Skip to content

Schedule - Update Bot #253

Schedule - Update Bot

Schedule - Update Bot #253

name: Schedule - Update Bot
on: # yamllint disable-line rule:truthy
workflow_dispatch:
inputs:
dryRun:
description: "Dry-Run"
default: "false"
required: false
logLevel:
description: "Log-Level"
default: "debug"
required: false
schedule:
- cron: "0 11 * * *"
push:
branches:
- main
paths:
- ".github/renovate.json5"
- ".github/renovate/**.json"
env:
LOG_LEVEL: info
DRY_RUN: false
RENOVATE_CONFIG_FILE: .github/renovate.json5
# yamllint disable rule:line-length
jobs:
update-bot:
if: github.repository == 'syself/cluster-api-provider-hetzner'
name: Renovate
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
- name: Generate Token
uses: tibdex/github-app-token@32691ba7c9e7063bd457bd8f2a5703138591fa58 # v1
id: generate-token
with:
app_id: ${{ secrets.SYSELF_APP_ID }}
private_key: ${{ secrets.SYSELF_APP_PRIVATE_KEY }}
- name: Override default config from dispatch variables
run: |
echo "DRY_RUN=${{ github.event.inputs.dryRun || env.DRY_RUN }}" >> "$GITHUB_ENV"
echo "LOG_LEVEL=${{ github.event.inputs.logLevel || env.LOG_LEVEL }}" >> "$GITHUB_ENV"
- name: Renovate
uses: renovatebot/github-action@3cef36a9aba515d8726b491905b3bc766832e221 # v39.0.5
env:
RENOVATE_HOST_RULES: '[{"hostType": "docker", "matchHost": "ghcr.io", "username": "${{ github.actor }}", "password": "${{ secrets.GITHUB_TOKEN }}" }]'
RENOVATE_ALLOWED_POST_UPGRADE_COMMANDS: '[".*"]'
BUILDER_IMAGE: 'ghcr.io/syself/caph'
RENOVATE_POST_UPGRADE_TASKS: '{ commands: ["BUILD_IMAGE_TOKEN=${{ secrets.GITHUB_TOKEN }} BUILD_IMAGE_USER=${{ github.actor }} CI=true ./hack/upgrade-builder-image.sh"], fileFilters: ["Makefile", ".github/**/*.yml", ".github/**/*.yaml"], executionMode: "branch"}'
with:
configurationFile: ${{ env.RENOVATE_CONFIG_FILE }}
token: "x-access-token:${{ steps.generate-token.outputs.token }}"
mount-docker-socket: "true"