Update files based on repository configuration (#233)

Co-authored-by: pleo-file-distributor[bot] <114988919+pleo-file-distributor[bot]@users.noreply.github.com>
pleo-io · Dec 21, 2023 · 5cfa9c1 · 5cfa9c1
1 parent f3db2f4
commit 5cfa9c1
Show file tree

Hide file tree

Showing 9 changed files with 120 additions and 140 deletions.
diff --git a/.autorc.json b/.autorc.json
@@ -36,11 +36,23 @@
     }
   ],
   "plugins": [
-    ["git-tag"],
+    [
+      "git-tag"
+    ],
     [
       "omit-release-notes",
       {
-        "username": ["pleo-bot-renovate"]
+        "username": [
+          "pleo-bot-renovate"
+        ]
+      }
+    ],
+    [
+      "omit-commits",
+      {
+        "email": [
+          "[email protected]"
+        ]
       }
     ]
   ]

diff --git a/.github/.kodiak.toml b/.github/.kodiak.toml
@@ -1,7 +1,7 @@
 # THIS CODE WAS AUTOGENERATED. DO NOT MODIFY THIS FILE DIRECTLY
 # THE SOURCE CODE LIVES IN A DIFFERENT REPOSITORY:
 #   - centralized-templates
-# FILE STEWARD: @pleo-io/devx
+# FILE STEWARD: @pleo-io/devx,@pleo-bot-auto-approver
 
 version = 1
 

diff --git a/.github/workflows/assign-random-codeowner.yaml b/.github/workflows/assign-random-codeowner.yaml
@@ -1,7 +1,7 @@
 # THIS CODE WAS AUTOGENERATED. DO NOT MODIFY THIS FILE DIRECTLY
 # THE SOURCE CODE LIVES IN A DIFFERENT REPOSITORY:
 #   - centralized-templates
-# FILE STEWARD: @pleo-io/devx
+# FILE STEWARD: @pleo-io/devx,@pleo-bot-auto-approver
 
 name: Assign Random CODEOWNERS
 
@@ -26,7 +26,7 @@ jobs:
     steps:
       # Checkout the repository in order to detect and parse CODEOWNERS
       - name: Checkout code
-        uses: actions/checkout@v3
+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
 
       # Elevate token permissions to allow assigning people to PRs
       - name: Allow assigning reviewers
@@ -38,7 +38,7 @@ jobs:
 
       # Assign random CODEOWNERS unless reviewers have been assigned manually
       - name: Assign CODEOWNERS
-        uses: pleo-io/assign-random-codeowners@v0.2.11
+        uses: pleo-io/assign-random-codeowners@v0.3.27
         with:
           reviewers-to-assign: 2
           assign-from-changed-files: true

diff --git a/.github/workflows/build-and-test.yaml b/.github/workflows/build-and-test.yaml
@@ -1,7 +1,7 @@
 # THIS CODE WAS AUTOGENERATED. DO NOT MODIFY THIS FILE DIRECTLY
 # THE SOURCE CODE LIVES IN A DIFFERENT REPOSITORY:
 #   - centralized-templates
-# FILE STEWARD: @pleo-io/devx
+# FILE STEWARD: @pleo-io/devx,@pleo-bot-auto-approver
 
 name: Build & Test Kotlin
 on: push
@@ -21,7 +21,7 @@ jobs:
       result: ${{ steps.only-config-changed.outputs.only_configuration_files_have_changed }}
     steps:
       - name: Checkout code
-        uses: actions/checkout@v3.5.3
+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
         with:
           fetch-depth: ${{ (github.event.repository.default_branch == github.ref_name && 2) || 0 }}
           ref: ${{ github.event.repository.default_branch }}
@@ -66,16 +66,17 @@ jobs:
     timeout-minutes: 30
     steps:
       - name: Checkout code
-        uses: actions/checkout@v3.5.3
+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
 
         # Login to AWS for fetching CI/CD cache.
       - name: Configure AWS credentials
         if: ${{ github.event.repository.visibility != 'public' }}
-        uses: aws-actions/configure-aws-credentials@v2.2.0
+        uses: aws-actions/configure-aws-credentials@v4.0.1
         with:
           aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID_CICD_S3_CACHE }}
           aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY_CICD_S3_CACHE }}
           aws-region: eu-west-1
+          special-characters-workaround: true
 
         # Check whether the current code has already been run in CI/CD.
       - name: Check CI/CD cache
@@ -90,14 +91,14 @@ jobs:
 
