updated renovate config

Fixup CI Setup dependency dashboard more renovate config Set repo in workflow remove trailing comma Setup Github token and ignore FlakeHub in flake.nix Add magic nix cache Skip FlakeHub add cache permissions . cache? cache? more env vars renovate.json
2025-12-06 08:48:34 -05:00 · 2025-11-22 22:20:26 -05:00 · 2025-11-22 22:20:26 -05:00 · ed36830cf3
commit ed36830cf3
parent 3b3837dcd1
4 changed files with 81 additions and 83 deletions
--- a/.forgejo/workflows/flake-updater.yml
+++ b/.forgejo/workflows/flake-updater.yml
@ -1,76 +0,0 @@
-name: Update `flake.lock`
-on:
-  workflow_dispatch:
-  schedule:
-    - cron: '0 0 * * 5' # runs weekly on Friday at 00:00
-
-jobs:
-  update_lockfile:
-    runs-on: codeberg-tiny
-    steps:
-      - name: Checkout repository
-        uses: actions/checkout@v4
-      - name: Install nix
-        uses: https://github.com/DeterminateSystems/nix-installer-action@main
-      - name: Setup Action cache for nix
-        uses: https://github.com/DeterminateSystems/magic-nix-cache-action@main
-
-      - name: Update flake inputs
-        uses: ./.forgejo/actions/flake-update
-        with:
-          flake_path: "./dot_config/flake"
-          token: ${{ secrets.FLAKE_PR_TOKEN }}
-
-      # - name: Write PR body template
-      #   uses: https://github.com/DamianReeves/write-file-action@v1.3
-      #   with:
-      #     path: pr_body.template
-      #     contents: |
-      #       - The following Nix Flake inputs were updated:
-
-      #       ```
-      #       ${{ env.UPDATE_LOG }}
-      #       ```
-
-      #       Auto-generated by [update.yml][1] with the help of
-      #       [create-pull-request][2].
-
-      #       [1]: https://forgejo.stefka.eu/jiriks74/nix.nvim/src/branch/main/.github/workflows/update.yml
-      #       [2]: https://forgejo.stefka.eu/jiriks74/create-pull-request
-
-      # - name: Generate PR body
-      #   uses: pedrolamas/handlebars-action@v2.4.0 # v2.4.0
-      #   with:
-      #     files: "pr_body.template"
-      #     output-filename: "pr_body.md"
-      # - name: Save PR body
-      #   id: pr_body
-      #   uses: juliangruber/read-file-action@v1
-      #   with:
-      #     path: "pr_body.md"
-
-      # - name: Remove temporary files
-      #   run: |
-      #     rm pr_body.template
-      #     rm pr_body.md
-
-      # - name: Create Pull Request
-      #   id: create-pull-request
-      #   uses: https://forgejo.stefka.eu/jiriks74/create-pull-request@2c60f3517609825873003cde0d4367c6cc2cd74c
-      #   with:
-      #     token: ${{ secrets.FORGEJO_TOKEN_FOR_UPDATES  }}
-      #     body: ${{ steps.pr_body.outputs.content }}
-      #     author: '"github-actions[bot]" <github-actions[bot]@users.noreply.github.com>'
-      #     title: 'automated: Update `flake.lock`'
-      #     commit-message: |
-      #       automated: Update `flake.lock`
-
-      #       ${{ steps.pr_body.outputs.content }}
-
-      #     branch: update-flake-lock
-      #     delete-branch: true
-
-      # - name: Print PR number
-      #   run: |
-      #     echo "Pull request number is ${{ steps.create-pull-request.outputs.pull-request-number }}."
-      #     echo "Pull Request URL - ${{ steps.cpr.outputs.pull-request-url }}"
--- a/.forgejo/workflows/main.yml
+++ b/.forgejo/workflows/main.yml
@ -25,6 +25,9 @@ jobs:
    steps:
    - uses: actions/checkout@v4

+    - name: Install Nix
+      uses: https://github.com/DeterminateSystems/nix-installer-action@main
+
    - name: build nixos
      if: ${{ matrix.os }} == 'linux'
      run: |
--- a/.forgejo/workflows/renovate.yml
+++ b/.forgejo/workflows/renovate.yml
@ -1,15 +1,60 @@
 name: Renovate

 on:
-  workflow_dispatch:
+  push:
+  workflow_dispatch: # allows manual triggering
  schedule:
-    - cron: '0 0 * * 5' # runs weekly on Sunday at 00:00
+    - cron: '0 0 * * 5' # runs weekly on Friday at 00:00

 jobs:
  renovate:
-    runs-on: codeberg-tiny
+    runs-on: kaylee
+    permissions:
+      id-token: "write"
+      contents: "read"

    steps:
-      - uses: https://github.com/DeterminateSystems/nix-installer-action@main
-      - run: |
-          nix run nixpkgs#renovate -- --platform forgejo --endpoint https://codeberg.org/api/v1 --token ${{ secrets.RENOVATE_TOKEN }} ${{ env.FORGEJO_REPOSITORY }} 
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Install Nix
+        uses: https://github.com/DeterminateSystems/nix-installer-action@main
+
+      - name: Magic Nix Cache
+        uses: https://github.com/DeterminateSystems/magic-nix-cache-action@main
+        with:
+          use-flakehub: false
+          use-gha-cache: true
+        env:
+          ACTIONS_CACHE_URL: ${{ env.ACTIONS_CACHE_URL }}
+          ACTIONS_RESULTS_URL: ${{ env.ACTIONS_RESULTS_URL }}
+          ACTIONS_RUNTIME_TOKEN: ${{ github.token }}
+          ACTIONS_CACHE_SERVICE_V2: ${{ env.ACTIONS_CACHE_SERVICE_V2 }}
+
+      - name: Run Renovate
+        env:
+          # Platform configuration
+          RENOVATE_PLATFORM: forgejo
+          RENOVATE_ENDPOINT: https://codeberg.org/api/v1
+          RENOVATE_TOKEN: ${{ secrets.RENOVATE_TOKEN }}
+          RENOVATE_GITHUB_COM_TOKEN: ${{ secrets.RENOVATE_GITHUB_TOKEN }}
+
+          # Repository configuration
+          RENOVATE_REPOSITORIES: ${{ github.repository }}
+
+          # Git configuration
+          RENOVATE_GIT_AUTHOR: 'Renovate Bot <bot@renovateapp.com>'
+          RENOVATE_USERNAME: 'renovate-bot'
+
+          # Renovate settings
+          RENOVATE_ONBOARDING: 'false'
+          RENOVATE_REQUIRE_CONFIG: 'required'
+          RENOVATE_CONFIG_FILE: '${{ github.workspace }}/renovate.json'
+
+          # Logging
+          LOG_LEVEL: 'info'
+
+          # Reduce external API calls
+          RENOVATE_AUTODISCOVER: 'false'
+        run: |
+          nix run nixpkgs#renovate