Skip to content

Commit

Permalink
chore(config): migrate config .github/renovate.json5
Browse files Browse the repository at this point in the history
  • Loading branch information
@renovate
renovate[bot] authored Feb 10, 2025
1 parent c0a21a3 commit 0574e10
Showing 1 changed file with 125 additions and 152 deletions.
277 changes: 125 additions & 152 deletions .github/renovate.json5
View file
Original file line number Diff line number Diff line change
@@ -1,186 +1,159 @@
{
"$schema": "https://docs.renovatebot.com/renovate-schema.json",
"extends": [
"config:base",
":gitSignOff",
"helpers:pinGitHubActionDigests"
$schema: 'https://docs.renovatebot.com/renovate-schema.json',
extends: [
'config:recommended',
':gitSignOff',
'helpers:pinGitHubActionDigests',
],
// This ensures that the gitAuthor and gitSignOff fields match
"gitAuthor": "renovate[bot] <[email protected]>",
"includePaths": [
".github/workflows/**",
"go.mod",
"go.sum",
"Makefile",
gitAuthor: 'renovate[bot] <[email protected]>',
includePaths: [
'.github/workflows/**',
'go.mod',
'go.sum',
'Makefile',
],
postUpdateOptions: [
"gomodTidy"
'gomodTidy',
],
"ignoreDeps": [
"github.com/cilium/cilium"
ignoreDeps: [
'github.com/cilium/cilium',
],
"pinDigests": true,
"prHourlyLimit": 2, // do not open more than two pull requests an hour
"prConcurrentLimit": 5, // do not open more than five PRs per branch at a time
"schedule": ["before 6am on tuesday"], // only run renovate part of the day tuesday
"separateMajorMinor": true,
"separateMultipleMajor": true,
"separateMinorPatch": true,
"pruneStaleBranches": true,
"baseBranches": [
"main",
pinDigests: true,
prHourlyLimit: 2,
prConcurrentLimit: 5,
schedule: [
'on friday',
],
"vulnerabilityAlerts": {
"enabled": true
},
"labels": [
"kind/enhancement",
"release-note/misc",
"priority/release-blocker"
separateMajorMinor: true,
separateMultipleMajor: true,
separateMinorPatch: true,
pruneStaleBranches: true,
baseBranches: [
'main',
],
// uncomment after renovate onboarding is merged and renovate PRs are merged
"schedule": [
"on friday"
vulnerabilityAlerts: {
enabled: true,
},
labels: [
'kind/enhancement',
'release-note/misc',
'priority/release-blocker',
],
"stopUpdatingLabel": "renovate/stop-updating",
"packageRules": [
// Based on https://docs.renovatebot.com/key-concepts/automerge/#automerge-non-major-updates
// and tetragon's automerge config.
stopUpdatingLabel: 'renovate/stop-updating',
packageRules: [
{
"matchPackageNames": [
"go", // golang version directive upgrade in go.mod
],
// list of trusted packages that can automerge
"matchPackagePrefixes": [
"docker.io/library/", // official Docker images
"github.com/golang/", // Golang official org
"golang.org/x/", // Golang official experimental org
"google.golang.org/", // Google official repo for api/genproto/grpc/protobuf
"github.com/google/", // Google official github org
"k8s.io/", // Kubernetes official repo
"sigs.k8s.io/", // Kubernetes official SIG repo
],
// auto merge non-major updates
"matchUpdateTypes": [
"minor",
"patch",
"pin",
"pinDigest"
],
"automerge": true
matchPackageNames: [
'go',
'docker.io/library/{/,}**',
'github.com/golang/{/,}**',
'golang.org/x/{/,}**',
'google.golang.org/{/,}**',
'github.com/google/{/,}**',
'k8s.io/{/,}**',
'sigs.k8s.io/{/,}**',
],
matchUpdateTypes: [
'minor',
'patch',
'pin',
'pinDigest',
],
automerge: true,
},
{
"groupName": "all github action dependencies",
"groupSlug": "all-github-action",
"matchPaths": [
".github/workflows/**"
],
"matchUpdateTypes": [
"major",
"minor",
"digest",
"patch",
"pin",
"pinDigest"
groupName: 'all github action dependencies',
groupSlug: 'all-github-action',
matchFileNames: [
'.github/workflows/**',
],
matchUpdateTypes: [
'major',
'minor',
'digest',
'patch',
'pin',
'pinDigest',
],
},
{
"groupName": "all go dependencies main",
