From 3e30d6b66be46cc990add02c3695d0832879810b Mon Sep 17 00:00:00 2001
From: Ray Nham <ray.nham@octopus.com>
Date: Mon, 27 Nov 2023 04:59:38 +1100
Subject: [PATCH 1/4] added: renovate github action

---
 .github/dependabot.yml                    |  8 -----
 .github/workflows/update-dependencies.yml | 27 +++++++++++++++
 renovate-config.js                        | 42 +++++++++++++++++++++++
 3 files changed, 69 insertions(+), 8 deletions(-)
 delete mode 100644 .github/dependabot.yml
 create mode 100644 .github/workflows/update-dependencies.yml
 create mode 100644 renovate-config.js

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
deleted file mode 100644
index 880d6d89c..000000000
--- a/.github/dependabot.yml
+++ /dev/null
@@ -1,8 +0,0 @@
-version: 2
-
-updates:
-  - package-ecosystem: "nuget"
-    directory: "/source"
-    schedule:
-      interval: "daily"
-    open-pull-requests-limit: 1
diff --git a/.github/workflows/update-dependencies.yml b/.github/workflows/update-dependencies.yml
new file mode 100644
index 000000000..4fd652777
--- /dev/null
+++ b/.github/workflows/update-dependencies.yml
@@ -0,0 +1,27 @@
+name: Renovate update dependencies
+on:
+  schedule:
+    # UTC 10:00 PM (8AM AEST, Monday - Thursday)
+    - cron: '0 22 * * 1-5'
+  workflow_dispatch:
+    inputs:
+      dry-run:
+        description: 'Dry run'
+        required: false
+        default: true
+        type: boolean
+
+jobs:
+  renovate-backend:
+    name: Self-hosted Renovate
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+      - name: Self-hosted Renovate
+        uses: renovatebot/github-action@v39.0.1
+        with:
+          configurationFile: renovate-config.js
+          token: ${{ secrets.RENOVATE_GITHUB_TOKEN }}
+        env:
+          RENOVATE_DRY_RUN: ${{ inputs.dry-run && 'full' || null }}
diff --git a/renovate-config.js b/renovate-config.js
new file mode 100644
index 000000000..a5d11903a
--- /dev/null
+++ b/renovate-config.js
@@ -0,0 +1,42 @@
+const excludeList = [
+    "dotnet-sdk", // The dotnet SDK update is a non-trivial piece of work.
+];
+
+module.exports = {
+
+    timezone: "Australia/Brisbane",
+    requireConfig: "optional",
+    onboarding: false,
+
+    ignoreDeps: excludeList,
+    enabledManagers: ["nuget"],
+
+    // Full list of built-in presets: https://docs.renovatebot.com/presets-default/
+    extends: [
+        "config:base",
+        "group:monorepos",
+        "group:recommended",
+		":rebaseStalePrs",
+        ":automergeRequireAllStatusChecks",
+    ],
+
+    // Renovate will create a new issue in the repository.
+    // This issue has a "dashboard" where you can get an overview of the status of all updates.
+    // https://docs.renovatebot.com/key-concepts/dashboard/
+    dependencyDashboard: true,
+    dependencyDashboardTitle: "Tentacle Dependency Dashboard",
+
+    platform: "github",
+    repositories: ["OctopusDeploy/OctopusTentacle"],
+    reviewers: ["raynhamdev"],
+    labels: ["dependencies", "Tentacle"],
+    branchPrefix: "renovate-dotnet/",
+
+    // Limit the amount of PRs created
+    prConcurrentLimit: 10,
+    prHourlyLimit: 2,
+
+    // If set to false, Renovate will upgrade dependencies to their latest release only. Renovate will not separate major or minor branches.
+    // https://docs.renovatebot.com/configuration-options/#separatemajorminor
+    separateMajorMinor: false,
+};

From a3fdbd8a7b38341d4fa0ca149276344111b67594 Mon Sep 17 00:00:00 2001
From: Ray Nham <ray.nham@octopus.com>
Date: Mon, 27 Nov 2023 05:04:14 +1100
Subject: [PATCH 2/4] added: auto approval

