diff --git a/.forgejo/workflows/renovate.yml b/.forgejo/workflows/renovate.yml new file mode 100644 index 000000000..8548d4c72 --- /dev/null +++ b/.forgejo/workflows/renovate.yml @@ -0,0 +1,53 @@ +name: renovate + +on: + push: + branches: + - 'renovate/**' # self-test updates + schedule: + - cron: '*/30 * * * *' + +env: + RENOVATE_DRY_RUN: ${{ (github.event_name != 'schedule' && github.ref_name != github.event.repository.default_branch) && 'full' || '' }} + RENOVATE_REPOSITORIES: ${{ github.repository }} + +jobs: + renovate: + if: ${{ secrets.RENOVATE_TOKEN != '' }} + + runs-on: docker + container: + image: 'ghcr.io/visualon/renovate:37.269.3@sha256:4fb1684ec9e10592b6c4726906d353f88097fbb584748150043949a5aa5ca085' + + steps: + - uses: actions/cache/restore@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2 + with: + path: | + .tmp/cache/renovate/repository + key: repo-cache-${{ github.run_id }} + restore-keys: | + repo-cache- + + - run: renovate + env: + GITHUB_COM_TOKEN: ${{ secrets.RENOVATE_GITHUB_COM_TOKEN }} + LOG_LEVEL: debug + RENOVATE_BASE_DIR: ${{ github.workspace }}/.tmp + RENOVATE_ENDPOINT: ${{ github.server_url }} + RENOVATE_PLATFORM: gitea + RENOVATE_REPOSITORY_CACHE: 'enabled' + RENOVATE_TOKEN: ${{ secrets.RENOVATE_TOKEN }} + RENOVATE_GIT_AUTHOR: 'Renovate Bot ' + + GIT_AUTHOR_NAME: 'Renovate Bot' + GIT_AUTHOR_EMAIL: 'forgejo-renovate-action@forgejo.org' + GIT_COMMITTER_NAME: 'Renovate Bot' + GIT_COMMITTER_EMAIL: 'forgejo-renovate-action@forgejo.org' + + - name: Save renovate repo cache + if: always() && env.RENOVATE_DRY_RUN == 'true' + uses: actions/cache/save@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2 + with: + path: | + .tmp/cache/renovate/repository + key: repo-cache-${{ github.run_id }} diff --git a/renovate.json b/renovate.json new file mode 100644 index 000000000..74d468e6c --- /dev/null +++ b/renovate.json @@ -0,0 +1,49 @@ +{ + "$schema": "https://docs.renovatebot.com/renovate-schema.json", + "extends": ["config:best-practices", ":approveMajorUpdates"], + "ignorePresets": [":semanticPrefixFixDepsChoreOthers"], + "semanticCommits": "disabled", + "packageRules": [ + { + "description": "Require approval for go and python minor version", + "matchDepNames": ["go", "python"], + "matchUpdateTypes": ["minor"], + "dependencyDashboardApproval": true + }, + { + "description": "Automerge renovate updates", + "matchDatasources": ["docker"], + "matchPackageNames": ["ghcr.io/visualon/renovate"], + "matchUpdateTypes": ["minor", "patch", "digest"], + "automerge": true + }, + { + "description": "Update renovate only daily", + "matchDatasources": ["docker"], + "matchDepNames": ["ghcr.io/visualon/renovate"], + "extends": ["schedule:daily"] + } + ], + "customManagers": [ + { + "description": "Update docker images in forgejo workflows", + "customType": "regex", + "fileMatch": ["^.forgejo/workflows/.+\\.yml$"], + "matchStrings": [ + "\\s+image:\\s+['\"]?(?.+?):(?.+?)['\"]?\\s" + ], + "datasourceTemplate": "docker" + }, + { + "description": "Update go-version in forgejo workflows", + "customType": "regex", + "fileMatch": ["^.forgejo/workflows/.+\\.yml$"], + "matchStrings": [ + "\\s+go-version: ['\"]?(?.+?)['\"]?\\s" + ], + "depNameTemplate": "go", + "datasourceTemplate": "golang-version", + "versioningTemplate": "go-mod-directive" + } + ] +}