Renovate

Renovate Is a service that is used to keep software packages up to date in an automated fashion. Party Bus has employed it as a service to help customers keep their IronBank Docker images up-to-date. No extra payment is required. Teams will just need to follow these steps:

Step-by-Step Guide

1. Navigate to the project where you would like to utilize Renovate
2. Within the left-hand pane, select Manage -> Members
3. Select Invite Members In the top right-hand area.
4. Under the Username, name or email address section, type in Renovate_bot
5. After 24 hours, you will see an MR from renovate within your repo to merge a basic renovate.json file. Approve and Merge this MR to start officially using Renovate.
6. After another 24 hours, you may see new MRs from renovate with suggested image updates

Manifest Specific Configuration for IronBank Images

If you would like to keep track of when your manifest-only Ironbank Images get updated upstream, you can follow the previous steps in your manifests project up through step 4. Then you will check in a file to your manifests called renovate.json with the following contents:

{
  "$schema": "https://docs.renovatebot.com/renovate-schema.json",
  "extends": ["config:base"],
  "enabledManagers": ["regex"],
  "packageRules": [
    {
      "matchDatasources": ["docker"]
    }
  ],
  "regexManagers": [
    {
      "fileMatch": [".*.yaml"],
      "matchStrings": [
        "image:[^\\S\\r\\n]+(?<depName>registry1.+):(?<currentValue>.+)"
      ],
      "datasourceTemplate": "docker"
    },
    {
      "fileMatch": [".*.yaml"],
      "matchStrings": [
        "newName:[^\\S\\r\\n]+(?<depName>registry1.+)\n.*newTag:\\s+(?<currentValue>.+)"
      ],
      "datasourceTemplate": "docker"
    }
  ]
}

As noted in step 6, Renovate will start to make MRs when new IronBank images are found. You can also verify that renovate is working because it will create an Issue called Dependency Dashboard within your manifests

Example Renovate Merge Request (MR)

Considerations

• Renovate, at this time does not consider strategic updating for images with minor and patch-based tagging. For instance, if utilizing python, Renovate may suggest moving from 3.9 to 3.11 or 3.12. Please test all updates in a pipeline by protecting renovate-created branches and running pipelines manually

• Renovate also may not follow your project's push message rules. It uses the prefix renovate: and the suffix [ci skip] (To avoid running pipelines automatically) so you will need to add the former to your push message rules