gitlab-dangerfiles 4.8.0 → 4.9.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: '0535903212a08369cccb1b24b1753e1cfa5a637b0827a706a8b37fd3e0fb0dc2'
-  data.tar.gz: c69bcd32f34546130f7b74ccb946be09e876a2820c53d7546b58d21ceed62f0b
+  metadata.gz: 98bba3bef6a0636a636a8b1e038baf11ac64f9b2139a7196990a093cd94c11e7
+  data.tar.gz: 6b65192e78b836b3efac843ea670560d2a169b3bd1135989bc968ce0fdc089a3
 SHA512:
-  metadata.gz: 84e215eee590bde5eb47905ffbf44a14763964695e3d80637d5f8483337f1f792dd7dfee1f5ae0baeb734c85967f47060005a0a6a052e3b1ebf4c53c55243756
-  data.tar.gz: 57657967dcbce6d66f68780c04d57b39601160d26e07f20f4b529a083cfdeb7c71f9f20286f6724ad2a15610fa2793850900959d6961c3b5ece4c8f7d4725b67
+  metadata.gz: 3f46e0a6ac334fe988c303bcb12b7bb58ecd2162fe5c5c3a8547b165e6037e535a4fa9308ec2503c421fdc3a09f8fd66d2702c79375585b99325d399bf65750f
+  data.tar.gz: d024b3cb5fc602e1811bb3692cd559119ae653827c06c9051c8e858f200c23f6a8f059193289d33d3e7e7d8f3ea247dee19fc9a20f96e66a0e8f1416bb29b9bf

data/.gitlab/CODEOWNERS

@@ -1 +1 @@
-* @gl-quality/eng-prod
+* @gl-dx/eng-prod

data/.gitlab-ci.yml

@@ -23,7 +23,7 @@ default:
       - vendor/ruby
 
 .default-test-job:
-  image: "ruby:${RUBY_VERSION}"
+  image: "${GITLAB_DEPENDENCY_PROXY}ruby:${RUBY_VERSION}"
   stage: test
   needs: []
   before_script:

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    gitlab-dangerfiles (4.8.0)
+    gitlab-dangerfiles (4.9.0)
       danger (>= 9.3.0)
       danger-gitlab (>= 8.0.0)
       rake (~> 13.0)

data/README.md

@@ -69,6 +69,52 @@ end
 
 Note that your custom plugins and rules (unless you exclude them with `except`) are automatically imported by the gem.
 
+### Import and load order
+
+Plugins are imported in alphabetical order. Gem plugins are loaded before
+project-local plugins.
+
+Gem and project-local rules are combined, filtered, and loaded in alphabetical order.
+
+Because all rules are executed as soon as they are imported, you should move all
+logic from your root `Dangerfile` to project-local rules in
+`danger/*/Dangerfile`.
+
+For example:
+
+**Bad**
+
+`Dangerfile`:
+
+```ruby
+Gitlab::Dangerfiles.for_project(self) do |dangerfiles|
+  dangerfiles.import_dangerfiles(only: %w[z_add_labels])
+end
+
+# Bad, because gem rule `z_add_labels` has already been executed with empty labels list.
+helper.labels_to_add << 'important'
+```
+
+**Good**
+
+`Dangerfile`:
+
+```ruby
+Gitlab::Dangerfiles.for_project(self) do |dangerfiles|
+  dangerfiles.import_dangerfiles(only: %w[z_add_labels])
+end
+```
+
+`danger/labels/Dangerfile`:
+
+```ruby
+# Good. Execution order:
+# * root `Dangerfile`
+# * project-local `danger/my_labels/Dangerfile`
+# * gem rule `danger/z_add_labels/Dangerfile`
+helper.labels_to_add << 'important'
+```
+
 ### Plugins
 
 Danger plugins are located under `lib/danger/plugins`.
@@ -125,6 +171,15 @@ This rule ensures the merge request isn't too big to be reviewed, otherwise it s
 
 This rule posts a failure if the merge request has more than 20 commits.
 
