Updated self-hosted Renovate config in CircleCI and GHA to support pa…

…ssing variables from the environment.
drevops · Aug 31, 2024 · d2b824c · d2b824c · github-actions · Aug 31, 2024
1 parent 7d5f966
commit d2b824c
Show file tree

Hide file tree

Showing 6 changed files with 94 additions and 26 deletions.
diff --git a/.circleci/config.yml b/.circleci/config.yml
@@ -29,16 +29,8 @@ aliases:
   #;> !PROVISION_USE_PROFILE
 
   #;< RENOVATEBOT
-  # Specify the correct repository to prevent the bot from accessing all
-  # repositories available via $RENOVATE_TOKEN.
-  #;< SCAFFOLD_DEV
-  - &renovatebot_repository 'drevops/scaffold-destination'
-  #;> SCAFFOLD_DEV
-  ##### - &renovatebot_repository 'your_org/your_site'
   # The schedule to run RenovateBot on. Defaults to running twice a day.
   - &renovatebot_schedule "5 11,23 * * *"
-  # The author details to use for commits made by RenovateBot.
-  - &renovatebot_git_author 'RenovateBot Self Hosted <[email protected]>'
   #;> RENOVATEBOT
 
   # Shared runner container configuration applied to each job.
@@ -405,12 +397,11 @@ jobs:
         environment:
           RENOVATE_PLATFORM: 'github'
           RENOVATE_AUTODISCOVER: false
-          RENOVATE_DEPENDENCY_DASHBOARD: true
-          RENOVATE_DEPENDENCY_DASHBOARD_TITLE: 'RenovateBot Dependency Dashboard (self-hosted)'
-          RENOVATE_REPOSITORIES: *renovatebot_repository
-          RENOVATE_GIT_AUTHOR: *renovatebot_git_author
-          RENOVATE_DRY_RUN: false
-          LOG_LEVEL: debug
+          RENOVATE_REPOSITORIES: "${RENOVATE_REPOSITORIES:-${CIRCLE_PROJECT_REPONAME}/${CIRCLE_PROJECT_USERNAME}}"
+          RENOVATE_DEPENDENCY_DASHBOARD_TITLE: "${RENOVATE_DEPENDENCY_DASHBOARD_TITLE:-'RenovateBot Dependency Dashboard (self-hosted)'}"
+          RENOVATE_DEPENDENCY_DASHBOARD: "${RENOVATE_DEPENDENCY_DASHBOARD:-false}"
+          RENOVATE_DRY_RUN: "${RENOVATE_DRY_RUN:-false}"
+          RENOVATE_GIT_AUTHOR: "${RENOVATE_GIT_AUTHOR:-'Renovate Self Hosted <[email protected]>'}"
     steps:
       - checkout
       - run: renovate-config-validator

diff --git a/.github/workflows/renovate.yml b/.github/workflows/renovate.yml
@@ -15,15 +15,14 @@ jobs:
 
       - name: Self-hosted Renovate
         uses: renovatebot/[email protected]
-        env:
-          # Update the value of RENOVATE_GIT_AUTHOR with your own.
-          RENOVATE_GIT_AUTHOR: 'Renovate Self Hosted <[email protected]>'
-          RENOVATE_DEPENDENCY_DASHBOARD_TITLE: 'Renovate Dependency Dashboard (self-hosted) by GitHub Actions'
-          RENOVATE_DEPENDENCY_DASHBOARD: false
-          RENOVATE_REPOSITORIES: ${{ github.repository }}
-          RENOVATE_PLATFORM: 'github'
-          RENOVATE_AUTODISCOVER: false
-          RENOVATE_DRY_RUN: false
         with:
           configurationFile: renovate.json
           token: ${{ secrets.RENOVATE_TOKEN }}
+        env:
+          RENOVATE_PLATFORM: 'github'
+          RENOVATE_AUTODISCOVER: false
+          RENOVATE_REPOSITORIES: ${{ vars.RENOVATE_REPOSITORIES || github.repository }}
+          RENOVATE_DEPENDENCY_DASHBOARD_TITLE: 'Renovate Dependency Dashboard (self-hosted) by GitHub Actions'
+          RENOVATE_DEPENDENCY_DASHBOARD: ${{ vars.RENOVATE_DEPENDENCY_DASHBOARD || 'false' }}
+          RENOVATE_DRY_RUN: ${{ vars.RENOVATE_DRY_RUN || 'false' }}
+          RENOVATE_GIT_AUTHOR: ${{ vars.RENOVATE_GIT_AUTHOR || 'Renovate Self Hosted <[email protected]>' }}
diff --git a/.scaffold/docs/.utils/variables/extra/ci.variables.sh b/.scaffold/docs/.utils/variables/extra/ci.variables.sh
@@ -47,3 +47,16 @@ DREVOPS_CI_TEST_RESULTS=/tmp/tests
 
