[#493] Integrate Danger to the generated project

[thawzintoe-ptut]

#493

What happened 👀

CI/CD pipeline specifically for reviewing pull requests within our Android project template. A total of 76 additions have been made to the .github/workflows/repiew_pull_request.yml file, enhancing its capabilities and adding new steps for better code quality checks and environment management.

Insight 📝

• Detekt and Android Lint: Ensure code quality and styling compliance.
• Kover for Unit Tests: Enforce test coverage metrics.
• Danger: Manage PR annotations for common issues like big PRs or missing descriptions.

Proof Of Work 📹

Summary by CodeRabbit

• New Features

  • Introduced a new GitHub Actions workflow for automated pull request reviews.
  • Added a Gemfile to manage Ruby gems for enhanced code review processes.

• Enhancements

  • Improved caching for Ruby gems and Gradle dependencies to optimize build times.
  • Implemented warning mechanisms in the Dangerfile for PR titles, descriptions, labels, and code size.
  • Added test coverage reporting to ensure quality standards are met.

• Bug Fixes

  • Modified commit linting process to provide warnings instead of failing outright.

• Chores

  • Updated workflow configurations to streamline Ruby setup and caching processes.
  • Removed unnecessary gem dependencies from the project.

[github-actions]

	8 Warnings
⚠️	Uh oh! Your project is under 80% coverage!
⚠️	template-compose/gradle/libs.versions.toml#L10 - A newer version of androidx.compose:compose-bom than 2023.09.02 is available: 2024.12.01
⚠️	template-compose/gradle/libs.versions.toml#L11 - A newer version of androidx.navigation:navigation-compose than 2.5.3 is available: 2.8.5
⚠️	template-compose/gradle/libs.versions.toml#L12 - A newer version of androidx.core:core-ktx than 1.10.1 is available: 1.15.0
⚠️	template-compose/gradle/libs.versions.toml#L13 - A newer version of androidx.datastore:datastore-preferences than 1.0.0 is available: 1.1.1
⚠️	template-compose/gradle/libs.versions.toml#L17 - A newer version of androidx.hilt:hilt-navigation-compose than 1.0.0 is available: 1.2.0
⚠️	template-compose/gradle/libs.versions.toml#L24 - A newer version of androidx.lifecycle:lifecycle-runtime-compose than 2.6.1 is available: 2.8.7
⚠️	template-compose/gradle/libs.versions.toml#L24 - A newer version of androidx.lifecycle:lifecycle-runtime-ktx than 2.6.1 is available: 2.8.7

Kover report for template-compose:

🧛 Template - Compose Unit Tests Code Coverage: 61.54%

Coverage of Modified Files:

File	Coverage

Modified Files Not Found In Coverage Report:

Dangerfile
Gemfile
Gemfile
Gemfile.lock
review_pull_request.yml
template_review_pull_request.yml

Codebase cunningly covered by count Shroud 🧛

Generated by 🚫 Danger

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (1)

Gemfile (1)

4-4: Maintain consistent quote style in gem declarations.

Use single quotes to maintain consistency with other gem declarations in the file.

-gem "danger-checkstyle_format"
+gem 'danger-checkstyle_format'

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 4d15ea8 and 54f5f56.

⛔ Files ignored due to path filters (1)

• template-compose/Gemfile.lock is excluded by !**/*.lock

📒 Files selected for processing (5)

• .github/workflows/review_pull_request.yml (1 hunks)
• Gemfile (1 hunks)
• template-compose/.github/workflows/template_review_pull_request.yml (1 hunks)
• template-compose/Dangerfile (1 hunks)
• template-compose/Gemfile (1 hunks)

🚧 Files skipped from review as they are similar to previous changes (4)

• template-compose/Gemfile
• .github/workflows/review_pull_request.yml
• template-compose/Dangerfile
• template-compose/.github/workflows/template_review_pull_request.yml

⏰ Context from checks skipped due to timeout of 90000ms (3)

• GitHub Check: Review pull request
• GitHub Check: Verify newproject script
• GitHub Check: Run Detekt and unit tests

🔇 Additional comments (1)

Gemfile (1)

Line range hint 1-6: Verify the impact of removed gems.

The PR objectives mention integrating Detekt, but danger-kotlin_detekt gem has been removed. Additionally, danger-commit_lint for commit message validation and danger-shroud for security scanning were removed.

Let's verify if these features are handled differently:

🧰 Tools

🪛 rubocop (1.69.1)

[convention] 5-5: Gems should be sorted in an alphabetical order within their section of the Gemfile. Gem danger-android_lint should appear before danger-checkstyle_format.

(Bundler/OrderedGems)

[coderabbitai]

Actionable comments posted: 1

♻️ Duplicate comments (1)

.github/workflows/review_pull_request.yml (1)

27-32: 🛠️ Refactor suggestion

Remove redundant gem caching configuration

The bundler-cache: true in the Ruby setup step already handles gem caching. The separate gem caching step is redundant.

