account and set up your .yml
like this:
- name: Set danger env
run: echo "DANGER_GITHUB_API_TOKEN=$(echo FIRST_HALF + SECOND_HALF)" >> $GITHUB_ENV
- name: Run Danger
run: yarn danger ci
env:
DANGER_GITHUB_API_TOKEN: ${{ env.DANGER_GITHUB_API_TOKEN }}
Advanced
If you understand the security ramifications, Danger JS can run on a pull_request_target
workflow, instead of a pull_request
. You should thoroughly read the docs first.
on:
pull_request_target:
types: [assigned, opened, synchronize, reopened]
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v1
- uses: actions/setup-node@v1
- run: yarn install
- run: yarn danger ci
env:
DANGER_GITHUB_API_TOKEN: ${{ secrets.GITHUB_TOKEN }}
Note that when using Danger in this way, you will not have the file-system set up for
the PR, so you cannot use fs
to read a file (use danger.github.utils.fileContents
instead)
but the usual PR metadata and DSL will act the same.
CI Setup
Ah Jenkins, so many memories. So, if you're using Jenkins, you're hosting your own environment.
GitHub
You will want to be using the
GitHub pull request builder plugin
in order to ensure that you have the build environment set up for PR integration.
GitLab
You will want to be using the GitLab Plugin
in order to ensure that you have the build environment set up for MR integration.
BitBucket Server
If using Bitbucket Server, ensure you are using Multibranch Pipelines or Organization Folders.
Danger will respect the CHANGE_URL
and CHANGE_ID
environment variables.
With that set up, you can edit your job to add [swift run] danger-swift ci
at the build action.
Pipeline
If you're using pipelines you should be using the
GitHub branch source plugin for easy setup and handling of PRs.
After you've set up the plugin, add a sh '[swift run] danger-swift ci'
line in your pipeline script and make sure that build PRs is enabled.
Token Setup
GitHub
As you own the machine, it's up to you to add the environment variable for the code review platform.
CI Setup
-
Log in to your Netlify account and add the DANGER_GITHUB_API_TOKEN
environment variable to your site's deploy settings.
https://app.netlify.com/sites/[site-name]/settings/deploys#build-environment-variables
.
- Prepend
yarn danger ci &&
to your build command in the Netlify web UI
or in your netlify.toml. For example, yarn danger ci && yarn build
Nevercode.io CI Integration
Environment Variables Documented: https://developer.nevercode.io/v1.0/docs/environment-variables-files
Note: The company that runs Nevercode is migrating all customers
to their new service Codemagic.io in Spring of 2021
- billing is migrated through Customer Support
- the CI Configuration is managed in your repo instead of in a web-dashboard.
TODO @fbartho delete this integration when it's fully offline.
CI Setup
Install dependencies and add a danger step to your screwdriver.yaml:
jobs:
danger:
requires: [~pr, ~commit]
steps:
- setup: yarn install
- danger: yarn danger ci
secrets:
- DANGER_GITHUB_API_TOKEN
Token Setup
Add the DANGER_GITHUB_API_TOKEN
to your pipeline env as a
build secret
CI Setup
For Semaphore you will want to go to the settings page of the project. Inside "Build Settings"
you should add [swift run] danger-swift ci
to the Setup thread. Note: that Semaphore only provides
the build environment variables necessary for Danger on PRs across forks.
Token Setup
You can add your DANGER_GITHUB_API_TOKEN
inside the "Environment Variables" section in the settings.
CI Setup
You want to add [swift run] danger-swift ci
to your build.sh
file to run Danger at the
end of your build.
Token Setup
As this is self-hosted, you will need to add the DANGER_GITHUB_API_TOKEN
to your build user's ENV. The alternative
is to pass in the token as a prefix to the command DANGER_GITHUB_API_TOKEN="123" [swift run] danger-swift ci
.
CI Setup
You need to add DANGER_GITHUB_API_TOKEN
to the ENV for the build or machine manually.
Then you also need to figure out how to provide the URL for the pull request in PULL_REQUEST_URL
ENV.
TeamCity provides the %teamcity.build.branch%
variable that contains something like pull/123
that you can use:
sh
PULL_REQUEST_URL='https://github.com/dager/danger-js/%teamcity.build.branch%'
CI Setup
Here's an example of the optimal travis setup, handling caching correctly:
os: osx
osx_image: xcode10.1
cache:
directories:
# General SwiftPM
# Danger Swift plugins, like Yams
- .build
- ~/.danger-swift
install:
# Grab the latest Danger JS from npm
- npm install -g danger
# Compile the Danger runtime
- swift build
script:
# Run the Dangerfile.swift
- swift run danger-swift ci
# Test my app...
- [your other commands]
Token Setup
You need to add the DANGER_GITHUB_API_TOKEN
environment variable, to do this,
go to your repo's settings, which should look like: https://travis-ci.org/[user]/[repo]/settings
.
If you have an open source project, you should ensure "Display value in build log" enabled, so that PRs from forks work.
CI Setup
You'll need to add a build step and set the custom command to [swift run] danger-swift ci
.
Danger only supports using VSTS with GitHub as the repository, Danger doesn't yet support VSTS as a repository
platform for providing feedback
Token Setup
You need to add the DANGER_GITHUB_API_TOKEN
environment variable