         # Set up a JDK environment for building, testing and releasing.
       - name: Set up JDK 17
-        uses: actions/setup-java@v3.12.0
+        uses: actions/setup-java@v3.13.0
         with:
           java-version: 17
           distribution: temurin
 
       # Allow caching Gradle executions to further speed up CI/CD steps invoking Gradle.
       - name: Setup Gradle
-        uses: gradle/gradle-build-action@v2.7.0
+        uses: gradle/gradle-build-action@v2.10.0
         with:
           gradle-executable: ./gradlew
           gradle-version: wrapper
@@ -110,35 +111,23 @@ jobs:
         env:
           GRADLE_USER: ${{ secrets.GITHUB_ACTOR }}
           GRADLE_READ_KEY: ${{ secrets.GH_REGISTRY_GRADLE_TOKEN }}
+          JOB_RUNR_REPO_PASSWORD: ${{ secrets.JOB_RUNR_REPO_PASSWORD }}
 
       - name: Run Unit Tests
         if: steps.s3-cache.outputs.processed != 'true'
         run: ./gradlew check
         env:
           GRADLE_USER: ${{ secrets.GITHUB_ACTOR }}
           GRADLE_READ_KEY: ${{ secrets.GH_REGISTRY_GRADLE_TOKEN }}
+          JOB_RUNR_REPO_PASSWORD: ${{ secrets.JOB_RUNR_REPO_PASSWORD }}
 
       - name: Publish Unit Tests report to GitHub
         if: steps.s3-cache.outputs.processed != 'true'
-        uses: mikepenz/action-junit-report@v3.8.0
+        uses: mikepenz/action-junit-report@0831a82caad2465c31c6dd929978f640cb42556c # v4.0.3
         with:
           check_name: Unit Tests report
           report_paths: "**/build/test-results/test/TEST-*.xml"
 
-      - name: Generate aggregated code coverage report
-        if: steps.s3-cache.outputs.processed != 'true'
-        run: ./gradlew jacocoAggregateReport
-        env:
-          GRADLE_USER: ${{ secrets.GITHUB_ACTOR }}
-          GRADLE_READ_KEY: ${{ secrets.GH_REGISTRY_GRADLE_TOKEN }}
-
-      - name: Publish code coverage report to Coveralls
-        if: steps.s3-cache.outputs.processed != 'true'
-        continue-on-error: true
-        env:
-          COVERALLS_REPO_TOKEN: ${{ secrets.COVERALLS_REPO_TOKEN }}
-        run: ./gradlew :coverallsJacoco
-
       # Run Detekt
       - name: Run Detekt
         continue-on-error: true
@@ -147,6 +136,7 @@ jobs:
         env:
           GITHUB_TOKEN: ${{ secrets.GH_REGISTRY_GRADLE_TOKEN }}
           GRADLE_READ_KEY: ${{ secrets.GH_REGISTRY_GRADLE_TOKEN }}
+          JOB_RUNR_REPO_PASSWORD: ${{ secrets.JOB_RUNR_REPO_PASSWORD }}
 
       # Publish Detekt results to GitHub.
       - name: Publish Detekt SARIF report to GitHub

diff --git a/.github/workflows/codeql-analysis.yaml b/.github/workflows/codeql-analysis.yaml
@@ -34,20 +34,20 @@ jobs:
       security-events: write
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v3
+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
       - name: Set Working Language
         run: echo "WORKING_LANGUAGE=${{env[format('language_{0}', github.event.repository.language)]}}" >> "$GITHUB_ENV"
       # Set up a JDK environment for building, testing and releasing.
       - name: Set up JDK 17
-        uses: actions/setup-java@v3.12.0
+        uses: actions/setup-java@v3.13.0
         if: ${{ env.WORKING_LANGUAGE == 'java' }}
         with:
           java-version: 17
           distribution: temurin
 
       # Allow caching Gradle executions to further speed up CI/CD steps invoking Gradle.
       - name: Setup Gradle
-        uses: gradle/gradle-build-action@v2.7.0
+        uses: gradle/gradle-build-action@v2.10.0
         if: ${{ env.WORKING_LANGUAGE == 'java' }}
         with:
           gradle-executable: ./gradlew
@@ -56,7 +56,7 @@ jobs:
 
