twenty/.github/workflows/ci-utils.yaml

name: CI Utils
on:
  # it's usually not recommended to use pull_request_target
  # but we consider it's safe here if we keep the same steps
  # see: https://securitylab.github.com/research/github-actions-preventing-pwn-requests/ 
  # and: https://github.com/facebook/react-native/pull/34370/files
  pull_request_target:
permissions:
  actions: write
  checks: write
  contents: write
  issues: write
  pull-requests: write
  statuses: write
jobs:
  danger-js:
    runs-on: ubuntu-latest
    steps:
      - name: Cancel Previous Runs
        uses: styfle/cancel-workflow-action@0.11.0
        with:
            access_token: ${{ github.token }}
      - uses: actions/checkout@v4
      - name: Setup Node.js
        uses: actions/setup-node@v3
        with:
          node-version: "18"
      - name: Utils / Install Dependencies
        run: yarn
      - name: Utils / Run Danger.js
        run: cd packages/twenty-utils && yarn danger ci --use-github-checks --failOnErrors
        env:
          DANGER_GITHUB_API_TOKEN: ${{ github.token }}