diff --git a/README.md b/README.md index 766bbb98..838b3946 100644 --- a/README.md +++ b/README.md @@ -84,20 +84,16 @@ jobs: ## Example with GitHub App -Instead of using a Personal Access Token (PAT) that is tied to a particular user you can use a [GitHub App](https://docs.github.com/en/developers/apps/building-github-apps) where permissions can be even better tuned. [Create a new app](https://docs.github.com/en/developers/apps/creating-a-github-app) and give it the following permissions: +Instead of using a Personal Access Token (PAT) that is tied to a particular user you can use a [GitHub App](https://docs.github.com/en/developers/apps/building-github-apps) where permissions can be even better tuned. [Create a new app](https://docs.github.com/en/developers/apps/creating-a-github-app) and configure the app permissions and your `config.js` as described in the [Renovate documentation](https://docs.renovatebot.com/modules/platform/github/#running-as-a-github-app). -| Permission | Level | -| --------------- | -------------- | -| `Contents` | `Read & write` | -| `Metadata` | `Read-only` | -| `Pull requests` | `Read & write` | - -Store the app ID as a secret with name `APP_ID` and generate a new private key for the app and add it as a secret to the repository as `APP_PEM` in the repository where the action will run from. Note that `APP_PEM` needs to be base64 encoded. You can encode your private key file like this from the terminal: +Store the app ID as a secret with name `APP_ID` and generate a new private key for the app and add it as a secret to the repository as `APP_PEM` in the repository where the action will run from. Note that `APP_PEM` needs to be base64 encoded. You can encode your private key file like this from the terminal on Linux (omit the `-w 0` if you're on a Mac): ```bash -cat your_app_key.pem | base64 -w 0 && echo +cat your_app_key.pem | base64 -w 0 ``` +Adjust your Renovate configuration file to specify the username of your bot. + Going forward we will be using the [machine-learning-apps/actions-app-token](https://github.com/machine-learning-apps/actions-app-token) action in order to exchange the GitHub App certificate for an access token that renovate can use. The final workflow will look like this: diff --git a/package.json b/package.json index c45f293d..6e67c635 100644 --- a/package.json +++ b/package.json @@ -46,7 +46,7 @@ "@typescript-eslint/eslint-plugin": "5.43.0", "@typescript-eslint/parser": "5.43.0", "@vercel/ncc": "0.34.0", - "eslint": "8.27.0", + "eslint": "8.28.0", "eslint-config-prettier": "8.5.0", "eslint-plugin-json": "3.1.0", "husky": "7.0.4", diff --git a/src/docker.ts b/src/docker.ts index b6bdf779..7054d536 100644 --- a/src/docker.ts +++ b/src/docker.ts @@ -1,7 +1,7 @@ class Docker { readonly repository = 'renovate/renovate'; // renovate: datasource=docker depName=renovate/renovate versioning=docker - readonly tag = '34.34.0-slim'; + readonly tag = '34.37.0-slim'; readonly tagSuffix = '-slim'; image(): string { diff --git a/yarn.lock b/yarn.lock index 976a9a8c..86b34cdd 100644 --- a/yarn.lock +++ b/yarn.lock @@ -1154,10 +1154,10 @@ eslint-visitor-keys@^3.3.0: resolved "https://registry.yarnpkg.com/eslint-visitor-keys/-/eslint-visitor-keys-3.3.0.tgz#f6480fa6b1f30efe2d1968aa8ac745b862469826" integrity sha512-mQ+suqKJVyeuwGYHAdjMFqjCyfl8+Ldnxuyp3ldiMBFKkvytrXUZWaiPCEav8qDHKty44bD+qV1IP4T+w+xXRA== -eslint@8.27.0: - version "8.27.0" - resolved "https://registry.yarnpkg.com/eslint/-/eslint-8.27.0.tgz#d547e2f7239994ad1faa4bb5d84e5d809db7cf64" - integrity sha512-0y1bfG2ho7mty+SiILVf9PfuRA49ek4Nc60Wmmu62QlobNR+CeXa4xXIJgcuwSQgZiWaPH+5BDsctpIW0PR/wQ== +eslint@8.28.0: + version "8.28.0" + resolved "https://registry.yarnpkg.com/eslint/-/eslint-8.28.0.tgz#81a680732634677cc890134bcdd9fdfea8e63d6e" + integrity sha512-S27Di+EVyMxcHiwDrFzk8dJYAaD+/5SoWKxL1ri/71CRHsnJnRDPNt2Kzj24+MT9FDupf4aqqyqPrvI8MvQ4VQ== dependencies: "@eslint/eslintrc" "^1.3.3" "@humanwhocodes/config-array" "^0.11.6"