danger 8.0.4

data/lib/danger/ci_source/buddybuild.rb

@@ -0,0 +1,62 @@
+module Danger
+  # ### CI Setup
+  #
+  # Read how you can setup Danger on the buddybuild blog:
+  # https://www.buddybuild.com/blog/using-danger-with-buddybuild/
+  #
+  # ### Token Setup
+  #
+  # Login to buddybuild and select your app. Go to your *App Settings* and
+  # in the *Build Settings* menu on the left, choose *Environment Variables*.
+  # http://docs.buddybuild.com/docs/environment-variables
+  #
+  # #### GitHub
+  # Add the `DANGER_GITHUB_API_TOKEN` to your build user's ENV.
+  #
+  # #### GitLab
+  # Add the `DANGER_GITLAB_API_TOKEN` to your build user's ENV.
+  #
+  # #### Bitbucket Cloud
+  # Add the `DANGER_BITBUCKETSERVER_USERNAME`, `DANGER_BITBUCKETSERVER_PASSWORD`
+  # to your build user's ENV.
+  #
+  # #### Bitbucket server
+  # Add the `DANGER_BITBUCKETSERVER_USERNAME`, `DANGER_BITBUCKETSERVER_PASSWORD`
+  # and `DANGER_BITBUCKETSERVER_HOST` to your build user's ENV.
+  #
+  # ### Running Danger
+  #
+  # Once the environment variables are all available, create a custom build step
+  # to run Danger as part of your build process:
+  # http://docs.buddybuild.com/docs/custom-prebuild-and-postbuild-steps
+  class Buddybuild < CI
+    #######################################################################
+    def self.validates_as_ci?(env)
+      value = env["BUDDYBUILD_BUILD_ID"]
+      return !value.nil? && !env["BUDDYBUILD_BUILD_ID"].empty?
+    end
+
+    #######################################################################
+    def self.validates_as_pr?(env)
+      value = env["BUDDYBUILD_PULL_REQUEST"]
+      return !value.nil? && !env["BUDDYBUILD_PULL_REQUEST"].empty?
+    end
+
+    #######################################################################
+    def supported_request_sources
+      @supported_request_sources ||= [
+        Danger::RequestSources::GitHub,
+        Danger::RequestSources::GitLab,
+        Danger::RequestSources::BitbucketServer,
+        Danger::RequestSources::BitbucketCloud
+      ]
+    end
+
+    #######################################################################
+    def initialize(env)
+      self.repo_slug = env["BUDDYBUILD_REPO_SLUG"]
+      self.pull_request_id = env["BUDDYBUILD_PULL_REQUEST"]
+      self.repo_url = GitRepo.new.origins # Buddybuild doesn't provide a repo url env variable for now
+    end
+  end
+end

data/lib/danger/ci_source/buildkite.rb

@@ -0,0 +1,51 @@
+# https://buildkite.com/docs/agent/osx
+# https://buildkite.com/docs/guides/environment-variables
+require "danger/request_sources/github/github"
+require "danger/request_sources/gitlab"
+
+module Danger
+  # ### CI Setup
+  #
+  # With BuildKite you run the server yourself, so you will want to run  it as a part of your build process.
+  # It is common to have build steps, so we would recommend adding this to your scrip:
+  #
+  #  ``` shell
+  #   echo "--- Running Danger"
+  #   bundle exec danger
+  #  ```
+  #
+  # ### Token Setup
+  #
+  # #### GitHub
+  #
+  # As this is self-hosted, you will need to add the `DANGER_GITHUB_API_TOKEN` to your build user's ENV. The alternative
+  # is to pass in the token as a prefix to the command `DANGER_GITHUB_API_TOKEN="123" bundle exec danger`.
+  #
+  # #### GitLab
+  #
+  # As this is self-hosted, you will need to add the `DANGER_GITLAB_API_TOKEN` to your build user's ENV. The alternative
+  # is to pass in the token as a prefix to the command `DANGER_GITLAB_API_TOKEN="123" bundle exec danger`.
+  #
+  class Buildkite < CI
+    def self.validates_as_ci?(env)
+      env.key? "BUILDKITE"
+    end
+
+    def self.validates_as_pr?(env)
+      exists = ["BUILDKITE_PULL_REQUEST_REPO", "BUILDKITE_PULL_REQUEST"].all? { |x| env[x] }
+      exists && !env["BUILDKITE_PULL_REQUEST_REPO"].empty?
+    end
+
+    def initialize(env)
+      self.repo_url = env["BUILDKITE_REPO"]
+      self.pull_request_id = env["BUILDKITE_PULL_REQUEST"]
+
+      repo_matches = self.repo_url.match(%r{([\/:])([^\/]+\/[^\/]+?)(\.git$|$)})
+      self.repo_slug = repo_matches[2] unless repo_matches.nil?
+    end
+
+    def supported_request_sources
+      @supported_request_sources ||= [Danger::RequestSources::GitHub, Danger::RequestSources::GitLab]
+    end
+  end
+end

