-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
chore(misc): add default renovate and pre-commit config (#3)
- Loading branch information
Showing
19 changed files
with
371 additions
and
117 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,18 @@ | ||
--- | ||
extends: default | ||
|
||
rules: | ||
indentation: | ||
indent-sequences: false | ||
document-start: | ||
level: error | ||
comments: | ||
level: error | ||
comments-indentation: | ||
level: error | ||
line-length: | ||
max: 175 | ||
truthy: | ||
# prevent false positives on Github Actions workflow files with `on`, | ||
# see https://github.com/adrienverge/yamllint/issues/158 | ||
check-keys: false |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,136 @@ | ||
{ | ||
$schema: "https://docs.renovatebot.com/renovate-schema.json", | ||
extends: [ | ||
"config:recommended", | ||
":automergeDisabled", | ||
":semanticCommits", | ||
":dependencyDashboard", | ||
":enablePreCommit", | ||
], | ||
schedule: ["every weekend"], | ||
platformAutomerge: false, | ||
prHourlyLimit: 6, | ||
prConcurrentLimit: 20, | ||
commitBodyTable: true, | ||
separateMajorMinor: false, | ||
prBodyNotes: [ | ||
"{{#if isMajor}}:warning: THIS IS A MAJOR VERSION UPDATE :warning:{{/if}}", | ||
"Before merging, *always* check with the release notes if any other changes need to be done.", | ||
], | ||
major: { | ||
enabled: true, | ||
addLabels: ["upgrade:major"], | ||
}, | ||
minor: { | ||
enabled: true, | ||
addLabels: ["upgrade:minor"], | ||
}, | ||
patch: { | ||
enabled: true, | ||
addLabels: ["upgrade:patch"], | ||
}, | ||
vulnerabilityAlerts: { | ||
addLabels: ["security"], | ||
enabled: true | ||
}, | ||
packageRules: [ | ||
// limit the PR creation for the Renovate pre-commit hook (it's released very frequently) | ||
{ | ||
matchPackageNames: ["renovatebot/pre-commit-hooks"], | ||
matchUpdateTypes: ["patch"], | ||
enabled: false, | ||
}, | ||
{ | ||
matchPackageNames: ["renovatebot/pre-commit-hooks"], | ||
schedule: ["on Saturday"], | ||
}, | ||
{ | ||
matchManagers: ["github-actions"], | ||
addLabels: ["group:github-actions", "component:ci"], | ||
}, | ||
// Terraform AWS modules | ||
{ | ||
matchDatasources: ["terraform-module"], | ||
matchPackagePatterns: ["terraform-aws-modules.*"], | ||
addLabels: ["group:terraform"], | ||
groupName: "Terraform AWS modules", | ||
schedule: [ | ||
"every 2 weeks on Saturday and Sunday", | ||
], | ||
}, | ||
// Terraform major provider updates | ||
{ | ||
matchDatasources: ["terraform-provider"], | ||
addLabels: ["group:terraform"], | ||
schedule: [ | ||
"every 2 weeks on Saturday and Sunday", | ||
] | ||
}, | ||
// Terraform patch provider updates | ||
{ | ||
matchUpdateTypes: ["patch"], | ||
matchDatasources: ["terraform-provider"], | ||
addLabels: ["group:terraform", "automerge"], | ||
groupName: "Terraform providers", | ||
automerge: true, | ||
schedule: [ | ||
"every 2 weeks on Saturday and Sunday", | ||
] | ||
}, | ||
// Patches | ||
// Those are tested packages, and we know that they follow the semver convention, | ||
// but it's fine to have candidate packages to test before move them to minor section. | ||
{ | ||
matchUpdateTypes: ["patch"], | ||
matchPackagePatterns: [ | ||
"pre-commit", | ||
"^terraform$", | ||
"terraform-aws-modules/.+", | ||
], | ||
addLabels: ["automerge"], | ||
automerge: true, | ||
}, | ||
// Minor versions | ||
// Those are tested packages, and we know that they follow the semver convention, | ||
// but it's fine to have candidate packages to test before move them to minor section. | ||
{ | ||
matchUpdateTypes: ["minor"], | ||
matchPackagePatterns: [ | ||
"pre-commit", | ||
], | ||
addLabels: ["automerge"], | ||
automerge: true, | ||
}, | ||
// Create PRs and automerge mentioned components afterward | ||
// Those are tested packages | ||
{ | ||
matchUpdateTypes: ["major"], | ||
matchPackagePatterns: [ | ||
"pre-commit/.+", | ||
], | ||
addLabels: ["automerge"], | ||
automerge: true, | ||
}, | ||
{ | ||
matchUpdateTypes: ["major", "minor", "patch"], | ||
matchManagers: ["pre-commit"], | ||
groupName: "pre-commit hooks", | ||
addLabels: ["automerge"], | ||
automerge: true | ||
}, | ||
// For known GitHub repositories that use GitHub tags/releases of format | ||
// "v1.2.3" and where the asdf plugin ignores the "v" prefix, we also tell | ||
// Renovate to ignore it via extractVersion when updating .tool-version file | ||
{ | ||
matchFileNames: ["**/.tool-versions", "**/*.tf"], | ||
matchPackageNames: [ | ||
"hashicorp/terraform", | ||
"helm/helm", | ||
"koalaman/shellcheck", | ||
"pre-commit/pre-commit", | ||
"rhysd/actionlint", | ||
], | ||
extractVersion: "^v(?<version>.*)$", | ||
}, | ||
], | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,25 @@ | ||
--- | ||
name: Lint | ||
|
||
on: | ||
push: | ||
pull_request: | ||
branches: | ||
- main | ||
|
||
jobs: | ||
lint: | ||
runs-on: ubuntu-latest | ||
timeout-minutes: 15 | ||
steps: | ||
- uses: actions/checkout@v4 | ||
- uses: asdf-vm/actions/setup@v3 | ||
- name: Install tooling required for pre-commit | ||
run: | | ||
for tool in actionlint shellcheck terraform tflint ; do | ||
asdf plugin add "${tool}" | ||
asdf install "${tool}" | ||
done | ||
- uses: pre-commit/[email protected] | ||
with: | ||
extra_args: --all-files --verbose |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.