Merge pull request #1 from BTreeMap/copilot/fix-github-actions-dependencies

Localize CI workflows, enforce lowercase GHCR tagging, and simplify fork maintenance

Author: MinecraftFuns

.github/renovate.json

@@ -5,7 +5,27 @@
   "labels": ["dependencies", "no-stale"],
   "commitMessagePrefix": "⬆️",
   "commitMessageTopic": "{{depName}}",
-  "extends": ["customManagers:dockerfileVersions"],
+  "enabledManagers": ["customManagers", "dockerfile", "github-actions"],
+  "customManagers": [
+    {
+      "customType": "regex",
+      "fileMatch": ["^cloudflared/Dockerfile$"],
+      "matchStrings": ["ARG YQ_VERSION=\"(?<currentValue>[^\"]+)\""],
+      "datasourceTemplate": "repology",
+      "depNameTemplate": "yq-go",
+      "packageNameTemplate": "alpine_3_22/yq-go",
+      "versioningTemplate": "loose"
+    },
+    {
+      "customType": "regex",
+      "fileMatch": ["^cloudflared/Dockerfile$"],
+      "matchStrings": ["ARG CLOUDFLARED_VERSION=\"(?<currentValue>[^\"]+)\""],
+      "datasourceTemplate": "github-releases",
+      "depNameTemplate": "cloudflared",
+      "packageNameTemplate": "cloudflare/cloudflared",
+      "versioningTemplate": "loose"
+    }
+  ],
   "packageRules": [
     {
       "groupName": "App (Add-on) base image",

.github/workflows/ci.yaml

@@ -15,171 +15,15 @@ on:
       - synchronize
   workflow_dispatch:
 
-jobs:
-  information:
-    name: Gather app (add-on) information
-    runs-on: ubuntu-latest
-    outputs:
-      architectures: ${{ steps.information.outputs.architectures }}
-      build: ${{ steps.information.outputs.build }}
-      description: ${{ steps.information.outputs.description }}
-      name: ${{ steps.information.outputs.name }}
-      slug: ${{ steps.override.outputs.slug }}
-      target: ${{ steps.information.outputs.target }}
-    steps:
-      - name: ⤵️ Check out code from GitHub
-        uses: actions/checkout@v6
-      - name: 🚀 Run app (add-on) information action
-        id: information
-        uses: homeassistant-apps/action-app-information@v2
-      - name: 🚀 Process possible slug override
-        id: override
-        run: |
-          slug="${{ steps.information.outputs.slug }}"
-          if [[ ! -z "${{ inputs.slug }}" ]]; then
-            slug="${{ inputs.slug }}"
-          fi
-          echo "slug=$slug" >> $GITHUB_OUTPUT
-
-  lint-addon:
-    name: Lint App (Add-on)
-    needs:
-      - information
-    runs-on: ubuntu-latest
-    steps:
-      - name: ⤵️ Check out code from GitHub
-        uses: actions/checkout@v6
-      - name: 🚀 Run Add-on Lint
-        uses: homeassistant-apps/action-app-linter@v3.1
-        with:
-          community: true
-          path: "./${{ needs.information.outputs.target }}"
-
-  lint-hadolint:
-    name: Hadolint
-    needs:
-      - information
-    runs-on: ubuntu-latest
-    steps:
-      - name: ⤵️ Check out code from GitHub
-        uses: actions/checkout@v6
-      - name: 🚀 Run Hadolint
-        uses: brpaz/hadolint-action@v1.5.0
-        with:
-          dockerfile: "./${{ needs.information.outputs.target }}/Dockerfile"
-
-  lint-json:
-    name: JSON Lint
-    runs-on: ubuntu-latest
-    steps:
-      - name: ⤵️ Check out code from GitHub
-        uses: actions/checkout@v6
-      - name: 🚀 Run JQ
-        run: |
-          shopt -s globstar
-          cat **/*.json | jq '.'
-
-  lint-markdown:
-    name: MarkdownLint
-    runs-on: ubuntu-latest
-    steps:
-      - name: ⤵️ Check out code from GitHub
-        uses: actions/checkout@v6
-      - name: 🚀 Run mdl
-        uses: actionshub/markdownlint@v3.1.4
+permissions:
+  contents: write
+  pull-requests: read
 
