From b9e26dfbd0fa78a74792134889b43aa7bca7a267 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?St=C3=A9phane=20Brunner?= <stephane.brunner@camptocamp.com>
Date: Tue, 10 Oct 2023 18:02:28 +0200
Subject: [PATCH] CI updates

This is done by the automated script named upgrade-c2cciutils-to-1.7
---
 .github/renovate.json5                        | 106 ------------------
 .github/workflows/audit.yaml                  |  56 ---------
 .github/workflows/changelog.yaml              |  18 +--
 .github/workflows/dependency-auto-review.yaml |  25 +++++
 .../workflows/dependency-update-review.yaml   |  22 ----
 CHANGELOG.md                                  |   3 -
 ci/config.yaml                                |   2 +-
 7 files changed, 36 insertions(+), 196 deletions(-)
 delete mode 100644 .github/renovate.json5
 delete mode 100644 .github/workflows/audit.yaml
 create mode 100644 .github/workflows/dependency-auto-review.yaml
 delete mode 100644 .github/workflows/dependency-update-review.yaml
 delete mode 100644 CHANGELOG.md

diff --git a/.github/renovate.json5 b/.github/renovate.json5
deleted file mode 100644
index b5db263e3..000000000
--- a/.github/renovate.json5
+++ /dev/null
@@ -1,106 +0,0 @@
-{
-  extends: ['config:base'],
-  timezone: 'Europe/Zurich',
-  schedule: 'after 5pm on the first day of the month',
-  labels: ['dependencies'],
-  separateMajorMinor: true,
-  separateMinorPatch: true,
-  prHourlyLimit: 0,
-  prConcurrentLimit: 0,
-  baseBranches: ['master', '1.5', '1.4', '1.3', '1.2', '1.1'],
-  'pre-commit': { enabled: true },
-  lockFileMaintenance: {
-    enabled: true,
-    automerge: true,
-    schedule: 'after 5pm on the first day of the month',
-  },
-  force: {
-    constraints: {
-      poetry: '1.2.1',
-    },
-  },
-  regexManagers: [
-    {
-      fileMatch: ['^\\.pre-commit-config\\.yaml$'],
-      matchStrings: [" +- '?(?<depName>[^' @=]+)(@|==)(?<currentValue>[^' @=]+)'? # (?<datasource>.+)"],
-    },
-    {
-      fileMatch: ['^c2cciutils/applications-versions\\.yaml$'],
-      matchStrings: [
-        '(?<depName>[^\\s]+): (?<currentValue>[^\\s]+) # (?<datasource>[^\\s]+) - (?<registryUrl>[^\\s]+)',
-        '(?<depName>[^\\s]+): (?<currentValue>[^\\s]+) # (?<datasource>[^h\\s][^\\s]+)',
-      ],
-    },
-    {
-      fileMatch: ['^ci/dpkg-versions\\.yaml$'],
-      matchStrings: [" *(?<depName>[^'\\s]+): '?(?<currentValue>[^'\\s/]*[0-9][^'\\s/]*)'?"],
-      datasourceTemplate: 'repology',
-      versioningTemplate: 'loose',
-    },
-    {
-      fileMatch: ['^ci/config\\\\.yaml$'],
-      matchStrings: [
-        '.*https://raw\\\\.githubusercontent\\\\.com/(?<depName>[^\\\\s]+)/(?<currentValue>[0-9\\\\.]+)/.*',
-      ],
-      datasourceTemplate: 'github-tags',
-    },
-  ],
-  packageRules: [
-    /** Automerge the patch, the minor and the dev dependency */
-    {
-      matchBaseBranches: ['master'],
-      matchUpdateTypes: ['minor', 'patch'],
-      automerge: true,
-    },
-    {
-      matchDepTypes: ['devDependencies'],
-      automerge: true,
-    },
-    /** Group the patch and the minor */
-    {
-      matchUpdateTypes: ['patch'],
-      groupName: 'all patch versions',
-    },
-    {
-      matchUpdateTypes: ['minor'],