"groupSlug": "all-go-deps-main",
"matchFiles": [
"go.mod",
"go.sum"
],
"postUpdateOptions": [
// update source import paths on major updates
"gomodUpdateImportPaths",
],
"matchUpdateTypes": [
"major",
"minor",
"digest",
"patch",
"pin",
"pinDigest"
groupName: 'all go dependencies main',
groupSlug: 'all-go-deps-main',
matchFileNames: [
'go.mod',
'go.sum',
],
postUpdateOptions: [
'gomodUpdateImportPaths',
],
matchUpdateTypes: [
'major',
'minor',
'digest',
'patch',
'pin',
'pinDigest',
],
matchBaseBranches: [
"main"
]
'main',
],
},
{
"enabled": false,
"matchPackageNames": [
// All of these packages are maintained on a Cilium fork. Thus, we don't
// want to update them automatically.
"go.universe.tf/metallb",
"github.com/cilium/metallb",
"github.com/miekg/dns",
"github.com/cilium/dns",
"sigs.k8s.io/controller-tools",
"github.com/cilium/controller-tools",
"k8s.io/client-go",
"github.com/cilium/client-go",
// We update this dependency manually together with envoy proxy updates
"github.com/cilium/proxy",
// We need v1.0.6-0.20210604193023-d5e0c0615ace from pflag, but
// renovate wants to downgrade to 1.0.5. Can be removed if pflag ever
// tags a new release.
"github.com/spf13/pflag",
],
"matchPackagePatterns": [
// k8s dependencies will be updated manually along with tests
"k8s.io/*",
"sigs.k8s.io/*"
]
enabled: false,
matchPackageNames: [
'go.universe.tf/metallb',
'github.com/cilium/metallb',
'github.com/miekg/dns',
'github.com/cilium/dns',
'sigs.k8s.io/controller-tools',
'github.com/cilium/controller-tools',
'k8s.io/client-go',
'github.com/cilium/client-go',
'github.com/cilium/proxy',
'github.com/spf13/pflag',
'/k8s.io/*/',
'/sigs.k8s.io/*/',
],
},
{
// Update Go version used in images, CI, in the same group
"groupName": "golang",
"matchPackageNames": [
"docker.io/library/golang",
"library/golang",
"go",
"golang"
groupName: 'golang',
matchPackageNames: [
'docker.io/library/golang',
'library/golang',
'go',
'golang',
],
},
{
"groupName": "alpine",
// Restrict the alpine version that can be used on stable branches
"matchPackageNames": [
"docker.io/library/alpine"
groupName: 'alpine',
matchPackageNames: [
'docker.io/library/alpine',
],
},
{
// Group golangci-lint updates to overrule grouping of version updates in the GHA files.
// Without this, golangci-lint updates are not in sync for GHA files and other usages.
"groupName": "golangci-lint",
"matchDepNames": [
"golangci/golangci-lint"
]
groupName: 'golangci-lint',
matchDepNames: [
'golangci/golangci-lint',
],
},
],
"regexManagers": [
customManagers: [
{
"fileMatch": [
"^\\.github/workflows/[^/]+\\.ya?ml$"
],
// This regex manages version strings in GitHub actions workflow files,
// similar to the examples shown here:
// https://docs.renovatebot.com/modules/manager/regex/#advanced-capture
"matchStrings": [
"# renovate: datasource=(?<datasource>.*?) depName=(?<depName>.*?)\\s+.+(?:version|VERSION): +['\"]?(?<currentValue>[^\\s'\"]+)['\"]?"
]
customType: 'regex',
fileMatch: [
'^\\.github/workflows/[^/]+\\.ya?ml$',
],
matchStrings: [
'# renovate: datasource=(?<datasource>.*?) depName=(?<depName>.*?)\\s+.+(?:version|VERSION): +[\'"]?(?<currentValue>[^\\s\'"]+)[\'"]?',
],
},
{
"fileMatch": [
"^Makefile$"
],
// This regex manages version strings in the Makefile,
// similar to the examples shown here:
// https://docs.renovatebot.com/modules/manager/regex/#advanced-capture
"matchStrings": [
"# renovate: datasource=(?<datasource>.*?) depName=(?<depName>.*?)\\s+.+_VERSION = (?<currentValue>.*)\\s+.+_SHA = (?<currentDigest>sha256:[a-f0-9]+)"
]
customType: 'regex',
fileMatch: [
'^Makefile$',
],
matchStrings: [
'# renovate: datasource=(?<datasource>.*?) depName=(?<depName>.*?)\\s+.+_VERSION = (?<currentValue>.*)\\s+.+_SHA = (?<currentDigest>sha256:[a-f0-9]+)',
],
},
]
],
}

0 comments on commit 0574e10

Please sign in to comment.