PR feedback: fix Danger's GitHub token, run on all branches

2026-03-25 08:45:55 +00:00 · 2025-05-25 14:34:16 -07:00 · 2025-05-25 14:34:16 -07:00 · dcc17a065d
commit dcc17a065d
parent 0da8ef5bd3
1 changed files with 6 additions and 9 deletions
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@ -1,9 +1,5 @@
 name: CI
-on:
-  push:
-    branches: [master]
-  pull_request:
-    branches: [master]
+on: [push, pull_request]

 jobs:
  danger:
@ -15,10 +11,11 @@ jobs:
          ruby-version: 3.4.4
      - name: Install dependencies
        run: bundle install --jobs 4 --retry 3
-      - name: Run danger
-        env:
-          DANGER_GITHUB_API_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        run: bundle exec danger
+      - name: Run Danger
+        run: |
+            # the token is public, has public_repo scope and belongs to the grape-bot user owned by @dblock, this is ok
+            TOKEN=$(echo -n Z2hwX2lYb0dPNXNyejYzOFJyaTV3QUxUdkNiS1dtblFwZTFuRXpmMwo= | base64 --decode)
+            DANGER_GITHUB_API_TOKEN=$TOKEN bundle exec danger --verbose

  test:
    runs-on: ubuntu-latest