data/lib/danger/ci_source/ci_source.rb

@@ -0,0 +1,37 @@
+require "set"
+
+module Danger
+  # "abstract" CI class
+  class CI
+    attr_accessor :repo_slug, :pull_request_id, :repo_url, :supported_request_sources
+
+    def self.inherited(child_class)
+      available_ci_sources.add child_class
+      super
+    end
+
+    def self.available_ci_sources
+      @available_ci_sources ||= Set.new
+    end
+
+    def supported_request_sources
+      raise "CISource subclass must specify the supported request sources"
+    end
+
+    def supports?(request_source)
+      supported_request_sources.include?(request_source)
+    end
+
+    def self.validates_as_ci?(_env)
+      abort "You need to include a function for #{self} for validates_as_ci?"
+    end
+
+    def self.validates_as_pr?(_env)
+      abort "You need to include a function for #{self} for validates_as_pr?"
+    end
+
+    def initialize(_env)
+      raise "Subclass and overwrite initialize"
+    end
+  end
+end

data/lib/danger/ci_source/circle.rb

@@ -0,0 +1,94 @@
+# https://circleci.com/docs/environment-variables
+require "uri"
+require "danger/ci_source/circle_api"
+require "danger/request_sources/github/github"
+
+module Danger
+  # ### CI Setup
+  #
+  # For setting up CircleCI, we recommend turning on "Only build pull requests" in "Advanced Settings." Without this enabled,
+  # it's trickier for Danger to determine whether you're in a pull request or not, as the environment metadata
+  # isn't as reliable.
+  #
+  # A common scenario is when CircleCI begins building a commit before the commit becomes associated with a PR
+  # (e.g. a developer pushes their branch to the remote repo for the first time. CircleCI spins up and begins building.
+  # Moments later the developer creates a PR on GitHub. Since the build process started before the PR existed,
+  # Danger won't be able to use the Circle-provided environment variables to retrieve PR metadata.)
+  #
+  # With "Only build pull requests" enabled, you can add `bundle exec danger` to your `config.yml` (Circle 2.0).
+  #
+  # e.g.
+  #
+  #  ``` yaml
+  #  - run: bundle exec danger --verbose
+  #  ```
+  #
+  # And that should be it!
+  #
+  # ### Token Setup
+  #
+  # If "Only build pull requests" can't be enabled for your project, Danger _can_ still work by relying on CircleCI's API
+  # to retrieve PR metadata, which will require an API token.
+  #
+  # 1. Go to your project > Settings > API Permissions. Create a token with scope "view-builds" and a label like "DANGER_CIRCLE_CI_API_TOKEN".
+  # 2. Settings > Environement Variables. Add the token as a CircleCI environment variable, which exposes it to the Danger process.
+  #
+  # There is no difference here for OSS vs Closed, both scenarios will need this environment variable.
+  #
+  # With these pieces in place, Danger should be able to work as expected.
+  #
+  class CircleCI < CI
+    # Side note: CircleCI is complicated. The env vars for PRs are not guaranteed to exist
+    # if the build was triggered from a commit, to look at examples of the different types
+    # of CI states, see this repo: https://github.com/orta/show_circle_env
+
+    def self.validates_as_ci?(env)
+      env.key? "CIRCLE_BUILD_NUM"
+    end
+
+    def self.validates_as_pr?(env)
+      # This will get used if it's available, instead of the API faffing.
+      return true if env["CI_PULL_REQUEST"] && !env["CI_PULL_REQUEST"].empty?
+      return true if env["CIRCLE_PULL_REQUEST"] && !env["CIRCLE_PULL_REQUEST"].empty?
+
+      # Real-world talk, it should be worrying if none of these are in the environment
+      return false unless ["DANGER_CIRCLE_CI_API_TOKEN", "CIRCLE_PROJECT_USERNAME", "CIRCLE_PROJECT_REPONAME", "CIRCLE_BUILD_NUM"].all? { |x| env[x] && !env[x].empty? }
+
+      # Uses the Circle API to determine if it's a PR otherwise
+      api = CircleAPI.new
+      api.pull_request?(env)
+    end
+
+    def supported_request_sources
+      @supported_request_sources ||= [Danger::RequestSources::GitHub, Danger::RequestSources::BitbucketCloud]
+    end
+
+    def initialize(env)
+      self.repo_url = env["CIRCLE_REPOSITORY_URL"]
+      pr_url = env["CI_PULL_REQUEST"] || env["CIRCLE_PULL_REQUEST"]
+
+      # If it's not a real URL, use the Circle API
+      unless pr_url && URI.parse(pr_url).kind_of?(URI::HTTP)
+        api = CircleAPI.new
+        pr_url = api.pull_request_url(env)
+      end
+
+      # We should either have got it via the API, or
+      # an ENV var.
+      pr_path = URI.parse(pr_url).path.split("/")
+      if pr_path.count == 5
+        # The first one is an extra slash, ignore it
+        self.repo_slug = pr_path[1] + "/" + pr_path[2]
+        self.pull_request_id = pr_path[4]
+
+      else
+        message = "Danger::Circle.rb considers this a PR, " \
+                  "but did not get enough information to get a repo slug" \
+                  "and PR id.\n\n" \
+                  "PR path: #{pr_url}\n" \
+                  "Keys: #{env.keys}"
+        raise message.red
+      end
+    end
+  end
+end

data/lib/danger/ci_source/circle_api.rb

@@ -0,0 +1,51 @@
+require "faraday"
+
+module Danger
+  class CircleAPI
+    # Determine if there's a PR attached to this commit,
+    # and return a bool
+    def pull_request?(env)
+      url = pull_request_url(env)
+      return !url.nil?
+    end
+
+    # Determine if there's a PR attached to this commit,
+    # and return the url if so
+    def pull_request_url(env)
+      url = env["CI_PULL_REQUEST"]
+
+      if url.nil? && !env["CIRCLE_PROJECT_USERNAME"].nil? && !env["CIRCLE_PROJECT_REPONAME"].nil?
+        repo_slug = env["CIRCLE_PROJECT_USERNAME"] + "/" + env["CIRCLE_PROJECT_REPONAME"]
+        if !env["CIRCLE_PR_NUMBER"].nil?
+          host = env["DANGER_GITHUB_HOST"] || "github.com"
+          url = "https://" + host + "/" + repo_slug + "/pull/" + env["CIRCLE_PR_NUMBER"]
+        else
+          token = env["DANGER_CIRCLE_CI_API_TOKEN"]
+          url = fetch_pull_request_url(repo_slug, env["CIRCLE_BUILD_NUM"], token)
+        end
+      end
+      url
+    end
+
+    def client
+      @client ||= Faraday.new(url: "https://circleci.com/api/v1")
+    end
+
+    # Ask the API if the commit is inside a PR
+    def fetch_pull_request_url(repo_slug, build_number, token)
+      build_json = fetch_build(repo_slug, build_number, token)
+      pull_requests = build_json[:pull_requests]
+      return nil unless pull_requests && pull_requests.first
+      pull_requests.first[:url]
+    end
+
+    # Make the API call, and parse the JSON
+    def fetch_build(repo_slug, build_number, token)
+      url = "project/#{repo_slug}/#{build_number}"
+      params = { "circle-token" => token }
+      response = client.get url, params, accept: "application/json"
+      json = JSON.parse(response.body, symbolize_names: true)
+      json
+    end
+  end
+end

