on: schedule: - cron: '*/30 * * * *' push: workflow_dispatch: inputs: args: description: 'Optional renovate args, they replace the defaults and disable autodiscover' required: false type: string env: RENOVATE_DRY_RUN: ${{ ((github.event_name != 'schedule' && github.event_name != 'workflow_dispatch') || github.ref_name != 'main') && 'full' || '' }} RENOVATE_GIT_PRIVATE_KEY: ${{ secrets.GPG }} jobs: renovate: name: Renovate runs-on: docker-x86_64 container: image: git.hsn.dev/jahanson/renovate/renovate:39.87.0@sha256:3a17d23d6fb3ca2169b079bf2c970cb25567be639ba42bb2064750973b69b83c options: --tmpfs /tmp:exec steps: - name: Checkout uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 with: show-progress: false - name: Renovate run: | echo "Testing docker login..." docker login -u "${{ secrets.DOCKER_USERNAME }}" -p "${{ secrets.DOCKER_PASSWORD }}" renovate ${{ env.INPUT_ARGS }} env: DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} GITHUB_COM_TOKEN: ${{ secrets.GH_TOKEN }} LOG_LEVEL: debug LOG_FORMAT: json RENOVATE_ENDPOINT: ${{ github.server_url }} RENOVATE_PLATFORM: gitea RENOVATE_TOKEN: ${{ github.repository == 'jahanson/renovate-config' && secrets.TOKEN || secrets.GITHUB_TOKEN }} RENOVATE_GIT_AUTHOR: 'Renovate Bot ' RENOVATE_HOST_RULES: |- [ { "matchHost": "registry-1.docker.io", "hostType": "docker", "username": "${{ secrets.DOCKER_USERNAME }}", "password": "${{ secrets.DOCKER_PASSWORD }}" }, { "matchHost": "ghcr.io", "hostType": "", "username": "${{ secrets.GH_USERNAME }}", "password": "${{ secrets.GH_TOKEN }}" }, { "matchHost": "git.hsn.dev", "username": "${{ secrets.DOCKER_USERNAME }}", "token": "${{ secrets.MIRROR_TOKEN }}" } ] GIT_AUTHOR_NAME: 'Renovate Bot' GIT_AUTHOR_EMAIL: 'smeagol@hsn.dev' GIT_COMMITTER_NAME: 'Renovate Bot' GIT_COMMITTER_EMAIL: 'smeagol@hsn.dev' INPUT_ARGS: ${{ inputs.args || (github.repository != 'jahanson/renovate-config' && github.repository) || '--autodiscover' }}