diff --git a/.github/workflows/auto-set-label.yml b/.github/workflows/auto-set-label.yml deleted file mode 100644 index f2108cf3..00000000 --- a/.github/workflows/auto-set-label.yml +++ /dev/null @@ -1,14 +0,0 @@ -name: Assign PR team labels -on: - pull_request: - branches: - - master -jobs: - build: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - name: Setting labels - uses: FiligranHQ/auto-label@1.0.0 - with: - labels_by_organization: "{\"FiligranHQ\":[\"filigran team\"]}" \ No newline at end of file diff --git a/.github/workflows/oaev_shared_auto_label.yml b/.github/workflows/oaev_shared_auto_label.yml new file mode 100644 index 00000000..83076752 --- /dev/null +++ b/.github/workflows/oaev_shared_auto_label.yml @@ -0,0 +1,14 @@ +name: "[OAEV Shared] Auto Label" +on: + pull_request: + branches: [main, release/current] + types: [opened, reopened] +permissions: + contents: read + pull-requests: write +jobs: + auto-label: + runs-on: ubuntu-latest + steps: + - name: "Auto Label" + uses: FiligranHQ/filigran-ci-tools/actions/auto-label@v1 diff --git a/.github/workflows/oaev_shared_check_signed_commit.yml b/.github/workflows/oaev_shared_check_signed_commit.yml new file mode 100644 index 00000000..f75b9635 --- /dev/null +++ b/.github/workflows/oaev_shared_check_signed_commit.yml @@ -0,0 +1,13 @@ +name: "[OAEV Shared] Check Signed Commits in PR" +on: + pull_request_target: + branches: [main, release/current] +permissions: + contents: read + pull-requests: write +jobs: + check-signed-commits: + runs-on: ubuntu-latest + steps: + - name: Check signed commits in PR + uses: FiligranHQ/filigran-ci-tools/actions/check-signed-commit@v1 diff --git a/.github/workflows/oaev_shared_validate_pr_title.yml b/.github/workflows/oaev_shared_validate_pr_title.yml new file mode 100644 index 00000000..0f976f81 --- /dev/null +++ b/.github/workflows/oaev_shared_validate_pr_title.yml @@ -0,0 +1,20 @@ +name: "[OAEV Shared] Validate PR title Worker" +on: + pull_request: + branches: [main, release/current] + types: [opened, edited, reopened, ready_for_review, synchronize] +jobs: + validate-pr-title: + runs-on: ubuntu-latest + steps: + - name: "Generate a token" + id: generate-token + if: github.event.pull_request.head.repo.full_name == github.repository + uses: actions/create-github-app-token@v2 + with: + app-id: ${{ secrets.OPENAEV_PR_CHECKS_APP_ID }} + private-key: ${{ secrets.OPENAEV_PR_CHECKS_PRIVATE_KEY }} + - name: "Validate PR title and create check" + uses: FiligranHQ/filigran-ci-tools/actions/pr-title-check@v1 + with: + token: ${{ steps.generate-token.outputs.token }} diff --git a/renovate.json b/renovate.json index 33d6955b..2d55bec2 100644 --- a/renovate.json +++ b/renovate.json @@ -3,40 +3,20 @@ "extends": [ "config:recommended" ], - "baseBranchPatterns": [ - "release/current", - "main" + "labels": [ + "dependencies", + "filigran team" ], - "packageRules": [ - { - "matchBaseBranches": [ - "release/current" - ], - "commitMessageSuffix": null - }, - { - "matchJsonata": [ - "$exists(isVulnerabilityAlert)" - ], - "matchBaseBranches": [ - "release/current" - ], - "enabled": false - }, - { - "matchJsonata": [ - "$not($exists(isVulnerabilityAlert))" - ], - "matchBaseBranches": [ - "main" - ], - "enabled": false - }, - { - "matchPackageNames": [ - "mid" - ], - "enabled": false - } - ] -} + "minimumReleaseAge": "3 days", + "prHourlyLimit": 2, + "prConcurrentLimit": 20, + "timezone": "Europe/Paris", + "schedule": [ + "* 0-4,22-23 * * 1-5", + "* * * * 0,6" + ], + "updateNotScheduled": false, + "rebaseWhen": "conflicted", + "commitMessageAction": "update", + "commitMessagePrefix": "[agent] chore(deps):" +} \ No newline at end of file