-      groupName: 'all minor versions',
-    },
-    /** Group Poetry packages */
-    {
-      matchPackageNames: ['poetry', 'pip'],
-      matchPackagePrefixes: ['poetry-'],
-      groupName: 'Poetry',
-      automerge: true,
-      separateMajorMinor: false,
-      separateMinorPatch: false,
-    },
-    /** Accept only the patch on the stabilization branches */
-    {
-      matchBaseBranches: ['/1\\..*/'],
-      matchUpdateTypes: ['major', 'minor', 'pin', 'digest', 'lockFileMaintenance', 'rollback', 'bump'],
-      enabled: false,
-    },
-    /** Ungroup codespell */
-    {
-      matchPackageNames: ['codespell'],
-      groupName: 'codespell',
-    },
-    /** Update dpkg versions every day */
-    {
-      matchPaths: ['^ci/dpkg-versions\\.yaml$'],
-      schedule: ['at any time'],
-      groupName: 'dpkg',
-      automerge: true,
-    },
-    {
-      matchDatasources: ['repology'],
-      schedule: ['at any time'],
-      groupName: 'dpkg',
-      automerge: true,
-    },
-    {
-      matchPackageNames: ['shellcheck-py/shellcheck-py'],
-      versioning: 'regex:^v(?<major>\\d+)\\.(?<minor>\\d+)\\.(?<patch>\\d+)\\.(?<build>\\d+)$',
-    },
-  ],
-}
diff --git a/.github/workflows/audit.yaml b/.github/workflows/audit.yaml
deleted file mode 100644
index 3773a7bc5..000000000
--- a/.github/workflows/audit.yaml
+++ /dev/null
@@ -1,56 +0,0 @@
----
-name: Audit
-
-on:
-  schedule:
-    - cron: '30 2 * * *'
-
-env:
-  POETRY_DYNAMIC_VERSIONING_BYPASS: 0.0.0
-
-jobs:
-  audit:
-    runs-on: ubuntu-22.04
-    name: Audit
-    timeout-minutes: 10
-
-    strategy:
-      fail-fast: false
-      matrix:
-        branch:
-          - '1.1'
-          - '1.2'
-          - '1.3'
-          - '1.4'
-          - '1.5'
-
-    steps:
-      - uses: actions/checkout@v3
-        with:
-          ref: ${{ matrix.branch }}
-          token: ${{ secrets.GOPASS_CI_GITHUB_TOKEN }}
-
-      - uses: camptocamp/initialise-gopass-summon-action@v2
-        with:
-          ci-gpg-private-key: ${{secrets.CI_GPG_PRIVATE_KEY}}
-          github-gopass-ci-token: ${{secrets.GOPASS_CI_GITHUB_TOKEN}}
-
-      - run: python3 -m venv ~/.venv
-      - run: ~/.venv/bin/pip install --pre c2cciutils[audit]
-      - run: python3 -m pip install --pre c2cciutils[audit]
-
-      - name: Check .tool-versions file existence
-        id: tool-versions
-        uses: andstor/file-existence-action@v2
-        with:
-          files: .tool-versions
-      - uses: asdf-vm/actions/install@v2
-        if: steps.tool-versions.outputs.files_exists == 'true'
-      - run: cat /tmp/python-build.*.log
-        if: failure()
-      - run: python --version
-
-      - name: Audit
-        run: ~/.venv/bin/c2cciutils-audit --branch=${{ matrix.branch }}
-        env:
-          GITHUB_TOKEN: ${{ secrets.GOPASS_CI_GITHUB_TOKEN }}
diff --git a/.github/workflows/changelog.yaml b/.github/workflows/changelog.yaml
index f4c65acb9..a623fb49c 100644
--- a/.github/workflows/changelog.yaml
+++ b/.github/workflows/changelog.yaml
@@ -2,10 +2,10 @@ name: Changelog Generator
 
 on:
   schedule:
-    - cron: '0 0 * * 1,4'
-  push:
-    tags:
-      - '*.*.*'
+    - cron: 0 0 * * 1,4
+  repository_dispatch:
+    types:
+      - changelog
 
