on: schedule: - cron: '*/30 * * * *' push: workflow_dispatch: inputs: args: description: 'Optional renovate args, they replace the defaults and disable autodiscover' required: false type: string env: RENOVATE_DRY_RUN: ${{ ((github.event_name != 'schedule' && github.event_name != 'workflow_dispatch') || github.ref_name != 'main') && 'full' || '' }} RENOVATE_GIT_PRIVATE_KEY: ${{ secrets.GPG }} jobs: renovate: name: Renovate runs-on: docker-x86_64 container: image: git.hsn.dev/jahanson/renovate/renovate:39.115.3@sha256:154abeee1afdd3df6a623c2f85f968ca02cb7a136366c18b36a2bd604c0508c0 options: --tmpfs /tmp:exec steps: - name: Checkout uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 with: show-progress: false - name: Renovate env: # Global config RENOVATE_BINARY_SOURCE: "docker" RENOVATE_PLATFORM: gitea RENOVATE_ENDPOINT: ${{ github.server_url }} RENOVATE_TOKEN: ${{ secrets.RUNAS_USER_TOKEN }} GITHUB_COM_TOKEN: ${{ secrets.GH_TOKEN }} # RENOVATE_DOCKER_USER: "$(id -u):$(cut -d: -f3 < <(getent group docker))" RENOVATE_DOCKER_USER: "$(id -u):0" # Git config RENOVATE_GIT_AUTHOR: 'Renovate Bot ' GIT_AUTHOR_NAME: 'Renovate Bot' GIT_AUTHOR_EMAIL: 'smeagol@hsn.dev' GIT_COMMITTER_NAME: 'Renovate Bot' GIT_COMMITTER_EMAIL: 'smeagol@hsn.dev' # # Authentication using host rules format # GITHUB_GITHUB_COM_TOKEN: ${{ secrets.GH_TOKEN }} # DOCKER_DOCKER_IO_USERNAME: ${{ secrets.DOCKER_USERNAME }} # DOCKER_DOCKER_IO_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} # DOCKER_GHCR_IO_USERNAME: ${{ secrets.GH_USERNAME }} # DOCKER_GHCR_IO_PASSWORD: ${{ secrets.GH_TOKEN }} # GITEA_GIT_HSN_DEV_TOKEN: ${{ secrets.MIRROR_TOKEN }} # Logging LOG_LEVEL: debug LOG_FORMAT: json LOG_FILE_LEVEL: debug # Command execution INPUT_ARGS: ${{ inputs.args || (github.repository != 'jahanson/renovate-config' && github.repository) || '--autodiscover' }} run: renovate ${{ env.INPUT_ARGS }}