Update .forgejo/workflows/renovate.yml
This commit is contained in:
parent
5b1b30c4fa
commit
31a2b30f14
1 changed files with 17 additions and 9 deletions
|
|
@ -17,7 +17,6 @@ on:
|
||||||
|
|
||||||
env:
|
env:
|
||||||
RENOVATE_DRY_RUN: ${{ (github.event_name != 'schedule' && github.ref_name != github.event.repository.default_branch) && 'full' || '' }}
|
RENOVATE_DRY_RUN: ${{ (github.event_name != 'schedule' && github.ref_name != github.event.repository.default_branch) && 'full' || '' }}
|
||||||
RENOVATE_AUTODISCOVER: 'true'
|
|
||||||
|
|
||||||
jobs:
|
jobs:
|
||||||
renovate:
|
renovate:
|
||||||
|
|
@ -26,6 +25,23 @@ jobs:
|
||||||
image: renovate/renovate:39.91.2
|
image: renovate/renovate:39.91.2
|
||||||
|
|
||||||
steps:
|
steps:
|
||||||
|
- name: "Import Secrets"
|
||||||
|
id: "import-secrets"
|
||||||
|
uses: "https://github.com/hashicorp/vault-action@v3"
|
||||||
|
with:
|
||||||
|
url: "https://vault.w9r.dev"
|
||||||
|
method: "approle"
|
||||||
|
role: "forgejo-ci"
|
||||||
|
roleId: "${{ secrets.ROLE_ID }}"
|
||||||
|
secretId: "${{ secrets.SECRET_ID }}"
|
||||||
|
secrets: |
|
||||||
|
kv/data/ci/nexus username | MAVEN_USERNAME ;
|
||||||
|
kv/data/ci/nexus password | MAVEN_CENTRAL_TOKEN ;
|
||||||
|
kv/data/ci/renovatebot gpgPrivateKey | RENOVATE_GIT_PRIVATE_KEY ;
|
||||||
|
kv/data/ci/renovatebot gpgPublicKey | RENOVATE_GIT_PUBLIC_KEY ;
|
||||||
|
kv/data/ci/renovatebot gpgPassphrase | RENOVATE_GIT_PASSPHRASE ;
|
||||||
|
kv/data/ci/renovatebot ciToken | RENOVATE_TOKEN ;
|
||||||
|
kv/data/ci/renovatebot githubToken | GITHUB_COM_TOKEN :
|
||||||
- name: Load renovate repo cache
|
- name: Load renovate repo cache
|
||||||
uses: https://github.com/actions/cache@v4
|
uses: https://github.com/actions/cache@v4
|
||||||
with:
|
with:
|
||||||
|
|
@ -40,23 +56,15 @@ jobs:
|
||||||
- name: Run renovate
|
- name: Run renovate
|
||||||
run: renovate
|
run: renovate
|
||||||
env:
|
env:
|
||||||
GITHUB_COM_TOKEN: ${{ secrets.RENOVATE_GITHUB_COM_TOKEN }}
|
|
||||||
LOG_LEVEL: debug
|
LOG_LEVEL: debug
|
||||||
RENOVATE_BASE_DIR: ${{ github.workspace }}/.tmp
|
RENOVATE_BASE_DIR: ${{ github.workspace }}/.tmp
|
||||||
RENOVATE_ENDPOINT: ${{ github.server_url }}
|
|
||||||
RENOVATE_PLATFORM: gitea
|
|
||||||
RENOVATE_REPOSITORY_CACHE: 'enabled'
|
RENOVATE_REPOSITORY_CACHE: 'enabled'
|
||||||
RENOVATE_TOKEN: ${{ secrets.RENOVATE_TOKEN }}
|
|
||||||
RENOVATE_GIT_AUTHOR: 'RenovateBot <renovatebot@w9r.dev>'
|
RENOVATE_GIT_AUTHOR: 'RenovateBot <renovatebot@w9r.dev>'
|
||||||
RENOVATE_GIT_PRIVATE_KEY: ${{ secrets.RENOVATE_GIT_PRIVATE_KEY }}
|
|
||||||
|
|
||||||
RENOVATE_X_SQLITE_PACKAGE_CACHE: true
|
RENOVATE_X_SQLITE_PACKAGE_CACHE: true
|
||||||
|
|
||||||
GIT_AUTHOR_NAME: 'RenovateBot'
|
GIT_AUTHOR_NAME: 'RenovateBot'
|
||||||
GIT_AUTHOR_EMAIL: 'renovatebot@w9r.dev'
|
GIT_AUTHOR_EMAIL: 'renovatebot@w9r.dev'
|
||||||
GIT_COMMITTER_NAME: 'RenovateBot'
|
GIT_COMMITTER_NAME: 'RenovateBot'
|
||||||
GIT_COMMITTER_EMAIL: 'renovatebot@w9r.dev'
|
GIT_COMMITTER_EMAIL: 'renovatebot@w9r.dev'
|
||||||
|
|
||||||
OSV_OFFLINE_ROOT_DIR: ${{ github.workspace }}/.tmp/osv
|
OSV_OFFLINE_ROOT_DIR: ${{ github.workspace }}/.tmp/osv
|
||||||
|
|
||||||
- name: Save renovate repo cache
|
- name: Save renovate repo cache
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue