Configures dependabot for monthly checks for action version updates and manually updates to all the latest action versions. (#149)

2024-10-04 17:22:32 +02:00 · 2023-11-14 18:46:31 -08:00 · 2023-11-14 18:46:31 -08:00 · 843685cc55
commit 843685cc55
parent 4bed56b02c
3 changed files with 48 additions and 9 deletions
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@ -0,0 +1,20 @@
+# https://docs.github.com/en/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/configuration-options-for-dependency-updates#package-ecosystem
+
+version: 2
+updates:
+
+  # Enable updates for GitHub Actions
+  - package-ecosystem: "github-actions"
+    target-branch: "master"
+    directory: "/"
+    schedule:
+      # Check for updates to GitHub Actions every month
+      interval: "monthly"
+    labels:
+      - "dependencies"
+    groups:
+      actions:
+        update-types:
+          - "major"
+          - "minor"
+          - "patch"
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@ -11,29 +11,48 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4

      - name: Docker meta
        id: docker_meta
-        uses: crazy-max/ghaction-docker-meta@v1
+        uses: docker/metadata-action@v5
        with:
-          images: ${{ secrets.DOCKER_IMAGE }}
-          tag-edge: true
+          images: |
+            docker.io/caronc/apprise
+          tags: |
+            type=semver,event=tag,pattern={{version}}
+            type=semver,event=tag,pattern={{major}}.{{minor}}
+            type=edge,branch=master

      - name: Set up QEMU
-        uses: docker/setup-qemu-action@v1
+        uses: docker/setup-qemu-action@v3

      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v1
+        uses: docker/setup-buildx-action@v3
+
+      - name: Check pushing to Docker Hub
+        id: push-other-places
+        # Only push to Dockerhub from the main repo
+        # Otherwise forks would require a Docker Hub account and secrets setup
+        run: |
+          if [[ ${{ github.repository_owner }} == "caronc" ]] ; then
+            echo "Enabling DockerHub image push"
+            echo "enable=true" >> $GITHUB_OUTPUT
+          else
+            echo "Not pushing to DockerHub"
+            echo "enable=false" >> $GITHUB_OUTPUT
+          fi

      - name: Login to DockerHub
-        uses: docker/login-action@v1
+        uses: docker/login-action@v3
+        # Don't attempt to login is not pushing to Docker Hub
+        if: steps.push-other-places.outputs.enable == 'true'
        with:
          username: ${{ secrets.DOCKER_USERNAME }}
          password: ${{ secrets.DOCKER_PASSWORD }}

      - name: Build and push
-        uses: docker/build-push-action@v2
+        uses: docker/build-push-action@v5
        with:
          context: .
          platforms: linux/amd64,linux/arm64
--- a/.github/workflows/tests.yml
+++ b/.github/workflows/tests.yml
@ -47,7 +47,7 @@ jobs:
    steps:

    - name: Acquire sources
-      uses: actions/checkout@v3
+      uses: actions/checkout@v4

    - name: Install prerequisites (Linux)
      if: runner.os == 'Linux'