Merge remote-tracking branch 'upstream/master'

# Conflicts:
#	.gitlab-ci.yml
#	CHANGELOG.md
#	README.md
#	kicker.json
#	templates/gitlab-ci-renovate.yml

.gitlab-ci.yml

+# variables in the GitLab CI/CD variables:
+  #   GITLAB_TOKEN to support the semantic-release
+  #   DOCKER_AUTH_CONFIG to support the usage of private docker images as job docker image
+  #   TMPL_RELEASE_ENABLED to enable the semantic-release job
+  #   TBC_NAMESPACE: smartdatalab/public/ci-cd-components
+
 include:
-  - component: git.code.tecnalia.com/smartdatalab/public/ci-cd-components/gitlab-ci/extract@master
+  - component: $CI_SERVER_FQDN/$TBC_NAMESPACE/gitlab-ci/extract@master
     inputs:
       extract-script-job-tags: ["docker"]
-  - component: git.code.tecnalia.com/smartdatalab/public/ci-cd-components/gitlab-ci/validation@master
+  - component: $CI_SERVER_FQDN/$TBC_NAMESPACE/gitlab-ci/validation@master
     inputs:
       check-links-job-tags: ["docker"]
       tbc-check-job-tags: ["docker"]
       tbc-check-image: cicd-docker-dev.artifact.tecnalia.com/tbc-check:master
       gitlab-ci-lint-job-tags: ["docker"]
-  - component: git.code.tecnalia.com/smartdatalab/public/ci-cd-components/kicker/validation@master
+  - component: $CI_SERVER_FQDN/$TBC_NAMESPACE/kicker/validation@master
     inputs:
       kicker-validation-job-tags: ["docker"]
       schema-base-url: "https://git.code.tecnalia.com/api/v4/projects/smartdatalab%2Fpublic%2Fci-cd-components%2Fkicker/repository/files"
-  - component: git.code.tecnalia.com/smartdatalab/public/ci-cd-components/bash/gitlab-ci-bash@master
+      yajsv-image: "cicd-docker-dev.artifact.tecnalia.com/yajsv:latest"
+  - component: $CI_SERVER_FQDN/$TBC_NAMESPACE/bash/gitlab-ci-bash@master
     inputs:
       bash-shellcheck-job-tags: ["docker"]
-  - component: git.code.tecnalia.com/smartdatalab/public/ci-cd-components/semantic-release/gitlab-ci-semrel@master
+      shellcheck-files: "*.sh"
+  - component: $CI_SERVER_FQDN/$TBC_NAMESPACE/semantic-release/gitlab-ci-semrel@master
     inputs:
       semantic-release-job-tags: ["docker"]
-
-stages:
-  - build
-  - publish
+  - component: $CI_SERVER_FQDN/$TBC_NAMESPACE/gitleaks/gitlab-ci-gitleaks@master
+    inputs:
+      gitleaks-job-tags: ["docker"]
 
 variables:
   GITLAB_CI_FILES: "templates/gitlab-ci-renovate.yml"
-  BASH_SHELLCHECK_FILES: "*.sh"
+  GIT_STRATEGY: clone
 
 semantic-release:
   rules:

CHANGELOG.md

-## [1.2.2](https://git.code.tecnalia.com/smartdatalab/public/ci-cd-components/renovate/compare/1.2.1...1.2.2) (2024-05-21)
-
-
-### Bug Fixes
-
-* **workflow:** disable MR pipeline from prod & integ branches ([e32e815](https://git.code.tecnalia.com/smartdatalab/public/ci-cd-components/renovate/commit/e32e815f6aa487edf0c25112cc6173bbd1ce0ad2))
-
 ## [1.2.2](https://gitlab.com/to-be-continuous/renovate/compare/1.2.1...1.2.2) (2024-05-05)
 
 

README.md

@@ -4,29 +4,29 @@ Automate your dependency updates with [Renovate](https://www.mend.io/renovate/).
 
