on: schedule: - cron: '*/30 * * * *' push: workflow_dispatch: inputs: args: description: 'Optional renovate args, they replace the defaults and disable autodiscover' required: false type: string env: RENOVATE_DRY_RUN: ${{ ((github.event_name != 'schedule' && github.event_name != 'workflow_dispatch') || github.ref_name != 'main') && 'full' || '' }} RENOVATE_GIT_PRIVATE_KEY: ${{ secrets.GPG }} jobs: renovate: name: Renovate runs-on: docker-x86_64 container: image: git.hsn.dev/jahanson/renovate/renovate:39.87.0@sha256:3a17d23d6fb3ca2169b079bf2c970cb25567be639ba42bb2064750973b69b83c options: --tmpfs /tmp:exec steps: - name: Checkout uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 with: show-progress: false - name: Restore renovate repo cache uses: actions/cache/restore@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4.2.0 with: path: | /tmp/renovate/cache/renovate/repository key: repo-cache-${{ github.run_id }} restore-keys: | repo-cache- - name: Restore renovate package cache uses: actions/cache/restore@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4.2.0 with: path: | /tmp/renovate/cache/renovate/renovate-cache-sqlite key: package-cache-${{ github.run_id }} restore-keys: | package-cache- - name: Renovate run: | renovate ${{ env.INPUT_ARGS }} env: GITHUB_COM_TOKEN: ${{ secrets.GH_TOKEN }} LOG_LEVEL: debug RENOVATE_ENDPOINT: ${{ github.server_url }} RENOVATE_PLATFORM: gitea RENOVATE_REPOSITORY_CACHE: 'enabled' RENOVATE_TOKEN: ${{ github.repository == 'jahanson/renovate-config' && secrets.TOKEN || secrets.GITHUB_TOKEN }} RENOVATE_GIT_AUTHOR: 'Renovate Bot ' RENOVATE_HOST_RULES: |- [ {"matchHost":"docker.io","hostType":"docker","username":"${{ secrets.DOCKER_USERNAME }}","password":"${{ secrets.DOCKER_PASSWORD }}"}, {"matchHost":"ghcr.io","hostType":"docker","username":"${{ sec.github-username }}","password":"${{ inputs.github-token }}"}, {"matchHost":"git.hsn.dev","username":"${{ secrets.DOCKER_USERNAME }}", "token":"${{ secrets.MIRROR_TOKEN }}"} ] RENOVATE_X_SQLITE_PACKAGE_CACHE: true GIT_AUTHOR_NAME: 'Renovate Bot' GIT_AUTHOR_EMAIL: 'smeagol@hsn.dev' GIT_COMMITTER_NAME: 'Renovate Bot' GIT_COMMITTER_EMAIL: 'smeagol@hsn.dev' INPUT_ARGS: ${{ inputs.args || (github.repository != 'jahanson/renovate-config' && github.repository) || '--autodiscover' }} - name: Save renovate repo cache if: always() && env.RENOVATE_DRY_RUN != 'full' uses: actions/cache/save@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4.2.0 with: path: | /tmp/renovate/cache/renovate/repository key: repo-cache-${{ inputs.endpoint }}-${{ github.run_id }} - name: Save renovate package cache if: always() && env.RENOVATE_DRY_RUN != 'full' uses: actions/cache/save@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4.2.0 with: path: | /tmp/renovate/cache/renovate/renovate-cache-sqlite key: package-cache-${{ github.run_id }}