Danger Systems Buildkite Plugin
Run danger as part of your pipeline.
Configuration
Within Culture Amp
-
You’ll need to add the
cultureamp-ci-private
user on GitHub to your repository withwrite
access to the repo (write access is required to set the status of your PR). -
Add the following to your
pipeline.yml
:
steps:
- label: ":zap: Danger"
key: danger
agents:
queue: build-unrestricted
plugins:
- cultureamp/danger-systems#v0.0.2:
language: js
language_version: 12
Within Culture Amp’s build pipelines this will pull in the
DANGER_SYSTEMS_GITHUB_TOKEN
automatically and make it available to the
environment.
Outside Culture Amp
-
Create a GitHub API token for user with
write
access to your repository. -
Add the following to your
pipeline.yml
:
steps:
- label: ":zap: Danger"
key: danger
plugins:
- cultureamp/danger-systems#v0.0.2:
language: ruby
language_version: 2.7.1
- Ensure that the API token is available to the pipeline as
DANGER_SYSTEMS_GITHUB_TOKEN
.
Note that this differs from the token danger expects for GitHub integration
(DANGER_GITHUB_API_TOKEN
). This was done intentionally to make it clearer
what the token is used for and is mapped to the expected variable within
the run command.
Language
The plugin supports different implementations of danger by specifying a
language
option. The available options are:
js
— JavaScript (and TypeScript)ruby
— Ruby
Each implementation can specify a language_version
option to ensure the
danger process runs in the environment you’re expecting. The version is fed
directly to the docker build process, so it should work for any of the following
images available on Docker Hub:
js
will run in any node docker image matchingnode:#{language_version}-alpine
ruby
will run in any node docker image matchingruby:#{language_version}-slim-buster
Usage
JavaScript and TypeScript
If you’ve chosen js
as the configured language, the plugin will:
- Install your npm dependencies via
yarn
- Copy your app source into its runtime
- Look for either a
dangerfile.ts
ordangerfile.js
in the root of your repository and run it
Here’s a simple example from the danger documentation:
import { message, danger } from "danger"
const modifiedMD = danger.git.modified_files.join("- ")
message("Changed Files in this PR: \n - " + modifiedMD)
Ruby
If you’ve chosen ruby
as the configured language, the plugin will:
- Install any dependencies configured within a
group :danger
in your Gemfile - Copy your app source into its runtime
- Look for the
Dangerfile
in the root of your repository and run it
Here’s a simple example from the danger documentation:
message("Hello, I am message from danger.")
The ruby version of the plugin expects you to have at least the following in your Gemfile:
group :danger do
gem "danger"
end
Note that only gems within that group will be available within the Dangerfile
when it runs — no other default gems or groups will be installed. This is a
limitation of the plugin structure to try to ensure that the base docker image
does not require specific libraries to install your dependencies.
Limitations
- The plugin is only configured to work with GitHub
Developing
To lint the plugin:
docker-compose run --rm lint