Skip to content

chore: Configure Renovate #168

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

chore: Configure Renovate #168

wants to merge 1 commit into from

Conversation

ffurrer2-renovate[bot]
Copy link

@ffurrer2-renovate ffurrer2-renovate bot commented Mar 30, 2025
edited
Loading

Welcome to Renovate! This is an onboarding PR to help you understand and configure settings before regular Pull Requests begin.

🚦 To activate Renovate, merge this Pull Request. To disable Renovate, simply close this Pull Request unmerged.

Detected Package Files

  • tasks/TrivyTasks.yml (ansible)
  • build/package/Dockerfile (dockerfile)
  • .github/workflows/actionlint.yml (github-actions)
  • .github/workflows/ci.yml (github-actions)
  • .github/workflows/codeql.yml (github-actions)
  • .github/workflows/dependency-review.yml (github-actions)
  • .github/workflows/devskim.yml (github-actions)
  • .github/workflows/golangci-lint.yml (github-actions)
  • .github/workflows/licensed.yml (github-actions)
  • .github/workflows/markdownlint.yml (github-actions)
  • .github/workflows/release.yml (github-actions)
  • .github/workflows/yamllint.yml (github-actions)
  • go.mod (gomod)
  • .github/renovate.json5 (renovate-config-presets)

Configuration Summary

Based on the default config's presets, Renovate will:

  • Start dependency updates only once this onboarding PR is merged
  • Enable Renovate Dependency Dashboard creation.
  • Use semantic commit type fix for dependencies and chore for all others if semantic commits are in use.
  • Ignore node_modules, bower_components, vendor and various test/tests (except for nuget) directories.
  • Group known monorepo packages together.
  • Use curated list of recommended non-monorepo package groupings.
  • Apply crowd-sourced package replacement rules.
  • Apply crowd-sourced workarounds for known problems with packages.
  • Pin Docker digests.
  • Enable Renovate configuration migration PRs when needed.
  • Pin dependency versions for development dependencies.
  • Separate major versions of dependencies into individual branches/PRs.
  • Do not separate patch and minor upgrades into separate PRs for the same dependency.
  • Upgrade to unstable versions only if the existing version is unstable.
  • Raise PRs immediately (after branch is created).
  • Removes rate limit for PR creation per hour.
  • Remove limit for open PRs at any time.
  • Use semantic prefixes for commit messages and PR titles.
  • Rebase existing PRs any time the base branch has been updated.
  • Do not upgrade from Alpine stable to edge.
  • Convert pinned GitHub Action digests to SemVer.

🔡 Do you want to change how Renovate upgrades your dependencies? Add your custom config to .github/renovate.json5 in this branch. Renovate will update the Pull Request description the next time it runs.

What to Expect

With your current configuration, Renovate will create 4 Pull Requests:

chore(deps): update ffurrer2/shared-workflows digest to 214e2f4
  • Schedule: ["at any time"]
  • Branch name: renovate/ffurrer2-shared-workflows-digest
  • Merge into: main
  • Upgrade ffurrer2/shared-workflows to 214e2f4facc159ec37328be3098b83cf037918a4
fix(deps): update golang.org/x/exp digest to ce4c2cf
  • Schedule: ["at any time"]
  • Branch name: renovate/golang.org-x-exp-digest
  • Merge into: main
  • Upgrade golang.org/x/exp to ce4c2cf36ca6
chore(deps): update github-actions
chore(deps): update golangci/golangci-lint-action action to v8
  • Schedule: ["at any time"]
  • Branch name: renovate/golangci-golangci-lint-action-8.x
  • Merge into: main
  • Upgrade golangci/golangci-lint-action to 4afd733a84b1f43292c63897423277bb7f4313a9

Warning

Please correct - or verify that you can safely ignore - these dependency lookup failures before you merge this PR.

  • Could not determine new digest for update (github-tags package aquasecurity/trivy-action)

Files affected: .github/workflows/ci.yml

❓ Got questions? Check out Renovate's Docs, particularly the Getting Started section.
If you need any further assistance then you can also request help here.

This PR has been generated by Renovate Bot.

@ffurrer2-renovate ffurrer2-renovate bot added dependencies Pull requests that update a dependency file renovate Pull requests of Renovate labels Mar 30, 2025
@ffurrer2-renovate ffurrer2-renovate bot requested a review from ffurrer2 as a code owner March 30, 2025 16:47
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ffurrer2 ffurrer2 Awaiting requested review from ffurrer2 ffurrer2 is a code owner

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file renovate Pull requests of Renovate
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants