Merge remote-tracking branch 'upstream/master'

# Conflicts: # .gitlab-ci.yml # CHANGELOG.md # README.md # kicker.json # templates/gitlab-ci-renovate.yml

Merge remote-tracking branch 'upstream/master'
fa3047da · Benguria Elguezabal, Gorka · 893276a8 · 39ff8e2d · fa3047da · fa3047da
Commit fa3047da authored 8 months ago by Benguria Elguezabal, Gorka
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
+# variables in the GitLab CI/CD variables:
+  #   GITLAB_TOKEN to support the semantic-release
+  #   DOCKER_AUTH_CONFIG to support the usage of private docker images as job docker image
+  #   TMPL_RELEASE_ENABLED to enable the semantic-release job
+  #   TBC_NAMESPACE: smartdatalab/public/ci-cd-components
+
 include:
-  - component: git.code.tecnalia.com/smartdatalab/public/ci-cd-components/gitlab-ci/extract@master
+  - component: $CI_SERVER_FQDN/$TBC_NAMESPACE/gitlab-ci/extract@master
    inputs:
      extract-script-job-tags: ["docker"]
-  - component: git.code.tecnalia.com/smartdatalab/public/ci-cd-components/gitlab-ci/validation@master
+  - component: $CI_SERVER_FQDN/$TBC_NAMESPACE/gitlab-ci/validation@master
    inputs:
      check-links-job-tags: ["docker"]
      tbc-check-job-tags: ["docker"]
      tbc-check-image: cicd-docker-dev.artifact.tecnalia.com/tbc-check:master
      gitlab-ci-lint-job-tags: ["docker"]
-  - component: git.code.tecnalia.com/smartdatalab/public/ci-cd-components/kicker/validation@master
+  - component: $CI_SERVER_FQDN/$TBC_NAMESPACE/kicker/validation@master
    inputs:
      kicker-validation-job-tags: ["docker"]
      schema-base-url: "https://git.code.tecnalia.com/api/v4/projects/smartdatalab%2Fpublic%2Fci-cd-components%2Fkicker/repository/files"
-  - component: git.code.tecnalia.com/smartdatalab/public/ci-cd-components/bash/gitlab-ci-bash@master
+      yajsv-image: "cicd-docker-dev.artifact.tecnalia.com/yajsv:latest"
+  - component: $CI_SERVER_FQDN/$TBC_NAMESPACE/bash/gitlab-ci-bash@master
    inputs:
      bash-shellcheck-job-tags: ["docker"]
-  - component: git.code.tecnalia.com/smartdatalab/public/ci-cd-components/semantic-release/gitlab-ci-semrel@master
+      shellcheck-files: "*.sh"
+  - component: $CI_SERVER_FQDN/$TBC_NAMESPACE/semantic-release/gitlab-ci-semrel@master
    inputs:
      semantic-release-job-tags: ["docker"]
-
-stages:
-  - build
-  - publish
+  - component: $CI_SERVER_FQDN/$TBC_NAMESPACE/gitleaks/gitlab-ci-gitleaks@master
+    inputs:
+      gitleaks-job-tags: ["docker"]

 variables:
  GITLAB_CI_FILES: "templates/gitlab-ci-renovate.yml"
-  BASH_SHELLCHECK_FILES: "*.sh"
+  GIT_STRATEGY: clone

 semantic-release:
  rules:

--- a/CHANGELOG.md
+++ b/CHANGELOG.md
-## [1.2.2](https://git.code.tecnalia.com/smartdatalab/public/ci-cd-components/renovate/compare/1.2.1...1.2.2) (2024-05-21)
-
-
-### Bug Fixes
-
-* **workflow:** disable MR pipeline from prod & integ branches ([e32e815](https://git.code.tecnalia.com/smartdatalab/public/ci-cd-components/renovate/commit/e32e815f6aa487edf0c25112cc6173bbd1ce0ad2))
-
 ## [1.2.2](https://gitlab.com/to-be-continuous/renovate/compare/1.2.1...1.2.2) (2024-05-05)



--- a/README.md
+++ b/README.md
@@ -4,29 +4,29 @@ Automate your dependency updates with [Renovate](https://www.mend.io/renovate/).

