Merge pull request #1404 from dimitar-hristov/ghe-actions-app-id

Customise GHE actions bot user ID
danger · Dec 7, 2023 · 266c485 · 266c485
2 parents 98201b8 + 87290e7
commit 266c485
Show file tree

Hide file tree

Showing 4 changed files with 141 additions and 11 deletions.
diff --git a/docs/usage/github_enterprise.html.md b/docs/usage/github_enterprise.html.md
@@ -0,0 +1,59 @@
+---
+title: GitHub Enteprise
+subtitle: Danger on GHE
+layout: guide_js
+order: 4
+blurb: An overview of using Danger with GitHub Enterprise, and some examples
+---
+
+If you are using DangerJS on GitHub Enteprise, you will need to set the Danger user ID to the GitHub Actions bot. This
+will enable Danger to correctly comment and update on PRs.
+
+If you include Danger as a dev-dependency, then you can call danger directly as another build-step after your tests:
+
+```yml
+name: Node CI
+on: [pull_request]
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@master
+    - name: Use Node.js 10.x
+      uses: actions/setup-node@v1
+      with:
+        node-version: 10.x
+    - name: install yarn
+      run: npm install -g yarn
+    - name: yarn install, build, and test
+      run: |
+        yarn install  --frozen-lockfile
+        yarn build
+        yarn test
+    - name: Danger
+      run: yarn danger ci
+      env:
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        DANGER_GHE_ACTIONS_BOT_USER_ID: *user_id*
+```
+
+If you are not running in a JavaScript ecosystem, or don't want to include the dependency then you can use Danger JS as
+an action.
+
+```yml
+name: "Danger JS"
+on: [pull_request]
+
+jobs:
+  build:
+    name: Danger JS
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v1
+    - name: Danger
+      uses: danger/danger-js@9.1.6
+      env:
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        DANGER_GHE_ACTIONS_BOT_USER_ID: *user_id*
+```
diff --git a/source/ci_source/providers/GitHubActions.ts b/source/ci_source/providers/GitHubActions.ts
@@ -59,6 +59,26 @@ import { readFileSync, existsSync } from "fs"
  * Note it's likely the version number should change, but you get the point. This will run Danger
  * self-encapsulated inside a GitHub action.
  *
+ * If you are using DangerJS on GitHub Enteprise, you will need to set the Danger user ID to
+ * the GitHub Actions bot. This will enable Danger to correctly comment and update on PRs.
+ *
+ * * ```yml
+ * name: "Danger JS"
+ * on: [pull_request]
+ *
+ * jobs:
+ *   build:
+ *     name: Danger JS
+ *     runs-on: ubuntu-latest
+ *     steps:
+ *     - uses: actions/checkout@v1
+ *     - name: Danger
+ *       uses: danger/danger-js@9.1.6
+ *       env:
+ *         GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+ *         DANGER_GHE_ACTIONS_BOT_USER_ID: *user_id*
+ * ```
+ *
  * <!-- !JS --!>
  * <!-- Swift --!>
  *

diff --git a/source/platforms/github/GitHubAPI.ts b/source/platforms/github/GitHubAPI.ts
@@ -137,12 +137,18 @@ export class GitHubAPI {
 
     const useGitHubActionsID = process.env["GITHUB_WORKFLOW"]
     if (useGitHubActionsID) {
+      // Allow to customise the GitHub actions app ID for Github Enterprise
+      const gheActionsID = process.env["DANGER_GHE_ACTIONS_BOT_USER_ID"]
+      if (gheActionsID) {
+        return parseInt(gheActionsID)
+      }
       // This is the user.id of the github-actions app (https://github.com/apps/github-actions)
       // that is used to comment when using danger in a GitHub Action
       // with GITHUB_TOKEN (https://help.github.com/en/actions/configuring-and-managing-workflows/authenticating-with-the-github_token)
       return 41898282
     }
 
