Skip to content

Commit

Permalink
ci: configure renovate
Browse files Browse the repository at this point in the history
Slightly modified version of the one used in crossplane/crossplane.

Signed-off-by: Philippe Scorsolini <[email protected]>
  • Loading branch information
phisco committed Jan 24, 2023
1 parent 887a19f commit 9038bc6
Showing 1 changed file with 139 additions and 0 deletions.
139 changes: 139 additions & 0 deletions .github/renovate.json5
Original file line number Diff line number Diff line change
@@ -0,0 +1,139 @@
{
"$schema": "https://docs.renovatebot.com/renovate-schema.json",
"extends": [
"config:base"
],
// The maximum number of PRs to be created in parallel
"prConcurrentLimit": 5,
// The branches renovate should target
"baseBranches": ["main"],
"ignorePaths": ["design/**"],
"postUpdateOptions": ["gomodTidy"],
// By default renovate will auto detect whether semantic commits have been used
// in the recent history and comply with that, we explicitly disable it
"semanticCommits": "disabled",
// All PRs should have a label
"labels": ["automated"],
"regexManagers": [
{
// We want a PR to bump Go versions used through env variables in any Github
// Actions, taking it from the official Github repository.
"fileMatch": ["^\\.github\\/workflows\\/[^/]+\\.ya?ml$"],
"matchStrings": [
"GO_VERSION: '(?<currentValue>.*?)'\\n"
],
"datasourceTemplate": "golang-version",
"depNameTemplate": "golang"
}, {
// We want a PR to bump golangci-lint versions used through env variables in
// any Github Actions, taking it from the official Github repository tags.
"fileMatch": ["^\\.github\\/workflows\\/[^/]+\\.ya?ml$"],
"matchStrings": [
"GOLANGCI_VERSION: '(?<currentValue>.*?)'\\n"
],
"datasourceTemplate": "github-tags",
"depNameTemplate": "golangci/golangci-lint"
}
],
// PackageRules disabled below should be enabled in case of vulnerabilities
"vulnerabilityAlerts": {
"enabled": true
},
"packageRules": [
{
// We need to ignore k8s.io/client-go older versions as they switched to
// semantic version and old tags are still available in the repo.
"matchDatasources": [
"go"
],
"matchDepNames": [
"k8s.io/client-go"
],
"allowedVersions": "<1.0"
}, {
// We want a single PR for all the patches bumps of kubernetes related
// dependencies, as most of the times these are all strictly related.
"matchDatasources": [
"go"
],
"groupName": "kubernetes patches",
"matchUpdateTypes": [
"patch",
"digest"
],
"matchPackagePrefixes": [
"k8s.io",
"sigs.k8s.io"
]
}, {
// We want dedicated PRs for each minor and major bumps to kubernetes related
// dependencies.
"matchDatasources": [
"go"
],
"matchUpdateTypes": [
"major",
"minor"
],
"matchPackagePrefixes": [
"k8s.io",
"sigs.k8s.io"
]
}, {
// We want dedicated PRs for each bump to non-kubernetes Go dependencies, but
// only if there are known vulnerabilities in the current version.
"matchDatasources": [
"go"
],
"matchPackagePatterns": [
"*"
],
"enabled": false,
"excludePackagePrefixes": [
"k8s.io",
"sigs.k8s.io"
],
"matchUpdateTypes": [
"major",
],
}, {
// We want a single PR for all minor and patch bumps to non-kubernetes Go
// dependencies, but only if there are known vulnerabilities in the current
// version.
"matchDatasources": [
"go"
],
"matchPackagePatterns": [
"*"
],
"enabled": false,
"excludePackagePrefixes": [
"k8s.io",
"sigs.k8s.io"
],
"matchUpdateTypes": [
"minor",
"patch",
"digest"
],
"groupName": "all non-major go dependencies"
}, {
// We want a single PR for all minor and patch bumps of Github Actions
"matchDepTypes": [
"action"
],
"matchUpdateTypes": [
"minor",
"patch"
],
"groupName": "all non-major github action",
"pinDigests": true
},{
// We want dedicated PRs for each major bump to Github Actions
"matchDepTypes": [
"action"
],
"pinDigests": true
}
]
}

0 comments on commit 9038bc6

Please sign in to comment.