diff --git a/.github/renovate.json b/.github/renovate.json new file mode 100644 index 00000000..09d222b4 --- /dev/null +++ b/.github/renovate.json @@ -0,0 +1,119 @@ +{ + "$schema": "https://docs.renovatebot.com/renovate-schema.json", + "extends": [ + "config:recommended" + ], + "commitMessageLowerCase": "never", + "labels": [ + "dependencies" + ], + "prConcurrentLimit": 0, + "prHourlyLimit": 0, + "schedule": [ + "* 0-7 * * 1" + ], + "separateMultipleMajor": true, + "packageRules": [ + { + "groupName": "Ansible collections", + "matchManagers": [ + "ansible-galaxy", + "custom.regex" + ] + } + ], + "ansible-galaxy": { + "fileMatch": [ + "(^|/)[\\w-]*requirements([_.]\\w+)?\\.ya?ml$" + ], + "packageRules": [ + { + "automerge": true, + "matchCurrentVersion": "!/^0/", + "matchUpdateTypes": [ + "minor", + "patch" + ] + } + ] + }, + "customManagers": [ + { + "customType": "regex", + "datasourceTemplate": "galaxy-collection", + "fileMatch": [ + "README.md" + ], + "matchStrings": [ + "- name: (?\\w+\\.\\w+)(?:\\s+#.*)?\\s+version: (?\\d+\\.\\d+\\.\\d+)" + ], + "versioningTemplate": "semver" + } + ], + "dockerfile": { + "ignorePaths": [ + "molecule/**/Dockerfile.j2" + ] + }, + "github-actions": { + "addLabels": [ + "skip changelog" + ], + "packageRules": [ + { + "groupName": "GitHub Actions", + "matchPackageNames": [ + "actions/**", + "github/**" + ] + }, + { + "groupName": "Docker Actions", + "matchPackageNames": [ + "docker/**" + ] + }, + { + "enabled": false, + "matchUpdateTypes": [ + "digest" + ] + }, + { + "automerge": true, + "matchUpdateTypes": [ + "minor", + "patch" + ], + "matchCurrentVersion": "!/^0/" + } + ] + }, + "pip_requirements": { + "fileMatch": [ + "(^|/)[\\w-]*requirements([_.]\\w+)?\\.(txt|pip)$" + ], + "packageRules": [ + { + "groupName": "Python dependencies", + "matchPackageNames": [ + "*" + ] + }, + { + "groupName": "Ansible core", + "matchPackageNames": [ + "ansible-core" + ], + "separateMinorPatch": true + }, + { + "automerge": true, + "matchUpdateTypes": [ + "patch" + ], + "matchCurrentVersion": "!/^0/" + } + ] + } +} diff --git a/.github/workflows/milestone-pr.yml b/.github/workflows/milestone-pr.yml new file mode 100644 index 00000000..baa03b7c --- /dev/null +++ b/.github/workflows/milestone-pr.yml @@ -0,0 +1,42 @@ +--- +name: Milestone & Project PR Automation +on: + pull_request: + branches: [main] + workflow_dispatch: +permissions: read-all +jobs: + milestone: + name: Add milestone to GitHub PR + if: github.actor == 'renovate[bot]' + runs-on: ubuntu-24.04 + permissions: + issues: write + pull-requests: write + steps: + - name: Find current milestone and add it to GitHub PR + uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1 + with: + script: | + const { data: [milestone] } = await github.rest.issues.listMilestones({ + owner: context.repo.owner, + repo: context.repo.repo, + }); + + await github.rest.issues.update({ + owner: context.repo.owner, + repo: context.repo.repo, + issue_number: context.issue.number, + milestone: milestone.number, + }); + + project: + name: Add project to GitHub PR + if: github.actor == 'renovate[bot]' + runs-on: ubuntu-24.04 + steps: + - name: Add Project + uses: actions/add-to-project@244f685bbc3b7adfa8466e08b698b5577571133e # v.1.0.2 + with: + project-url: https://github.com/orgs/nginxinc/projects/17/views/1 + github-token: ${{ secrets.ADD_TO_PROJECT_TOKEN }} diff --git a/CHANGELOG.md b/CHANGELOG.md index 5bed2d9d..aa2feb35 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -34,6 +34,8 @@ CI/CD: - Switch GitHub Actions from using tags to release hashes. - Remove platform metadata from the Ansible Galaxy role metadata since platforms are no longer supported in Ansible Galaxy NG. - Implement OSSF Scorecard. +- Implement Renovate. +- Automatically add milestone and project data to Renovate Bot PRs. MAINTENANCE: