diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 0000000..72ddfbb --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,12 @@ +# To get started with Dependabot version updates, you'll need to specify which +# package ecosystems to update and where the package manifests are located. +# Please see the documentation for all configuration options: +# https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates + +version: 2 +updates: + - package-ecosystem: "github-actions" + directory: "/" + schedule: + interval: "daily" + open-pull-requests-limit: 10 diff --git a/.github/workflows/generate.yml b/.github/workflows/generate.yml new file mode 100644 index 0000000..0a65e37 --- /dev/null +++ b/.github/workflows/generate.yml @@ -0,0 +1,31 @@ +name: Generate new version + +on: + workflow_dispatch: + inputs: + semver: + description: "Version increment" + required: true + default: patch + type: choice + options: + - major + - minor + - patch + +jobs: + generate-tag: + runs-on: ubuntu-latest + steps: + - uses: step-security/harden-runner@v1.4.5 + with: + egress-policy: audit + - uses: actions/checkout@v3 + with: + fetch-depth: 0 + - name: Bump version and push tag + uses: hennejg/github-tag-action@v4.3.1 + with: + github_token: ${{ secrets.GITHUB_TOKEN }} + default_bump: ${{ inputs.semver }} + release_branches: ${{ github.ref_name }} \ No newline at end of file diff --git a/.github/workflows/tag.yml b/.github/workflows/tag.yml new file mode 100644 index 0000000..ef64360 --- /dev/null +++ b/.github/workflows/tag.yml @@ -0,0 +1,18 @@ +on: + push: + tags: + - 'v*' + +jobs: + generate-release: + runs-on: ubuntu-latest + permissions: + contents: write + steps: + - uses: step-security/harden-runner@v1.4.5 + with: + egress-policy: audit + - uses: actions/checkout@v3 + - uses: softprops/action-gh-release@v0.1.14 + with: + generate_release_notes: true \ No newline at end of file