Skip to content

Schedule - Update Bot #625

Schedule - Update Bot

Schedule - Update Bot #625

name: Schedule - Update Bot
on: # yamllint disable-line rule:truthy
workflow_dispatch:
inputs:
dryRun:
description: "Dry-Run"
default: "false"
required: false
logLevel:
description: "Log-Level"
default: "debug"
required: false
schedule:
- cron: "0 11 * * *"
push:
branches:
- main
paths:
- ".github/renovate.json5"
- ".github/renovate/**.json"
env:
LOG_LEVEL: info
DRY_RUN: false
RENOVATE_CONFIG_FILE: .github/renovate.json5
# yamllint disable rule:line-length
jobs:
update-bot:
if: github.repository == 'syself/cluster-api-provider-hetzner'
name: Renovate
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: Generate Token
uses: actions/create-github-app-token@31c86eb3b33c9b601a1f60f98dcbfd1d70f379b4 # v1
id: generate-token
with:
app-id: ${{ secrets.SYSELF_APP_ID }}
private-key: ${{ secrets.SYSELF_APP_PRIVATE_KEY }}
- name: Override default config from dispatch variables
run: |
echo "DRY_RUN=${{ github.event.inputs.dryRun || env.DRY_RUN }}" >> "$GITHUB_ENV"
echo "LOG_LEVEL=${{ github.event.inputs.logLevel || env.LOG_LEVEL }}" >> "$GITHUB_ENV"
- name: Renovate
uses: renovatebot/github-action@630a255a1f2f56c8d8ce160bed3e3ca577ca53e2 # v40.2.7
env:
RENOVATE_HOST_RULES: '[{"hostType": "docker", "matchHost": "ghcr.io", "username": "${{ github.actor }}", "password": "${{ secrets.GITHUB_TOKEN }}" }]'
RENOVATE_ALLOWED_POST_UPGRADE_COMMANDS: '[".*"]'
BUILDER_IMAGE: 'ghcr.io/syself/caph'
RENOVATE_POST_UPGRADE_TASKS: '{ commands: ["BUILD_IMAGE_TOKEN=${{ secrets.GITHUB_TOKEN }} BUILD_IMAGE_USER=${{ github.actor }} CI=true ./hack/upgrade-builder-image.sh"], fileFilters: ["Makefile", ".github/**/*.yml", ".builder-image-version.txt", ".github/**/*.yaml"], executionMode: "branch"}'
with:
configurationFile: ${{ env.RENOVATE_CONFIG_FILE }}
token: "x-access-token:${{ steps.generate-token.outputs.token }}"
mount-docker-socket: "true"