Renovate #28290

	---
	# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json
	name: Renovate

	on:
	push:
	branches:
	- main
	paths:
	- .renovaterc.json
	- .renovate/**.json
	schedule:
	- cron: 0 * * * *
	workflow_dispatch:
	inputs:
	dryRun:
	description: Dry Run
	type: boolean
	default: false
	required: true
	logLevel:
	description: Log Level
	type: choice
	default: debug
	options:
	- debug
	- info
	required: true
	version:
	description: Renovate Version
	default: latest
	required: true

	concurrency:
	group: ${{ github.workflow }}-${{ github.event.number \|\| github.ref }}
	cancel-in-progress: true

	permissions:
	contents: read

	jobs:
	main:
	name: Renovate
	runs-on: ubuntu-latest
	permissions:
	packages: read
	statuses: write
	steps:
	- name: Generate Token
	uses: actions/create-github-app-token@f8d387b68d61c58ab83c6c016672934102569859 # v3.0.0
	id: app-token
	with:
	app-id: ${{ secrets.BOT_APP_ID }}
	private-key: ${{ secrets.BOT_APP_PRIVATE_KEY }}

	- name: Checkout
	uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
	with:
	persist-credentials: false
	token: ${{ steps.app-token.outputs.token }}

	- name: Run Renovate
	uses: renovatebot/github-action@3633cede7d4d4598438e654eac4a695e46004420 # v46.1.7
	env:
	LOG_LEVEL: ${{ inputs.logLevel \|\| 'debug' }}
	RENOVATE_AUTODISCOVER: true
	RENOVATE_AUTODISCOVER_FILTER: ${{ github.repository }}
	RENOVATE_DRY_RUN: ${{ inputs.dryRun }}
	RENOVATE_INTERNAL_CHECKS_FILTER: strict
	RENOVATE_PLATFORM: github
	RENOVATE_PLATFORM_COMMIT: true
	with:
	token: ${{ steps.app-token.outputs.token }}
	renovate-version: ${{ inputs.version \|\| 'latest' }}

Provide feedback