From ab3b37663e50c644c1dfefcea776c51c6f740b89 Mon Sep 17 00:00:00 2001 From: srv-rr-github-token <94607705+srv-rr-github-token@users.noreply.github.com> Date: Thu, 31 Aug 2023 13:23:39 +0000 Subject: [PATCH] ci: common template rollout changes --- .appinspect_api.expect.yaml | 0 .github/workflows/.ci-metadata.json | 2 +- .github/workflows/agreements.yaml | 13 +++++++------ .github/workflows/build-test-release.yml | 4 +++- .pre-commit-config.yaml | 2 +- renovate.json | 11 +++++++++-- 6 files changed, 21 insertions(+), 11 deletions(-) create mode 100644 .appinspect_api.expect.yaml diff --git a/.appinspect_api.expect.yaml b/.appinspect_api.expect.yaml new file mode 100644 index 0000000..e69de29 diff --git a/.github/workflows/.ci-metadata.json b/.github/workflows/.ci-metadata.json index a8ea08d..8211081 100644 --- a/.github/workflows/.ci-metadata.json +++ b/.github/workflows/.ci-metadata.json @@ -1,3 +1,3 @@ { - "template-version": "v2.0.0" + "template-version": "v2.3.1" } diff --git a/.github/workflows/agreements.yaml b/.github/workflows/agreements.yaml index d1e9023..f8f3f46 100644 --- a/.github/workflows/agreements.yaml +++ b/.github/workflows/agreements.yaml @@ -4,14 +4,15 @@ on: types: [created] pull_request_target: types: [opened, closed, synchronize] -permissions: - actions: read - contents: read - pull-requests: read - statuses: read + jobs: call-workflow-agreements: - uses: splunk/addonfactory-github-workflows/.github/workflows/reusable-agreements.yaml@v1 + uses: splunk/addonfactory-github-workflows/.github/workflows/reusable-agreements.yaml@v1.4 + permissions: + actions: read + contents: read + pull-requests: write + statuses: read secrets: GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} PERSONAL_ACCESS_TOKEN: ${{ secrets.PAT_CLATOOL }} diff --git a/.github/workflows/build-test-release.yml b/.github/workflows/build-test-release.yml index 4b5a4dc..a188868 100644 --- a/.github/workflows/build-test-release.yml +++ b/.github/workflows/build-test-release.yml @@ -25,7 +25,7 @@ permissions: jobs: call-workflow: if: github.event.action != 'labeled' || github.actor != 'renovate[bot]' - uses: splunk/addonfactory-workflow-addon-release/.github/workflows/reusable-build-test-release.yml@v4.0 + uses: splunk/addonfactory-workflow-addon-release/.github/workflows/reusable-build-test-release.yml@v4.5 secrets: GH_TOKEN_ADMIN: ${{ secrets.GH_TOKEN_ADMIN }} SEMGREP_PUBLISH_TOKEN: ${{ secrets.SEMGREP_PUBLISH_TOKEN }} @@ -39,3 +39,5 @@ jobs: SA_GH_USER_EMAIL: ${{ secrets.SA_GH_USER_EMAIL }} SA_GPG_PRIVATE_KEY: ${{ secrets.SA_GPG_PRIVATE_KEY }} SA_GPG_PASSPHRASE: ${{ secrets.SA_GPG_PASSPHRASE }} + SPL_COM_USER: ${{ secrets.SPL_COM_USER }} + SPL_COM_PASSWORD: ${{ secrets.SPL_COM_PASSWORD }} diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 574855f..52a55e2 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -27,4 +27,4 @@ repos: - id: eslint additional_dependencies: - "@typescript-eslint/parser" - - "@typescript-eslint/eslint-plugin" + - "@typescript-eslint/eslint-plugin" \ No newline at end of file diff --git a/renovate.json b/renovate.json index a32c46b..9e5ea1c 100644 --- a/renovate.json +++ b/renovate.json @@ -3,10 +3,17 @@ "config:base", "group:all", ":semanticCommitTypeAll(chore)", - "schedule:earlyMondays", - ":disableDependencyDashboard" + ":prHourlyLimit2" ], + "reviewers": ["team:products-gdi-addons-adminrepo"], + "schedule": ["every 2 weeks on Sunday"], + "lockFileMaintenance": { + "enabled": true, + "schedule": ["every 2 weeks on Sunday"] + }, "enabledManagers": ["poetry", "npm", "gradle"], + "rangeStrategy": "pin", + "prConcurrentLimit": 5, "packageRules": [ { "matchPackageNames": ["urllib3"],