Add Renovate dependency update config
This commit is contained in:
juvdiaz
parent
40662b2b74
commit
8f3ec624c2
|
|
@ -373,6 +373,15 @@ systemctl status homelab-gitea-runner.service
|
||||||
journalctl -u homelab-gitea-runner.service -n 100 --no-pager
|
journalctl -u homelab-gitea-runner.service -n 100 --no-pager
|
||||||
```
|
```
|
||||||
|
|
||||||
|
## Renovate
|
||||||
|
|
||||||
|
`renovate.json` defines dependency update rules for Dockerfiles, OpenTofu
|
||||||
|
providers, Helm chart versions, and the pinned tools used by the Gitea Actions
|
||||||
|
workflow. Renovate should open reviewable update branches or PRs only; it must
|
||||||
|
not auto-merge infrastructure changes. Keep app-only dependency updates on the
|
||||||
|
normal Gitea Actions path, and run `./lab.sh up` manually on the Debian server
|
||||||
|
for platform or provisioning updates.
|
||||||
|
|
||||||
## Destructive Rebuilds
|
## Destructive Rebuilds
|
||||||
|
|
||||||
`./lab.sh nuke` resets kubeadm, containerd runtime state, CNI files, Calico
|
`./lab.sh nuke` resets kubeadm, containerd runtime state, CNI files, Calico
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,88 @@
|
||||||
|
{
|
||||||
|
"$schema": "https://docs.renovatebot.com/renovate-schema.json",
|
||||||
|
"extends": [
|
||||||
|
"config:recommended"
|
||||||
|
],
|
||||||
|
"timezone": "America/Mexico_City",
|
||||||
|
"dependencyDashboard": true,
|
||||||
|
"labels": [
|
||||||
|
"dependencies"
|
||||||
|
],
|
||||||
|
"prConcurrentLimit": 4,
|
||||||
|
"packageRules": [
|
||||||
|
{
|
||||||
|
"description": "Group OpenTofu and Terraform provider updates.",
|
||||||
|
"matchManagers": [
|
||||||
|
"terraform"
|
||||||
|
],
|
||||||
|
"matchDepTypes": [
|
||||||
|
"required_provider"
|
||||||
|
],
|
||||||
|
"groupName": "OpenTofu providers"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"description": "Group Helm chart versions managed through OpenTofu.",
|
||||||
|
"matchManagers": [
|
||||||
|
"terraform"
|
||||||
|
],
|
||||||
|
"matchDatasources": [
|
||||||
|
"helm"
|
||||||
|
],
|
||||||
|
"groupName": "Helm charts"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"description": "Keep app base image changes separate from platform changes.",
|
||||||
|
"matchManagers": [
|
||||||
|
"dockerfile"
|
||||||
|
],
|
||||||
|
"groupName": "application base images"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"description": "Do not automerge homelab infrastructure updates.",
|
||||||
|
"matchFileNames": [
|
||||||
|
"bootstrap/**",
|
||||||
|
"lab.sh",
|
||||||
|
".gitea/workflows/**"
|
||||||
|
],
|
||||||
|
"automerge": false
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"customManagers": [
|
||||||
|
{
|
||||||
|
"customType": "regex",
|
||||||
|
"managerFilePatterns": [
|
||||||
|
"/^\\.gitea\\/workflows\\/.*\\.ya?ml$/"
|
||||||
|
],
|
||||||
|
"matchStrings": [
|
||||||
|
"gitleaks_version=\"(?<currentValue>[^\"]+)\""
|
||||||
|
],
|
||||||
|
"depNameTemplate": "gitleaks/gitleaks",
|
||||||
|
"datasourceTemplate": "github-releases",
|
||||||
|
"versioningTemplate": "semver"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"customType": "regex",
|
||||||
|
"managerFilePatterns": [
|
||||||
|
"/^\\.gitea\\/workflows\\/.*\\.ya?ml$/"
|
||||||
|
],
|
||||||
|
"matchStrings": [
|
||||||
|
"trivy_version=\"(?<currentValue>[^\"]+)\""
|
||||||
|
],
|
||||||
|
"depNameTemplate": "aquasecurity/trivy",
|
||||||
|
"datasourceTemplate": "github-releases",
|
||||||
|
"versioningTemplate": "semver"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"customType": "regex",
|
||||||
|
"managerFilePatterns": [
|
||||||
|
"/^lab\\.sh$/"
|
||||||
|
],
|
||||||
|
"matchStrings": [
|
||||||
|
"runner_version=\"\\$\\{GITEA_ACT_RUNNER_VERSION:-(?<currentValue>[^\"]+)\\}\""
|
||||||
|
],
|
||||||
|
"depNameTemplate": "go-gitea/act_runner",
|
||||||
|
"datasourceTemplate": "github-releases",
|
||||||
|
"versioningTemplate": "semver"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
Loading…
Reference in New Issue