feat: add renovate template

.editorconfig

@@ -0,0 +1,25 @@
+# EditorConfig is awesome:http://EditorConfig.org
+
+# top-most EditorConfig file
+root = true
+
+# Don't use tabs for indentation.
+[*]
+charset = utf-8
+indent_style = space
+indent_size = 4
+insert_final_newline = true
+trim_trailing_whitespace = true
+max_line_length = 160
+end_of_line = lf
+
+# Markdown files
+[*.md]
+max_line_length = off
+trim_trailing_whitespace = false
+
+[{*.{json,yml,yaml},.{babel,husky,prettier}rc}]
+indent_size = 2
+
+[*.{cmd,bat}]
+end_of_line = crlf

.gitignore

@@ -0,0 +1,2 @@
+/node_modules
+yarn-error.log

.gitlab-ci.yml

@@ -0,0 +1,8 @@
+include: '/templates/.gitlab-ci.yml'
+
+
+renovate:dry-run:
+  except:
+    - schedules
+  script:
+    - renovate --dry-run $RENOVATE_EXTRA_FLAGS

.prettierrc

@@ -0,0 +1,4 @@
+{
+  "singleQuote": true,
+  "trailingComma": "es5"
+}

LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2020 Michael Kriese
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

README.md

@@ -1,3 +1,64 @@
 # renovate-runner
 
-Repo for the sels-hosted renovate runner
+The intention of this project is to provide a pipeline which is easy to set up and reflects the current app settings as close as possible.
+
+You will need to:
+
+1. Create a new private project to host the runner
+2. Configure credentials using CI variables
+3. Create a new `master` pipeline that includes this project's template
+4. Set up a schedule to run the pipeline regularly
+
+## Create a new runner Project
+
+We recommend you use a dedicated private project to host the Renovate runner.
+Easiest is to start with a new empty project.
+
+## Configure CI/CD variables
+
+At a minimum you need to add a GitLab [Personal Access Token](https://docs.gitlab.com/ee/user/profile/personal_access_tokens.html#creating-a-personal-access-token) (scopes: `read_user`, `api` and `write_repository`) as `RENOVATE_TOKEN` to CI/CD variables.
+
+It is also recommended to configure a [GitHub.com Personal Access Token](https://docs.github.com/en/free-pro-team@latest/github/authenticating-to-github/creating-a-personal-access-token) (minimum scopes) as `GITHUB_COM_TOKEN` so that your bot can make authenticated requests to github.com for Changelog retrieval as well as for any dependency that uses GitHub tags.
+Without such a token, github.com's API will rate limit requests and make such lookups unreliable.
+
+Finally, you need to decide how your bot should decide which projects to run against.
+The default settings will run against any projects which satisfies these two characteristics:
+- The bot's token has Developer or higher access rights
+- The project has a Renovate configuration file already (e.g. `renovate.json`)
+
+If you wish for your bot to run against *every* project which it has access to, including onboarding any which don't yet have a config, then add this variable: `RENOVATE_EXTRA_FLAGS="--onboarding=true"`.
+
+If you wish to manually specify which projects that your bot runs again, then add this variable: `RENOVATE_EXTRA_FLAGS="--autodiscover=false group1/repo5 user3/repo1"` (i.e. providing a list of every repository with a space in-between).
+
+## Create a GitLab CI file
+
+Create a `.gitlab-ci.yml` file in the repository like the following:
+
+```yaml
+include:
+  - project: 'renovate-bot/renovate-runner'
+    file: '/templates/.gitlab-ci.yml'
+
+variables:
+  LOG_LEVEL: debug
+
+renovate:on-schedule:
+  only:
+    - schedules
+  script:
+    - renovate $RENOVATE_EXTRA_FLAGS
+
+```
+
+## Configure the Schedule
+
+Add a schedule (`CI / CD` > `Schedules`) to run Renovate regularly.
+Best practise it to run it hourly.
+
+The following sample run it every hour on third minute: `3 * * * *`.
+
+## Other config options
+
+We've changed some renovate defaults for GitLab to better reflect the App's default behavior, so please see [here](./templates/.gitlab-ci.yml#L3) for changed options.
+
+For other self-hosted gitlab samples you can checkout [here](https://github.com/renovatebot/docker-renovate/blob/master/docs/gitlab.md).

renovate.json

@@ -0,0 +1,34 @@
+{
+  "$schema": "https://docs.renovatebot.com/renovate-schema.json",
+  "extends": [
+    "config:base",
+    ":dependencyDashboard"
+  ],
+  "packageRules": [
+    {
+      "packageNames": [
+        "renovate/renovate"
+      ],
+      "updateTypes": [
+        "minor",
+        "patch"
+      ],
+      "automerge": true
+    },
+    {
+      "packageNames": [
+        "docker"
+      ],
+      "updateTypes": [
+        "patch"
+      ],
+      "separateMinorPatch": true,
+      "automerge": true
+    }
+  ],
+  "gitlabci": {
+    "fileMatch": [
+      "(^|/)\\.gitlab-ci\\.yml$"
+    ]
+  }
+}

templates/.gitlab-ci.yml

@@ -0,0 +1,36 @@
+image: renovate/renovate:23.89.3-slim
+
+variables:
+  RENOVATE_BASE_DIR: $CI_PROJECT_DIR/renovate
+  RENOVATE_ENDPOINT: $CI_API_V4_URL
+  RENOVATE_PLATFORM: gitlab
+  RENOVATE_GIT_AUTHOR: Renovate Bot <bot@renovateapp.com>
+  RENOVATE_AUTODISCOVER: 'true'
+  RENOVATE_ONBOARDING_CONFIG: '{"$$schema": "https://docs.renovatebot.com/renovate-schema.json", "extends": ["config:base"] }'
+  RENOVATE_OPTIMIZE_FOR_DISABLED: 'true'
+  RENOVATE_REPOSITORY_CACHE: 'true'
+  RENOVATE_REQUIRE_CONFIG: 'true'
+  RENOVATE_ONBOARDING: 'false'
+  RENOVATE_IGNORE_PR_AUTHOR: 'true'
+  RENOVATE_EXTENDS: 'github>whitesource/merge-confidence:beta'
+  LOG_LEVEL: debug
+  DOCKER_DRIVER: overlay2
+  DOCKER_TLS_CERTDIR: ""
+  DOCKER_HOST: tcp://docker:2375
+
+services:
+  - docker:19.03.13-dind
+
+cache:
+  key: ${CI_COMMIT_REF_SLUG}-renovate
+  paths:
+    - $CI_PROJECT_DIR/renovate
+
+
+renovate:
+  stage: deploy
+  only:
+    - schedules
+  script:
+    - renovate $RENOVATE_EXTRA_FLAGS
+