 ## Usage
 
-This template can be used both as a [CI/CD component](https://docs.gitlab.com/ee/ci/components/#use-a-component-in-a-cicd-configuration) 
+This template can be used both as a [CI/CD component](https://docs.gitlab.com/ee/ci/components/#use-a-component)
 or using the legacy [`include:project`](https://docs.gitlab.com/ee/ci/yaml/index.html#includeproject) syntax.
 
 ### Use as a CI/CD component
 
-Add the following to your `gitlab-ci.yml`:
+Add the following to your `.gitlab-ci.yml`:
 
 ```yaml
 include:
   # include the component
-  - component: gitlab.com/to-be-continuous/renovate/gitlab-ci-renovate@1.2.2
+  - component: $CI_SERVER_FQDN/to-be-continuous/renovate/gitlab-ci-renovate@1.3.0
 ```
 
 ### Use as a CI/CD template (legacy)
 
-Add the following to your `gitlab-ci.yml`:
+Add the following to your `.gitlab-ci.yml`:
 
 ```yaml
 include:
   # include the template
-  - project: 'to-be-continuous/renovate'
-    ref: '1.2.2'
-    file: '/templates/gitlab-ci-renovate.yml'
+  - project: "to-be-continuous/renovate"
+    ref: "1.2.2"
+    file: "/templates/gitlab-ci-renovate.yml"
 ```
 
 ## Configuration
@@ -36,7 +36,6 @@ The Renovate template uses some global configuration used throughout all jobs.
 | Input / Variable | Description                                                                     | Default value     |
 |------------------------|---------------------------------------------------------------------------------|-------------------|
 | `image` / `RENOVATE_IMAGE` | The Docker image used to run Renovate                                           | `registry.hub.docker.com/renovate/renovate:latest` |
-| `platform` / `RENOVATE_PLATFORM` | The Platform type of repository [See doc](https://docs.renovatebot.com/self-hosted-configuration/#platform)  | `gitlab` |
 | :lock: `RENOVATE_TOKEN`| A GitLab access token to allow Renovate crawl your projects. [See doc](https://docs.renovatebot.com/modules/platform/gitlab/#authentication) | _none_ |
 | :lock: `GITHUB_COM_TOKEN`| A GitHub access token to allow Renovate fetch changelogs. [See doc](https://docs.renovatebot.com/getting-started/running/#githubcom-token-for-changelogs) | _none_ |
 | `renovate-validator-job-tags` / `RENOVATE_VALIDATOR_JOB_TAGS` | Tags to be used for selecting runners for the job | `[]`            |
@@ -50,13 +49,29 @@ will be in charge of crawling all your other projects.
 Upon including the template, carefuly follow [Renovate's documentation](https://docs.renovatebot.com/) to
 configure the bot accordingly. Pay attention to the following:
 
-* ~~Remember to set the [platform](https://docs.renovatebot.com/self-hosted-configuration/#platform) parameter
+- ~~Remember to set the [platform](https://docs.renovatebot.com/self-hosted-configuration/#platform) parameter
   to `gitlab` in your configuration.~~
-* [GitLab platform integration](https://docs.renovatebot.com/modules/platform/gitlab/) requires that you
+- [GitLab platform integration](https://docs.renovatebot.com/modules/platform/gitlab/) requires that you
   declare a `RENOVATE_TOKEN` variable with an access token.
-* You'll also probaly need to declare a `GITHUB_COM_TOKEN` variable, holding a GitHub access token
+- You'll also probaly need to declare a `GITHUB_COM_TOKEN` variable, holding a GitHub access token
   (for [fetching changelogs](https://docs.renovatebot.com/getting-started/running/#githubcom-token-for-changelogs))
 
