feat(pie-monorepo): DSW-2581 remove renovate in favor of dependabot

.github/dependabot.yml

@@ -0,0 +1,54 @@
+version: 2
+updates:
+  - package-ecosystem: "npm"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+    ignore:
+      - dependency-type: "major"
+    open-pull-requests-limit: 3
+    commit-message:
+      prefix: "deps(npm): DSW-000 update"
+    groups:
+      babel:
+        description: "Group Babel devDependencies from package.json within pie-monorepo"
+        patterns:
+          - "@babel/*"
+          - "babel-*"
+      justeattakeaway:
+        description: "Group JET devDependencies / dependencies from package.json within pie-monorepo"
+        patterns:
+          - "@justeat/*"
+          - "@justeattakeaway/*"
+      percy:
+        description: "Group Playwright / other testing related devDependencies from package.json within pie-monorepo"
+        patterns:
+          - "@axe-core/playwright"
+          - "@percy/*"
+          - "@playwright/*"
+          - "@sand4rt/experimental-ct-web/*"
+      vitest:
+        description: "Group Vitest devDependencies from package.json within pie-monorepo"
+        patterns:
+          - "vitest-*"
+          - "@vitest"
+      eleventy:
+        description: "Group Eleventy devDependencies from apps/pie-docs/package.json"
+        patterns:
+          - "@11ty/*"
+          - "eleventy-*"
+      storybook:
+        description: "Group Storybook dependencies from apps/pie-storybook/package.json"
+        patterns:
+          - "@storybook/*"
+          - "storybook"
+
+  - package-ecosystem: "github-actions"
+    directory: ".github/workflows"
+    schedule:
+      interval: "weekly"
+    ignore:
+      - dependency-type: "major"
+    open-pull-requests-limit: 3
+    commit-message:
+      prefix: "deps(github-actions): DSW-000 update"

.github/workflows/ci.yml

@@ -54,10 +54,21 @@ env:
 
 jobs:
   dependency-changeset:
-    if: github.actor == 'renovate-bot' || github.actor == 'renovate[bot]'
-    uses: the-guild-org/shared-config/.github/workflows/changesets-dependencies.yaml@main
-    secrets:
-      githubToken: ${{ secrets.GITHUB_TOKEN }}
+    if: github.actor == 'dependabot[bot]'
+    runs-on: ubuntu-latest
+    steps:
+    - name: Checkout
+      uses: actions/checkout@v4
+      with:
+        fetch-depth: 0
+        ref: ${{ github.event.pull_request.head.ref }}
+    - name: Add Changeset to PR
+      uses: StafflinePeoplePlus/dependabot-changesets@4844c33bad364143ee39ef4150c60409f306ed21 # v0.1.5
+      with:
+        owner: ${{ github.repository_owner }}
+        repo: ${{ github.repository }}
+        pr-number: ${{ github.event.pull_request.number }}
+        token: ${{ secrets.CHANGESETS_TOKEN }}
 
   check-change-type:
     name: Get change type

.github/workflows/dangerjs-checks.yml

@@ -8,7 +8,7 @@ jobs:
   danger-checks:
     permissions:
       contents: read
-    if: ${{ github.event.pull_request.draft == false && github.actor != 'renovate-bot' && github.actor != 'renovate[bot]' }}
+    if: ${{ github.event.pull_request.draft == false && github.actor != 'dependabot[bot]' }}
     runs-on: ubuntu-latest
     steps:
       # Checkout the Repo

README.md

@@ -12,9 +12,6 @@
   <a href="https://opensource.org/licenses/Apache-2.0">
     <img alt="Apache 2.0. license" src="https://img.shields.io/badge/License-Apache_2.0-blue.svg">
   </a>
-  <a href="https://renovatebot.com/">
-    <img alt="Renovate status" src="https://img.shields.io/badge/renovate-enabled-brightgreen.svg">
-  </a>
   <img alt="Libraries.io dependency status for GitHub repo" src="https://img.shields.io/librariesio/github/justeattakeaway/pie">
   <img alt="GitHub Repo stars" src="https://img.shields.io/github/stars/justeattakeaway/pie?style=social">
   <img alt="GitHub watchers" src="https://img.shields.io/github/watchers/justeattakeaway/pie?style=social">

dangerfile.js

@@ -3,7 +3,6 @@ import { danger, fail } from 'danger';
 const { pr } = danger.github;
 const validChangesetCategories = ['Added', 'Changed', 'Removed', 'Fixed'];
 
-const isRenovatePR = pr.user.login === 'renovate[bot]';
 const isDependabotPR = pr.user.login === 'dependabot[bot]';
 
 // Check for correct Changeset formatting
@@ -17,7 +16,7 @@ danger.git.created_files.filter((filepath) => filepath.includes('.changeset/') &
             const changesetCategories = diffString.match(changesetCategoryRegex);
             const numberOfCategories = changesetCategories ? changesetCategories.length : 0;
 
-            if (isRenovatePR) {
+            if (isDependabotPR) {
                 // Check if at least one of the valid changeset categories is present
                 if (numberOfCategories === 0) {
                     fail(`:memo: Your changeset doesn't include a category. Please add one of: \`${validChangesetCategories.join(', ')}\`. Filepath: \`${filepath}`);
@@ -39,6 +38,6 @@ danger.git.created_files.filter((filepath) => filepath.includes('.changeset/') &
     });
 
 // Check for empty PR Description checkboxes - but not for automated version PRs
-if (pr.body.includes('- [ ]') && !isDependabotPR && !isRenovatePR) {
+if (pr.body.includes('- [ ]') && !isDependabotPR) {
     fail('You currently have an unchecked checklist item in your PR description.\n\nPlease confirm this check has been carried out – if it\'s not relevant to your PR, delete this line from the PR checklist.');
 }