diff --git a/.github/workflows/renovate.yml b/.github/workflows/renovate.yml deleted file mode 100644 index d5ead126..00000000 --- a/.github/workflows/renovate.yml +++ /dev/null @@ -1,104 +0,0 @@ ---- -name: Renovate -on: - schedule: - - cron: "42 * * * *" - pull_request: - branches: - - master - - main - -permissions: - contents: read - id-token: "write" # AWS GitHub OIDC required: write - -env: - LOG_LEVEL: debug - # renovate: datasource=docker depName=renovate packageName=ghcr.io/renovatebot/renovate - RENOVATE_VERSION: 37.440.7 - -jobs: - renovate: - runs-on: ubuntu-22.04 - strategy: - fail-fast: true - matrix: - environment: - - balena-staging - - balena-production - - balena-playground - - balena-restricted - include: - - environment: balena-production - config_file: default.json - - environment: balena-staging - config_file: balena-staging.json - - environment: balena-playground - config_file: balena-playground.json - - environment: balena-restricted - config_file: balena-restricted.json - - environment: - name: ${{ matrix.environment }} - - steps: - # https://github.com/actions/checkout - - name: Checkout - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 - with: - persist-credentials: false - - # https://github.com/philips-software/app-token-action - - name: Generate GitHub App installation token - uses: philips-software/app-token-action@9f5d57062c9f2beaffafaa9a34f66f824ead63a9 # v2.0.0 - id: app_token - with: - # https://github.com/apps/balena-renovate - # https://github.com/organizations/product-os/settings/apps/balena-renovate - app_id: ${{ vars.RENOVATE_APP_ID || '335686' }} - app_base64_private_key: ${{ secrets.RENOVATE_APP_PRIVATE_KEY_B64 }} - auth_type: installation - - # https://docs.renovatebot.com/modules/datasource/aws-machine-image/ - # https://docs.renovatebot.com/modules/datasource/aws-rds/ - - uses: aws-actions/configure-aws-credentials@050bf7aae915badb82daa8e68fd95c9070706953 - with: - aws-region: ${{ vars.AWS_REGION || 'us-east-1' }} - role-session-name: github-${{ github.job }}-${{ github.run_id }}-${{ github.run_attempt }} - role-to-assume: '${{ vars.AWS_IAM_ROLE }}' # environment specific - - - name: Enable dry-run - run: echo "RENOVATE_DRY_RUN=full" >> $GITHUB_ENV - if: github.event_name == 'pull_request' - - # https://github.com/renovatebot - - uses: renovatebot/github-action@180db1547505e30c02d41959fe65ada1523ee207 # v40.3.0 - with: - # https://docs.renovatebot.com/configuration-options - # https://docs.renovatebot.com/self-hosted-configuration - configurationFile: ${{ matrix.config_file }} - token: ${{ steps.app_token.outputs.token }} - renovate-version: ${{ env.RENOVATE_VERSION }} - # https://github.com/renovatebot/github-action?tab=readme-ov-file#env-regex - env-regex: "^(?:RENOVATE_\\w+|LOG_LEVEL|AWS_\\w+)$" - env: - AWS_REGION: ${{ env.AWS_REGION }} - AWS_DEFAULT_REGION: ${{ env.AWS_REGION }} - AWS_ACCESS_KEY_ID: ${{ env.AWS_ACCESS_KEY_ID }} - AWS_SECRET_ACCESS_KEY: ${{ env.AWS_SECRET_ACCESS_KEY }} - AWS_SESSION_TOKEN: ${{ env.AWS_SESSION_TOKEN }} - RENOVATE_DRY_RUN: ${{ env.RENOVATE_DRY_RUN }} - RENOVATE_HOST_RULES: | - [ - { - "hostType": "docker", - "username": "${{ secrets.DOCKERHUB_USER }}", - "password": "${{ secrets.DOCKERHUB_TOKEN }}" - }, - { - "hostType": "docker", - "matchHost": "ghcr.io", - "username": "${{ github.actor }}", - "password": "${{ secrets.GITHUB_TOKEN }}" - } - ] diff --git a/balena-playground.json b/balena-playground.json deleted file mode 100644 index f1e8cdec..00000000 --- a/balena-playground.json +++ /dev/null @@ -1,6 +0,0 @@ -{ - "extends": ["github>balena-io/renovate-config"], - "repositories": [ - "balena-io/environment-playground" - ] -} diff --git a/balena-restricted.json b/balena-restricted.json deleted file mode 100644 index 7959346a..00000000 --- a/balena-restricted.json +++ /dev/null @@ -1,6 +0,0 @@ -{ - "extends": ["github>balena-io/renovate-config"], - "repositories": [ - "balena-io/environment-restricted" - ] -} diff --git a/balena-staging.json b/balena-staging.json deleted file mode 100644 index 28594d5f..00000000 --- a/balena-staging.json +++ /dev/null @@ -1,6 +0,0 @@ -{ - "extends": ["github>balena-io/renovate-config"], - "repositories": [ - "balena-io/environment-staging" - ] -} diff --git a/default.json b/default.json index 5c89ab8a..9c22b705 100644 --- a/default.json +++ b/default.json @@ -15,58 +15,8 @@ ":semanticCommitsDisabled", ":separateMultipleMajorReleases" ], - "username": "balena-renovate[bot]", - "gitAuthor": "Self-hosted Renovate Bot <133977723+balena-renovate[bot]@users.noreply.github.com>", - "gitIgnoredAuthors": [ - "34882892+balena-ci@users.noreply.github.com", - "renovate@whitesourcesoftware.com" - ], "onboarding": false, - "allowPostUpgradeCommandTemplating": true, - "allowedPostUpgradeCommands": ["^npm", "^cd", "^sed", "^node"], "requireConfig": "optional", - "repositories": [ - "balena-io/analytics-backend", - "balena-io/autohat", - "balena-io/balena-admin", - "balena-io/balena-alertmanager", - "balena-io/balena-api", - "balena-io/balena-base-ui", - "balena-io/balena-blog", - "balena-io/balena-builder", - "balena-io/balena-builder-worker", - "balena-io/balena-cli", - "balena-io/balena-cloud", - "balena-io/balena-delta", - "balena-io/balena-git", - "balena-io/balena-img", - "balena-io/balena-mdns-publisher", - "balena-io/balena-monitor", - "balena-io/balena-proxy", - "balena-io/balena-sentry", - "balena-io/balena-ui", - "balena-io/ca-private", - "balena-io/cert-manager", - "balena-io/analytics-pipeline", - "balena-io/deploy-to-balena-action", - "balena-io/e2e", - "balena-io/environment-production", - "balena-io/environments-base", - "balena-io/logs-to-vector", - "balena-io/open-balena-api", - "balena-io/open-balena-db", - "balena-io/open-balena-haproxy", - "balena-io/open-balena-registry-proxy", - "balena-io/open-balena-registry", - "balena-io/open-balena-s3", - "balena-io/open-balena-vpn", - "balena-io/open-balena", - "balena-io/pinejs", - "balena-io/remote-builders", - "balena-io/remote-workers", - "balena-io/renovate-config", - "balena-io/sshproxy" - ], "printConfig": true, "prHourlyLimit": 0, "cloneSubmodules": false,