+    this.d("Danger user ID is undefined.")
     return undefined
   }
 

diff --git a/source/platforms/github/_tests/_github_api.test.ts b/source/platforms/github/_tests/_github_api.test.ts
@@ -1,6 +1,7 @@
 import { FakeCI } from "../../../ci_source/providers/Fake"
 import { GitHubAPI } from "../GitHubAPI"
 import { requestWithFixturedJSON } from "../../_tests/_github.test"
+import { GitHubUser } from "../../../dsl/GitHubDSL"
 
 const fetchJSON = (api: any, params: any): Promise<any> => {
   return Promise.resolve({
@@ -305,14 +306,18 @@ describe("API testing", () => {
   })
 })
 
-describe("Peril", () => {
+describe("Bots", () => {
   let api: GitHubAPI
 
   beforeEach(() => {
     const mockSource = new FakeCI({})
     api = new GitHubAPI(mockSource, "ABCDE")
     api.fetch = jest.fn()
     api.additionalHeaders = { CUSTOM: "HEADER" }
+    delete process.env.PERIL_BOT_USER_ID
+    delete process.env.DANGER_GITHUB_API_TOKEN
+    delete process.env.GITHUB_WORKFLOW
+    delete process.env.DANGER_GHE_ACTIONS_BOT_USER_ID
   })
 
   it("Allows setting additional headers", async () => {
@@ -354,18 +359,58 @@ describe("Peril", () => {
     )
   })
 
-  describe("Allows setting PERIL_BOT_USER_ID env variable", () => {
-    beforeEach(() => {
-      process.env.PERIL_BOT_USER_ID = "1"
-    })
+  it("getUserId return undefined if no auth is defined", async () => {
+    api.getUserInfo = () => Promise.resolve<GitHubUser>(JSON.parse('{"status": 403}'))
+    const userID = await api.getUserID()
+    expect(userID).toBe(undefined)
+  })
 
-    afterEach(() => {
-      delete process.env.PERIL_BOT_USER_ID
-    })
+  it("getUserId return PERIL_BOT_USER_ID when set", async () => {
+    api.getUserInfo = () => Promise.resolve<GitHubUser>(JSON.parse('{"status": 403}'))
+    process.env.PERIL_BOT_USER_ID = "1"
 
-    it("Makes getUserId return undefined", async () => {
-      const userID = await api.getUserID()
-      expect(userID).toBe(1)
+    const userID = await api.getUserID()
+    expect(userID).toBe(1)
+  })
+
+  // It should use the configured token to retrive the user ID
+  it("getUserID return default user's ID when set", async () => {
+    api.fetch = jest.fn().mockReturnValue({
+      json: jest.fn().mockImplementation(() => Promise.resolve<GitHubUser>(JSON.parse('{"id": 2}'))),
     })
+    const userID = await api.getUserID()
+
+    // Ensure we call the user endpoint with the configured token
+    expect(api.fetch).toHaveBeenCalledWith(
+      "https://api.github.com/user",
+      {
+        body: null,
+        headers: {
+          Authorization: "token ABCDE",
+          CUSTOM: "HEADER",
+          "Content-Type": "application/json",
+        },
+        method: "GET",
+      },
+      undefined
+    )
+    expect(userID).toBe(2)
+  })
+
+  it("Makes getUserId return DANGER_GHE_ACTIONS_BOT_USER_ID when set", async () => {
+    api.getUserInfo = () => Promise.resolve<GitHubUser>(JSON.parse('{"status": 403}'))
+    process.env.GITHUB_WORKFLOW = "foobar"
+    process.env.DANGER_GHE_ACTIONS_BOT_USER_ID = "3"
+
+    const userID = await api.getUserID()
+    expect(userID).toBe(3)
+  })
+
+  it("getUserID return default GitHub Actions bot ID if not overwritten", async () => {
+    api.getUserInfo = () => Promise.resolve<GitHubUser>(JSON.parse('{"status": 403}'))
+    process.env.GITHUB_WORKFLOW = "foobar"
+
+    const userID = await api.getUserID()
+    expect(userID).toBe(41898282)
   })
 })