Renovate

Overview

Renovate is a service that is used to keep software packages up to date in an automated fashion. Party Bus has employed it as a service to help customers keep their Iron Bank Docker images up-to-date. No extra payment is required. Teams need to follow the steps outlined in this document.

Step-by-Step Guide

1. Navigate to the project where you would like to utilize Renovate.

2. Within the left-hand pane, select Manage -> Members.

3. Select Invite Members in the top right.

4. Under the Username, name or email address section, type in Renovate_bot.

5. After 24 hours, you will see an MR from renovate within your repo to merge a basic renovate.json file. Approve and merge this MR to start officially using Renovate.

6. After another 24 hours, you may see new MRs from Renovate with suggested image updates.

Manifest Specific Configuration for Iron Bank Images

If you would like to keep track of when your manifest-only Iron Bank images get updated upstream, you can follow the previous steps in your manifests project up through step 4. Then you will check a file into your manifests called renovate.json with the following contents:

{
  "$schema": "https://docs.renovatebot.com/renovate-schema.json",
  "extends": ["config:base"],
  "enabledManagers": ["regex"],
  "packageRules": [
    {
      "matchDatasources": ["docker"]
    }
  ],
  "regexManagers": [
    {
      "fileMatch": [".*.yaml"],
      "matchStrings": [
        "image:[^\\S\\r\\n]+(?<depName>registry1.+):(?<currentValue>.+)"
      ],
      "datasourceTemplate": "docker"
    },
    {
      "fileMatch": [".*.yaml"],
      "matchStrings": [
        "newName:[^\\S\\r\\n]+(?<depName>registry1.+)\n.*newTag:\\s+(?<currentValue>.+)"
      ],
      "datasourceTemplate": "docker"
    }
  ]
}

As noted in step 6, Renovate will start to make MRs when new Iron Bank images are found. You can also verify that renovate is working because it will create an Issue called Dependency Dashboard within your manifests.

Example Renovate MR

Considerations

• Renovate, at this time, does not consider strategic updating for images with minor and patch-based tagging. For instance, if utilizing Python, Renovate may suggest moving from 3.9 to 3.11 or 3.12. Please test all updates in a pipeline by protecting renovate-created branches and running pipelines manually

• Renovate may also not follow your project's push message rules. It uses the prefix renovate: and the suffix [ci skip] to avoid running pipelines automatically, so you will need to add the former to your push message rules.