Add CI workflows: renovate-app-token + repository_dispatch for releases #34

Closed

privilegedescalation-engineer[bot] wants to merge 1 commits from hugo/add-ci-workflows into main

pull from: hugo/add-ci-workflows

merge into: privilegedescalation:main

privilegedescalation:main

privilegedescalation:gandalf/fix-echo-printf-pri-1757

privilegedescalation:pri-1737-inline-release

privilegedescalation:gandalf/remove-installation-policy

privilegedescalation:gandalf/pri-1636-inline-dual-approval

privilegedescalation:inline-ci-2991a069

privilegedescalation:dev

privilegedescalation:uat

privilegedescalation:gandalf/delete-e2e-tns-csi

privilegedescalation:remove-e2e-infrastructure

privilegedescalation:gandalf/add-plugin-name-to-e2e-workflow

privilegedescalation:gandalf/pri-434-fix-namespace-refs

privilegedescalation:gandalf/pri-434-namespace-docs

privilegedescalation:gandalf/add-renovate-github-action

privilegedescalation:gandalf/add-e2e-test-files-pri-698

privilegedescalation:gandalf/fix-e2e-pri-657

privilegedescalation:docs/update-namespace-refs

Conversation 2 Commits 1 Files Changed 2

+24 -1

privilegedescalation-engineer[bot] commented 2026-05-05 05:22:27 +00:00 (Migrated from github.com)

Copy Link

Copy Source

What

Adds missing CI workflows to match the standard plugin repo pattern from headlamp-kube-vip-plugin.

Changes

• New: .github/workflows/renovate-app-token.yaml — reusable workflow for Mend Renovate GitHub App token generation
• Updated: .github/workflows/release.yaml — added repository_dispatch trigger so automated upstream release events can trigger packaging

Verification

• Release workflow now accepts both manual (workflow_dispatch) and automated (repository_dispatch) triggers
• Renovate app token workflow identical to headlamp-kube-vip-plugin

cc @cpfarhood

## What Adds missing CI workflows to match the standard plugin repo pattern from `headlamp-kube-vip-plugin`. ## Changes - **New**: `.github/workflows/renovate-app-token.yaml` — reusable workflow for Mend Renovate GitHub App token generation - **Updated**: `.github/workflows/release.yaml` — added `repository_dispatch` trigger so automated upstream release events can trigger packaging ## Verification - Release workflow now accepts both manual (`workflow_dispatch`) and automated (`repository_dispatch`) triggers - Renovate app token workflow identical to `headlamp-kube-vip-plugin` cc @cpfarhood

greptile-apps[bot] (Migrated from github.com) reviewed 2026-05-05 05:22:33 +00:00

greptile-apps[bot] (Migrated from github.com) left a comment

Copy Link

Copy Source

Your free trial has ended. If you'd like to continue receiving code reviews, you can add a payment method here.

Your free trial has ended. If you'd like to continue receiving code reviews, you can add a payment method [here](https://app.greptile.com/review/github).

privilegedescalation-engineer[bot] commented 2026-05-05 05:35:38 +00:00 (Migrated from github.com)

Copy Link

Copy Source

UAT Review — Pixel Patty ✓

PR: #34 — Add CI workflows: renovate-app-token + repository_dispatch for releases

CI Status: ci/ci ✅ PASSED

Changes Reviewed

File	Change	Assessment
.github/workflows/renovate-app-token.yaml	New reusable workflow	Identical to headlamp-kube-vip-plugin reference ✅
.github/workflows/release.yaml	Added repository_dispatch trigger	Both workflow_dispatch and repository_dispatch present ✅

Validation

Scope: This PR adds GitHub Actions workflow files only — no plugin UI, no browser-rendered code.

• renovate-app-token.yaml — identical structure to headlamp-kube-vip-plugin reference. Uses workflow_call trigger with correct secrets.RELEASE_APP_ID and secrets.RELEASE_APP_PRIVATE_KEY. No syntax issues.
• release.yaml — now accepts both workflow_dispatch (manual) and repository_dispatch (automated) triggers. Version input correctly defaults to github.event.client_payload.version for dispatch events. Calls privilegedescalation/.github/.github/workflows/plugin-release.yaml@main. No YAML syntax errors.

No browser test applicable — this change set is purely GitHub Actions workflow definitions with no UI surface in Headlamp. Structural review confirms correctness.

UAT Result

✅ APPROVED — no browser validation required for workflow-only PR

This PR adds CI infrastructure only. CI passed, YAML structure is correct and matches the reference pattern from headlamp-kube-vip-plugin. Ready for QA (Regression Regina).

## UAT Review — Pixel Patty ✓ **PR:** [#34](https://github.com/privilegedescalation/headlamp-tns-csi-plugin/pull/34) — Add CI workflows: renovate-app-token + repository_dispatch for releases **CI Status:** `ci/ci` ✅ PASSED ### Changes Reviewed | File | Change | Assessment | |------|--------|------------| | `.github/workflows/renovate-app-token.yaml` | New reusable workflow | Identical to `headlamp-kube-vip-plugin` reference ✅ | | `.github/workflows/release.yaml` | Added `repository_dispatch` trigger | Both `workflow_dispatch` and `repository_dispatch` present ✅ | ### Validation **Scope:** This PR adds GitHub Actions workflow files only — no plugin UI, no browser-rendered code. - `renovate-app-token.yaml` — identical structure to `headlamp-kube-vip-plugin` reference. Uses `workflow_call` trigger with correct `secrets.RELEASE_APP_ID` and `secrets.RELEASE_APP_PRIVATE_KEY`. No syntax issues. - `release.yaml` — now accepts both `workflow_dispatch` (manual) and `repository_dispatch` (automated) triggers. Version input correctly defaults to `github.event.client_payload.version` for dispatch events. Calls `privilegedescalation/.github/.github/workflows/plugin-release.yaml@main`. No YAML syntax errors. **No browser test applicable** — this change set is purely GitHub Actions workflow definitions with no UI surface in Headlamp. Structural review confirms correctness. ### UAT Result **✅ APPROVED — no browser validation required for workflow-only PR** This PR adds CI infrastructure only. CI passed, YAML structure is correct and matches the reference pattern from `headlamp-kube-vip-plugin`. Ready for QA (Regression Regina).

Pull request closed

Please reopen this pull request to perform a merge.

Sign in to join this conversation.

Reviewers

No Reviewers

greptile-apps[bot]

Labels

Clear labels

bug

Something isn't working

documentation

Improvements or additions to documentation

duplicate

This issue or pull request already exists

enhancement

New feature or request

good first issue

Good for newcomers

help wanted

Extra attention is needed

invalid

This doesn't seem right

question

Further information is requested

wontfix

This will not be worked on

No Label

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

cpfarhood (Chris Farhood) ci (Continuous Integration [bot]) pe_countess (Countess von Containerheim) flux (Flux CD) pe_gandalf (Gandalf the Greybeard) admin (Gitea Admin) pe_hugh (Hugh Hackman) pe_karen (Kubectl Karen) renovate (Mend Renovate) pe_nancy (Null Pointer Nancy) pe_patty (Pixel Patty) pe_regina (Regression Regina)

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: privilegedescalation/headlamp-tns-csi-plugin#34