Emma Thorpe
659912e0af
CI workflow gates on nixfmt formatting and evaluates all three host toplevels (aarch64 evaluates without emulation; no full builds in CI). renovate.json enables the nix manager and weekly lockFileMaintenance for flake.lock, plus grouped github-actions updates (Renovate matches .gitea/workflows). A self-hosted Renovate workflow runs it on Gitea, since Gitea has no built-in Renovate; it needs a RENOVATE_TOKEN secret.
32 lines
1.0 KiB
YAML
32 lines
1.0 KiB
YAML
# Self-hosted Renovate. Gitea has no built-in Renovate, so it runs here on a
|
|
# schedule (and on demand). Requires a repo/org secret RENOVATE_TOKEN holding a
|
|
# Gitea PAT with read/write on this repository and read on packages.
|
|
# If a central Renovate bot already autodiscovers this repo, delete this file;
|
|
# renovate.json alone is enough to configure it.
|
|
name: Renovate
|
|
|
|
on:
|
|
schedule:
|
|
- cron: "0 4 * * 1" # Mondays 04:00 UTC
|
|
workflow_dispatch:
|
|
|
|
jobs:
|
|
renovate:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Run Renovate
|
|
uses: renovatebot/github-action@v40.3.6
|
|
with:
|
|
configurationFile: renovate.json
|
|
token: ${{ secrets.RENOVATE_TOKEN }}
|
|
env:
|
|
RENOVATE_PLATFORM: gitea
|
|
RENOVATE_ENDPOINT: ${{ env.GITHUB_SERVER_URL }}/api/v1
|
|
RENOVATE_AUTODISCOVER: "false"
|
|
RENOVATE_REPOSITORIES: ${{ github.repository }}
|
|
RENOVATE_GIT_AUTHOR: "Renovate Bot <renovate@lyrathorpe.dev>"
|
|
LOG_LEVEL: info
|