From 2509d99b9e0a7f627771bd486429f37ca394a94f Mon Sep 17 00:00:00 2001
From: Matthew Baggett <matthew@baggett.me>
Date: Thu, 16 May 2024 18:53:06 +0200
Subject: [PATCH] Standardisation

---
 .actrc                              |  2 +-
 .github/workflows/trunk.upgrade.yml | 30 +++++++++++++++++++++++++++++
 .trunk/trunk.yaml                   | 16 +++++++--------
 3 files changed, 39 insertions(+), 9 deletions(-)
 create mode 100644 .github/workflows/trunk.upgrade.yml

diff --git a/.actrc b/.actrc
index 7a69af2..f120a24 100644
--- a/.actrc
+++ b/.actrc
@@ -1,7 +1,7 @@
 --bind
 --action-cache-path .github/cache/act/actions
 --artifact-server-path .github/cache/act/artifacts
---artifact-server-port 34566
+--artifact-server-port 34564
 --cache-server-path .github/cache/act/cache
 --use-new-action-cache
 --platform self-hosted=ghcr.io/catthehacker/ubuntu:act-latest
diff --git a/.github/workflows/trunk.upgrade.yml b/.github/workflows/trunk.upgrade.yml
new file mode 100644
index 0000000..e77ea97
--- /dev/null
+++ b/.github/workflows/trunk.upgrade.yml
@@ -0,0 +1,30 @@
+name: Trunk Upgrade
+on:
+  schedule:
+    - cron: 0 8 * * 2 # Every Tuesday at 8am
+  workflow_dispatch: {}
+
+permissions: read-all
+jobs:
+  trunk-upgrade:
+    name: Upgrade Trunk
+    runs-on: ubuntu-latest # MB: For some reason, the action doesn't work on self-hosted runners. I've not got time to investigate why right now but its so low-frequency and fast that it doesn't matter.
+    permissions:
+      contents: write # For trunk to create PRs
+      pull-requests: write # For trunk to create PRs
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+      - name: "Trunk Upgrade"
+        uses: trunk-io/trunk-action/upgrade@v1
+      - name: "PR: Find Pull Request"
+        uses: juliangruber/find-pull-request-action@v1
+        id: find-pull-request
+        with:
+          labels: trunk
+      - name: "PR: Enable Pull Request Automerge"
+        continue-on-error: true
+        uses: peter-evans/enable-pull-request-automerge@v3
+        with:
+          token: ${{ secrets.GITHUB_TOKEN }}
+          pull-request-number: ${{ steps.find-pull-request.outputs.number }}
diff --git a/.trunk/trunk.yaml b/.trunk/trunk.yaml
index 372ea1b..cb9aa40 100644
--- a/.trunk/trunk.yaml
+++ b/.trunk/trunk.yaml
@@ -2,14 +2,14 @@
 # To learn more about the format of this file, see https://docs.trunk.io/reference/trunk-yaml
 version: 0.1
 cli:
-  version: 1.21.0
+  version: 1.22.1
   shell_hooks:
     enforce: true
 # Trunk provides extensibility via plugins. (https://docs.trunk.io/plugins)
 plugins:
   sources:
     - id: trunk
-      ref: v1.4.5
+      ref: v1.5.0
       uri: https://github.com/trunk-io/plugins
 # Many linters and tools depend on runtimes - configure them here. (https://docs.trunk.io/runtimes)
 runtimes:
@@ -23,17 +23,17 @@ lint:
     - terrascan
   enabled:
     - gitleaks@8.18.2
-    - actionlint@1.6.27
-    - checkov@3.2.52
+    - actionlint@1.7.0
+    - checkov@3.2.92
     - git-diff-check
     - hadolint@2.12.0
-    - markdownlint@0.39.0
-    - osv-scanner@1.7.0
+    - markdownlint@0.40.0
+    - osv-scanner@1.7.3
     - prettier@3.2.5
     - shellcheck@0.10.0
     - shfmt@3.6.0
-    - trivy@0.50.1
-    - trufflehog@3.71.0
+    - trivy@0.51.1
+    - trufflehog@3.76.2
     - yamllint@1.35.1
     - php-cs-fixer@0.0.1
   ignore: