diff --git a/.cicd/check-json-in-config.py b/.cicd/check-json-in-config.py new file mode 100755 index 000000000..51354c1db --- /dev/null +++ b/.cicd/check-json-in-config.py @@ -0,0 +1,37 @@ +#!/usr/bin/env python3 +import sys +import pathlib + +ROOT = pathlib.Path(__file__).resolve().parent.parent +CONFIG_FILE = ROOT / ".pre-commit-config.yaml" +PRESETS = ROOT / ".cicd/presets" + +def main(argv: list[str]) -> int: + if not CONFIG_FILE.exists(): + print(".pre-commit-config.yaml not found in repo root") + return 1 + + config_text = CONFIG_FILE.read_text() + + missing = [] + for file_arg in argv: + path = pathlib.Path(file_arg) + + # only care about JSONs in repo root + if path.suffix == ".json" and path.parent.resolve() == PRESETS: + print(f"Checking {path.name}...", flush=True) + if path.name not in config_text: + missing.append(path.name) + + if missing: + print("\nThese JSON files are missing from .pre-commit-config.yaml:") + for m in missing: + print(f" - {m}") + return 1 + + print("\nAll JSON files passed the config check") + return 0 + + +if __name__ == "__main__": + sys.exit(main(sys.argv[1:])) diff --git a/.cicd/presets/default.json b/.cicd/presets/default.json new file mode 100644 index 000000000..ce873dd79 --- /dev/null +++ b/.cicd/presets/default.json @@ -0,0 +1,17 @@ +{ + "$schema": "https://docs.renovatebot.com/renovate-schema.json", + "description": "Default preset for use with Salt Winrepo repos", + "extends": [ + "config:best-practices", + "github>saltstack/salt-winrepo-ng//.cicd/presets/github-actions", + "github>saltstack/salt-winrepo-ng//.cicd/presets/package-sls", + "github>saltstack/salt-winrepo-ng//.cicd/presets/pre-commit", + "github>saltstack/salt-winrepo-ng//.cicd/presets/weekends", + ":automergeStableNonMajor", + ":prHourlyLimit4", + ":semanticCommitScopeDisabled", + ":semanticPrefixChore" + ], + "automergeStrategy": "merge-commit", + "dependencyDashboardTitle": "Renovate Dashboard" +} diff --git a/.cicd/presets/github-actions.json b/.cicd/presets/github-actions.json new file mode 100644 index 000000000..76f223abd --- /dev/null +++ b/.cicd/presets/github-actions.json @@ -0,0 +1,8 @@ +{ + "$schema": "https://docs.renovatebot.com/renovate-schema.json", + "description": "Group `github-actions` non-major updates and enable regex versions", + "extends": [ + "github>saltstack/salt-winrepo-ng//.cicd/presets/groupByManager(github-actions,actions/images)", + "customManagers:githubActionsVersions" + ] +} diff --git a/.cicd/presets/groupByManager.json b/.cicd/presets/groupByManager.json new file mode 100644 index 000000000..1db014a64 --- /dev/null +++ b/.cicd/presets/groupByManager.json @@ -0,0 +1,11 @@ +{ + "$schema": "https://docs.renovatebot.com/renovate-schema.json", + "description": "Group non-major updates by manager", + "packageRules": [ + { + "groupName": "`{{arg0}}` non-major {{arg1}}", + "matchManagers": ["{{arg0}}"], + "matchUpdateTypes": ["digest", "minor", "patch"] + } + ] +} diff --git a/.cicd/presets/package-sls.json b/.cicd/presets/package-sls.json new file mode 100644 index 000000000..b680aca81 --- /dev/null +++ b/.cicd/presets/package-sls.json @@ -0,0 +1,29 @@ +{ + "$schema": "https://docs.renovatebot.com/renovate-schema.json", + "description": "Custom manager for use with Salt Winrepo package `sls` files", + "customManagers": [ + { + "customType": "regex", + "managerFilePatterns": ["**/*.sls"], + "matchStrings": [ + "# renovate: datasource=(?