Skip to content

Commit

Permalink
Improve 8.x Dependency Updates (#2691)
Browse files Browse the repository at this point in the history
* Add dependabot update for branch 8.x

* Add updatecli update for branch 8.x

* Add 8.x branch for package-ecosystem

* Remove backport labels

* Improve naming to identify branches
  • Loading branch information
romulets authored Nov 13, 2024
1 parent d87daa7 commit 7ffa27b
Show file tree
Hide file tree
Showing 6 changed files with 66 additions and 12 deletions.
2 changes: 1 addition & 1 deletion .ci/updatecli/updatecli.d/update-beats.yml
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ scms:

actions:
default:
title: '[updatecli] Update to elastic/beats@{{ source "beats" }}'
title: '[updatecli] {{ requiredEnv "GIT_BRANCH" }} - Update to elastic/beats@{{ source "beats" }}'
kind: github/pullrequest
scmid: default
spec:
Expand Down
4 changes: 2 additions & 2 deletions .ci/updatecli/updatecli.d/update-golang.yml
Original file line number Diff line number Diff line change
Expand Up @@ -16,16 +16,16 @@ scms:

actions:
cloudbeat:
title: '[updatecli] Update Golang version to {{ source "latestGoVersion" }}'
title: '[updatecli] {{ requiredEnv "GIT_BRANCH" }} - Update Golang version to {{ source "latestGoVersion" }}'
kind: github/pullrequest
scmid: default
sourceid: latestGoVersion
spec:
automerge: false
labels:
- automation
- backport-skip
- dependency
- backport-v8.x
- go
description: |-
### What
Expand Down
4 changes: 2 additions & 2 deletions .ci/updatecli/updatecli.d/update-hermit.yml
Original file line number Diff line number Diff line change
Expand Up @@ -16,14 +16,14 @@ scms:

actions:
default:
title: '[updatecli] Update hermit and pre-commit dependencies'
title: '[updatecli] {{ requiredEnv "GIT_BRANCH" }} - Update hermit and pre-commit dependencies'
kind: github/pullrequest
scmid: default
spec:
automerge: false
labels:
- automation
- backport-v8.x
- backport-skip
- dependency
description: |-
### What
Expand Down
4 changes: 2 additions & 2 deletions .ci/updatecli/updatecli.d/update-mods.yml
Original file line number Diff line number Diff line change
Expand Up @@ -16,14 +16,14 @@ scms:

actions:
default:
title: '[updatecli] Update golang mod dependencies'
title: '[updatecli] {{ requiredEnv "GIT_BRANCH" }} - Update golang mod dependencies'
kind: github/pullrequest
scmid: default
spec:
automerge: false
labels:
- automation
- backport-v8.x
- backport-skip
- dependency
- go
description: |-
Expand Down
59 changes: 56 additions & 3 deletions .github/dependabot.yml
Original file line number Diff line number Diff line change
Expand Up @@ -26,24 +26,77 @@ updates:
patterns:
- "github.com/aquasecurity/*"
labels:
- "backport-v8.x"
- "dependency"
- "go"
open-pull-requests-limit: 10
open-pull-requests-limit: 2
# elastic/beats is using v7 in their go.mod, leading to automatic updates not working. Manual update is needed with
# go get -u github.com/elastic/beats/v7@<commit sha>
ignore:
- dependency-name: "github.com/elastic/beats/v7"
schedule:
interval: "monthly"

- package-ecosystem: "gomod"
target-branch: "8.x"
directory: "/"
groups:
azure:
patterns:
- "github.com/Azure/*"
aws:
patterns:
- "github.com/aws/*"
google:
patterns:
- "cloud.google.com/*"
- "google.golang.org/api"
elastic:
patterns:
- "github.com/elastic/*"
k8s:
patterns:
- "k8s.io/*"
trivy:
patterns:
- "github.com/aquasecurity/*"
labels:
- "dependency"
- "go"
open-pull-requests-limit: 2
# elastic/beats is using v7 in their go.mod, leading to automatic updates not working. Manual update is needed with
# go get -u github.com/elastic/beats/v7@<commit sha>
ignore:
- dependency-name: "github.com/elastic/beats/v7"
schedule:
interval: "monthly"

# Maintain dependencies for GitHub Actions
- package-ecosystem: "github-actions"
directory: ".github/workflows"
schedule:
interval: "monthly"
labels:
- "dependency"
- "github_actions"
groups:
artifact:
patterns:
- "actions/download-artifact"
- "actions/upload-artifact"
ignore:
# Skip versions 4.x upload-artifact and download-artifact due to this issue: https://github.com/actions/upload-artifact/issues/478
- dependency-name: "actions/download-artifact"
versions: [">=4.0.0"]
- dependency-name: "actions/upload-artifact"
versions: [">=4.0.0"]

# Maintain dependencies for GitHub Actions
- package-ecosystem: "github-actions"
directory: ".github/workflows"
target-branch: "8.x"
schedule:
interval: "monthly"
labels:
- "backport-v8.x"
- "dependency"
- "github_actions"
groups:
Expand Down
5 changes: 3 additions & 2 deletions .github/workflows/updatecli.yml
Original file line number Diff line number Diff line change
Expand Up @@ -43,12 +43,13 @@ env:

jobs:
updatecli:
name: Update ${{ matrix.pipeline-name }} dependencies
name: "[${{ matrix.git-branch }}] Update ${{ matrix.pipeline-name }} dependencies"
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
pipeline-name: [ beats, golang, hermit, mods ]
git-branch: [ main, 8.x ]
steps:
- uses: actions/checkout@v4
- name: Init Hermit
Expand All @@ -58,7 +59,7 @@ jobs:
- name: Run Updatecli in Apply mode
run: updatecli apply --config .ci/updatecli/updatecli.d/update-${{ matrix.pipeline-name }}.yml --values .ci/updatecli/values.yml
env:
GIT_BRANCH: main
GIT_BRANCH: ${{ matrix.git-branch }}
GIT_USER: "Cloud Security Machine"
GITHUB_TOKEN: ${{ secrets.CLOUDSEC_MACHINE_TOKEN }}

Expand Down

0 comments on commit 7ffa27b

Please sign in to comment.