Private repositories support

[sbalay]

Hi there, I've been checking the code in this repo and couldn't think of a way of making this plugin available for private repositories.

Do you guys have any idea or plan to make this work with private repos?

[orta]

It would have to derive the information locally, rather than scraping the website - totally feasible, but would need work to do so

[mokagio]

I had a though on this, and the solution I came up with is not ideal.

The problem is that as far as I can see there is not GitHub API to retrieve the blame for a given file. This is somehow confirmed by the fact that if you search for blame in Octokit you get no results. There seem to though an early access blame GraphQL API.

So this leaves us to have to retrieve the information locally, and this is where things slightly break.

You can get the list of committers for a file like this:

$ git shortlog -sne path/to/file
     4  Giovanni Lodi <giovanni.lodi42@gmail.com>
     2  Peter Parker <peter@daily-bugle.com>
     1  Tony Stark <tony@starkindustries.com>

We can also get the list of all the contributors to a repo via Octokit:

client = Octokit::Client.new(:access_token => '...')
contributors = client.contributors('danger/danger')

This API only returns partial information about the users, but we can use the login property to get the actual user object.

contributors.map { |c| c[:login] }.each do |login|
  user = client.user(login)
end

This is how my user looks

mokagio = client.user('mokagio')
puts "#{mokagio.login} - #{mokagio.name} - #{mokagio.email}"
# => mokagio - Giovanni Lodi -
#                              ^ the email is nil! 😱

My email is nil because I chose not to show it publicly in the GitHub settings, as I'm assuming many other user would do to avoid spamming.

So, we have a way to get an array of name + emails of committers to each file, and we can use them to get their GitHub username, which we can then insert in the Danger message. But ☝️ , that works only if the information on GitHub is in sync with the Git user.name and user.email.

I wouldn't be surprised if many users had a different name and email from the one they used in their Git configuration.

Does this approach make sense? It's not very robust hey 😞 . Does anyone know if there's better API that we could use?

One option could be to use this only for private repos, and use web scraping for public ones?

[orta]

Depending on depth that you want to go into it, you could potentially look for the last commit by the email provided, then use the GitHub API for that one commit to see if you have any GitHub account metadata for the email too?

[Antondomashnev]

Hey @mokagio after a quick search I've found something that may be useful to get the commiters.
What if you get the list of all commits containing the specific file in repository. In the response you'll receive the commit object which contains the information about commiter.
Please correct me If I'm wrong with assumption 😄

[mokagio]

Thanks @orta and @Antondomashnev for the feedback.

In particular thanks to @Antondomashnev I found that Octokit provides a method to get commits

client = Octokit::Client.new(:access_token => '...')
client.commits(repo, path: '/path/to/file')

which I'm able to use to get an array objects like:

{ author: '@mokagio', commits_count: 42 }

Which we can use to suggest reviewers base on commits count or most recent authors.

I'll submit a PR soonish.

Thanks again 😄 .

[orta]

rock

[anthonymonori]

Hey @mokagio do you have any half-baked PR that someone could take over or do we need to start from scratch here! Happy holidays! 🎄

[duncwa]

Private, non enterprise github repos, do not currently work with danger runs on CI? Is that a correct understanding? Is it true that only Enterprise github repos are supported under CI? My error in Jenkins when I try to post back to http://github.com/duncwa.