[a-z-.]+?) depName=(?\\S+?)(?: packageName=(?\\S+?))?\\s+- [\"']?(?.+?)[\"']?\\s" + ], + "autoReplaceStringTemplate": "# renovate: datasource={{{datasource}}} depName={{{depName}}}{{#unless (equals depName packageName)}} packageName={{{packageName}}}{{/unless}}\n- '{{{newValue}}}'\n- '{{{currentValue}}}'\n", + "versioningTemplate": "loose" + } + ], + "packageRules": [ + { + "matchFileNames": ["**/*.sls"], + "automerge": true, + "commitMessageAction": "add", + "commitMessageExtra": "{{prettyNewVersion}}", + "commitMessageTopic": "`{{depName}}` version", + "extends": [ + ":semanticCommitScopeDisabled", + ":semanticCommitType(update)" + ], + "schedule": ["* * * * *"] + } + ] +} diff --git a/.cicd/presets/pre-commit.json b/.cicd/presets/pre-commit.json new file mode 100644 index 000000000..71bf40b02 --- /dev/null +++ b/.cicd/presets/pre-commit.json @@ -0,0 +1,19 @@ +{ + "$schema": "https://docs.renovatebot.com/renovate-schema.json", + "description": "Enable `pre-commit` manager and group non-major updates", + "extends": [ + "github>saltstack/salt-winrepo-ng//.cicd/presets/groupByManager(pre-commit,hooks)", + ":enablePreCommit" + ], + "customManagers": [ + { + "description": "Manage `pre-commit` additional dependencies with comment. See https://github.com/renovatebot/renovate/issues/20780", + "customType": "regex", + "managerFilePatterns": ["/(^|/)\\.pre-commit-config\\.ya?ml$/"], + "matchStrings": [ + "# renovate: datasource=(?.*?)( versioning=(?.*?))?\\s+-\\s+['\"]?(?[^=]+)(?:==(?[^'\"\\s]*))?" + ], + "versioningTemplate": "{{#if versioning}}{{{versioning}}}{{else}}pep440{{/if}}" + } + ] +} diff --git a/.cicd/presets/weekends.json b/.cicd/presets/weekends.json new file mode 100644 index 000000000..a28e11bca --- /dev/null +++ b/.cicd/presets/weekends.json @@ -0,0 +1,5 @@ +{ + "$schema": "https://docs.renovatebot.com/renovate-schema.json", + "description": "Schedule updates between 00:00 and 07:59 on weekends", + "schedule": ["* 0-7 * * 0,6"] +} diff --git a/.github/renovate.json5 b/.github/renovate.json5 index 351b84de2..77a3daaad 100644 --- a/.github/renovate.json5 +++ b/.github/renovate.json5 @@ -1,13 +1,7 @@ { "extends": [ - "config:recommended", - ":enablePreCommit", - ":semanticCommitScopeDisabled", - ":semanticPrefixChore", - "helpers:pinGitHubActionDigestsToSemver", - "customManagers:githubActionsVersions", + "github>saltstack/salt-winrepo-ng//.cicd/presets/default", ], - "dependencyDashboardTitle": "Renovate Dashboard", "customDatasources": { "firefox": { "defaultRegistryUrlTemplate": "https://product-details.mozilla.org/1.0/firefox_versions.json", @@ -43,25 +37,6 @@ ], }, }, - "customManagers": [ - { // See https://github.com/renovatebot/renovate/issues/20780 - "customType": "regex", - "managerFilePatterns": ["/(^|/)\\.pre-commit-config\\.ya?ml$/"], - "matchStrings": [ - "# renovate: datasource=(?.*?)( versioning=(?.*?))?\\s+-\\s+['\"]?(?[^=]+)(?:==(?[^'\"\\s]*))?" - ], - "versioningTemplate": "{{#if versioning}}{{{versioning}}}{{else}}pep440{{/if}}" - }, - { - "customType": "regex", - "managerFilePatterns": ["**/*.sls"], - "matchStrings": [ - "# renovate: datasource=(?[a-z-.]+?) depName=(?\\S+?)(?: packageName=(?\\S+?))?\\s+- [\"']?(?.+?)[\"']?