Renovate #1
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Renovate | |
| on: | |
| # Allows manual/automated ad-hoc trigger | |
| workflow_dispatch: | |
| inputs: | |
| logLevel: | |
| description: "Override default log level" | |
| required: false | |
| default: "info" | |
| type: string | |
| overrideSchedule: | |
| description: "Override all schedules" | |
| required: false | |
| default: "false" | |
| type: string | |
| # Run twice in the early morning for initial and follow up steps (create pull request and merge) | |
| schedule: | |
| - cron: '30 4,6 * * *' | |
| concurrency: renovate | |
| jobs: | |
| renovate: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@755da8c3cf115ac066823e79a1e1788f8940201b # v3.2.0 | |
| # Don't waste time starting Renovate if JSON is invalid | |
| - name: Validate Renovate JSON | |
| run: jq type .github/renovate.json | |
| - name: Get token | |
| id: get_token | |
| uses: tibdex/github-app-token@021a2405c7f990db57f5eae5397423dcc554159c # v1.7.0 | |
| with: | |
| app_id: ${{ secrets.RENOVATE_APP_ID }} | |
| installation_id: ${{ secrets.RENOVATE_INSTALL_ID }} | |
| private_key: ${{ secrets.RENOVATE_PRIVATE_KEY }} | |
| - name: Self-hosted Renovate | |
| uses: renovatebot/github-action@8343fa1c8d38f3d030aa8332773b737f7e2fa591 # v34.82.0 | |
| env: | |
| # Repository taken from variable to keep configuration file generic | |
| RENOVATE_REPOSITORIES: ${{ github.repository }} | |
| # Onboarding not needed for self hosted | |
| RENOVATE_ONBOARDING: "false" | |
| # Username for GitHub authentication (should match GitHub App name + [bot]) | |
| RENOVATE_USERNAME: "renovate[bot]" | |
| # Git commit author used, must match GitHub App | |
| RENOVATE_GIT_AUTHOR: "renovate <renovate[bot]@users.noreply.github.com>" | |
| # Use GitHub API to create commits (this allows for signed commits from GitHub App) | |
| RENOVATE_PLATFORM_COMMIT: "true" | |
| # Override schedule if set | |
| RENOVATE_FORCE: ${{ github.event.inputs.overrideSchedule == 'true' && '{''schedule'':null}' || '' }} | |
| LOG_LEVEL: ${{ inputs.logLevel || 'info' }} | |
| with: | |
| configurationFile: .github/renovate.json | |
| token: '${{ steps.get_token.outputs.token }}' |