How to Set Up Danger JS for Unsupported CIs | by Ardy Gallego Dedase | May, 2022

With Google CloudBuild for example

You may skip this part if you’re already accustomed to Danger JS.

Hazard JS is an open-source construct instrument that permits software program builders to automate frequent code assessment chores. Utilizing Hazard JS, we are able to robotically run a algorithm in opposition to your Pull Request (PR) and go away a code assessment remark. It automates repetitive and trivial code assessment feedback like “This PR is giant, please think about breaking down so we are able to successfully assessment it” or “Please replace the changelog file”. It helps builders to concentrate on reviewing the issue that the PR is making an attempt to resolve.

Mechanically deal with code assessment chores.

An instance code

To raised perceive the way it works, let’s take a typical use case for example: What if we wish to go away a remark if a pull request is simply too massive?

You may write a JS perform utilizing Hazard JS to perform this use case:

If the variety of strains modified in a pull request is greater than the arbitrary bigPRThreshold worth, then go away a “warning” remark within the pull request.

Organising Hazard JS

Under, I summarize the steps concerned in establishing Hazard JS in your CI.

  • Set up Hazard by workingyarn add hazard —dev or npm set up --save-dev hazard.
  • Create a dangerfile and embody it in your repository’s root folder. It may be dangerfile.ts or dangerfile.js.
  • Arrange a GitHub bot and/or generate a GitHub token with ample entry to remark, approve or reject a Pull Request.
  • Discuss with this list of setup instructions that you simply’ll must comply with relying on the CI that you simply use.

For instance, if you wish to use Hazard JS inside your organization’s inner CI or Google Cloud Construct. Google Cloud Construct is not a supported CI on the time of writing.

We’ve got two choices for that:

  • Contribute again to Hazard.
  • Use Hazard’s “guide mode”, which is what we are going to cowl within the subsequent sections.

Begin by putting in hazard. We’ll use npm for our instance.

npm set up --save-dev hazard

Import what we’d like from our Hazard bundle.

import hazard, warn, markdown from 'hazard';

Create our dangerfile.ts. We’ll implement the next features:

  • reviewLargePR()Identical as our earlier code instance
  • ensurePRHasAssignee() Fail the PR if there isn’t a assignee.

Our dangerfile.ts:

We are able to take a look at our dangerfile regionally by utilizing danger-pr.js. This is not going to go away a touch upon the pull request. It is going to print out the anticipated PR feedback within the terminal. This selection permits us to debug our dangerfile regionally with out spamming feedback on an actual PR.

Run the next command in your repository’s root folder, in the identical folder because the dangerfile.ts:

# Your GitHub API token
export DANGER_GITHUB_API_TOKEN=<yourtoken>

In our instance above , we’re utilizing a public PR to Danger JS’s GitHub repository. On the time of writing, this PR has round 7,000~ strains modified. This quantity is “giant” in line with our Dangerfile’s guidelines.

Our output will present that the PR is giant:

Hazard can assist CIs that aren’t on their present supported checklist by utilizing their “guide mode”.

Operating Hazard’s CI command

Now that our dangerfile works as anticipated, let’s run utilizing danger-ci regionally. This command will go away a touch upon the PR that we specify.

ℹ️ Just remember to have configured the required GitHub access when working the CI command.

Set the atmosphere variables

We are able to allow guide mode by setting the required atmosphere variables.

Set your CI’s title:

# Substitute along with your unsupported CI's title, e.g. CloudBuild

Specify your GitHub repository:

# Substitute along with your GitHub repository
export DANGER_MANUAL_GH_REPO=<githuborg/githubrepo>

Set your GitHub API entry token in case you haven’t but:

# Substitute along with your GitHub API token
export DANGER_GITHUB_API_TOKEN=<yourtoken>

Run the Hazard CI command

Now that we have now set the required atmosphere variables👆, run the danger-ci command:

DANGER_MANUAL_PR_NUM=<PR Quantity> node_modules/hazard/distribution/instructions/danger-ci.js

The atmosphere variable DANGER_MANUAL_PR_NUM is the PR variety of the PR that we would like Hazard to assessment. For instance, in case your PR is:, the atmosphere variable will likely be DANGER_MANUAL_PR_NUM=1192.

