played/workflows
4
0
Fork 0
Code Issues 1 Pull Requests 1 Actions Packages Projects Releases Wiki Activity

ci: add self-hosted Renovate for cross-repo dependency sync

Browse Source 
Scheduled Renovate bot (renovate.yml) + shared preset (renovate-config.json)
that every game/plaza repo extends, so dependency bumps land the same way
across repos. @played/* grouped together, third-party non-major batched.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
This commit is contained in:
Enrico Bühler
2026-05-29 01:26:36 +02:00
parent 0c5f9a347a
commit ee51f4f032
3 changed files with 105 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
README.md
+16
View File
@@ -45,3 +45,19 @@ jobs:
- The VM working dir is `~/<game-id>` (the deploy step `cd`s there).
- Secrets dir is `~/<game-id>-secrets/`.
- `compose.production.yml` defines `api-core` and `web` services, both with `--env-file ~/<game-id>-secrets/.env`.
## `renovate.yml` + `renovate-config.json`
Self-hosted [Renovate](https://docs.renovatebot.com) that keeps dependencies aligned across the game repos. `renovate.yml` is a scheduled bot (Mondays 06:00 UTC, plus manual `workflow_dispatch`); `renovate-config.json` is the shared preset every repo extends, so a bump lands the same way everywhere. Updates are grouped (`@played/*` together; third-party non-major batched) to keep PR noise down.
### One-time setup
1. Create a Gitea PAT — a dedicated `renovate` bot user is cleanest — with scopes `read:user`, `write:repository`, `write:issue`. Add it as the `RENOVATE_TOKEN` Actions secret (org-level, or on this repo).
2. Make sure the existing `NPMRC` secret (registry + `@played` auth) is visible to this repo's Actions run (org-level recommended) — Renovate uses it to look up `@played/*` versions.
3. Push, then run the workflow once (**Run workflow**). Renovate opens a "Configure Renovate" onboarding PR in each target repo that does `extends: ["local>played/workflows:renovate-config"]`; merge them to go live.
### Target repos
Listed in `renovate.yml` under `RENOVATE_REPOSITORIES` (the six games + `plaza`). Add the shared packages (`app-ui`, `games-registry`, `api-core`, …) to that list to manage them too, or switch to `RENOVATE_AUTODISCOVER=true` with `RENOVATE_AUTODISCOVER_FILTER=played/*`.
> The bot only keeps versions *current* together (it opens PRs). For hard parity — failing CI when any repo drifts — pair it with a [`syncpack`](https://github.com/JamieMason/syncpack) check.