+### Default Renovate configuration
+
+This template is designed to be run on GitLab.
+
+Defaults values are set to manage GitLab features :
+
+| Renovate variable                                                                                            | Value                                     |
+| ------------------------------------------------------------------------------------------------------------ | ----------------------------------------- |
+| [`RENOVATE_PLATFORM`](https://docs.renovatebot.com/self-hosted-configuration/#platform)                      | `gitlab`                                  |
+| [`RENOVATE_ENDPOINT`](https://docs.renovatebot.com/self-hosted-configuration/#endpoint)                      | `$CI_API_V4_URL`                          |
+| [`RENOVATE_AUTODISCOVER_FILTER`](https://docs.renovatebot.com/self-hosted-configuration/#autodiscoverfilter) | `${CI_PROJECT_ROOT_NAMESPACE}/**`         |
+| [`RENOVATE_REGISTRY_ALIASES`](https://docs.renovatebot.com/configuration-options/#registryaliases)           | `{"$$CI_SERVER_FQDN": "$CI_SERVER_FQDN"}` |
+| [`RENOVATE_BINARY_SOURCE`](https://docs.renovatebot.com/self-hosted-configuration/#binarysource)             | `install`                                 |
+| [`RENOVATE_LOG_FILE`](https://docs.renovatebot.com/config-overview/#logging-variables)                       | `renovate-log.ndjson`                     |
+| [`RENOVATE_LOG_FILE_LEVEL`](https://docs.renovatebot.com/config-overview/#logging-variables)                 | `debug`                                   |
+
 ### Dry-run implementation details
 
 Depending on the source of a pipeline, the template will either perform your dependency updates (create/update/delete branches and MRs)

kicker.json

@@ -21,11 +21,6 @@
       "description": "A GitHub access token to allow Renovate fetch changelogs. [See doc](https://docs.renovatebot.com/getting-started/running/#githubcom-token-for-changelogs)",
       "secret": true
     },
-    {
-      "name": "RENOVATE_PLATFORM",
-      "description": "The Platform type of repository",
-      "default": "gitlab"
-    },
     {
       "name": "RENOVATE_RENOVATE_VALIDATOR_JOB_TAGS",
       "description": "Tags to be used for selecting runners for the job",

templates/gitlab-ci-renovate.yml

@@ -19,9 +19,6 @@ spec:
     image:
       description: The Docker image used to run Renovate
       default: registry.hub.docker.com/renovate/renovate:latest
-    platform:
-      description: The Platform type of repository
-      default: gitlab
     renovate-validator-job-tags:
       description: tags to filter applicable runners for renovate-validator job
       default: []
@@ -61,14 +58,16 @@ variables:
   TBC_TRACKING_IMAGE: registry.gitlab.com/to-be-continuous/tools/tracking:master
 
   RENOVATE_IMAGE: $[[ inputs.image ]]
-  RENOVATE_PLATFORM: $[[ inputs.platform ]]
 
   # those are native Renovate configuration variables
   # see: https://docs.renovatebot.com/self-hosted-configuration
+  RENOVATE_PLATFORM: gitlab
   RENOVATE_ENDPOINT: $CI_API_V4_URL
-  RENOVATE_LOG_FILE: renovate-log.ndjson
   RENOVATE_AUTODISCOVER_FILTER: ${CI_PROJECT_ROOT_NAMESPACE}/**
+  RENOVATE_REGISTRY_ALIASES: "{\"$$CI_SERVER_FQDN\": \"$CI_SERVER_FQDN\"}"
   RENOVATE_BINARY_SOURCE: install
+  # see: https://docs.renovatebot.com/config-overview/#logging-variables
+  RENOVATE_LOG_FILE: renovate-log.ndjson
   RENOVATE_LOG_FILE_LEVEL: debug
   LOG_LEVEL: info
 
@@ -240,7 +239,7 @@ stages:
   image: $RENOVATE_IMAGE
   services:
     - name: "$TBC_TRACKING_IMAGE"
-      command: ["--service", "renovate", "1.2.2"]
+      command: ["--service", "renovate", "1.3.0"]
   variables:
     RENOVATE_BASE_DIR: $CI_PROJECT_DIR
     RENOVATE_CACHE_DIR: $CI_PROJECT_DIR/.cache/renovate