brave · thypon · Jun 7, 2024 · Jun 7, 2024
diff --git a/.github/workflows/add-maintainer-custom-property.yml b/.github/workflows/add-maintainer-custom-property.yml
@@ -0,0 +1,17 @@
+# action that runs monthly and add maintainer as a custom property
+# to all repositories in this organization
+name: Add Maintainer as Custom Property to Repositories
+on:
+  schedule:
+    - cron: '0 0 27 * *'
+  workflow_dispatch:
+jobs:
+  run:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: brave/security-action/actions/add-maintainer-custom-property@main
+        with:
+          ignore_maintainers: brave-builds,brave-browser-releases,brave-support-admin
+          debug: false
+          github_token: ${{ secrets.CUSTOM_PROPERTY_MANAGER_GITHUB_TOKEN }}
+          slack_token: ${{ secrets.HOTSPOTS_SLACK_TOKEN }}
diff --git a/.github/workflows/check-new-repos.yml b/.github/workflows/check-new-repos.yml
@@ -0,0 +1,16 @@
+name: Check New Repos
+on:
+  schedule:
+    # nightly (0th hour 0th minute of every day)
+    - cron: '0 0 * * *'
+  workflow_dispatch:
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - name: check new repos
+        uses: brave/security-action/actions/check-new-repos@main
+        with:
+          github_token: ${{ secrets.ORG_READ_GITHUB_TOKEN }}
+          slack_token: ${{ secrets.HOTSPOTS_SLACK_TOKEN }}
+          debug: false
diff --git a/.github/workflows/dependabot-auto-dismiss.yml b/.github/workflows/dependabot-auto-dismiss.yml
@@ -0,0 +1,16 @@
+name: Weekly Dependabot Auto Dismiss
+on:
+  schedule:
+    # Run at 24:00 UTC every Monday
+    - cron: "0 0 * * 1"
+  workflow_dispatch:
+jobs:
+  run:
+    runs-on: ubuntu-latest
+    steps:
+      - name: dependabot auto dismiss
+        uses: brave/security-action/actions/dependabot-auto-dismiss@main
+        with:
+          github_token: ${{ secrets.DEPENDABOT_AUTO_DISMISS_GITHUB_TOKEN }}
+          slack_token: ${{ secrets.HOTSPOTS_SLACK_TOKEN }}
+          debug: false
diff --git a/.github/workflows/dependabot-nudge.yml b/.github/workflows/dependabot-nudge.yml
@@ -0,0 +1,17 @@
+name: Weekly Dependabot Nudge
+on:
+  schedule:
+    # Run at 9am UTC every Monday
+    - cron: "0 9 * * 1"
+  workflow_dispatch:
+jobs:
+  run:
+    runs-on: ubuntu-latest
+    steps:
+      - name: dependabot nudge
+        uses: brave/security-action/actions/dependabot-nudge@main
+        with:
+          github_token: ${{ secrets.DEPENDABOT_NUDGE_GITHUB_TOKEN }}
+          slack_token: ${{ secrets.HOTSPOTS_SLACK_TOKEN }}
+          gh_to_slack_user_map: ${{ secrets.GH_TO_SLACK_USER_MAP }}
+          debug: false
diff --git a/.github/workflows/older-than-2y.yml b/.github/workflows/older-than-2y.yml
@@ -0,0 +1,16 @@
+name: Older Than 2 Years Informer
+on:
+  schedule:
+    # Every month, first day of the month
+    - cron: '0 0 1 * *'
+  workflow_dispatch:
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - name: older than 2 years informer
+        uses: brave/security-action/actions/older-than-2y@main
+        with:
+          github_token: ${{ secrets.ORG_READ_GITHUB_TOKEN }}
+          slack_token: ${{ secrets.HOTSPOTS_SLACK_TOKEN }}
+          debug: false
diff --git a/.github/workflows/renovate-sanity-check.yml b/.github/workflows/renovate-sanity-check.yml
@@ -0,0 +1,17 @@
+# action that runs monthly and check if all repositories in the organization are following the renovate central configuration
+# to all repositories in this organization
+name: Renovate Sanity Check
+on:
+  schedule:
+    - cron: '0 0 15 * *'
+  workflow_dispatch:
+jobs:
+  run:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Renovate Sanity Check
+        uses: brave/security-action/actions/renovate-sanity-check@main
+        with:
+          github_token: ${{ secrets.CUSTOM_PROPERTY_MANAGER_GITHUB_TOKEN }}
+          slack_token: ${{ secrets.HOTSPOTS_SLACK_TOKEN }}
+          debug: false