An instance

ℹ️ Be aware that we have now the choice to write down a shell script that runs all of the instructions on this instance, as an alternative of working the instructions one after the other.

Let’s take a public GitHub Pull Request that I’ve arrange for example.

Let’s arrange the environment variables:

# Substitute along with your unsupported CI's title, e.g. CloudBuild
# Substitute along with your GitHub repository
export DANGER_MANUAL_GH_REPO=ardydedase/danger-example
# Substitute along with your GitHub API token
export DANGER_GITHUB_API_TOKEN=<yourtoken>

Then run the danger-ci command with the PR quantity, which is 1 on this instance:

DANGER_MANUAL_PR_NUM=1 node_modules/hazard/distribution/instructions/danger-ci.js

In our instance, the PR fails as a result of there isn’t a assigned person to the PR.

The PR touch upon GitHub will likely be:

☝️ I’m utilizing my private GitHub token for this demo, so it’s my username that seems on the PR. Ideally, we must always arrange a GitHub bot.

We’ll carry out the identical steps in our unsupported CI: set the atmosphere variables and run the danger-ci command. We’ll cowl this within the subsequent part. 👇

After testing our dangerfile in Step 3, we are actually able to configure Hazard with our unsupported CI.

We’ll use Google CloudBuild as our CI in our instance as a result of:

  • On the time of writing, Google CloudBuild isn’t but a supported CI in Hazard JS.
  • It has a Native Cloud Builder CLI instrument we are able to use to check our construct configuration YAML regionally.

Google Cloud Stipulations

We’ll want our CloudBuild CLI instrument put in to check our Hazard construct with Google Cloud regionally. Please seek advice from the docs linked beneath:

CloudBuild configuration file

Let’s create our config file:

ℹ️ Substitute the GITHUB_API_TOKEN along with your token.

Once we run cloud-build-local, dryrun is enabled by default except we specify in any other case. This provides us the choice to examine our construct’s syntax, saving us time to check. Let’s begin by working the cloud-build-local command beneath to guarantee that our config file has no syntax error:

cloud-build-local --config=./cloudbuild-local.yaml .

If the above command is profitable, the output will likely be:

Let’s now set the dryrun flag to false to run the hazard construct regionally:

cloud-build-local --config=./cloudbuild-local.yaml --dryrun=false .

👆 The above command will a couple of minutes to finish. Downloading the node docker picture will take probably the most time.

A profitable construct will present an identical output beneath:

And it ought to go away a PR remark as nicely:

Now that our native configuration works as anticipated, we are able to use the identical configuration in our manufacturing Cloud Construct setup.

Configuration for Manufacturing atmosphere

Our manufacturing setup is nearly the identical, besides that we’re retrieving the PR quantity from CloudBuild. As an alternative of hard-coding, we are going to assign $_PR_NUMBER to DANGER_MANUAL_PR_NUM.

Our Hazard CI command will likely be:

DANGER_MANUAL_PR_NUM=$_PR_NUMBER node_modules/hazard/distribution/instructions/danger-ci.js

We also needs to retailer our GitHub API token in Google Cloud’s Secrets and techniques Supervisor or any “secrets and techniques” supervisor that you’re utilizing.

If we’re utilizing Google Secrets and techniques supervisor, we might want to replace our construct configuration to make use of it:

- versionName: tasks/$PROJECT_ID/secrets and techniques/<my-github-token>/variations/1

Substitute <my-github-token> along with your secret title.

Our construct config utilizing the Pull Request quantity $_PR_NUMBER and secret from Secrets and techniques Supervisor:

Setup CloudBuild Set off

The final step is to configure our CloudBuild set off to guarantee that it really works as anticipated.

In Google Cloud Console, by creating a brand new Set off in CloudBuild:

Whereas creating your set off, just remember to choose “Pull request” because the Occasion. This provides our config file entry to $_PR_NUMBER . If we don’t do that, $_PR_NUMBER will return an empty string.

Select Repository because the Location for our config file. Specify the trail to our construct configuration file.

You may go away the remainder of the enter fields as they’re.

That’s all we’d like. You now have a pleasant Google CloudBuild setup with automated code opinions powered by Hazard JS!

ℹ️ Though we write our Dangerfile utilizing TypeScript or JavaScript, Hazard JS can work with any codebase whatever the programming language.

You will discover the GitHub repository right here in your reference:

More Posts