+#### `danger_code_review`
+
+This rule posts a warning/failure when `@GitLabDuo` isn't assigned as a reviewer.
+
+##### Available configurations
+
+- `duo_code_review`: Whether a review from GitLab Duo Code is `:mandatory` or `:optional`.
+  Default to `:optional`.
+
 #### `metadata`
 
 This rule ensures basic metadata such as assignee, milestone and description are set on the merge request.
@@ -148,6 +203,16 @@ project. To use it in your project, perform the following steps:
    end
    ```
 
+##### Available configurations
+
+Note: These options aren't actually used in the `simple_roulette` rule, but can be used in your own
+implementation of the roulette if you use `roulette.required_approvals`/`roulette.codeowners_approvals`.
+
+- `included_optional_codeowners_sections_for_roulette`: Indicates which optional codeowners sections
+  should be included in roulette. Default to `[]`.
+- `excluded_required_codeowners_sections_for_roulette`: Indicates which required codeowners sections
+  should be excluded from roulette. Default to `[]`.
+
 #### `type_label`
 
 If the `changelog` plugin is available, it tries to infer a type label from the `Changelog` trailer of the MR.
@@ -235,6 +300,16 @@ To run the Danger Rake task in a project that doesn't have `master` as the defau
 DANGER_LOCAL_BASE="origin/main" bundle exec rake danger_local
 ```
 
+## Warnings vs Errors
+
+The following lint violations generate warnings:
+
+1. The commit subject is too short ([code](https://gitlab.com/gitlab-org/ruby/gems/gitlab-dangerfiles/blob/bccb167/lib/gitlab/dangerfiles/base_linter.rb#L74-76)).
+1. The commit changes too many lines across too many files without describing the changes in the commit body ([code](https://gitlab.com/gitlab-org/ruby/gems/gitlab-dangerfiles/blob/bccb167/lib/gitlab/dangerfiles/commit_linter.rb#L83-85)).
+1. The commit body contains too many characters per line ([code](https://gitlab.com/gitlab-org/ruby/gems/gitlab-dangerfiles/blob/bccb167/lib/gitlab/dangerfiles/commit_linter.rb#L87-96)).
+
+All other lint violations generate errors, except when the MR has [Squash commits when merge request is accepted](https://docs.gitlab.com/ee/user/project/merge_requests/squash_and_merge.html#squash-commits-in-a-merge-request) enabled, which downgrades lint violations to warnings.
+
 ## Documentation
 
 Latest documentation can be found at <https://www.rubydoc.info/gems/gitlab-dangerfiles>.

data/lib/danger/plugins/duo_code.rb

@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+
+module Danger
+  # Contains method to check if Duo code suggestion added to MR as a reviewer.
+  class DuoCode < Danger::Plugin
+    def suggestion_added?
+      return false unless helper.ci?
+
+      helper.mr_reviewers.include?("GitLabDuo")
+    end
+  end
+end

data/lib/danger/plugins/internal/helper.rb

@@ -29,7 +29,8 @@ module Danger
       import_integrate_fe: '~"group::import and integrate" (frontend)',
       Authentication: '~"group::authentication"',
       Authorization: '~"group::authorization"',
-      Compliance: '~"group::compliance"'
+      Compliance: '~"group::compliance"',
+      Verify: '~"devops::verify"'
     }.freeze
     # rubocop:enable Style/HashSyntax
 
@@ -243,7 +244,7 @@ module Danger
     # @return [String] the GFM for a category label, making its best guess if it's not
     #   a category we know about.
     def label_for_category(category)
-      CATEGORY_LABELS[category] ||
+      helper.config.custom_labels_for_categories[category] || CATEGORY_LABELS[category] ||
 
         if category.start_with?("`")
           category.to_s
@@ -287,6 +288,13 @@ module Danger
       gitlab_helper.mr_json["assignees"]
     end
 
+    # @return [Array<Hash>] +[]+ when not in the CI context, and the MR reviewers otherwise.
+    def mr_reviewers
+      return [] unless ci?
+
+      gitlab_helper.mr_json["reviewers"]
+    end
+
     # @return [String] +""+ when not in the CI context, and the MR title otherwise.
     def mr_title
       return "" unless ci?

data/lib/danger/rules/commit_messages/Dangerfile

@@ -113,7 +113,7 @@ def warn_or_fail_commits(failed_linters, default_to_fail: true)
   Array(failed_linters).each do |linter|
     linter.problems.each do |problem_key, problem_desc|
       case problem_key
-      when :subject_too_short, :subject_above_warning, :details_too_many_changes, :details_line_too_long
+      when :subject_too_short, :details_too_many_changes, :details_line_too_long
         warn_commit(linter.commit, problem_desc)
       else
         self.__send__(:"#{level}_commit", linter.commit, problem_desc)

data/lib/danger/rules/duo_code_review/Dangerfile

@@ -0,0 +1,10 @@
+# frozen_string_literal: true
+
