Migrate to reusable danger workflows from ruby-grape-danger#69
Migrate to reusable danger workflows from ruby-grape-danger#69dblock merged 9 commits intodblock:masterfrom
Conversation
Simplify danger-changelog by removing responsibility for reporting and workflow orchestration, delegating these to ruby-grape-danger as the shared Danger integration framework. Changes: - Simplify Dangerfile to import ruby-grape-danger and run checks - Replace local workflows with references to ruby-grape-danger reusable workflows - Reference workflows from numbata/ruby-grape-danger@report-workflows (testing branch) - Add secrets: inherit to workflow calls for proper secret passing - Remove duplicate reporting logic (now handled by imported Dangerfile) - Remove "Reusing the GitHub workflows" section from README - Update README to clarify danger-changelog's role (CHANGELOG validation only) The Dangerfile is now just 6 lines: danger.import_dangerfile(gem: 'ruby-grape-danger') toc.check! changelog.check! Workflows are now thin wrappers with proper secret handling: - danger.yml: uses ruby-grape/danger/.github/workflows/danger-run.yml@report-workflows - danger-comment.yml: uses ruby-grape/danger/.github/workflows/danger-comment.yml@report-workflows Benefits: - Reduced duplication (52 lines removed) - Single source of truth for danger workflows - Automatic reporting when ruby-grape-danger is required - Easier to maintain and evolve - Clear separation of concerns
|
Blocked by ruby-grape/danger#15 |
numbata
force-pushed
the
reusable-workflows
branch
from
ffca15f to
99fbc1e
Compare
There was a problem hiding this comment.
Pull request overview
This PR refactors the danger integration by migrating from custom workflow implementations to reusable workflows provided by the ruby-grape-danger gem. The change eliminates ~60 lines of duplicated workflow code and simplifies the Dangerfile by delegating report export logic to the shared gem, following the DRY principle and establishing consistency across Grape projects.
Key Changes:
- Replace custom GitHub Actions workflows with reusable workflow calls to
ruby-grape/dangerrepository - Simplify Dangerfile to import
ruby-grape-dangergem and focus only on project-specific checks (changelog.check!) - Add
ruby-grape-dangeras a dependency and removetoc.check!validation
Reviewed changes
Copilot reviewed 4 out of 5 changed files in this pull request and generated 6 comments.
Show a summary per file
| File | Description |
|---|---|
.github/workflows/danger.yml |
Replaced 30-line custom workflow with 2-line reusable workflow call |
.github/workflows/danger-comment.yml |
Replaced 30-line custom workflow with 2-line reusable workflow call |
Dangerfile |
Simplified from 30 lines to 6 lines by importing ruby-grape-danger gem and removing manual report export |
Gemfile |
Added ruby-grape-danger gem dependency |
README.md |
Fixed trailing whitespace (formatting improvement) |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| script: | | ||
| const script = require('./.github/scripts/post-danger-comment.js'); | ||
| await script({ github, context, core }); | ||
| uses: ruby-grape/danger/.github/workflows/danger-comment.yml@report-workflows |
There was a problem hiding this comment.
The workflow references a specific branch (@report-workflows) of the reusable workflow. While this is appropriate for testing during development, consider updating this to reference a stable version tag or the main branch once the ruby-grape-danger repository's report-workflows branch is merged and released. Using branch references can lead to unexpected changes if the upstream branch is modified.
| uses: ruby-grape/danger/.github/workflows/danger-comment.yml@report-workflows | |
| uses: ruby-grape/danger/.github/workflows/danger-comment.yml@main |
| @@ -2,31 +2,9 @@ name: Danger | |||
| on: | |||
| pull_request: | |||
| types: [ opened, reopened, edited, synchronize ] | |||
There was a problem hiding this comment.
The workflow_call trigger has been added, but this workflow doesn't appear to be called by any other workflows in the repository based on the PR changes. If this trigger is intended for future use or external calls, consider adding a comment explaining its purpose. Otherwise, it may be unnecessary and could be removed to keep the configuration minimal.
| types: [ opened, reopened, edited, synchronize ] | |
| types: [ opened, reopened, edited, synchronize ] | |
| # Expose this workflow so it can be invoked by other workflows via `workflow_call` (current or future use). |
| contents: read | ||
| issues: write | ||
| pull-requests: write | ||
| workflow_call: |
There was a problem hiding this comment.
The workflow_call trigger has been added, but this workflow doesn't appear to be called by any other workflows in the repository based on the PR changes. If this trigger is intended for future use or external calls, consider adding a comment explaining its purpose. Otherwise, it may be unnecessary and could be removed to keep the configuration minimal.
| workflow_call: |
| gem 'rubocop', '~> 1.63.1' | ||
| gem 'rubocop-rake' | ||
| gem 'rubocop-rspec' | ||
| gem 'ruby-grape-danger' |
There was a problem hiding this comment.
The ruby-grape-danger gem is added without a version constraint or Git source specification. According to the PR description, this should reference the report-workflows branch from the ruby-grape-danger gem repository for testing purposes. Without specifying the source, this will attempt to install from rubygems.org where the gem may not exist or may not have the required functionality.
Consider adding a Git source specification, for example:
gem 'ruby-grape-danger', git: 'https://github.com/ruby-grape/danger', branch: 'report-workflows'| gem 'ruby-grape-danger' | |
| gem 'ruby-grape-danger', git: 'https://github.com/ruby-grape/danger', branch: 'report-workflows' |
| File.write(report_path, JSON.pretty_generate(report)) | ||
| end | ||
| end | ||
| changelog.check! |
There was a problem hiding this comment.
The toc.check! call has been removed from the Dangerfile. Since danger-toc is still a dependency in the Gemfile (line 8), this appears to be an intentional removal of the table of contents check. If this check is no longer needed, consider also removing the danger-toc gem dependency from the Gemfile to keep dependencies clean and reduce the project's dependency footprint.
| changelog.check! | |
| changelog.check! | |
| toc.check! |
| path: danger_report.json | ||
| retention-days: 1 | ||
| if-no-files-found: ignore | ||
| uses: ruby-grape/danger/.github/workflows/danger-run.yml@report-workflows |
There was a problem hiding this comment.
The workflow references a specific branch (@report-workflows) of the reusable workflow. While this is appropriate for testing during development, consider updating this to reference a stable version tag or the main branch once the ruby-grape-danger repository's report-workflows branch is merged and released. Using branch references can lead to unexpected changes if the upstream branch is modified.
| uses: ruby-grape/danger/.github/workflows/danger-run.yml@report-workflows | |
| uses: ruby-grape/danger/.github/workflows/danger-run.yml@main |
|
@numbata I added you as a maintainer of ruby-grape-danger (GitHub and RubyGems) - make a release and update references to something stable? |
Summary
Migrate
danger-changelogto use the new reusable danger workflows and reporting infrastructure fromruby-grape-dangergem. This refactoring eliminates duplicate workflow code and consolidates danger integration logic into theruby-grape-dangergem, following the DRY principle.Changes
Workflows: Replace custom
danger.ymlanddanger-comment.ymlwith calls to reusable workflows fromruby-grape-dangerdanger-run.yml: Executes danger checks and exports reportdanger-comment.yml: Posts/updates PR comment with resultsDangerfile: Simplify by importing
ruby-grape-dangergemruby-grape-dangerDangerfile)changelog.check!)Dependencies: Add
ruby-grape-dangergem fromreport-workflowsbranch (for testing)Documentation: Align README with simplified workflow pattern
Benefits