\\s", - ], - "autoReplaceStringTemplate": "# renovate: datasource={{{datasource}}} depName={{{depName}}}{{#unless (equals depName packageName)}} packageName={{{packageName}}}{{/unless}}\n- '{{{newValue}}}'\n- '{{{currentValue}}}'\n", - "versioningTemplate": "loose", - }, - ], "packageRules": [ { "matchDatasources": ["custom.vlc"], @@ -89,32 +64,5 @@ "matchUpdateTypes": ["major"], "enabled": false, }, - { - "matchFileNames": ["**/*.sls"], - "automerge": true, - "commitMessageAction": "add", - "commitMessageExtra": "{{prettyNewVersion}}", - "commitMessageTopic": "`{{depName}}` version", - "extends": [ - ":semanticCommitScopeDisabled", - ":semanticCommitType(update)", - ], - }, - { - "matchManagers": [ - "github-actions", - "pre-commit" - ], - "matchUpdateTypes": ["minor", "patch"], - "automerge": true, - }, - { - "matchManagers": ["github-actions"], - "groupName": "github-actions minor/patch", - }, - { - "matchManagers": ["pre-commit"], - "groupName": "pre-commit hook minor/patch", - }, ], } diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index adcd61133..85128f0b3 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -27,14 +27,11 @@ jobs: needs: should-run if: fromJSON(needs.should-run.outputs.should-run) runs-on: ubuntu-24.04 - env: - # renovate: datasource=custom.python-versions depName=actions/python-versions versioning=pep440 - PYTHON_VERSION: 3.14.2 steps: - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0 with: - python-version: ${{ env.PYTHON_VERSION }} + python-version: 3.14.2 - uses: pre-commit/action@2c7b3805fd2a0fd8c1884dcaebf91fc102a13ecd # v3.0.1 gsv: name: Get Salt versions @@ -88,7 +85,7 @@ jobs: Write-Host ("::error title=salt-call::salt-call returned exit code: $LASTEXITCODE") exit 1 } - - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 + - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 if: needs.gsv.outputs.salt-latest == matrix.salt-version with: if-no-files-found: error @@ -158,7 +155,7 @@ jobs: additional-packages: conventional-changelog-conventionalcommits@${{ env.CC_CONV_COMMITS_VERSION }} env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 + - uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0 if: runner.debug || fromJSON(steps.sem-rel.outputs.new-release-published) - name: Transform dumped repo data to Renovate-style JSON if: runner.debug || fromJSON(steps.sem-rel.outputs.new-release-published) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 2f0c2c7e2..5285670e0 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -2,6 +2,13 @@ # See https://pre-commit.com for more information # See https://pre-commit.com/hooks.html for more hooks repos: + - repo: local + hooks: + - id: check-json-in-config + name: Check JSON files are in pre-commit-config.yaml + entry: .cicd/check-json-in-config.py + language: python + types: [json] - repo: https://github.com/pre-commit/pre-commit-hooks rev: v6.0.0 hooks: @@ -31,3 +38,19 @@ repos: hooks: - id: shellcheck name: Check shell scripts with shellcheck + - repo: https://github.com/renovatebot/pre-commit-hooks + rev: 42.52.3 + hooks: + - id: renovate-config-validator + name: Check Renovate config with renovate-config-validator + files: | + (?x)( + (^|/).?renovate(?:rc)?(?:\.json5?)?$| + default.json| + github-actions.json| + groupByManager.json| + package-sls.json| + pre-commit.json| + weekends.json| + (?!) + )$ diff --git a/nsclient.sls b/nsclient.sls index 00a44a2af..710f2fa45 100644 --- a/nsclient.sls +++ b/nsclient.sls @@ -1,5 +1,6 @@ {% load_yaml as versions -%} # renovate: datasource=github-releases depName=nscp packageName=mickem/nscp +- '0.10.9' - '0.10.8' - '0.10.7' - '0.9.15'