From 0c1ae92fa6a9d16d6e7e9072ba126eebcffbf2ab Mon Sep 17 00:00:00 2001 From: Thomas Boerger Date: Sun, 24 Nov 2024 15:43:46 +0100 Subject: [PATCH] ci: add some basic workflow and renovate config --- .github/CODEOWNERS | 1 + .github/renovate.json | 49 ++++++++++++++++++++++++++++ .github/settings.yml | 19 +++++++++-- .github/workflows/automerge.yml | 38 ++++++++++++++++++++++ .github/workflows/general.yml | 18 +++++++++++ .github/workflows/release.yml | 57 +++++++++++++++++++++++++++++++++ 6 files changed, 180 insertions(+), 2 deletions(-) create mode 100644 .github/CODEOWNERS create mode 100644 .github/renovate.json create mode 100644 .github/workflows/automerge.yml create mode 100644 .github/workflows/general.yml create mode 100644 .github/workflows/release.yml diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS new file mode 100644 index 0000000..08326e7 --- /dev/null +++ b/.github/CODEOWNERS @@ -0,0 +1 @@ +* @tboerger diff --git a/.github/renovate.json b/.github/renovate.json new file mode 100644 index 0000000..e491d09 --- /dev/null +++ b/.github/renovate.json @@ -0,0 +1,49 @@ +{ + "$schema": "https://docs.renovatebot.com/renovate-schema.json", + "extends": [ + "config:recommended", + ":semanticCommits", + ":semanticCommitType(deps)" + ], + "packageRules": [ + { + "description": "Semantic commits for major updates", + "matchUpdateTypes": [ + "major" + ], + "semanticCommitType": "major", + "semanticCommitScope": "deps", + "automerge": true + }, + { + "description": "Semantic commits for minor updates", + "matchUpdateTypes": [ + "minor" + ], + "semanticCommitType": "minor", + "semanticCommitScope": "deps", + "automerge": true + }, + { + "description": "Semantic commits for patch updates", + "matchUpdateTypes": [ + "patch" + ], + "semanticCommitType": "patch", + "semanticCommitScope": "deps", + "automerge": true + }, + { + "description": "Build tool version upgrades", + "matchManagers": [ + "github-actions" + ], + "semanticCommitType": "ci", + "semanticCommitScope": "tools", + "automerge": true + } + ], + "labels": [ + "renovate" + ] +} diff --git a/.github/settings.yml b/.github/settings.yml index 1918e69..cdc5435 100644 --- a/.github/settings.yml +++ b/.github/settings.yml @@ -12,8 +12,8 @@ repository: default_branch: master - allow_squash_merge: true - allow_merge_commit: true + allow_squash_merge: false + allow_merge_commit: false allow_rebase_merge: true labels: @@ -48,4 +48,19 @@ labels: color: cccccc description: Accepted as a Hacktoberfest submission +branches: + - name: master + protection: + required_pull_request_reviews: null + required_status_checks: + strict: true + contexts: + - check + enforce_admins: false + restrictions: + apps: + - renovate + users: [] + teams: [] + ... diff --git a/.github/workflows/automerge.yml b/.github/workflows/automerge.yml new file mode 100644 index 0000000..84f9a33 --- /dev/null +++ b/.github/workflows/automerge.yml @@ -0,0 +1,38 @@ +--- +name: automerge + +"on": + workflow_dispatch: + pull_request: + branches: + - master + +permissions: + contents: write + pull-requests: write + +jobs: + dependabot: + runs-on: ubuntu-latest + if: github.actor == 'dependabot[bot]' + + steps: + - name: Fetch metadata + id: metadata + uses: dependabot/fetch-metadata@v2 + with: + github-token: ${{ secrets.GITHUB_TOKEN }} + + - name: Approve request + id: approve + run: gh pr review --approve "${{github.event.pull_request.html_url}}" + env: + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + - name: Enable automerge + id: automerge + run: gh pr merge --rebase --auto "${{github.event.pull_request.html_url}}" + env: + GH_TOKEN: ${{ secrets.PERSONAL_TOKEN }} + +... diff --git a/.github/workflows/general.yml b/.github/workflows/general.yml new file mode 100644 index 0000000..0911a5d --- /dev/null +++ b/.github/workflows/general.yml @@ -0,0 +1,18 @@ +--- +name: general + +"on": + pull_request: + push: + branches: + - master + +jobs: + check: + runs-on: macos-latest + + steps: + - name: Clone source + uses: actions/checkout@v4 + +... diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 0000000..a2bb52a --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,57 @@ +--- +name: release + +"on": + workflow_dispatch: + schedule: + - cron: "0 8 * * 1" + +permissions: + contents: read + id-token: write + +jobs: + release: + runs-on: ubuntu-latest + + steps: + - name: Checkout source + uses: actions/checkout@v4 + with: + token: ${{ secrets.PERSONAL_TOKEN }} + + - name: Setup nodejs + uses: actions/setup-node@v4 + with: + node-version: 20.x + + - name: Install releaser + run: | + npm install -g \ + conventional-changelog-conventionalcommits@6.1.0 \ + semantic-release@23.1.1 \ + @semantic-release/changelog \ + @semantic-release/git + + - name: Run releaser + env: + GITHUB_TOKEN: ${{ secrets.PERSONAL_TOKEN }} + run: semantic-release + + - name: Write buildtime + run: date >| .github/RELEASE + + - name: Update repo + run: git pull --rebase --autostash + + - name: Commit changes + uses: EndBug/add-and-commit@v9 + with: + author_name: GitHub Actions + author_email: thomas@webhippie.de + add: .github/RELEASE + message: "docs: automated release update [skip ci]" + push: true + commit: --signoff + +...