Allow danger to run with dependencies (!237) · Merge requests · GitLab.org / security-products / ci-templates

Brian Williams requested to merge bwill/danger-dependencies into master Jul 14, 2021

What does this MR do?

I am working on adding reviewer roulette to danger-bot in danger-bot!18 (merged). This requires changing the danger-bot job to support new dependencies. I decided to create a new image since vendoring the dependencies felt awful.

This change should be backwards compatible. I created images for the old versions by writing Dockerfile.backport:

FROM registry.gitlab.com/gitlab-org/gitlab-build-images:danger

COPY . /danger/

and then running this script:

#!/bin/bash

for tag in $(git tag --list); do
  git checkout "$tag"
  docker build -t "registry.gitlab.com/gitlab-org/security-products/danger-bot:${tag}" -f Dockerfile.backport .
  docker push "registry.gitlab.com/gitlab-org/security-products/danger-bot:${tag}"
done

Versions 0.0.1 - 0.0.6 all have published docker images.

You can see the results of testing this job at gitlab-org/security-products/analyzers/cluster-image-scanning!4 (closed)

I also tested that this works on v0.0.6 at gitlab-org/security-products/analyzers/cluster-image-scanning!5 (closed)

What are the relevant issue numbers?

Does this MR meet the acceptance criteria?

Tests added for this feature/bug

Edited Jul 15, 2021 by Brian Williams

Allow danger to run with dependencies

What does this MR do?

What are the relevant issue numbers?

Does this MR meet the acceptance criteria?

Merge request reports