---
 .../apprrove-renovate-pull-request.yml        | 26 +++++++++++++++++++
 .github/workflows/update-dependencies.yml     |  1 +
 2 files changed, 27 insertions(+)
 create mode 100644 .github/workflows/apprrove-renovate-pull-request.yml

diff --git a/.github/workflows/apprrove-renovate-pull-request.yml b/.github/workflows/apprrove-renovate-pull-request.yml
new file mode 100644
index 000000000..d30e40a08
--- /dev/null
+++ b/.github/workflows/apprrove-renovate-pull-request.yml
@@ -0,0 +1,26 @@
+name: "Approve Renovate Pull Request"
+
+on:
+  pull_request:
+    branches: [main]
+
+# Increase the access for the GITHUB_TOKEN
+permissions:
+  # This Allows the GITHUB_TOKEN to approve pull requests
+  pull-requests: write
+  # This Allows the GITHUB_TOKEN to auto merge pull requests
+  contents: write
+
+env:
+  PR_URL: ${{github.event.pull_request.html_url}}
+  # By default, GitHub Actions workflows triggered by renovate get a GITHUB_TOKEN with read-only permissions.
+  GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
+
+jobs:
+  approve_renovate_pull_requests:
+    runs-on: ubuntu-latest
+    name: Approve renovate pull request
+    if: ${{ (github.actor == 'Octobob') && (contains(github.head_ref, 'renovate')) }}
+    steps:
+      - name: Approve a renovate created PR
+        run: gh pr review --approve "$PR_URL"
\ No newline at end of file
diff --git a/.github/workflows/update-dependencies.yml b/.github/workflows/update-dependencies.yml
index 4fd652777..b0fa6eabf 100644
--- a/.github/workflows/update-dependencies.yml
+++ b/.github/workflows/update-dependencies.yml
@@ -24,4 +24,5 @@ jobs:
           configurationFile: renovate-config.js
           token: ${{ secrets.RENOVATE_GITHUB_TOKEN }}
         env:
+          LOG_LEVEL: debug
           RENOVATE_DRY_RUN: ${{ inputs.dry-run && 'full' || null }}

From a7a76c9e60534f815949eab02cb7b22fa8a119d1 Mon Sep 17 00:00:00 2001
From: Ray Nham <ray.nham@octopus.com>
Date: Mon, 27 Nov 2023 09:06:10 +1100
Subject: [PATCH 3/4] fixed file name typo

---
 ...enovate-pull-request.yml => approve-renovate-pull-request.yml} | 0
 1 file changed, 0 insertions(+), 0 deletions(-)
 rename .github/workflows/{apprrove-renovate-pull-request.yml => approve-renovate-pull-request.yml} (100%)

diff --git a/.github/workflows/apprrove-renovate-pull-request.yml b/.github/workflows/approve-renovate-pull-request.yml
similarity index 100%
rename from .github/workflows/apprrove-renovate-pull-request.yml
rename to .github/workflows/approve-renovate-pull-request.yml

From ab5a34d461c85db026c673398693432d699a0349 Mon Sep 17 00:00:00 2001
From: Ray Nham <ray.nham@octopus.com>
Date: Mon, 27 Nov 2023 11:19:46 +1100
Subject: [PATCH 4/4] reduce concurrent PR limit and change reviewers to team

---
 renovate-config.js | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/renovate-config.js b/renovate-config.js
index a5d11903a..f2e6e7b6c 100644
--- a/renovate-config.js
+++ b/renovate-config.js
@@ -28,13 +28,13 @@ module.exports = {
 
     platform: "github",
     repositories: ["OctopusDeploy/OctopusTentacle"],
-    reviewers: ["raynhamdev"],
+    reviewers: ["OctopusDeploy/team-server-at-scale"],
     labels: ["dependencies", "Tentacle"],
     branchPrefix: "renovate-dotnet/",
 
     // Limit the amount of PRs created
-    prConcurrentLimit: 10,
-    prHourlyLimit: 2,
+    prConcurrentLimit: 2,
+    prHourlyLimit: 1,
 
     // If set to false, Renovate will upgrade dependencies to their latest release only. Renovate will not separate major or minor branches.
     // https://docs.renovatebot.com/configuration-options/#separatemajorminor