chore(renovate): switch to globally maintained config

.github/renovate.json5

@@ -1,167 +1,4 @@
 {
   $schema: "https://docs.renovatebot.com/renovate-schema.json",
-  extends: [
-    "config:recommended",
-    ":automergeDisabled",
-    ":semanticCommits",
-    ":dependencyDashboard",
-    ":enablePreCommit",
-  ],
-  schedule: ["every weekend"],
-  groupName: "mono-update-renovate", // we keep all updates in a single renovate branch in order to save CI tests
-  platformAutomerge: false,
-  prHourlyLimit: 6,
-  prConcurrentLimit: 20,
-  commitBodyTable: true,
-  separateMajorMinor: false,
-  prBodyNotes: [
-    "{{#if isMajor}}:warning: THIS IS A MAJOR VERSION UPDATE :warning:{{/if}}",
-    "Before merging, *always* check with the release notes if any other changes need to be done.",
-  ],
-  major: {
-    enabled: true,
-    addLabels: ["upgrade:major"],
-  },
-  minor: {
-    enabled: true,
-    addLabels: ["upgrade:minor"],
-  },
-  patch: {
-    enabled: true,
-    addLabels: ["upgrade:patch"],
-  },
-  vulnerabilityAlerts: {
-    addLabels: ["security"],
-    enabled: true,
-  },
-  customManagers: [
-    {
-      "customType": "regex",
-      "fileMatch": ["^.tool-versions$"],
-      "matchStrings": [
-        "datasource=(?<datasource>.*?) depName=(?<depName>.*?)( versioning=(?<versioning>.*?))?( extractVersion=(?<extractVersion>.*?))?\\s.*? (?<currentValue>.*)\\s"
-      ],
-    },
-    {
-      "customType": "regex",
-      "fileMatch": ["^justfile$"],
-      "matchStrings": [
-        "datasource=(?<datasource>.*?) depName=(?<depName>.*?)( versioning=(?<versioning>.*?))?( extractVersion=(?<extractVersion>.*?))?\\s(?<originalPackageName>.*) := \"(?<currentValue>.*?)\"\\s"
-      ],
-    },
-  ],
-  packageRules: [
-    // limit the PR creation for the Renovate pre-commit hook (it's released very frequently)
-    {
-      matchPackageNames: ["renovatebot/pre-commit-hooks"],
-      matchUpdateTypes: ["patch"],
-      enabled: false,
-    },
-    {
-      matchPackageNames: ["renovatebot/pre-commit-hooks"],
-      schedule: ["on Saturday"],
-    },
-    {
-      matchManagers: ["github-actions"],
-      addLabels: ["group:github-actions", "component:ci"],
-    },
-    // Terraform AWS modules
-    {
-      matchDatasources: ["terraform-module"],
-      matchPackagePatterns: ["terraform-aws-modules.*"],
-      addLabels: ["group:terraform", "automerge"],
-      automerge: true,
-      groupName: "mono-update-renovate-automerge",
-      schedule: [
-        "every 2 weeks on Saturday and Sunday",
-      ],
-    },
-    // Terraform major provider updates
-    {
-      matchDatasources: ["terraform-provider"],
-      addLabels: ["group:terraform"],
-      schedule: [
-        "every 2 weeks on Saturday and Sunday"
-      ],
-    },
-    // Terraform patch provider updates
-    {
-      matchUpdateTypes: ["patch"],
-      matchDatasources: ["terraform-provider"],
-      addLabels: ["group:terraform", "automerge"],
-      groupName: "mono-update-renovate-automerge",
-      automerge: true,
-      schedule: [
-        "every 2 weeks on Saturday and Sunday",
-      ]
-    },
-    // GitHub Actions
-    {
-      matchUpdateTypes: ["minor", "patch"],
-      matchManagers: ["github-actions"],
-      addLabels: ["automerge"],
-      groupName: "mono-update-renovate-automerge",
-      automerge: true,
-    },
-    // Patches
-    // Those are tested packages, and we know that they follow the semver convention,
-    // but it's fine to have candidate packages to test before move them to minor section.
-    {
-      matchUpdateTypes: ["patch"],
-      matchPackagePatterns: [
-        "aquasecurity/tfsec",
-        "pre-commit",
-        "^terraform$",
-        "terraform-aws-modules/.+",
-        "terraform-docs",
-        "terraform-linters/tflint",
-      ],
-      addLabels: ["automerge"],
-      groupName: "mono-update-renovate-automerge",
-      automerge: true,
-    },
-    // Minor versions
-    // Those are tested packages, and we know that they follow the semver convention,
-    // but it's fine to have candidate packages to test before move them to minor section.
-    {
-      matchUpdateTypes: ["minor"],
-      matchPackagePatterns: [
-        "pre-commit",
-        "terraform-docs",
-        "terraform-linters/tflint",
-      ],
-      addLabels: ["automerge"],
-      groupName: "mono-update-renovate-automerge",
-      automerge: true,
-    },
-    // Create PRs and automerge mentioned components afterward
-    // Those are tested packages
-    {
-      matchUpdateTypes: ["major"],
-      matchPackagePatterns: [
-        "pre-commit/.+",
-      ],
-      addLabels: ["automerge"],
-      groupName: "mono-update-renovate-automerge",
-      automerge: true,
-    },
-    {
-      matchUpdateTypes: ["major", "minor", "patch"],
-      matchManagers: ["pre-commit"],
-      groupName: "mono-update-renovate-automerge",
-      addLabels: ["automerge"],
-      automerge: true
-    },
-    // For known GitHub repositories that use GitHub tags/releases of format
-    // "v1.2.3" and where the asdf plugin ignores the "v" prefix, we also tell
-    // Renovate to ignore it via extractVersion when updating .tool-version file
-    {
-      matchFileNames: ["**/*.tf"],
-      matchPackageNames: [
-        "hashicorp/terraform",
-        "pre-commit/pre-commit",
-      ],
-      extractVersion: "^v(?<version>.*)$",
-    }
-  ]
+  extends: ["github>camunda/infraex-common-config:default.json5"],
 }

.github/workflows/tests.yml

@@ -16,6 +16,10 @@ on:
       - .github/workflows/tests.yml
       - justfile
 
+# limit to a single execution per actor of this workflow
+concurrency:
+  group: "${{ github.workflow }}-${{ github.actor }}"
+
 env:
   AWS_PROFILE: "infex"
   # remember to also update nightly_cleanup.yml!