diff --git a/.github/renovate.json5 b/.github/renovate.json5 index d4d0c719ee..07cd5979e6 100644 --- a/.github/renovate.json5 +++ b/.github/renovate.json5 @@ -1,235 +1,185 @@ { - "$schema": "https://docs.renovatebot.com/renovate-schema.json", - "extends": [ - "config:base", - ":gitSignOff", - "helpers:pinGitHubActionDigests" + $schema: 'https://docs.renovatebot.com/renovate-schema.json', + extends: [ + 'config:recommended', + ':gitSignOff', + 'helpers:pinGitHubActionDigests', ], + // This ensures that the gitAuthor and gitSignOff fields match - "gitAuthor": "renovate[bot] ", - "includePaths": [ - ".github/workflows/**", - "action.yaml", - "defaults/defaults.go", - "go.mod", - "go.sum", - "Dockerfile", - "Makefile" + gitAuthor: 'renovate[bot] ', + includePaths: [ + '.github/workflows/**', + 'action.yaml', + 'defaults/defaults.go', + 'go.mod', + 'go.sum', + 'Dockerfile', + 'Makefile', ], postUpdateOptions: [ - "gomodTidy" + 'gomodTidy', ], - "pinDigests": true, - "ignorePresets": [":prHourlyLimit2"], - "separateMajorMinor": true, - "separateMultipleMajor": true, - "separateMinorPatch": true, - "pruneStaleBranches": true, - "baseBranches": [ - "main" + pinDigests: true, + ignorePresets: [ + ':prHourlyLimit2', ], - "vulnerabilityAlerts": { - "enabled": true + separateMajorMinor: true, + separateMultipleMajor: true, + separateMinorPatch: true, + pruneStaleBranches: true, + baseBranches: [ + 'main', + ], + vulnerabilityAlerts: { + enabled: true, }, - "labels": [ - "renovate/stop-updating", - "kind/enhancement", - "priority/release-blocker" + labels: [ + 'renovate/stop-updating', + 'kind/enhancement', + 'priority/release-blocker', ], - "stopUpdatingLabel": "renovate/stop-updating", - "packageRules": [ + stopUpdatingLabel: 'renovate/stop-updating', + packageRules: [ { - "groupName": "all github action dependencies", - "groupSlug": "all-github-action", - "matchPaths": [ - ".github/workflows/**", - "action.yaml" - ], - "matchUpdateTypes": [ - "major", - "minor", - "digest", - "patch", - "pin", - "pinDigest" - ] + groupName: 'all github action dependencies', + groupSlug: 'all-github-action', + matchFileNames: [ + '.github/workflows/**', + 'action.yaml', + ], + matchUpdateTypes: [ + 'major', + 'minor', + 'digest', + 'patch', + 'pin', + 'pinDigest', + ], }, { - "groupName": "all go dependencies main", - "groupSlug": "all-go-deps-main", - "matchFiles": [ - "go.mod", - "go.sum" + groupName: 'all go dependencies main', + groupSlug: 'all-go-deps-main', + matchFiles: [ + 'go.mod', + 'go.sum', ], - "postUpdateOptions": [ + postUpdateOptions: [ // update source import paths on major updates - "gomodUpdateImportPaths", + 'gomodUpdateImportPaths', ], - "matchUpdateTypes": [ - "major", - "minor", - "digest", - "patch", - "pin", - "pinDigest" + matchUpdateTypes: [ + 'major', + 'minor', + 'digest', + 'patch', + 'pin', + 'pinDigest', ], matchBaseBranches: [ - "main" + 'main', ], - "schedule": [ - "on friday" + schedule: [ + 'on friday', ], }, { // Avoid updating patch releases of golang in go.mod - "enabled": "false", - "matchFiles": [ - "go.mod", + enabled: 'false', + matchFileNames: [ + 'go.mod', ], - "matchDepNames": [ - "go" + matchDepNames: [ + 'go', ], - "matchDatasources": [ - "golang-version" + matchDatasources: [ + 'golang-version', ], - "matchUpdateTypes": [ - "patch" + matchUpdateTypes: [ + 'patch', ], matchBaseBranches: [ - "main", - ] - }, - { - "enabled": false, - "matchPackageNames": [ - // All of these packages are maintained on a Cilium fork. Thus, we don't - // want to update them automatically. - "go.universe.tf/metallb", - "github.com/cilium/metallb", - "github.com/miekg/dns", - "github.com/cilium/dns", - "sigs.k8s.io/controller-tools", - "github.com/cilium/controller-tools", - // We update this dependency manually together with envoy proxy updates - "github.com/cilium/proxy", - // We need v1.0.6-0.20210604193023-d5e0c0615ace from pflag, but - // renovate wants to downgrade to 1.0.5. Can be removed if pflag ever - // tags a new release. - "github.com/spf13/pflag", - // v0.0.0-20230801115018-d63ba01acd4b causes this complilation error: - // - // # github.com/cilium/cilium/pkg/hive/cell - // Error: vendor/github.com/cilium/cilium/pkg/hive/cell/health.go:194:23: - // type func(a Status, b Status) bool of func(a, b Status) bool {…} does not match inferred - // type func(a Status, b Status) int for func(a E, b E) int - "golang.org/x/exp", - // This package is not versioned leading to "empty" updates every week. - // Update it manually once newly introduces tetragon CRDs are required. - "github.com/cilium/tetragon/pkg/k8s", - // Do not update GoBGP until https://github.com/osrg/gobgp/issues/2777 - // is resolved and a new version is released. - // Ref: https://github.com/cilium/cilium/pull/31123 - "github.com/osrg/gobgp/v3", - ], - "matchPackagePatterns": [ - // k8s dependencies will be updated manually in lockstep. - "k8s.io/*", - "sigs.k8s.io/*" - ] + 'main', + ], }, { // Allow github.com/cilium/cilium to upgrade to prerelease versions. - "ignoreUnstable": false, - "matchPackageNames": [ - "github.com/cilium/cilium", + ignoreUnstable: false, + matchPackageNames: [ + 'github.com/cilium/cilium', ], }, { // Images that directly use docker.io/library/golang for building. - "groupName": "golang-images", - "matchFiles": [ - "Dockerfile", - "Makefile" - ] + groupName: 'golang-images', + matchFileNames: [ + 'Dockerfile', + 'Makefile', + ], }, { - "matchPackageNames": [ - "docker.io/library/busybox" + groupName: 'Go', + matchDepNames: [ + 'go', + 'docker.io/library/golang', ], - "matchPaths": [ - "Dockerfile" + schedule: [ + 'on friday', ], }, - { - "groupName": "Go", - "matchDepNames": [ - "go", - "docker.io/library/golang" - ], - "schedule": [ - "on friday" - ] - }, { // Group golangci-lint updates to overrule grouping of version updates in the GHA files. // Without this, golangci-lint updates are not in sync for GHA files and other usages. - "groupName": "golangci-lint", - "matchDepNames": [ - "golangci/golangci-lint" - ] + groupName: 'golangci-lint', + matchDepNames: [ + 'golangci/golangci-lint', + ], }, { // Group cilium updates to overrule grouping of version updates in the GHA files. // Without this, cilium updates are not in sync for GHA files and other usages. - "groupName": "cilium", - "matchDepNames": [ - "cilium/cilium" - ] - } + groupName: 'cilium', + matchDepNames: [ + 'cilium/cilium', + ], + }, ], - "regexManagers": [ + customManagers: [ { - "fileMatch": [ - "^\\.github/workflows/[^/]+\\.yaml$", - "^action.yaml$" + customType: 'regex', + fileMatch: [ + '^\\.github/workflows/[^/]+\\.yaml$', + '^action.yaml$', ], + // This regex manages version strings in GitHub actions workflow files, // similar to the examples shown here: // https://docs.renovatebot.com/modules/manager/regex/#advanced-capture - "matchStrings": [ - "# renovate: datasource=(?.*?) depName=(?.*?)\\s+.+version: (?.*)" - ] + matchStrings: [ + '# renovate: datasource=(?.*?) depName=(?.*?)\\s+.+version: (?.*)', + ], }, { - "fileMatch": [ - "^Makefile$" + customType: 'regex', + fileMatch: [ + '^Makefile$', ], + // This regex manages version strings in the Makefile, // similar to the examples shown here: // https://docs.renovatebot.com/modules/manager/regex/#advanced-capture - "matchStrings": [ - "# renovate: datasource=(?.*?) depName=(?.*?)\\s+.+_VERSION = (?.*)\\s+.+_SHA = (?sha256:[a-f0-9]+)" - ] - }, - { - "fileMatch": [ - "^defaults/defaults.go$" + matchStrings: [ + '# renovate: datasource=(?.*?) depName=(?.*?)\\s+.+_VERSION = (?.*)\\s+.+_SHA = (?sha256:[a-f0-9]+)', ], - // This regex manages image version strings in defaults/defaults.go - // similar to the examples shown here: - // https://docs.renovatebot.com/modules/manager/regex/#advanced-capture - "matchStrings": [ - "\/\/ renovate: datasource=(?.*?)\\s+.+Image = \"(?.*):(?.*)@(?sha256:[a-f0-9]+)\"", - "\/\/ renovate: datasource=(?.*?) depName=(?.*?)\\s+Version = \"(?.*)\"" - ] }, { - "fileMatch": [ - "^go\\.mod$" + customType: 'regex', + fileMatch: [ + '^go\\.mod$', + ], + matchStrings: [ + '// renovate: datasource=(?.*?) depName=(?.*?)\\s+go (?.*)', ], - "matchStrings": [ - "// renovate: datasource=(?.*?) depName=(?.*?)\\s+go (?.*)" - ] }, - ] + ], }