From 2fcd1f2f01033c58a89f6343a42d28052ec80dcb Mon Sep 17 00:00:00 2001 From: Langleu Date: Wed, 8 May 2024 15:41:45 +0200 Subject: [PATCH] chore(renovate): switch to globally maintained config --- .github/renovate.json5 | 165 +----------------------------------- .github/workflows/tests.yml | 4 + 2 files changed, 5 insertions(+), 164 deletions(-) diff --git a/.github/renovate.json5 b/.github/renovate.json5 index 3f9ae5d5..258f0fd7 100644 --- a/.github/renovate.json5 +++ b/.github/renovate.json5 @@ -1,167 +1,4 @@ { $schema: "https://docs.renovatebot.com/renovate-schema.json", - extends: [ - "config:recommended", - ":automergeDisabled", - ":semanticCommits", - ":dependencyDashboard", - ":enablePreCommit", - ], - schedule: ["every weekend"], - groupName: "mono-update-renovate", // we keep all updates in a single renovate branch in order to save CI tests - platformAutomerge: false, - prHourlyLimit: 6, - prConcurrentLimit: 20, - commitBodyTable: true, - separateMajorMinor: false, - prBodyNotes: [ - "{{#if isMajor}}:warning: THIS IS A MAJOR VERSION UPDATE :warning:{{/if}}", - "Before merging, *always* check with the release notes if any other changes need to be done.", - ], - major: { - enabled: true, - addLabels: ["upgrade:major"], - }, - minor: { - enabled: true, - addLabels: ["upgrade:minor"], - }, - patch: { - enabled: true, - addLabels: ["upgrade:patch"], - }, - vulnerabilityAlerts: { - addLabels: ["security"], - enabled: true, - }, - customManagers: [ - { - "customType": "regex", - "fileMatch": ["^.tool-versions$"], - "matchStrings": [ - "datasource=(?.*?) depName=(?.*?)( versioning=(?.*?))?( extractVersion=(?.*?))?\\s.*? (?.*)\\s" - ], - }, - { - "customType": "regex", - "fileMatch": ["^justfile$"], - "matchStrings": [ - "datasource=(?.*?) depName=(?.*?)( versioning=(?.*?))?( extractVersion=(?.*?))?\\s(?.*) := \"(?.*?)\"\\s" - ], - }, - ], - packageRules: [ - // limit the PR creation for the Renovate pre-commit hook (it's released very frequently) - { - matchPackageNames: ["renovatebot/pre-commit-hooks"], - matchUpdateTypes: ["patch"], - enabled: false, - }, - { - matchPackageNames: ["renovatebot/pre-commit-hooks"], - schedule: ["on Saturday"], - }, - { - matchManagers: ["github-actions"], - addLabels: ["group:github-actions", "component:ci"], - }, - // Terraform AWS modules - { - matchDatasources: ["terraform-module"], - matchPackagePatterns: ["terraform-aws-modules.*"], - addLabels: ["group:terraform", "automerge"], - automerge: true, - groupName: "mono-update-renovate-automerge", - schedule: [ - "every 2 weeks on Saturday and Sunday", - ], - }, - // Terraform major provider updates - { - matchDatasources: ["terraform-provider"], - addLabels: ["group:terraform"], - schedule: [ - "every 2 weeks on Saturday and Sunday" - ], - }, - // Terraform patch provider updates - { - matchUpdateTypes: ["patch"], - matchDatasources: ["terraform-provider"], - addLabels: ["group:terraform", "automerge"], - groupName: "mono-update-renovate-automerge", - automerge: true, - schedule: [ - "every 2 weeks on Saturday and Sunday", - ] - }, - // GitHub Actions - { - matchUpdateTypes: ["minor", "patch"], - matchManagers: ["github-actions"], - addLabels: ["automerge"], - groupName: "mono-update-renovate-automerge", - automerge: true, - }, - // Patches - // Those are tested packages, and we know that they follow the semver convention, - // but it's fine to have candidate packages to test before move them to minor section. - { - matchUpdateTypes: ["patch"], - matchPackagePatterns: [ - "aquasecurity/tfsec", - "pre-commit", - "^terraform$", - "terraform-aws-modules/.+", - "terraform-docs", - "terraform-linters/tflint", - ], - addLabels: ["automerge"], - groupName: "mono-update-renovate-automerge", - automerge: true, - }, - // Minor versions - // Those are tested packages, and we know that they follow the semver convention, - // but it's fine to have candidate packages to test before move them to minor section. - { - matchUpdateTypes: ["minor"], - matchPackagePatterns: [ - "pre-commit", - "terraform-docs", - "terraform-linters/tflint", - ], - addLabels: ["automerge"], - groupName: "mono-update-renovate-automerge", - automerge: true, - }, - // Create PRs and automerge mentioned components afterward - // Those are tested packages - { - matchUpdateTypes: ["major"], - matchPackagePatterns: [ - "pre-commit/.+", - ], - addLabels: ["automerge"], - groupName: "mono-update-renovate-automerge", - automerge: true, - }, - { - matchUpdateTypes: ["major", "minor", "patch"], - matchManagers: ["pre-commit"], - groupName: "mono-update-renovate-automerge", - addLabels: ["automerge"], - automerge: true - }, - // For known GitHub repositories that use GitHub tags/releases of format - // "v1.2.3" and where the asdf plugin ignores the "v" prefix, we also tell - // Renovate to ignore it via extractVersion when updating .tool-version file - { - matchFileNames: ["**/*.tf"], - matchPackageNames: [ - "hashicorp/terraform", - "pre-commit/pre-commit", - ], - extractVersion: "^v(?.*)$", - } - ] + extends: ["github>camunda/infraex-common-config:default.json5"], } diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index 50966278..abdea1c7 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -16,6 +16,10 @@ on: - .github/workflows/tests.yml - justfile +# limit to a single execution per actor of this workflow +concurrency: + group: "${{ github.workflow }}-${{ github.actor }}" + env: AWS_PROFILE: "infex" # remember to also update nightly_cleanup.yml!