 jobs:
   changelog:
@@ -16,23 +16,25 @@ jobs:
     steps:
       - name: Get Date
         id: get-date
-        run: |
-          echo "date=$(/bin/date -u "+%Y%m%d%H%M%S")" >> $GITHUB_OUTPUT
+        run: echo "date=$(/bin/date -u "+%Y%m%d%H%M%S")" >> $GITHUB_OUTPUT
       - uses: actions/cache@v3
         with:
           path: .cache
           key: automation-${{ steps.get-date.outputs.date }}
-          restore-keys: |
+          restore-keys: |+
             automation-
 
       - run: docker pull aeonphp/automation
       - name: Generate changelog
-        run: >
+        run: >-
           docker run --env=AEON_AUTOMATION_GH_TOKEN --rm --volume=$(pwd)/.cache:/cache aeonphp/automation
           changelog:generate:all
           ${{ github.repository }}
           --github-release-update
           --cache-path=/cache
+          --skip-from=dependabot-preview[bot]
+          --skip-from=dependabot[bot]
+          --skip-from=renovate[bot]
           -v
         env:
           AEON_AUTOMATION_GH_TOKEN: ${{ secrets.GOPASS_CI_GITHUB_TOKEN }}
diff --git a/.github/workflows/dependency-auto-review.yaml b/.github/workflows/dependency-auto-review.yaml
new file mode 100644
index 000000000..d09719021
--- /dev/null
+++ b/.github/workflows/dependency-auto-review.yaml
@@ -0,0 +1,25 @@
+name: Auto reviews updates
+
+on:
+  pull_request:
+    types:
+      - opened
+      - reopened
+
+jobs:
+  auto-merge:
+    name: Auto reviews updates
+    runs-on: ubuntu-22.04
+    timeout-minutes: 5
+
+    steps:
+      - uses: actions/github-script@v6
+        with:
+          script: |-
+            github.rest.pulls.createReview({
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              pull_number: context.payload.pull_request.number,
+              event: 'APPROVE',
+            })
+    if: github.event.pull_request.user.login == 'renovate[bot]'
diff --git a/.github/workflows/dependency-update-review.yaml b/.github/workflows/dependency-update-review.yaml
deleted file mode 100644
index 2d6c98e68..000000000
--- a/.github/workflows/dependency-update-review.yaml
+++ /dev/null
@@ -1,22 +0,0 @@
-name: Auto reviews updates
-
-on:
-  pull_request:
-    types:
-      - opened
-      - reopened
-      - synchronize
-
-jobs:
-  auto-merge:
-    name: Auto reviews updates
-    runs-on: ubuntu-22.04
-    timeout-minutes: 5
-
-    steps:
-      - name: Auto reviews updates
-        uses: golfzaptw/action-auto-reviews-from-branches@1.2.3
-        with:
-          GITHUB_TOKEN: ${{ secrets.GOPASS_CI_GITHUB_TOKEN }}
-          AUTHOR: renovate[bot]
-    if: github.event.pull_request.user.login == 'renovate[bot]'
diff --git a/CHANGELOG.md b/CHANGELOG.md
deleted file mode 100644
index 8f2681769..000000000
--- a/CHANGELOG.md
+++ /dev/null
@@ -1,3 +0,0 @@
-# 1.6
-
-Replace checks by pre-commit hook, proposed migration script: https://gist.github.com/sbrunner/b0897996c0b475c97b0aef97b7849883
diff --git a/ci/config.yaml b/ci/config.yaml
index f4b06d0a7..ab504768e 100644
--- a/ci/config.yaml
+++ b/ci/config.yaml
@@ -1,4 +1,4 @@
-# yaml-language-server: $schema=https://raw.githubusercontent.com/camptocamp/c2cciutils/master/c2cciutils/schema.json
+# yaml-language-server: $schema=https://raw.githubusercontent.com/camptocamp/c2cciutils/1.6.0/c2cciutils/schema.json
 
 audit:
   snyk: