Merge branch 'enable-danger-for-forks' into 'master'

Enable danger review for forks See merge request gitlab-org/gitlab!57097

Merge branch 'enable-danger-for-forks' into 'master'
Enable danger review for forks See merge request gitlab-org/gitlab!57097
08c42ed7 · Lin Jen-Shin · e1ac292a · eb4c5faa · 08c42ed7 · 08c42ed7
Commit 08c42ed7 authored Mar 31, 2021 by Lin Jen-Shin
Showing with 20 additions and 15 deletions

.gitlab/ci/review.gitlab-ci.yml .gitlab/ci/review.gitlab-ci.yml +9 -1

.gitlab/ci/rules.gitlab-ci.yml .gitlab/ci/rules.gitlab-ci.yml +1 -1

doc/development/dangerbot.md doc/development/dangerbot.md +10 -13

No files found.
--- a/.gitlab/ci/review.gitlab-ci.yml
+++ b/.gitlab/ci/review.gitlab-ci.yml
@@ -234,7 +234,15 @@ danger-review:
    - run_timed_command "bundle install --jobs=$(nproc) --path=vendor --retry=3 --quiet --with danger"
    - run_timed_command "retry yarn install --frozen-lockfile"
  script:
-    - run_timed_command "bundle exec danger --fail-on-errors=true --verbose"
+    - >
+      if [ -z "$DANGER_GITLAB_API_TOKEN" ]; then
+        # Force danger to skip CI source GitLab and fallback to "local only git repo".
+        unset GITLAB_CI
+        # We need to base SHA to help danger determine the base commit for this shallow clone.
+        run_timed_command "bundle exec danger dry_run --fail-on-errors=true --verbose --base='$CI_MERGE_REQUEST_DIFF_BASE_SHA'"
+      else
+        run_timed_command "bundle exec danger --fail-on-errors=true --verbose"
+      fi

 update-danger-review-cache:
  extends:

--- a/.gitlab/ci/rules.gitlab-ci.yml
+++ b/.gitlab/ci/rules.gitlab-ci.yml
@@ -1110,7 +1110,7 @@

 .review:rules:danger:
  rules:
-    - if: '$DANGER_GITLAB_API_TOKEN && $CI_MERGE_REQUEST_IID'
+    - if: '$CI_MERGE_REQUEST_IID'

 ###############
 # Setup rules #

--- a/doc/development/dangerbot.md
+++ b/doc/development/dangerbot.md
@@ -150,16 +150,13 @@ at GitLab so far:

 ## Limitations

- Danger output is not added to a merge request comment if working on
-  a fork. This happens because the secret variable from the canonical
-  project is not shared to forks.
-  To work around this, you can add an [environment
-  variable](../ci/variables/README.md) called
-  `DANGER_GITLAB_API_TOKEN` with a personal API token to your
-  fork. That way the danger comments are made from CI using that
-  API token instead.
-  Making the variable
-  [masked](../ci/variables/README.md#mask-a-custom-variable) makes sure
-  it doesn't show up in the job logs. The variable cannot be
-  [protected](../ci/variables/README.md#protect-a-custom-variable),
-  as it needs to be present for all feature branches.
+Danger is run but its output is not added to a merge request comment if working
+on a fork. This happens because the secret variable from the canonical project
+is not shared to forks. To work around this, you can add an [environment
+variable](../ci/variables/README.md) called `DANGER_GITLAB_API_TOKEN` with a
+personal API token to your fork. That way the danger comments are made from CI
+using that API token instead. Making the variable
+[masked](../ci/variables/README.md#mask-a-custom-variable) makes sure it
+doesn't show up in the job logs. The variable cannot be
+[protected](../ci/variables/README.md#protect-a-custom-variable), as it needs
+to be present for all feature branches.