-      - uses: actions/cache@v4
-        with:
-          path: vendor/bundle
-          key: ${{ runner.os }}-gems-${{ hashFiles('Gemfile') }}
-          restore-keys: |
-            ${{ runner.os }}-gems-

🧹 Nitpick comments (1)

.github/workflows/review_pull_request.yml (1)

Line range hint 57-57: Update cache action version for consistency

The workflow uses actions/cache@v4 for gem caching but v2 for Gradle caching. For consistency and to leverage the latest features, update to v4.

-        uses: actions/cache@v2
+        uses: actions/cache@v4

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 54f5f56 and ecee45a.

📒 Files selected for processing (2)

• .github/workflows/review_pull_request.yml (1 hunks)
• template-compose/.github/workflows/template_review_pull_request.yml (1 hunks)

🚧 Files skipped from review as they are similar to previous changes (1)

• template-compose/.github/workflows/template_review_pull_request.yml

⏰ Context from checks skipped due to timeout of 90000ms (3)

• GitHub Check: Review pull request
• GitHub Check: Verify newproject script
• GitHub Check: Run Detekt and unit tests

🔇 Additional comments (1)

.github/workflows/review_pull_request.yml (1)

33-40: Well-configured Danger setup!

The Danger action is properly configured with all necessary parameters and follows security best practices by using GitHub token for authentication.

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (1)

.github/workflows/review_pull_request.yml (1)

Line range hint 28-28: Update cache action to latest version

The workflow uses actions/cache@v2 which is outdated. Consider updating to actions/cache@v4 for the latest features and security updates.

-      - name: Cache Gradle
-        uses: actions/cache@v2
+      - name: Cache Gradle
+        uses: actions/cache@v4

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between ecee45a and 16b0865.

📒 Files selected for processing (2)

• .github/workflows/review_pull_request.yml (2 hunks)
• template-compose/.github/workflows/template_review_pull_request.yml (1 hunks)

🚧 Files skipped from review as they are similar to previous changes (1)

• template-compose/.github/workflows/template_review_pull_request.yml

🧰 Additional context used

🪛 actionlint (1.7.4)

.github/workflows/review_pull_request.yml

65-65: input "run" is not defined in action "ruby/setup-ruby@v1". available inputs are "bundler", "bundler-cache", "cache-version", "ruby-version", "rubygems", "self-hosted", "windows-toolchain", "working-directory"

(action)

⏰ Context from checks skipped due to timeout of 90000ms (3)

• GitHub Check: Run Detekt and unit tests
• GitHub Check: Review pull request
• GitHub Check: Verify newproject script

🔇 Additional comments (2)

.github/workflows/review_pull_request.yml (2)

66-71: Remove redundant gem caching configuration

The bundler-cache: true in the Ruby setup step already handles gem caching. The separate gem caching step is redundant.

-      - uses: actions/cache@v4
-        with:
-          path: vendor/bundle
-          key: ${{ runner.os }}-gems-${{ hashFiles('Gemfile') }}
-          restore-keys: |
-            ${{ runner.os }}-gems-

---

72-79: LGTM! Well-configured Danger integration

The Danger action is properly configured with all necessary parameters:

• Correct plugin file path
• Appropriate installation directory
• Danger file specification
• Unique danger ID
• Proper GitHub token usage

[Copilot]

Pull Request Overview

Integrates Danger into the Android template project to automate pull request quality checks via GitHub Actions.

• Adds Gemfiles to manage Danger and related plugins
• Introduces a Dangerfile with rules for PR size, description, labels, linting, and test coverage
• Updates GitHub workflows to set up Ruby, cache dependencies, and run Danger

Reviewed Changes

Copilot reviewed 6 out of 6 changed files in this pull request and generated 2 comments.

Show a summary per file

File	Description
template-compose/Gemfile	New Gemfile listing Danger plugins
template-compose/Dangerfile	Danger rules for lint, commit checks, and coverage
template-compose/.github/workflows/template_review_pull_request.yml	Workflow to install Ruby and run Danger
Gemfile	Root Gemfile updated for CI gems
.github/workflows/review_pull_request.yml	Streamlined Ruby setup with bundler-cache for Danger

Comments suppressed due to low confidence (1)

template-compose/Dangerfile:37

• The placeholder $project may not interpolate in Danger; use Ruby string interpolation (e.g., "## Kover report for #{project_name}:") or replace with a concrete value.

markdown "## Kover report for $project:"

[Copilot]

[nitpick] Consider pinning gem versions (e.g., gem 'danger', '~> 10.0') to ensure reproducible CI builds.

Suggested change

	gem 'danger'
	gem 'danger-android_lint'
	gem 'danger-commit_lint'
	gem 'danger-kotlin_detekt'
	gem 'danger-shroud'
	gem 'danger', '~> 10.0'
	gem 'danger-android_lint', '~> 1.0'
	gem 'danger-commit_lint', '~> 1.0'
	gem 'danger-kotlin_detekt', '~> 1.0'
	gem 'danger-shroud', '~> 1.0'

[Copilot]

Typo in user-visible warning: replace 'classed' with 'classified' to correct the message.

Suggested change

	warn("PR is classed as Work in Progress") if github.pr_title.include? "WIP"
	warn("PR is classified as Work in Progress") if github.pr_title.include? "WIP"