Configures dependabot for monthly checks for action version updates a…

…nd manually updates to all the latest action versions. (#149)
caronc · Nov 15, 2023 · 843685c · 843685c
1 parent 4bed56b
commit 843685c
Show file tree

Hide file tree

Showing 3 changed files with 48 additions and 9 deletions.
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -0,0 +1,20 @@
+# https://docs.github.com/en/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/configuration-options-for-dependency-updates#package-ecosystem
+
+version: 2
+updates:
+
+  # Enable updates for GitHub Actions
+  - package-ecosystem: "github-actions"
+    target-branch: "master"
+    directory: "/"
+    schedule:
+      # Check for updates to GitHub Actions every month
+      interval: "monthly"
+    labels:
+      - "dependencies"
+    groups:
+      actions:
+        update-types:
+          - "major"
+          - "minor"
+          - "patch"
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -11,29 +11,48 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4
 
       - name: Docker meta
         id: docker_meta
-        uses: crazy-max/ghaction-docker-meta@v1
+        uses: docker/metadata-action@v5
         with:
-          images: ${{ secrets.DOCKER_IMAGE }}
-          tag-edge: true
+          images: |
+            docker.io/caronc/apprise
+          tags: |
+            type=semver,event=tag,pattern={{version}}
+            type=semver,event=tag,pattern={{major}}.{{minor}}
+            type=edge,branch=master
 
       - name: Set up QEMU
-        uses: docker/setup-qemu-action@v1
+        uses: docker/setup-qemu-action@v3
 
       - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v1
+        uses: docker/setup-buildx-action@v3
+
+      - name: Check pushing to Docker Hub
+        id: push-other-places
+        # Only push to Dockerhub from the main repo
+        # Otherwise forks would require a Docker Hub account and secrets setup
+        run: |
+          if [[ ${{ github.repository_owner }} == "caronc" ]] ; then
+            echo "Enabling DockerHub image push"
+            echo "enable=true" >> $GITHUB_OUTPUT
+          else
+            echo "Not pushing to DockerHub"
+            echo "enable=false" >> $GITHUB_OUTPUT
+          fi
 
       - name: Login to DockerHub
-        uses: docker/login-action@v1
+        uses: docker/login-action@v3
+        # Don't attempt to login is not pushing to Docker Hub
+        if: steps.push-other-places.outputs.enable == 'true'
         with:
           username: ${{ secrets.DOCKER_USERNAME }}
           password: ${{ secrets.DOCKER_PASSWORD }}
 
       - name: Build and push
-        uses: docker/build-push-action@v2
+        uses: docker/build-push-action@v5
         with:
           context: .
           platforms: linux/amd64,linux/arm64

diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml
@@ -47,7 +47,7 @@ jobs:
     steps:
 
     - name: Acquire sources
-      uses: actions/checkout@v3
+      uses: actions/checkout@v4
 
     - name: Install prerequisites (Linux)
       if: runner.os == 'Linux'