data/lib/danger/ci_source/cirrus.rb

@@ -0,0 +1,31 @@
+require "danger/request_sources/github/github"
+
+module Danger
+  # ### CI Setup
+  # You need to edit your `.cirrus.yml` to include `bundler exec danger`.
+  #
+  # Adding this to your `.cirrus.yml` allows Danger to fail your build, both on the Cirrus CI website and within your Pull Request.
+  # With that set up, you can edit your task to add `bundler exec danger` in any script instruction.
+  class Cirrus < CI
+    def self.validates_as_ci?(env)
+      env.key? "CIRRUS_CI"
+    end
+
+    def self.validates_as_pr?(env)
+      exists = ["CIRRUS_PR", "CIRRUS_REPO_FULL_NAME"].all? { |x| env[x] && !env[x].empty? }
+      exists && env["CIRRUS_PR"].to_i > 0
+    end
+
+    def supported_request_sources
+      @supported_request_sources ||= [Danger::RequestSources::GitHub]
+    end
+
+    def initialize(env)
+      self.repo_slug = env["CIRRUS_REPO_FULL_NAME"]
+      if env["CIRRUS_PR"].to_i > 0
+        self.pull_request_id = env["CIRRUS_PR"]
+      end
+      self.repo_url = env["CIRRUS_GIT_CLONE_URL"]
+    end
+  end
+end

data/lib/danger/ci_source/code_build.rb

@@ -0,0 +1,57 @@
+# https://docs.aws.amazon.com/codebuild/latest/userguide/build-env-ref-env-vars.html
+require "danger/request_sources/github/github"
+
+module Danger
+  # ### CI Setup
+  #
+  # In CodeBuild, make sure to correctly forward CODEBUILD_BUILD_ID, CODEBUILD_SOURCE_VERSION, CODEBUILD_SOURCE_REPO_URL and DANGER_GITHUB_API_TOKEN.
+  #
+  # ### Token Setup
+  #
+  # Add your `DANGER_GITHUB_API_TOKEN` to your project. Edit -> Environment -> Additional configuration -> Create a parameter
+  #
+  class CodeBuild < CI
+    def self.validates_as_ci?(env)
+      env.key? "CODEBUILD_BUILD_ID"
+    end
+
+    def self.validates_as_pr?(env)
+      !!self.extract_pr_url(env)
+    end
+
+    def supported_request_sources
+      @supported_request_sources ||= [Danger::RequestSources::GitHub]
+    end
+
+    def initialize(env)
+      self.repo_slug = self.class.extract_repo_slug(env)
+      self.pull_request_id = env["CODEBUILD_SOURCE_VERSION"].split("/")[1].to_i
+      self.repo_url = self.class.extract_repo_url(env)
+    end
+
+    def self.extract_repo_slug(env)
+      return nil unless env.key? "CODEBUILD_SOURCE_REPO_URL"
+
+      gh_host = env["DANGER_GITHUB_HOST"] || "github.com"
+
+      env["CODEBUILD_SOURCE_REPO_URL"].gsub(%r{^.*?#{Regexp.escape(gh_host)}\/(.*?)(\.git)?$}, '\1')
+    end
+
+    def self.extract_repo_url(env)
+      return nil unless env.key? "CODEBUILD_SOURCE_REPO_URL"
+
+      env["CODEBUILD_SOURCE_REPO_URL"].gsub(/\.git$/, "")
+    end
+
+    def self.extract_pr_url(env)
+      return nil unless env.key? "CODEBUILD_SOURCE_VERSION"
+      return nil unless env.key? "CODEBUILD_SOURCE_REPO_URL"
+      return nil unless env["CODEBUILD_SOURCE_VERSION"].split("/").length == 2
+
+      _source_origin, pr_number = env["CODEBUILD_SOURCE_VERSION"].split("/")
+      github_repo_url = env["CODEBUILD_SOURCE_REPO_URL"].gsub(/\.git$/, "")
+
+      "#{github_repo_url}/pull/#{pr_number}"
+    end
+  end
+end

