surtur
e00b7256af
...thanks to gpg no longer needing to write lock files or cache to
user's home folder. that has been achieved by supplying the following
flags to the key export command:
'--lock-never --no-symkey-cache --disable-dirmngr'
27 lines
1.2 KiB
Bash
Executable File
27 lines
1.2 KiB
Bash
Executable File
#!/bin/bash
|
|
|
|
# export env vars and run renovate
|
|
|
|
export RENOVATE_CONFIG_FILE="/etc/renovate-bot/config.js"
|
|
# Gitea access token for Renovate Bot user
|
|
export RENOVATE_TOKEN="${RENOVATE_TOKEN}"
|
|
# token for GitHub release notes to avoid getting rate-limited
|
|
export GITHUB_COM_TOKEN="${GITHUB_COM_TOKEN}"
|
|
# this email address doesn't exist but to git it doesn't matter
|
|
export RENOVATE_GIT_AUTHOR='Renovate Bot <renovate-bot@git.dotya.ml>'
|
|
export RENOVATE_HOST_RULES="[{\"hostType\": \"github\", \"domainName\": \"github.com\", \"token\": \"${GITHUB_COM_TOKEN}\"}]"
|
|
export RENOVATE_DOCKER_USER="${RENOVATE_DOCKER_USER_AND_GROUP}"
|
|
|
|
# used as the git signing key only to sign commits/tags
|
|
GPG_KEY="$(gpg --armor --lock-never --no-symkey-cache --disable-dirmngr --export-secret-keys "${SIGNING_KEY}")"
|
|
|
|
export RENOVATE_GIT_PRIVATE_KEY="${GPG_KEY}"
|
|
# enable custom (i.e. self-hosted) rust crate registries
|
|
export RENOVATE_ALLOW_CUSTOM_CRATE_REGISTRIES=true
|
|
# modify the PR footer to something that makes more sense for a self-hosted
|
|
# instance of renovate
|
|
export RENOVATE_PR_FOOTER="This PR has been generated by [Renovate Bot](https://git.dotya.ml/dotya.ml/renovate-bot)."
|
|
|
|
# do renovate
|
|
renovate --host-rules="$RENOVATE_HOST_RULES"
|