       # Set up a Node environment for JS/TS/Node client generation.
       - name: Set up Node 20
-        uses: actions/setup-node@v3
+        uses: actions/setup-node@v4
         if: ${{ env.WORKING_LANGUAGE == 'javascript' }}
         with:
           node-version: 20
@@ -76,6 +76,7 @@ jobs:
         env:
           GITHUB_TOKEN: ${{ secrets.GH_REGISTRY_GRADLE_TOKEN }}
           GRADLE_READ_KEY: ${{ secrets.GH_REGISTRY_GRADLE_TOKEN }}
+          JOB_RUNR_REPO_PASSWORD: ${{ secrets.JOB_RUNR_REPO_PASSWORD }}
 
       - name: Perform CodeQL Analysis
         uses: github/codeql-action/analyze@v2

diff --git a/.github/workflows/format-kotlin.yaml b/.github/workflows/format-kotlin.yaml
@@ -1,14 +1,19 @@
 # THIS CODE WAS AUTOGENERATED. DO NOT MODIFY THIS FILE DIRECTLY
 # THE SOURCE CODE LIVES IN A DIFFERENT REPOSITORY:
 #   - centralized-templates
-# FILE STEWARD: @pleo-io/devx
+# FILE STEWARD: @pleo-io/devx,@pleo-bot-auto-approver
 
 name: Format Kotlin
 on:
   push:
     branches-ignore:
       - main
       - master
+      - "depencencies/**"
+  pull_request:
+    branches:
+      - main
+      - master
 
 concurrency:
   group: ci-${{ github.workflow }}-${{ github.ref }}
@@ -30,20 +35,20 @@ jobs:
 
       # Checkout code with push privileges.
       - name: Checkout code
-        uses: actions/checkout@v3.5.3
+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
         with:
           token: ${{ steps.get-admin-token.outputs.token }}
 
       # Set up a JDK environment for building, testing and releasing.
       - name: Set up JDK 17
-        uses: actions/setup-java@v3.12.0
+        uses: actions/setup-java@v3.13.0
         with:
           java-version: 17
           distribution: temurin
 
       # Allow caching Gradle executions to further speed up CI/CD steps invoking Gradle.
       - name: Setup Gradle
-        uses: gradle/gradle-build-action@v2.7.0
+        uses: gradle/gradle-build-action@v2.10.0
         with:
           gradle-executable: ./gradlew
           gradle-version: wrapper
@@ -55,6 +60,7 @@ jobs:
           ./gradlew formatkotlin
         env:
           GRADLE_READ_KEY: ${{ secrets.GH_REGISTRY_GRADLE_TOKEN }}
+          JOB_RUNR_REPO_PASSWORD: ${{ secrets.JOB_RUNR_REPO_PASSWORD }}
 
       # Add and commit any formatted files.
       - name: Add formatted files

diff --git a/.github/workflows/pr-help.yaml b/.github/workflows/pr-help.yaml
@@ -1,7 +1,7 @@
 # THIS CODE WAS AUTOGENERATED. DO NOT MODIFY THIS FILE DIRECTLY
 # THE SOURCE CODE LIVES IN A DIFFERENT REPOSITORY:
 #   - centralized-templates
-# FILE STEWARD: @pleo-io/devx
+# FILE STEWARD: @pleo-io/devx,@pleo-bot-auto-approver
 
 name: Check PR
 on:
@@ -26,19 +26,17 @@ concurrency:
   group: ci-${{ github.workflow }}-${{ github.ref }}
   cancel-in-progress: true
 
+env:
+  autoApproveEnabled: true
+
 jobs:
-  validate-pr:
-    timeout-minutes: 5
-    name: Validate PR
-    permissions: write-all
+  auto-approve-pr:
     runs-on: ubuntu-latest
-
+    name: Auto-approve PR
+    if: ${{ github.actor == 'pleo-bot-renovate' && contains(github.event.pull_request.labels.*.name, 'autoapprove') }}
     steps:
-      - name: Setup
-        uses: actions/setup-node@v3
-
-      - name: Run Danger
-        run: npx danger ci -v --dangerfile pleo-io/danger-config/dangerfile.ts@main
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          DANGER_GITHUB_API_BASE_URL: https://api.github.com
+      - uses: hmarr/auto-approve-action@v3
+        if: env.autoApproveEnabled == 'true'
+        with:
+          github-token: ${{ secrets.PLEO_BOT_AUTO_APPROVER_TOKEN }}
+          review-message: "This has been auto-approved by @pleo-bot-auto-approver. If your PR isn't being auto-merged as desired, make sure to add @pleo-bot-auto-approver to the CODEOWNERS file. More details how to use Renovate [here](https://www.notion.so/pleo/How-to-use-Renovate-781e4861200744c6b38d3efd8c6d525a?pvs=4)"