diff --git a/.forgejo/workflows/flake-updater.yml b/.forgejo/workflows/flake-updater.yml deleted file mode 100644 index e96530b..0000000 --- a/.forgejo/workflows/flake-updater.yml +++ /dev/null @@ -1,76 +0,0 @@ -name: Update `flake.lock` -on: - workflow_dispatch: - schedule: - - cron: '0 0 * * 5' # runs weekly on Friday at 00:00 - -jobs: - update_lockfile: - runs-on: codeberg-tiny - steps: - - name: Checkout repository - uses: actions/checkout@v4 - - name: Install nix - uses: https://github.com/DeterminateSystems/nix-installer-action@main - - name: Setup Action cache for nix - uses: https://github.com/DeterminateSystems/magic-nix-cache-action@main - - - name: Update flake inputs - uses: ./.forgejo/actions/flake-update - with: - flake_path: "./dot_config/flake" - token: ${{ secrets.FLAKE_PR_TOKEN }} - - # - name: Write PR body template - # uses: https://github.com/DamianReeves/write-file-action@v1.3 - # with: - # path: pr_body.template - # contents: | - # - The following Nix Flake inputs were updated: - - # ``` - # ${{ env.UPDATE_LOG }} - # ``` - - # Auto-generated by [update.yml][1] with the help of - # [create-pull-request][2]. - - # [1]: https://forgejo.stefka.eu/jiriks74/nix.nvim/src/branch/main/.github/workflows/update.yml - # [2]: https://forgejo.stefka.eu/jiriks74/create-pull-request - - # - name: Generate PR body - # uses: pedrolamas/handlebars-action@v2.4.0 # v2.4.0 - # with: - # files: "pr_body.template" - # output-filename: "pr_body.md" - # - name: Save PR body - # id: pr_body - # uses: juliangruber/read-file-action@v1 - # with: - # path: "pr_body.md" - - # - name: Remove temporary files - # run: | - # rm pr_body.template - # rm pr_body.md - - # - name: Create Pull Request - # id: create-pull-request - # uses: https://forgejo.stefka.eu/jiriks74/create-pull-request@2c60f3517609825873003cde0d4367c6cc2cd74c - # with: - # token: ${{ secrets.FORGEJO_TOKEN_FOR_UPDATES }} - # body: ${{ steps.pr_body.outputs.content }} - # author: '"github-actions[bot]" ' - # title: 'automated: Update `flake.lock`' - # commit-message: | - # automated: Update `flake.lock` - - # ${{ steps.pr_body.outputs.content }} - - # branch: update-flake-lock - # delete-branch: true - - # - name: Print PR number - # run: | - # echo "Pull request number is ${{ steps.create-pull-request.outputs.pull-request-number }}." - # echo "Pull Request URL - ${{ steps.cpr.outputs.pull-request-url }}" diff --git a/.forgejo/workflows/main.yml b/.forgejo/workflows/main.yml index 2f7a686..1ab5969 100644 --- a/.forgejo/workflows/main.yml +++ b/.forgejo/workflows/main.yml @@ -25,6 +25,9 @@ jobs: steps: - uses: actions/checkout@v4 + - name: Install Nix + uses: https://github.com/DeterminateSystems/nix-installer-action@main + - name: build nixos if: ${{ matrix.os }} == 'linux' run: | diff --git a/.forgejo/workflows/renovate.yml b/.forgejo/workflows/renovate.yml index 79bc668..53023bc 100644 --- a/.forgejo/workflows/renovate.yml +++ b/.forgejo/workflows/renovate.yml @@ -1,15 +1,60 @@ name: Renovate on: - workflow_dispatch: + push: + workflow_dispatch: # allows manual triggering schedule: - - cron: '0 0 * * 5' # runs weekly on Sunday at 00:00 + - cron: '0 0 * * 5' # runs weekly on Friday at 00:00 jobs: renovate: - runs-on: codeberg-tiny + runs-on: kaylee + permissions: + id-token: "write" + contents: "read" steps: - - uses: https://github.com/DeterminateSystems/nix-installer-action@main - - run: | - nix run nixpkgs#renovate -- --platform forgejo --endpoint https://codeberg.org/api/v1 --token ${{ secrets.RENOVATE_TOKEN }} ${{ env.FORGEJO_REPOSITORY }} + - name: Checkout + uses: actions/checkout@v4 + + - name: Install Nix + uses: https://github.com/DeterminateSystems/nix-installer-action@main + + - name: Magic Nix Cache + uses: https://github.com/DeterminateSystems/magic-nix-cache-action@main + with: + use-flakehub: false + use-gha-cache: true + env: + ACTIONS_CACHE_URL: ${{ env.ACTIONS_CACHE_URL }} + ACTIONS_RESULTS_URL: ${{ env.ACTIONS_RESULTS_URL }} + ACTIONS_RUNTIME_TOKEN: ${{ github.token }} + ACTIONS_CACHE_SERVICE_V2: ${{ env.ACTIONS_CACHE_SERVICE_V2 }} + + - name: Run Renovate + env: + # Platform configuration + RENOVATE_PLATFORM: forgejo + RENOVATE_ENDPOINT: https://codeberg.org/api/v1 + RENOVATE_TOKEN: ${{ secrets.RENOVATE_TOKEN }} + RENOVATE_GITHUB_COM_TOKEN: ${{ secrets.RENOVATE_GITHUB_TOKEN }} + + # Repository configuration + RENOVATE_REPOSITORIES: ${{ github.repository }} + + # Git configuration + RENOVATE_GIT_AUTHOR: 'Renovate Bot ' + RENOVATE_USERNAME: 'renovate-bot' + + # Renovate settings + RENOVATE_ONBOARDING: 'false' + RENOVATE_REQUIRE_CONFIG: 'required' + RENOVATE_CONFIG_FILE: '${{ github.workspace }}/renovate.json' + + # Logging + LOG_LEVEL: 'info' + + # Reduce external API calls + RENOVATE_AUTODISCOVER: 'false' + run: | + nix run nixpkgs#renovate diff --git a/renovate.json b/renovate.json index 7190a60..87483bc 100644 --- a/renovate.json +++ b/renovate.json @@ -1,3 +1,29 @@ { - "$schema": "https://docs.renovatebot.com/renovate-schema.json" + "$schema": "https://docs.renovatebot.com/renovate-schema.json", + "extends": [ + ":dependencyDashboard", + "config:recommended" + ], + "semanticCommits": "enabled", + "rebaseWhen": "behind-base-branch", + "platformCommit": "enabled", + "dependencyDashboard": true, + "dependencyDashboardTitle": "Dependency Dashboard", + "packageRules": [ + { + "description": "Update Forgejo actions", + "matchManagers": ["github-actions"], + "groupName": "forgejo-actions" + } + ], + "nix": { + "enabled": true + }, + "git-submodules": { + "enabled": true + }, + "includePaths": [ + ".forgejo/**", + "dot_config/flake/**" + ] }