119 lines
3.8 KiB
Plaintext
119 lines
3.8 KiB
Plaintext
{
|
|
"$schema": "https://docs.renovatebot.com/renovate-schema.json",
|
|
"extends": [
|
|
"config:base",
|
|
"helpers:pinGitHubActionDigests",
|
|
":semanticCommits"
|
|
],
|
|
// We only want renovate to rebase PRs when they have conflicts,
|
|
// default "auto" mode is not required.
|
|
"rebaseWhen": "conflicted",
|
|
// The maximum number of PRs to be created in parallel
|
|
"prConcurrentLimit": 5,
|
|
// The branches renovate should target
|
|
// PLEASE UPDATE THIS WHEN RELEASING.
|
|
"baseBranches": ["master","release-1.11","release-1.12","release-1.13"],
|
|
"ignorePaths": ["design/**"],
|
|
"postUpdateOptions": ["gomodTidy"],
|
|
// All PRs should have a label
|
|
"labels": ["automated"],
|
|
"regexManagers": [
|
|
{
|
|
"description": "Bump Go version used in workflows",
|
|
"fileMatch": ["^\\.github\\/workflows\\/[^/]+\\.ya?ml$"],
|
|
"matchStrings": [
|
|
"GO_VERSION: '(?<currentValue>.*?)'\\n"
|
|
],
|
|
"datasourceTemplate": "golang-version",
|
|
"depNameTemplate": "golang"
|
|
}, {
|
|
"description": "Bump golangci-lint version in workflows and the Makefile",
|
|
"fileMatch": ["^\\.github\\/workflows\\/[^/]+\\.ya?ml$","^Makefile$"],
|
|
"matchStrings": [
|
|
"GOLANGCI_VERSION: 'v(?<currentValue>.*?)'\\n",
|
|
"GOLANGCILINT_VERSION = (?<currentValue>.*?)\\n"
|
|
],
|
|
"datasourceTemplate": "github-tags",
|
|
"depNameTemplate": "golangci/golangci-lint",
|
|
"extractVersionTemplate": "^v(?<version>.*)$"
|
|
}, {
|
|
"description": "Bump helm version in the Makefile",
|
|
"fileMatch": ["^Makefile$"],
|
|
"matchStrings": [
|
|
"HELM3_VERSION = (?<currentValue>.*?)\\n"
|
|
],
|
|
"datasourceTemplate": "github-tags",
|
|
"depNameTemplate": "helm/helm",
|
|
}, {
|
|
"description": "Bump kind version in the Makefile",
|
|
"fileMatch": ["^Makefile$"],
|
|
"matchStrings": [
|
|
"KIND_VERSION = (?<currentValue>.*?)\\n"
|
|
],
|
|
"datasourceTemplate": "github-tags",
|
|
"depNameTemplate": "kubernetes-sigs/kind",
|
|
}
|
|
],
|
|
// PackageRules disabled below should be enabled in case of vulnerabilities
|
|
"vulnerabilityAlerts": {
|
|
"enabled": true
|
|
},
|
|
"osvVulnerabilityAlerts": true,
|
|
// Renovate evaluates all packageRules in order, so low priority rules should
|
|
// be at the beginning, high priority at the end
|
|
"packageRules": [
|
|
{
|
|
"description": "Ignore non-security related updates to release branches",
|
|
matchBaseBranches: [ "/^release-.*/"],
|
|
enabled: false,
|
|
}, {
|
|
"description": "Still update Docker images on release branches though",
|
|
"matchDatasources": ["docker"],
|
|
matchBaseBranches: [ "/^release-.*/"],
|
|
enabled: true,
|
|
}, {
|
|
"description": "Only get Docker image updates every 2 weeks to reduce noise",
|
|
"matchDatasources": ["docker"],
|
|
"schedule": ["every 2 week on monday"],
|
|
enabled: true,
|
|
}, {
|
|
"description": "Ignore k8s.io/client-go older versions, they switched to semantic version and old tags are still available in the repo",
|
|
"matchDatasources": [
|
|
"go"
|
|
],
|
|
"matchDepNames": [
|
|
"k8s.io/client-go"
|
|
],
|
|
"allowedVersions": "<1.0",
|
|
}, {
|
|
"description": "Ignore k8s dependencies, should be updated on crossplane-runtime",
|
|
"matchDatasources": [
|
|
"go"
|
|
],
|
|
"matchPackagePrefixes": [
|
|
"k8s.io",
|
|
"sigs.k8s.io"
|
|
],
|
|
"enabled": false,
|
|
},{
|
|
"description": "Only get dependency digest updates every month to reduce noise",
|
|
"matchDatasources": [
|
|
"go"
|
|
],
|
|
"matchUpdateTypes": [
|
|
"digest",
|
|
],
|
|
"extends": ["schedule:monthly"],
|
|
}, {
|
|
"description": "Ignore oss-fuzz, it's not using tags, we'll stick to master",
|
|
"matchDepTypes": [
|
|
"action"
|
|
],
|
|
"matchDepNames": [
|
|
"google/oss-fuzz"
|
|
],
|
|
"enabled": false
|
|
}
|
|
]
|
|
}
|