Pass PR number via artifact for fork PRs

numbata · numbata · commit 7d8ff3e3a7a1 · 2025-12-07T03:04:27.000+01:00
For fork PRs, github.event.workflow_run.pull_requests is always
empty due to GitHub security restrictions. Include PR number in
the danger_report.json artifact instead.
diff --git a/.github/workflows/danger-comment.yml b/.github/workflows/danger-comment.yml
@@ -12,9 +12,7 @@ permissions:
 jobs:
   comment:
     runs-on: ubuntu-latest
-    if: >
-      github.event.workflow_run.event == 'pull_request' &&
-      github.event.workflow_run.pull_requests[0]
+    if: github.event.workflow_run.event == 'pull_request'
     steps:
     - name: Download Danger report
       uses: actions/download-artifact@v6
@@ -29,6 +27,11 @@ jobs:
           const fs = require('fs');
           const report = JSON.parse(fs.readFileSync('danger_report.json', 'utf8'));
 
+          if (!report.pr_number) {
+            console.log('No PR number found in report, skipping comment');
+            return;
+          }
+
           let body = '## Danger Report\n\n';
 
           if (report.errors && report.errors.length > 0) {
@@ -55,11 +58,10 @@ jobs:
             body += ':white_check_mark: All checks passed!';
           }
 
-          const prNumber = ${{ github.event.workflow_run.pull_requests[0].number }};
           const { data: comments } = await github.rest.issues.listComments({
             owner: context.repo.owner,
             repo: context.repo.repo,
-            issue_number: prNumber
+            issue_number: report.pr_number
           });
 
           const botComment = comments.find(c =>
@@ -78,7 +80,7 @@ jobs:
             await github.rest.issues.createComment({
               owner: context.repo.owner,
               repo: context.repo.repo,
-              issue_number: prNumber,
+              issue_number: report.pr_number,
               body: body
             });
           }
diff --git a/.github/workflows/danger.yml b/.github/workflows/danger.yml
@@ -18,6 +18,7 @@ jobs:
       env:
         BASE_SHA: ${{ github.event.pull_request.base.sha }}
         HEAD_SHA: ${{ github.event.pull_request.head.sha }}
+        PR_NUMBER: ${{ github.event.pull_request.number }}
         DANGER_REPORT_PATH: danger_report.json
       run: bundle exec danger dry_run --base=$BASE_SHA --head=$HEAD_SHA --verbose
     - name: Upload Danger report
diff --git a/Dangerfile b/Dangerfile
@@ -31,6 +31,7 @@ if ENV['DANGER_REPORT_PATH']
   require 'json'
 
   report = {
+    pr_number: ENV['PR_NUMBER']&.to_i,
     errors: violation_report[:errors].map(&:message),
     warnings: violation_report[:warnings].map(&:message),
     messages: violation_report[:messages].map(&:message)