+return if duo_code.suggestion_added?
+
+case helper.config.duo_code_review
+when :optional
+  markdown("We advise getting a review from from GitLab Duo Code. You can assign `@GitLabDuo` as a reviewer to this merge request.")
+when :mandatory
+  failure("A review from GitLab Duo Code is mandatory. Please assign `@GitLabDuo` as a reviewer to this merge request.")
+end

data/lib/gitlab/dangerfiles/config.rb

@@ -21,22 +21,36 @@ module Gitlab
       #           match changed lines in files that match +filename_regex+. Used in `helper.changes_by_category`, `helper.changes`, and `helper.categories_for_file`.
       attr_accessor :files_to_category
 
+      # @!attribute custom_labels_for_categories
+      #   @return [{String => String}] A hash of the form +{ category_name => label }+.
+      #           Used in `helper.custom_labels_for_categories`.
+      attr_accessor :custom_labels_for_categories
+
+      # @!attribute disabled_roulette_categories
+      #   @return [Array] indicating which categories would be disabled for the simple roulette. Default to `[]` (all categories are enabled)
+      attr_accessor :disabled_roulette_categories
+
+      # Rule: changes_size
       # @!attribute code_size_thresholds
       #   @return [{ high: Integer, medium: Integer }] a hash of the form +{ high: 42, medium: 12 }+ where +:high+ is the lines changed threshold which triggers an error, and +:medium+ is the lines changed threshold which triggers a warning. Also, see +DEFAULT_CHANGES_SIZE_THRESHOLDS+ for the format of the hash.
       attr_accessor :code_size_thresholds
 
+      # Rule: commit_messages
       # @!attribute max_commits_count
       #   @return [Integer] the maximum number of allowed non-squashed/non-fixup commits for a given MR. A warning is triggered if the MR has more commits.
       attr_accessor :max_commits_count
 
-      # @!attribute disabled_roulette_categories
-      #   @return [Array] indicating which categories would be disabled for the simple roulette. Default to `[]` (all categories are enabled)
-      attr_accessor :disabled_roulette_categories
+      # Rule: duo_code_review
+      # @!attribute duo_code_review
+      #   @return [Symbol] whether a review from GitLab Duo Code is `:mandatory` or `:optional`. Default to `:optional`.
+      attr_accessor :duo_code_review
 
+      # Rule: simple_roulette
       # @!attribute included_optional_codeowners_sections_for_roulette
       #   @return [Array] indicating which optional codeowners sections should be included in roulette. Default to `[]`.
       attr_accessor :included_optional_codeowners_sections_for_roulette
 
+      # Rule: simple_roulette
       # @!attribute excluded_required_codeowners_sections_for_roulette
       #   @return [Array] indicating which required codeowners sections should be excluded from roulette. Default to `[]`.
       attr_accessor :excluded_required_codeowners_sections_for_roulette
@@ -46,6 +60,7 @@ module Gitlab
 
       def initialize
         @files_to_category = {}
+        @custom_labels_for_categories = {}
         @project_root = nil
         @project_name = ENV["CI_PROJECT_NAME"]
         @ci_only_rules = []
@@ -54,6 +69,7 @@ module Gitlab
         @disabled_roulette_categories = []
         @included_optional_codeowners_sections_for_roulette = []
         @excluded_required_codeowners_sections_for_roulette = []
+        @duo_code_review = :optional
       end
     end
   end

data/lib/gitlab/dangerfiles/version.rb

@@ -1,5 +1,5 @@
 module Gitlab
   module Dangerfiles
-    VERSION = "4.8.0"
+    VERSION = "4.9.0"
   end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: gitlab-dangerfiles
 version: !ruby/object:Gem::Version
-  version: 4.8.0
+  version: 4.9.0
 platform: ruby
 authors:
 - GitLab
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2024-06-26 00:00:00.000000000 Z
+date: 2025-04-28 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rake
@@ -225,12 +225,14 @@ files:
 - gitlab-dangerfiles.gemspec
 - lefthook.yml
 - lib/danger/plugins/changelog.rb
+- lib/danger/plugins/duo_code.rb
 - lib/danger/plugins/internal/helper.rb
 - lib/danger/plugins/roulette.rb
 - lib/danger/rules/changelog/Dangerfile
 - lib/danger/rules/changes_size/Dangerfile
 - lib/danger/rules/commit_messages/Dangerfile
 - lib/danger/rules/commits_counter/Dangerfile
+- lib/danger/rules/duo_code_review/Dangerfile
 - lib/danger/rules/metadata/Dangerfile
 - lib/danger/rules/simple_roulette/Dangerfile
 - lib/danger/rules/type_label/Dangerfile
@@ -282,7 +284,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.3.27
+rubygems_version: 3.5.22
 signing_key:
 specification_version: 4
 summary: This gem provides common Dangerfile and plugins for GitLab projects.