-  lint-shellcheck:
-    name: Shellcheck
-    runs-on: ubuntu-latest
-    steps:
-      - name: ⤵️ Check out code from GitHub
-        uses: actions/checkout@v6
-      - name: 🚀 Run Shellcheck
-        uses: ludeeus/action-shellcheck@2.0.0
-        env:
-          SHELLCHECK_OPTS: -s bash
-
-  lint-yamllint:
-    name: YAMLLint
-    runs-on: ubuntu-latest
-    steps:
-      - name: ⤵️ Check out code from GitHub
-        uses: actions/checkout@v6
-      - name: 🚀 Run YAMLLint
-        uses: frenck/action-yamllint@v1.5
-
-  lint-prettier:
-    name: Prettier
-    runs-on: ubuntu-latest
-    steps:
-      - name: ⤵️ Check out code from GitHub
-        uses: actions/checkout@v6
-      - name: 🚀 Run Prettier
-        uses: creyD/prettier_action@v4.6
-        with:
-          prettier_options: --write **/*.{json,js,md,yaml}
-
-  build:
-    name: Build ${{ matrix.architecture }}
-    needs:
-      - information
-      - lint-addon
-      - lint-hadolint
-      - lint-json
-      - lint-markdown
-      - lint-prettier
-      - lint-shellcheck
-      - lint-yamllint
-    runs-on: ubuntu-latest
-    strategy:
-      matrix:
-        architecture: ${{ fromJson(needs.information.outputs.architectures) }}
-    steps:
-      - name: ⤵️ Check out code from GitHub
-        uses: actions/checkout@v6
-      - name: 🏗 Set up QEMU
-        uses: docker/setup-qemu-action@v3.7.0
-      - name: 🏗 Set up Docker Buildx
-        uses: docker/setup-buildx-action@v3.12.0
-      - name: ℹ️ Compose build flags
-        id: flags
-        run: |
-          echo "date=$(date +"%Y-%m-%dT%H:%M:%SZ")" >> $GITHUB_OUTPUT
-          if [[ "${{ matrix.architecture}}" = "amd64" ]]; then
-            echo "platform=linux/amd64" >> $GITHUB_OUTPUT
-          elif [[ "${{ matrix.architecture }}" = "aarch64" ]]; then
-            echo "platform=linux/arm64/v8" >> $GITHUB_OUTPUT
-          else
-            echo "::error ::Could not determine platform for architecture ${{ matrix.architecture }}"
-            exit 1
-          fi
-      - name: 🚀 Build
-        uses: docker/build-push-action@v6.18.0
-        with:
-          push: false
-          context: ${{ needs.information.outputs.target }}
-          file: ${{ needs.information.outputs.target }}/Dockerfile
-          cache-from: type=gha,scope=${{ needs.information.outputs.slug }}-${{ matrix.architecture }}
-          cache-to: type=gha,mode=max,scope=${{ needs.information.outputs.slug }}-${{ matrix.architecture }}
-          platforms: ${{ steps.flags.outputs.platform }}
-          build-args: |
-            BUILD_ARCH=${{ matrix.architecture }}
-            BUILD_DATE=${{ steps.flags.outputs.date }}
-            BUILD_DESCRIPTION=${{ needs.information.outputs.description }}
-            BUILD_FROM=${{ steps.flags.outputs.from }}
-            BUILD_NAME=${{ needs.information.outputs.name }}
-            BUILD_REF=${{ github.sha }}
-            BUILD_REPOSITORY=${{ github.repository }}
-            BUILD_VERSION=edge
-
-  update_release_draft:
-    name: Draft release
-    needs:
-      - build
-    if: github.event_name == 'push' && github.ref_name == github.event.repository.default_branch
-    runs-on: ubuntu-latest
-    steps:
-      - name: 🚀 Run Release Drafter
-        uses: homeassistant-apps/action-release-drafter@v6.1.1
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+jobs:
+  ci:
+    uses: ./.github/workflows/upstream/ci.yaml
+    secrets: inherit
+    with:
+      default_branch: ${{ github.event.repository.default_branch }}
+      event_name: ${{ github.event_name }}
+      ref_name: ${{ github.ref_name }}