diff --git a/.github/workflows/renovate.yml b/.github/workflows/renovate.yml new file mode 100644 index 0000000..6789bcb --- /dev/null +++ b/.github/workflows/renovate.yml @@ -0,0 +1,30 @@ +name: Renovate Dependency Updates + +on: + schedule: + # Run daily at 2 AM UTC + - cron: '0 2 * * *' + workflow_dispatch: + +permissions: + contents: write + pull-requests: write + +jobs: + renovate: + runs-on: ubuntu-latest + steps: + - name: Checkout code + uses: actions/checkout@v4 + with: + fetch-depth: 0 + token: ${{ secrets.GITHUB_TOKEN }} + + - name: Run Renovate + uses: renovatebot/github-action@v46.1.5 + with: + configurationFile: renovate.json + env: + RENOVATE_PLATFORM: github + RENOVATE_PLATFORM_COMMIT: true + RENOVATE_GIT_AUTHOR: 'renovate[bot] ' diff --git a/.github/workflows/semantic-release.yml b/.github/workflows/semantic-release.yml new file mode 100644 index 0000000..4c558ca --- /dev/null +++ b/.github/workflows/semantic-release.yml @@ -0,0 +1,20 @@ +name: Release + +on: + push: + branches: [main] + +jobs: + release: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 + - run: npm ci + - name: Semantic Release + uses: cycjimmy/semantic-release-action@v3 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + with: + semantic_version: latest diff --git a/.releaserc.json b/.releaserc.json new file mode 100644 index 0000000..35106ce --- /dev/null +++ b/.releaserc.json @@ -0,0 +1,46 @@ +{ + "branches": ["main"], + "tagFormat": "v${version}", + "plugins": [ + "@semantic-release/commit-analyzer", + "@semantic-release/release-notes-generator", + "@semantic-release/changelog", + [ + "@semantic-release/file", + { + "files": ["VERSION"], + "replace": "${nextRelease.version}" + } + ], + [ + "@semantic-release/git", + { + "assets": ["VERSION", "CHANGELOG.md"], + "message": "chore(release): ${nextRelease.version} [skip ci]" + } + ], + "@semantic-release/github" + ], + "preset": "angular", + "presetConfig": { + "types": [ + {"type": "feat", "section": "Features"}, + {"type": "fix", "section": "Bug Fixes"}, + {"type": "chore", "section": "Chores"}, + {"type": "docs", "section": "Documentation"}, + {"type": "style", "hidden": true}, + {"type": "refactor", "hidden": true}, + {"type": "perf", "hidden": true}, + {"type": "test", "hidden": true} + ] + }, + "releaseRules": [ + { "type": "fix", "release": "patch" }, + { "type": "chore", "release": "patch" }, + { "type": "docs", "release": "patch" }, + { "type": "refactor", "release": "patch"}, + { "type": "feat", "release": "minor" }, + { "type": "break", "release": "major" }, + { "scope": "deps", "release": "patch" } + ] +} diff --git a/Dockerfile b/Dockerfile index 7dafc33..e7d8137 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,5 +1,5 @@ -FROM nginx:alpine -RUN apk update && apk add --no-cache arp-scan +FROM nginx:1.29.6-alpine +RUN apk update && apk add --no-cache arp-scan=1.10.0-r2 COPY scan.sh entry.sh / RUN chmod +x /*.sh COPY nginx.conf /etc/nginx/nginx.conf diff --git a/VERSION b/VERSION new file mode 100644 index 0000000..6c6aa7c --- /dev/null +++ b/VERSION @@ -0,0 +1 @@ +0.1.0 \ No newline at end of file diff --git a/changelog.md b/changelog.md new file mode 100644 index 0000000..f665bd6 --- /dev/null +++ b/changelog.md @@ -0,0 +1,7 @@ +# Changelog + +## [v0.1.0] (2026-03-20) + +### Features +- Initial version with a changelog +- (try to) auto-update using renovate and create a new tag using semantic-release diff --git a/plugins.json b/plugins.json new file mode 100644 index 0000000..13a6594 --- /dev/null +++ b/plugins.json @@ -0,0 +1,9 @@ +{ + "devDependencies": { + "semantic-release": "^24.2.3", + "@semantic-release/changelog": "^6.0.3", + "@semantic-release/file": "^5.0.0", + "@semantic-release/git": "^10.0.0", + "@semantic-release/github": "^8.0.0" + } +} \ No newline at end of file diff --git a/renovate.json b/renovate.json new file mode 100644 index 0000000..e81d53c --- /dev/null +++ b/renovate.json @@ -0,0 +1,44 @@ +{ + "extends": ["config:base"], + "enabledManagers": ["dockerfile"], + "docker": { + "fileMatch": ["^Dockerfile$"], + "pinDigests": true, + "enabled": true + }, + "regexManagers": [ + { + "fileMatch": ["^Dockerfile$"], + "matchStrings": [ + "apk add --no-cache (?arp-scan)(?:=(?[^\\s]+))?" + ], + "depNameTemplate": "$depName", + "datasourceTemplate": "apk", + "versioningTemplate": "semver" + } + ], + "packageRules": [ + { + "managers": ["dockerfile"], + "matchPackageNames": ["nginx"], + "groupName": "docker base image updates", + "enabled": true, + "schedule": ["at any time"], + "matchUpdateTypes": ["digest", "patch", "minor"], + "automerge": true + }, + { + "managers": ["regex"], + "matchPackageNames": ["arp-scan"], + "groupName": "apk package updates", + "enabled": true, + "schedule": ["at any time"], + "matchUpdateTypes": ["digest", "patch", "minor"], + "automerge": true + } + ], + "rangeStrategy": "pin", + "semanticCommits": "enabled", + "semanticCommitType": "chore", + "semanticCommitScope": "deps" +}