data/lib/danger/ci_source/codefresh.rb

@@ -0,0 +1,53 @@
+# https://semaphoreci.com/docs/available-environment-variables.html
+require "danger/request_sources/github/github"
+
+module Danger
+  #  ### CI Setup
+  #
+  #  To set up Danger on Codefresh, create a freestyle step in your Codefresh yaml configuration:
+  #
+  #  ```yml
+  #  Danger:
+  #    title: Run Danger
+  #    image: alpine/bundle
+  #    working_directory: ${{main_clone}}
+  #    commands:
+  #      - bundle install --deployment
+  #      - bundle exec danger --verbose
+  #  ```
+  #
+  #  Don't forget to add the `DANGER_GITHUB_API_TOKEN` variable to your pipeline settings so that Danger can properly post comments to your pull request.
+  #
+  class Codefresh < CI
+    def self.validates_as_ci?(env)
+      env.key?("CF_BUILD_ID") && env.key?("CF_BUILD_URL")
+    end
+
+    def self.validates_as_pr?(env)
+      return !env["CF_PULL_REQUEST_NUMBER"].to_s.empty?
+    end
+
+    def supported_request_sources
+      @supported_request_sources ||= [Danger::RequestSources::GitHub]
+    end
+
+    def repo_slug
+      return "" if @env["CF_REPO_OWNER"].to_s.empty?
+      return "" if @env["CF_REPO_NAME"].to_s.empty?
+      "#{@env['CF_REPO_OWNER']}/#{@env['CF_REPO_NAME']}".downcase!
+    end
+
+    def repo_url
+      return "" if @env["CF_COMMIT_URL"].to_s.empty?
+      @env["CF_COMMIT_URL"].gsub(/\/commit.+$/, "")
+    end
+
+    def pull_request_id
+      @env["CF_PULL_REQUEST_NUMBER"]
+    end
+
+    def initialize(env)
+      @env = env
+    end
+  end
+end

data/lib/danger/ci_source/codeship.rb

@@ -0,0 +1,44 @@
+# https://semaphoreci.com/docs/available-environment-variables.html
+require "danger/request_sources/github/github"
+
+module Danger
+  # ### CI Setup
+  #
+  # In Codeship, go to your "Project Settings", then add `bundle exec danger` as a test step inside
+  # one of your pipelines.
+  #
+  # ### Token Setup
+  #
+  # Add your `DANGER_GITHUB_API_TOKEN` to "Environment" section in "Project Settings".
+  #
+  class Codeship < CI
+    def self.validates_as_ci?(env)
+      env["CI_NAME"] == "codeship"
+    end
+
+    def self.validates_as_pr?(env)
+      return false unless env["CI_BRANCH"] && !env["CI_BRANCH"].empty?
+
+      !pr_from_env(env).nil?
+    end
+
+    def self.owner_for_github(env)
+      env["CI_REPO_NAME"].split("/").first
+    end
+
+    # this is fairly hacky, see https://github.com/danger/danger/pull/892#issuecomment-329030616 for why
+    def self.pr_from_env(env)
+      Danger::RequestSources::GitHub.new(nil, env).get_pr_from_branch(env["CI_REPO_NAME"], env["CI_BRANCH"], owner_for_github(env))
+    end
+
+    def supported_request_sources
+      @supported_request_sources ||= [Danger::RequestSources::GitHub]
+    end
+
+    def initialize(env)
+      self.repo_slug = env["CI_REPO_NAME"]
+      self.pull_request_id = self.class.pr_from_env(env)
+      self.repo_url = GitRepo.new.origins
+    end
+  end
+end