 # Directory to store test artifacts in CI.
 DREVOPS_CI_ARTIFACTS=/tmp/artifacts
+
+# Self-hosted Renovate bot token.
+# Create a GitHub token with a permission to write to a repository.
+RENOVATE_TOKEN=
+
+# Whether to enable self-hosted Renovate bot dashboard.
+RENOVATE_DEPENDENCY_DASHBOARD=false
+
+# Whether to allow self-hosted Renovate bot make changes to the repository.
+RENOVATE_DRY_RUN=false
+
+# Commit author for self-hosted Renovate bot.
+RENOVATE_GIT_AUTHOR='Renovate Self Hosted <[email protected]>'
diff --git a/.scaffold/docs/content/tools/renovate.mdx b/.scaffold/docs/content/tools/renovate.mdx
@@ -10,7 +10,7 @@ The configuration is stored in [`renovate.json`](https://github.com/drevops/scaf
 based on [Renovate configuration for automated Drupal dependency updates](https://github.com/drevops/renovate-drupal)
 project.
 
-### Features
+## Features
 
 1. Dual schedules for Drupal package updates:
     - Daily update schedule for critical Drupal core and related packages created in
@@ -23,10 +23,42 @@ project.
 5. Automatically adds assignees to a pull request.
 6. Configuration for running Renovate self-hosted instance using CircleCI.
 
-### Self-hosted vs GitHub app
+## Self-hosted vs GitHub app
 
 Renovate can run as a hosted GitHub app or as a standalone self-hosted service
-in CircleCI.
+in CircleCI or GitHub Actions.
 
 A self-hosted service can be beneficial when your project is restricted in terms
 of third-party access.
+
+### Setting up Renovate self-hosted in CircleCI
+
+Create a GitHub token with a permission to write to a repository and add it to
+the environment variable in CircleCI UI as a `RENOVATE_TOKEN`.
+
+To test the run without making any changes, create the `RENOVATE_DRY_RUN`
+environment variable in CircleCI UI and set it to `true`.
+
+To override the Git author, create the `RENOVATE_GIT_AUTHOR` environment
+variable in CircleCI UI and set it to `Your name <your-user@your-server>`.
+
+To enable the Renovate Dependency Dashboard, create the
+`RENOVATE_DEPENDENCY_DASHBOARD` environment variable in CircleCI UI
+and set it to `true`.
+Note that triggering actions from the self-hosted service is not supported.
+
+### Setting up Renovate self-hosted in GitHub Actions
+
+Create a GitHub token with a permission to write to a repository and add it to
+the repository secrets as a `RENOVATE_TOKEN`.
+
+To test the run without making any changes, create the `RENOVATE_DRY_RUN`
+environment variable in repository variables and set it to `true`.
+
+To override the Git author, create the `RENOVATE_GIT_AUTHOR` environment
+variable in repository variables and set it to `Your name <your-user@your-server>`.
+
+To enable the Renovate Dependency Dashboard, create the
+`RENOVATE_DEPENDENCY_DASHBOARD` environment variable in repository variables
+and set it to `true`.
+Note that triggering actions from the self-hosted service is not supported.
diff --git a/.scaffold/docs/content/workflows/variables.mdx b/.scaffold/docs/content/workflows/variables.mdx
@@ -1768,6 +1768,38 @@ Default value: `UNDEFINED`
 
 Defined in: `LAGOON ENVIRONMENT`
 
+### `RENOVATE_DEPENDENCY_DASHBOARD`
+
+Whether to enable self-hosted Renovate bot dashboard.
+
+Default value: `false`
+
+Defined in: `CI config`
+
+### `RENOVATE_DRY_RUN`
+
+Whether to allow self-hosted Renovate bot make changes to the repository.
+
+Default value: `false`
+
+Defined in: `CI config`
+
+### `RENOVATE_GIT_AUTHOR`
+
+Commit author for self-hosted Renovate bot.
+
+Default value: `'Renovate Self Hosted <[email protected]>'`
+
+Defined in: `CI config`
+
+### `RENOVATE_TOKEN`
+
+Self-hosted Renovate bot token.<br />Create a GitHub token with a permission to write to a repository.
+
+Default value: `UNDEFINED`
+
+Defined in: `CI config`
+
 ### `TARGET_ENV_REMAP`
 
 Special variable to remap target env to the sub-domain prefix based on UI name.

diff --git a/.scaffold/docs/cspell.json b/.scaffold/docs/cspell.json
@@ -45,6 +45,7 @@
         "phpspec",
         "phpstorm",
         "pyrech",
+        "renovatebot",
         "ruleset",
         "shellvar",
         "sanitised",