danger: Danger fails on CI when running on PR from a fork in GH Actions / Buddy Build

We just set up danger in our repository and it fails when running on PRs from forks.

What did you do?

bundle install  
bundle exec danger --fail-on-errors=true

What did you expect to happen?

It would run danger and find the branch & commit in my fork.

What happened instead?

It failed to find the commits and/or the branch:

fatal: Couldn't find remote ref refs/heads/event-ordering
fatal: Couldn't find remote ref refs/heads/event-ordering
fatal: Couldn't find remote ref refs/heads/event-ordering
fatal: Couldn't find remote ref refs/heads/event-ordering
bundler: failed to load command: danger (/usr/local/bin/danger)
RuntimeError: Commit c2b6bb0b doesn't exist. Are you running `danger local/pr` against the correct repository? Also this usually happens when you rebase/reset and force-pushed.
/Library/Ruby/Gems/2.3.0/gems/danger-5.14.0/lib/danger/scm_source/git_repo.rb:111:in `raise_if_we_cannot_find_the_commit'
/Library/Ruby/Gems/2.3.0/gems/danger-5.14.0/lib/danger/scm_source/git_repo.rb:93:in `ensure_commitish_exists_on_branch!'
/Library/Ruby/Gems/2.3.0/gems/danger-5.14.0/lib/danger/request_sources/github/github.rb:112:in `setup_danger_branches'
/Library/Ruby/Gems/2.3.0/gems/danger-5.14.0/lib/danger/danger_core/environment_manager.rb:57:in `ensure_danger_branches_are_setup'
/Library/Ruby/Gems/2.3.0/gems/danger-5.14.0/lib/danger/danger_core/dangerfile.rb:259:in `setup_for_running'
/Library/Ruby/Gems/2.3.0/gems/danger-5.14.0/lib/danger/danger_core/dangerfile.rb:270:in `run'
/Library/Ruby/Gems/2.3.0/gems/danger-5.14.0/lib/danger/danger_core/executor.rb:29:in `run'
/Library/Ruby/Gems/2.3.0/gems/danger-5.14.0/lib/danger/commands/runner.rb:72:in `run'
/Library/Ruby/Gems/2.3.0/gems/claide-1.0.2/lib/claide/command.rb:334:in `run'
/Library/Ruby/Gems/2.3.0/gems/danger-5.14.0/bin/danger:5:in `<top (required)>'
/usr/local/bin/danger:22:in `load'
/usr/local/bin/danger:22:in `<top (required)>'

Your Environment

  • Which CI are you running on? Buddybuild
  • Are you running the latest version of Danger? Yup
  • What is your Dangerfile?
warn("PR is classed as Work in Progress") if github.pr_title.include? "[WIP]"

swiftlint.lint_files fail_on_error: true

About this issue

  • Original URL
  • State: open
  • Created 5 years ago
  • Reactions: 5
  • Comments: 38 (25 by maintainers)

Commits related to this issue

Most upvoted comments

Using:

      - uses: actions/checkout@v2

Will only checkout the single commit to be tested-you need something with more depth, so you can either use actions/checkout@v1 or specify the fetch-depth as in:

      - uses: actions/checkout@v2
        with:
          fetch-depth: 0

This solved my issues with Github Actions 😄

+3
troyfontaine on May 28, 2020

so I tried to work around this today, and while I didn’t get a solution, I think what i found may be enlightening.

I added a step to checkout the fork remote:

      - run: |
          set -x
          echo $GITHUB_BASE_REF
          echo $GITHUB_HEAD_REF
          echo $EVENT
          echo $PR_REPO
          echo $BASE_REPO
          # should be PR_REPO_URL, but that doesn't exist
          # for some reason...
          git remote add pr https://github.com/$PR_REPO
          git fetch pr
          git remote -v
          git checkout $PR_HEAD
          git show
        if: github.event.pull_request.head.repo.full_name != github.repository
        env:
          EVENT: ${{ github.event_name }}
          PR_REPO: ${{ github.event.pull_request.head.repo.full_name }}
          PR_REPO_URL: ${{ github.event.pull_request.head.repo.clone_url }}
          BASE_REPO: ${{ github.repository }}
          PR_HEAD: ${{ github.event.pull_request.head.ref }}

When I did that, however, Danger, I think, ended up comparing the branch to itself, and saw no delta, and thus was very happy.

So then I tried to pass in --base:

      - run: |
          danger --verbose --fail-on-errors=true --base=$BASE
        env:
          BASE: ${{ github.event.pull_request.base.ref }}
          DANGER_GITHUB_API_TOKEN: ${{ secrets.GITHUB_TOKEN }}

But then it complains it can’t find main anywhere in the repo (Commit main doesn't exist). That can’t be right!

I then tried dropping the checkout, but that didn’t work either. I even tried modifying my git-fix step to be:

          git checkout -b main origin/main
          git checkout $PR_HEAD

to make sure the right main and the right head would be there. This gets the right things in the right places:

+ git remote -v
origin	https://github.com/chef/chef (fetch)
origin	https://github.com/chef/chef (push)
pr	https://github.com/jaymzh/chef (fetch)
pr	https://github.com/jaymzh/chef (push)
+ git checkout -b main origin/main
Previous HEAD position was 63aab93aff Merge cb81921547c7a0b0bdac3ebdf66f7726e5210015 into 3e18296d7e4f1a175f43f41d08173c708634cd8c
Switched to a new branch 'main'
branch 'main' set up to track 'origin/main'.
+ git checkout dangerfix
Switched to a new branch 'dangerfix'
branch 'dangerfix' set up to track 'pr/dangerfix'.

But, this, once again, caused danger to simply see nothing.

I tried at this point modifying danger call to be this, though I think this is what it does by default:

      - run: |
          danger --verbose --fail-on-errors=true --base=$BASE --head=$PR_HEAD
        env:
          BASE: ${{ github.event.pull_request.base.ref }}
          PR_HEAD: ${{ github.event.pull_request.head.ref }}
          DANGER_GITHUB_API_TOKEN: ${{ secrets.GITHUB_TOKEN }}

But it sees nothing.

So then I decided to add message(git.diff) to see what diff it thinks it’s seeing.

Low and behold, it’s my diff. It crashes on unless source.valid_encoding? (https://github.com/chef/chef/actions/runs/7148990967/job/19470679407?pr=14134), but in the stacktrace I can see the diff.

So at this point, given I’ve made sure that both the base ref and the head ref are both there, I think it seems reasonable to believe there’s something that Danger isn’t quite catching here.

+1
jaymzh on Dec 9, 2023

@Xorima

@SgtPooki can you post the full action workflow you are using as I’m struggling to recreate it

it’s in ipfs/awesome-ipfs repo (https://github.com/ipfs/awesome-ipfs/blob/master/.github/workflows/pull_requests.yml). Also, there was some feedback on the PR or issue I created in that repo from galargh that you may find valuable regarding what setting pull_request_target actually does.

+1
SgtPooki on Nov 17, 2022

idk if this will fix everyone’s problems, but changing github workflow trigger from pull_request to pull_request_target resolved the issue for me. see https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#pull_request_target

+1
SgtPooki on Sep 28, 2022
Read more comments on GitHub
← danger: Could not find a CI source?
danger: Danger fails with "Cannot find a merge base between danger_base and danger_head" →