on:
  schedule:
    - cron: '*/30 * * * *'
  push:
  workflow_dispatch:
    inputs:
      args:
        description: 'Optional renovate args, they replace the defaults and disable autodiscover'
        required: false
        type: string

env:
  RENOVATE_DRY_RUN: ${{ ((github.event_name != 'schedule' && github.event_name != 'workflow_dispatch') || github.ref_name != 'main') && 'full' || '' }}
  RENOVATE_GIT_PRIVATE_KEY: ${{ secrets.GPG }}

jobs:
  renovate:
    name: Renovate
    runs-on: docker-x86_64
    container:
      image: git.hsn.dev/jahanson/renovate/renovate:39.87.0@sha256:3a17d23d6fb3ca2169b079bf2c970cb25567be639ba42bb2064750973b69b83c
      options: --tmpfs /tmp:exec
    steps:
      - name: Checkout
        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
        with:
          show-progress: false

      - name: Renovate
        run: |
          echo "Testing docker login..."
          docker login -u "${{ secrets.DOCKER_USERNAME }}" -p "${{ secrets.DOCKER_PASSWORD }}"
          renovate ${{ env.INPUT_ARGS }}
        env:
          DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
          DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
          GITHUB_COM_TOKEN: ${{ secrets.GH_TOKEN }}
          LOG_LEVEL: debug
          LOG_FORMAT: json
          RENOVATE_ENDPOINT: ${{ github.server_url }}
          RENOVATE_PLATFORM: gitea
          RENOVATE_TOKEN: ${{ github.repository == 'jahanson/renovate-config' && secrets.TOKEN || secrets.GITHUB_TOKEN }}
          RENOVATE_GIT_AUTHOR: 'Renovate Bot <smeagol@hsn.dev>'
          RENOVATE_HOST_RULES: |-
            [
              {
                "matchHost": "hub.docker.com",
                "hostType": "",
                "username": "${{ secrets.DOCKER_USERNAME }}",
                "password": "${{ secrets.DOCKER_PASSWORD }}"
              },
              {
                "matchHost": "ghcr.io",
                "hostType": "",
                "username": "${{ secrets.GH_USERNAME }}",
                "password": "${{ secrets.GH_TOKEN }}"
              },
              {
                "matchHost": "git.hsn.dev",
                "username": "${{ secrets.DOCKER_USERNAME }}",
                "token": "${{ secrets.MIRROR_TOKEN }}"
              }
            ]
          GIT_AUTHOR_NAME: 'Renovate Bot'
          GIT_AUTHOR_EMAIL: 'smeagol@hsn.dev'
          GIT_COMMITTER_NAME: 'Renovate Bot'
          GIT_COMMITTER_EMAIL: 'smeagol@hsn.dev'
          INPUT_ARGS: ${{ inputs.args || (github.repository != 'jahanson/renovate-config' && github.repository) || '--autodiscover' }}