 ## Usage

-This template can be used both as a [CI/CD component](https://docs.gitlab.com/ee/ci/components/#use-a-component-in-a-cicd-configuration) 
+This template can be used both as a [CI/CD component](https://docs.gitlab.com/ee/ci/components/#use-a-component)
 or using the legacy [`include:project`](https://docs.gitlab.com/ee/ci/yaml/index.html#includeproject) syntax.

 ### Use as a CI/CD component

-Add the following to your `gitlab-ci.yml`:
+Add the following to your `.gitlab-ci.yml`:

 ```yaml
 include:
  # include the component
-  - component: gitlab.com/to-be-continuous/renovate/gitlab-ci-renovate@1.2.2
+  - component: $CI_SERVER_FQDN/to-be-continuous/renovate/gitlab-ci-renovate@1.3.0
 ```

 ### Use as a CI/CD template (legacy)

-Add the following to your `gitlab-ci.yml`:
+Add the following to your `.gitlab-ci.yml`:

 ```yaml
 include:
  # include the template
-  - project: 'to-be-continuous/renovate'
-    ref: '1.2.2'
-    file: '/templates/gitlab-ci-renovate.yml'
+  - project: "to-be-continuous/renovate"
+    ref: "1.2.2"
+    file: "/templates/gitlab-ci-renovate.yml"
 ```

 ## Configuration
@@ -36,7 +36,6 @@ The Renovate template uses some global configuration used throughout all jobs.
 | Input / Variable | Description                                                                     | Default value     |
 |------------------------|---------------------------------------------------------------------------------|-------------------|
 | `image` / `RENOVATE_IMAGE` | The Docker image used to run Renovate                                           | `registry.hub.docker.com/renovate/renovate:latest` |
-| `platform` / `RENOVATE_PLATFORM` | The Platform type of repository [See doc](https://docs.renovatebot.com/self-hosted-configuration/#platform)  | `gitlab` |
 | :lock: `RENOVATE_TOKEN`| A GitLab access token to allow Renovate crawl your projects. [See doc](https://docs.renovatebot.com/modules/platform/gitlab/#authentication) | _none_ |
 | :lock: `GITHUB_COM_TOKEN`| A GitHub access token to allow Renovate fetch changelogs. [See doc](https://docs.renovatebot.com/getting-started/running/#githubcom-token-for-changelogs) | _none_ |
 | `renovate-validator-job-tags` / `RENOVATE_VALIDATOR_JOB_TAGS` | Tags to be used for selecting runners for the job | `[]`            |
@@ -50,13 +49,29 @@ will be in charge of crawling all your other projects.
 Upon including the template, carefuly follow [Renovate's documentation](https://docs.renovatebot.com/) to
 configure the bot accordingly. Pay attention to the following:

-* ~~Remember to set the [platform](https://docs.renovatebot.com/self-hosted-configuration/#platform) parameter
+- ~~Remember to set the [platform](https://docs.renovatebot.com/self-hosted-configuration/#platform) parameter
  to `gitlab` in your configuration.~~
-* [GitLab platform integration](https://docs.renovatebot.com/modules/platform/gitlab/) requires that you
+- [GitLab platform integration](https://docs.renovatebot.com/modules/platform/gitlab/) requires that you
  declare a `RENOVATE_TOKEN` variable with an access token.
-* You'll also probaly need to declare a `GITHUB_COM_TOKEN` variable, holding a GitHub access token
+- You'll also probaly need to declare a `GITHUB_COM_TOKEN` variable, holding a GitHub access token
  (for [fetching changelogs](https://docs.renovatebot.com/getting-started/running/#githubcom-token-for-changelogs))

+### Default Renovate configuration
+
+This template is designed to be run on GitLab.
+
+Defaults values are set to manage GitLab features :
+
+| Renovate variable                                                                                            | Value                                     |
+| ------------------------------------------------------------------------------------------------------------ | ----------------------------------------- |
+| [`RENOVATE_PLATFORM`](https://docs.renovatebot.com/self-hosted-configuration/#platform)                      | `gitlab`                                  |
+| [`RENOVATE_ENDPOINT`](https://docs.renovatebot.com/self-hosted-configuration/#endpoint)                      | `$CI_API_V4_URL`                          |
+| [`RENOVATE_AUTODISCOVER_FILTER`](https://docs.renovatebot.com/self-hosted-configuration/#autodiscoverfilter) | `${CI_PROJECT_ROOT_NAMESPACE}/**`         |
+| [`RENOVATE_REGISTRY_ALIASES`](https://docs.renovatebot.com/configuration-options/#registryaliases)           | `{"$$CI_SERVER_FQDN": "$CI_SERVER_FQDN"}` |
+| [`RENOVATE_BINARY_SOURCE`](https://docs.renovatebot.com/self-hosted-configuration/#binarysource)             | `install`                                 |
+| [`RENOVATE_LOG_FILE`](https://docs.renovatebot.com/config-overview/#logging-variables)                       | `renovate-log.ndjson`                     |
+| [`RENOVATE_LOG_FILE_LEVEL`](https://docs.renovatebot.com/config-overview/#logging-variables)                 | `debug`                                   |
+
 ### Dry-run implementation details

 Depending on the source of a pipeline, the template will either perform your dependency updates (create/update/delete branches and MRs)
@@ -69,5 +84,5 @@ The real dependency updates is triggered only when:

 In any other case (regular Git commit or else) the template will perform a dry run.

-:warning: Dry-run behavior is enabled/disabled with the `RENOVATE_DRY_RUN` environment variable. 
+:warning: Dry-run behavior is enabled/disabled with the `RENOVATE_DRY_RUN` environment variable.
 Please don't try to override it or you might break the default template implementation.
--- a/kicker.json
+++ b/kicker.json
@@ -21,11 +21,6 @@
      "description": "A GitHub access token to allow Renovate fetch changelogs. [See doc](https://docs.renovatebot.com/getting-started/running/#githubcom-token-for-changelogs)",
      "secret": true
    },
-    {
-      "name": "RENOVATE_PLATFORM",
-      "description": "The Platform type of repository",
-      "default": "gitlab"
-    },
    {
      "name": "RENOVATE_RENOVATE_VALIDATOR_JOB_TAGS",
      "description": "Tags to be used for selecting runners for the job",

--- a/templates/gitlab-ci-renovate.yml
+++ b/templates/gitlab-ci-renovate.yml
@@ -19,9 +19,6 @@ spec:
    image:
      description: The Docker image used to run Renovate
      default: registry.hub.docker.com/renovate/renovate:latest
-    platform:
-      description: The Platform type of repository
-      default: gitlab
    renovate-validator-job-tags:
      description: tags to filter applicable runners for renovate-validator job
      default: []
@@ -61,14 +58,16 @@ variables:
  TBC_TRACKING_IMAGE: registry.gitlab.com/to-be-continuous/tools/tracking:master

  RENOVATE_IMAGE: $[[ inputs.image ]]
-  RENOVATE_PLATFORM: $[[ inputs.platform ]]

  # those are native Renovate configuration variables
  # see: https://docs.renovatebot.com/self-hosted-configuration
+  RENOVATE_PLATFORM: gitlab
  RENOVATE_ENDPOINT: $CI_API_V4_URL
-  RENOVATE_LOG_FILE: renovate-log.ndjson
  RENOVATE_AUTODISCOVER_FILTER: ${CI_PROJECT_ROOT_NAMESPACE}/**
+  RENOVATE_REGISTRY_ALIASES: "{\"$$CI_SERVER_FQDN\": \"$CI_SERVER_FQDN\"}"
  RENOVATE_BINARY_SOURCE: install
+  # see: https://docs.renovatebot.com/config-overview/#logging-variables
+  RENOVATE_LOG_FILE: renovate-log.ndjson
  RENOVATE_LOG_FILE_LEVEL: debug
  LOG_LEVEL: info

@@ -240,7 +239,7 @@ stages:
  image: $RENOVATE_IMAGE
  services:
    - name: "$TBC_TRACKING_IMAGE"
-      command: ["--service", "renovate", "1.2.2"]
+      command: ["--service", "renovate", "1.3.0"]
  variables:
    RENOVATE_BASE_DIR: $CI_PROJECT_DIR
    RENOVATE_CACHE_DIR: $CI_PROJECT_DIR/.cache/renovate