From 6a3794bddfeed511543c3b8a912729302739f6ff Mon Sep 17 00:00:00 2001 From: Bertrand Goareguer <bertrand.goareguer@gmail.com> Date: Wed, 4 Dec 2024 07:11:41 +0000 Subject: [PATCH] fix: renovate cannot upgrade overwritten TBC Docker images The default renovate configuration now detects overwritten TBC Docker image variables and tracks them for update --- README.md | 33 ++++++++++++++++++++++++++++++++ kicker.json | 5 +++++ templates/gitlab-ci-renovate.yml | 28 +++++++++++++++++++++++++++ 3 files changed, 66 insertions(+) diff --git a/README.md b/README.md index 77a61a3..da8c225 100644 --- a/README.md +++ b/README.md @@ -36,6 +36,7 @@ The Renovate template uses some global configuration used throughout all jobs. | Input / Variable | Description | Default value | | -------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------- | | `image` / `RENOVATE_IMAGE` | The Docker image used to run Renovate | `registry.hub.docker.com/renovate/renovate:latest` | +| `onboarding-config` / `RENOVATE_ONBOARDING_CONFIG` | Renovate configuration to use for onboarding Renovate | [see below](#default-onboarding-configuration) | | :lock: `RENOVATE_TOKEN` | A GitLab access token to allow Renovate crawl your projects. [See doc](https://docs.renovatebot.com/modules/platform/gitlab/#authentication) | _none_ | | :lock: `GITHUB_COM_TOKEN` | A GitHub access token to allow Renovate fetch changelogs. [See doc](https://docs.renovatebot.com/getting-started/running/#githubcom-token-for-changelogs) | _none_ | @@ -70,6 +71,38 @@ Defaults values are set to manage GitLab features : | [`RENOVATE_LOG_FILE`](https://docs.renovatebot.com/config-overview/#logging-variables) | `renovate-log.ndjson` | | [`RENOVATE_LOG_FILE_LEVEL`](https://docs.renovatebot.com/config-overview/#logging-variables) | `debug` | +#### Default onboarding configuration +` +The default [onboarding configuration](https://docs.renovatebot.com/self-hosted-configuration/#onboardingconfig) is suitable for projects using to-be-continuous: + +- looks for user-defined inputs and variables in your `.gitlab-ci.yml` defining Docker images (ex: `SOMETOOL_IMAGE: docker.io/sometool:1.2.2`) + +```json +{ + "$schema": "https://docs.renovatebot.com/renovate-schema.json", + "extends": [ + "config:recommended", + ":dependencyDashboard" + ], + "labels": [ + "dependencies" + ], + "customManagers": [ + { + "customType": "regex", + "fileMatch": [ "\\.gitlab-ci\\.ya?ml$" ], + "matchStrings": [ "\\s?_IMAGE:\\s['\"](?<registryUrls>.*?)\\/(?<depName>.*?):(?<currentValue>.*)['\"]" ], + "datasourceTemplate": "docker" + }, + { + "customType": "regex", + "fileMatch": [ "\\.gitlab-ci\\.ya?ml$" ], + "matchStrings": [ "\\s?image:\\s['\"](?<registryUrls>.*?)\\/(?<depName>.*?):(?<currentValue>.*)['\"]" ], + "datasourceTemplate": "docker" + } + ] +} +``` ### Dry-run implementation details Depending on the source of a pipeline, the template will either perform your dependency updates (create/update/delete branches and MRs) diff --git a/kicker.json b/kicker.json index 2442ccf..8ba82c1 100644 --- a/kicker.json +++ b/kicker.json @@ -11,6 +11,11 @@ "description": "The Docker image used to run Renovate", "default": "registry.hub.docker.com/renovate/renovate:latest" }, + { + "name": "RENOVATE_ONBOARDING_CONFIG", + "description": "Renovate configuration to use for onboarding PRs", + "default": "{\n \"$$schema\": \"https://docs.renovatebot.com/renovate-schema.json\",\n \"extends\": [\n \"config:recommended\",\n \":dependencyDashboard\"\n ],\n \"labels\": [\n \"dependencies\"\n ],\n \"customManagers\": [\n {\n \"customType\": \"regex\",\n \"fileMatch\": [ \"\\\\.gitlab-ci\\\\.ya?ml$\" ], \n \"matchStrings\": [ \"\\\\s?_IMAGE:\\\\s['\\\"](?<registryUrls>.*?)\\\\/(?<depName>.*?):(?<currentValue>.*)['\\\"]\" ], \n \"datasourceTemplate\": \"docker\" \n },\n {\n \"customType\": \"regex\",\n \"fileMatch\": [ \"\\\\.gitlab-ci\\\\.ya?ml$\" ], \n \"matchStrings\": [ \"\\\\s?image:\\\\s['\\\"](?<registryUrls>.*?)\\\\/(?<depName>.*?):(?<currentValue>.*)['\\\"]\" ], \n \"datasourceTemplate\": \"docker\" \n }\n ] \n}" + }, { "name": "RENOVATE_TOKEN", "description": "A GitLab access token to allow Renovate crawl your projects. [See doc](https://docs.renovatebot.com/modules/platform/gitlab/#authentication)", diff --git a/templates/gitlab-ci-renovate.yml b/templates/gitlab-ci-renovate.yml index 245ed47..a874e38 100644 --- a/templates/gitlab-ci-renovate.yml +++ b/templates/gitlab-ci-renovate.yml @@ -19,6 +19,33 @@ spec: image: description: The Docker image used to run Renovate default: registry.hub.docker.com/renovate/renovate:latest + onboarding-config: + description: Renovate configuration to use for onboarding PRs + default: >- + { + "$$schema": "https://docs.renovatebot.com/renovate-schema.json", + "extends": [ + "config:recommended", + ":dependencyDashboard" + ], + "labels": [ + "dependencies" + ], + "customManagers": [ + { + "customType": "regex", + "fileMatch": [ "\\.gitlab-ci\\.ya?ml$" ], + "matchStrings": [ "\\s?_IMAGE:\\s['\"](?<registryUrls>.*?)\\/(?<depName>.*?):(?<currentValue>.*)['\"]" ], + "datasourceTemplate": "docker" + }, + { + "customType": "regex", + "fileMatch": [ "\\.gitlab-ci\\.ya?ml$" ], + "matchStrings": [ "\\s?image:\\s['\"](?<registryUrls>.*?)\\/(?<depName>.*?):(?<currentValue>.*)['\"]" ], + "datasourceTemplate": "docker" + } + ] + } --- workflow: rules: @@ -62,6 +89,7 @@ variables: RENOVATE_LOG_FILE: renovate-log.ndjson RENOVATE_LOG_FILE_LEVEL: debug LOG_LEVEL: info + RENOVATE_ONBOARDING_CONFIG: $[[ inputs.onboarding-config ]] .renovate-scripts: &renovate-scripts | # BEGSCRIPT -- GitLab