ci: update workflow config

.github/workflows/build.yml

@@ -1,11 +1,13 @@
 # SPDX-FileCopyrightText: © Sebastian Thomschke and contributors
 # SPDX-License-Identifier: AGPL-3.0-or-later
-# SPDX-ArtifactOfProjectHomePage: https://github.com/Second-Hand-Friends/kleinanzeigen-bot/
+# SPDX-ArtifactOfProjectHomePage: https://github.com/Second-Hand-Friends/kleinanzeigen-bot
 #
 # https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions
 name: Build
 
 on:
+  schedule:
+    - cron: '0 15 1 * *'
   push:
     branches-ignore:  # build all branches except:
     - 'dependabot/**'     # prevent GHA triggered twice (once for commit to the branch and once for opening/syncing the PR)
@@ -94,7 +96,6 @@ jobs:
     - name: Git Checkout
       uses: actions/checkout@v4  # https://github.com/actions/checkout
 
-
     - name: "Install: Chromium Browser"
       if: env.ACT == 'true' && startsWith(matrix.os, 'ubuntu')
       run: |
@@ -217,7 +218,7 @@ jobs:
 
     - name: Upload self-contained executable
       uses: actions/upload-artifact@v4
-      if: ${{ github.ref_name == 'main' && matrix.PUBLISH_RELEASE && !env.ACT }}
+      if: github.ref_name == 'main' && matrix.PUBLISH_RELEASE && !env.ACT
       with:
         name: artifacts-${{ matrix.os }}
         path: dist/kleinanzeigen-bot*
@@ -234,7 +235,7 @@ jobs:
 
 
     - name: Publish Docker image
-      if: ${{ github.repository_owner == 'Second-Hand-Friends' && github.ref_name == 'main' && matrix.PUBLISH_RELEASE && startsWith(matrix.os, 'ubuntu') && !env.ACT }}
+      if: github.repository_owner == 'Second-Hand-Friends' && github.ref_name == 'main' && matrix.PUBLISH_RELEASE && startsWith(matrix.os, 'ubuntu') && !env.ACT
       run: |
         set -eux
 
@@ -251,8 +252,8 @@ jobs:
     runs-on: ubuntu-latest
     needs: 
       - build
-    if: ${{ github.ref_name == 'main' && !github.event.act }}
-    concurrency: publish-latest-release # https://docs.github.com/en/actions/reference/workflow-syntax-for-github-actions#jobsjob_idconcurrency
+    if: (github.ref_name == 'main' || github.ref_name == 'release') && !github.event.act
+    concurrency: publish-${{ github.ref_name }}-release # https://docs.github.com/en/actions/reference/workflow-syntax-for-github-actions#jobsjob_idconcurrency
 
     steps:
     - name: "Show: GitHub context"
@@ -261,7 +262,7 @@ jobs:
       run: echo $GITHUB_CONTEXT
 
 
-    - name: Show environment variables
+    - name: "Show: environment variables"
       run: env | sort
 
 
@@ -269,9 +270,9 @@ jobs:
       uses: vegardit/fast-apt-mirror.sh@v1
 
 
-    - name: Git checkout 
+    - name: Git Checkout 
       # only required by "gh release create" to prevent "fatal: Not a git repository"
-      uses: actions/checkout@v4  #https://github.com/actions/checkout
+      uses: actions/checkout@v4  # https://github.com/actions/checkout
 
 
     - name: Delete untagged docker image
@@ -309,27 +310,40 @@ jobs:
       run: clamscan kleinanzeigen-*
 
 
-    - name: "Delete previous 'latest' release"
+    - name: "Determine release name"
+      id: release
+      run: |
+        case "$GITHUB_REF_NAME" in
+          main)
+            echo "name=preview" >>"$GITHUB_OUTPUT"
+            ;;
+          release)
+            echo "name=latest" >>"$GITHUB_OUTPUT"
+            ;;
+        esac
+
+
+    - name: "Delete previous '${{ steps.release.outputs.name }}' release"
       env:
         GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        RELEASE_NAME: latest
+        RELEASE_NAME: ${{ steps.release.outputs.name }}
       # https://cli.github.com/manual/gh_release_delete
       run: |
         GH_DEBUG=1 gh release delete "$RELEASE_NAME" --yes --cleanup-tag || true
 
 
-    - name: "Create 'latest' release"
+    - name: "Create '${{ steps.release.outputs.name }}' Release"
       env:
         GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        RELEASE_NAME: latest
+        RELEASE_NAME: ${{ steps.release.outputs.name }}
+        COMMIT_MSG: ${{ github.event.head_commit.message }} # https://stackoverflow.com/a/78420438/5116073
+      # https://cli.github.com/manual/gh_release_create
       run: |
-        set -eux
-
-        # https://cli.github.com/manual/gh_release_create
         GH_DEBUG=1 gh release create "$RELEASE_NAME" \
           --title "$RELEASE_NAME" \
-          --latest \
-          --notes ${{ toJSON(github.event.head_commit.message) }} \
+          ${{ steps.release.outputs.name == 'latest' && '--latest' || '' }} \
+          ${{ steps.release.outputs.name == 'preview' && '--prerelease' || '' }} \
+          --notes "$COMMIT_MSG" \
           --target "${{ github.sha }}" \
           kleinanzeigen-bot-darwin-amd64 \
           kleinanzeigen-bot-darwin-arm64 \
@@ -343,3 +357,25 @@ jobs:
       with:
         name: "*"
         failOnError: false
+
+
+  ###########################################################
+  dependabot-pr-auto-merge:
+  ###########################################################
+    needs: build
+    if: github.event_name == 'pull_request' && github.actor == 'dependabot[bot]'
+    runs-on: ubuntu-latest
+
+    concurrency: dependabot-pr-auto-merge
+
+    permissions:
+      contents: write
+      pull-requests: write
+
+    steps:
+    - name: Merge Dependabot PR
+      env:
+        GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
+        PR_URL: ${{github.event.pull_request.html_url}}
+      run: |
+        gh pr merge --auto --rebase "$PR_URL"

.github/workflows/update-python-deps.yml

@@ -79,15 +79,21 @@ jobs:
         set -euo pipefail
 
         exec 5>&1
-        updates=$(pdm update --update-all 2>&1 |tee /dev/fd/5)
+        updates=$(pdm update --update-all 2>&1 | tee /dev/fd/5)
 
         if git diff --exit-code pdm.lock; then
           echo "updates=" >> "$GITHUB_OUTPUT"
         else
+          updates="$(echo "$updates" | grep Update | grep -v kleinanzeigen-bot)"
+          if [[ $(wc -l <<< "$updates") -eq 1 ]]; then
+            echo "title=$(echo "$updates" | head -n 1)" >> "${GITHUB_OUTPUT}"
+          else
+            echo "title=Update Python dependencies" >> "${GITHUB_OUTPUT}"
+          fi
           # https://github.com/orgs/community/discussions/26288#discussioncomment-3876281
           delimiter="$(openssl rand -hex 8)"
           echo "updates<<${delimiter}" >> "${GITHUB_OUTPUT}"
-          echo "$(echo "$updates" | grep Update | grep -v kleinanzeigen-bot)" >> "${GITHUB_OUTPUT}"
+          echo "$updates" >> "${GITHUB_OUTPUT}"
           echo "${delimiter}" >> "${GITHUB_OUTPUT}"
         fi
 
@@ -96,7 +102,7 @@ jobs:
       uses: peter-evans/create-pull-request@v7  # https://github.com/peter-evans/create-pull-request
       if: "${{ steps.update_deps.outputs.updates != '' }}"
       with:
-        title: "chore: Update Python dependencies"
+        title: "chore: ${{ steps.update_deps.outputs.title }}"
         author: "github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>"
         committer: "github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>"
         commit-message: "chore: Update Python dependencies"