Use renovate to update mixins only (#15)

bonddim · Nov 10, 2024 · a530166 · a530166
1 parent 45fee1c
commit a530166
Show file tree

Hide file tree

Showing 4 changed files with 71 additions and 44 deletions.
diff --git a/.github/dependabot.yaml b/.github/dependabot.yaml
@@ -0,0 +1,24 @@
+# Please see the documentation for all configuration options:
+# https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
+# yaml-language-server: $schema=https://json.schemastore.org/dependabot-2.0.json
+---
+version: 2
+updates:
+  - package-ecosystem: gomod
+    directory: "/"
+    schedule:
+      interval: weekly
+    groups:
+      gomod:
+        update-types:
+          - "minor"
+          - "patch"
+
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: weekly
+    groups:
+      actions:
+        patterns:
+          - "*"
diff --git a/.github/renovate.json b/.github/renovate.json
@@ -1,25 +1,23 @@
 {
   "$schema": "https://docs.renovatebot.com/renovate-schema.json",
-  "extends": [
-    "config:recommended",
-    "schedule:daily",
-    ":disableDependencyDashboard"
-  ],
+  "extends": ["config:recommended", ":disableDependencyDashboard"],
+  "addLabels": ["renovate"],
   "automerge": true,
   "automergeStrategy": "squash",
+  "branchPrefix": "renovate-action/",
   "customManagers": [
     {
       "currentValueTemplate": "master",
       "customType": "regex",
       "datasourceTemplate": "git-refs",
       "depNameTemplate": "kubernetes-mixin",
-      "fileMatch": [
-        "(^|/)jsonnetfile\\.json$"
-      ],
-      "matchStrings": [
-        "\\\"version\\\": \\\"(?<currentDigest>\\w+?)\\\"\\n"
-      ],
+      "fileMatch": ["(^|/)jsonnetfile\\.json$"],
+      "matchStrings": ["\\\"version\\\": \\\"(?<currentDigest>\\w+?)\\\"\\n"],
       "packageNameTemplate": "https://github.com/kubernetes-monitoring/kubernetes-mixin"
     }
-  ]
+  ],
+  "enabledManagers": ["custom.regex"],
+  "postUpgradeTasks": {
+    "commands": ["install-tool golang 1.23.3 && make JB_ARGS=update"]
+  }
 }
diff --git a/.github/workflows/mixins.yaml b/.github/workflows/mixins.yaml
@@ -9,42 +9,19 @@ jobs:
   mixins:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/create-github-app-token@v1
-        id: app-token
-        with:
-          app-id: ${{ vars.GH_APP_ID }}
-          private-key: ${{ secrets.GH_APP_PRIVATE_KEY }}
-
       - uses: actions/checkout@v4
+      - uses: actions/setup-go@v5
         with:
-          ref: ${{ github.event.pull_request.head.sha }}
-          token: ${{ steps.app-token.outputs.token }}
-          persist-credentials: true
+          go-version-file: go.mod
 
       - name: Render mixins
         run: make
-        env:
-          JB_ARGS: update
-
-      - name: Get status
-        run: echo "changed=$(git status --short | grep -c "docs/")" >> "$GITHUB_OUTPUT"
-        id: status
 
-      - name: Push changes
-        if: ${{ github.actor == 'renovate[bot]' && steps.status.outputs.changed !=0 }}
-        env:
-          GH_TOKEN: ${{ steps.app-token.outputs.token }}
+      - name: Check for changed mixins
         run: |
-          USER_ID=$(gh api "/users/${{ steps.app-token.outputs.app-slug }}[bot]" --jq .id)
-          git add docs jsonnetfile.lock.json
-          git config --global user.name "${{ steps.app-token.outputs.app-slug }}[bot]"
-          git config --global user.email "${USER_ID}+${{ steps.app-token.outputs.app-slug }}[bot]@users.noreply.github.com>"
-          git commit -m "Update files after Renovate update"
-          git push origin HEAD:refs/heads/${{ github.event.pull_request.head.ref }}
-
-      - name: Detected changes
-        if: ${{ github.actor != 'renovate[bot]' && steps.status.outputs.changed !=0 }}
-        run: |
-          echo "::error::Detected changes in the rendered docs files. Please run 'make' locally and commit the changes."
-          git status --short docs
-          exit 1
+          if [[ $(git status --short docs | wc -l) -ne 0 ]]; then
+            echo "Detected changes in the rendered docs files. Please run 'make' locally and commit the changes."
+            git status --short docs
+            exit 1
+          fi
+        id: status
diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml
@@ -0,0 +1,28 @@
+name: Renovate
+
+on:
+  workflow_dispatch:
+  schedule:
+    - cron: "0 7 * * *"
+
+jobs:
+  renovate:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4.2.2
+
+      - uses: actions/create-github-app-token@v1
+        id: app-token
+        with:
+          app-id: ${{ secrets.app_id  }}
+          private-key: ${{ secrets.app_private_key }}
+          owner: ${{ github.repository_owner }}
+
+      - uses: renovatebot/github-action@v41.0.2
+        with:
+          token: "${{ steps.app-token.outputs.token }}"
+        env:
+          RENOVATE_PLATFORM: "github"
+          RENOVATE_ONBOARDING: false
+          RENOVATE_ALLOWED_POST_UPGRADE_COMMANDS: ".*"
+          RENOVATE_REPOSITORIES: "${{ github.repository}}"