cilium · tklauser · Jan 22, 2025 · Jan 22, 2025 · Jan 22, 2025 · Jan 22, 2025
@@ -1,235 +1,185 @@
 {
-  "$schema": "https://docs.renovatebot.com/renovate-schema.json",
-  "extends": [
-    "config:base",
-    ":gitSignOff",
-    "helpers:pinGitHubActionDigests"
+  $schema: 'https://docs.renovatebot.com/renovate-schema.json',
+  extends: [
+    'config:recommended',
+    ':gitSignOff',
+    'helpers:pinGitHubActionDigests',
   ],
+
   // This ensures that the gitAuthor and gitSignOff fields match
-  "gitAuthor": "renovate[bot] <[email protected]>",
-  "includePaths": [
-    ".github/workflows/**",
-    "action.yaml",
-    "defaults/defaults.go",
-    "go.mod",
-    "go.sum",
-    "Dockerfile",
-    "Makefile"
+  gitAuthor: 'renovate[bot] <[email protected]>',
+  includePaths: [
+    '.github/workflows/**',
+    'action.yaml',
+    'defaults/defaults.go',
+    'go.mod',
+    'go.sum',
+    'Dockerfile',
+    'Makefile',
   ],
   postUpdateOptions: [
-    "gomodTidy"
+    'gomodTidy',
   ],
-  "pinDigests": true,
-  "ignorePresets": [":prHourlyLimit2"],
-  "separateMajorMinor": true,
-  "separateMultipleMajor": true,
-  "separateMinorPatch": true,
-  "pruneStaleBranches": true,
-  "baseBranches": [
-    "main"
+  pinDigests: true,
+  ignorePresets: [
+    ':prHourlyLimit2',
   ],
-  "vulnerabilityAlerts": {
-    "enabled": true
+  separateMajorMinor: true,
+  separateMultipleMajor: true,
+  separateMinorPatch: true,
+  pruneStaleBranches: true,
+  baseBranches: [
+    'main',
+  ],
+  vulnerabilityAlerts: {
+    enabled: true,
   },
-  "labels": [
-    "renovate/stop-updating",
-    "kind/enhancement",
-    "priority/release-blocker"
+  labels: [
+    'renovate/stop-updating',
+    'kind/enhancement',
+    'priority/release-blocker',
   ],
-  "stopUpdatingLabel": "renovate/stop-updating",
-  "packageRules": [
+  stopUpdatingLabel: 'renovate/stop-updating',
+  packageRules: [
     {
-      "groupName": "all github action dependencies",
-      "groupSlug": "all-github-action",
-      "matchPaths": [
-        ".github/workflows/**",
-        "action.yaml"
-      ],
-      "matchUpdateTypes": [
-        "major",
-        "minor",
-        "digest",
-        "patch",
-        "pin",
-        "pinDigest"
-      ]
+      groupName: 'all github action dependencies',
+      groupSlug: 'all-github-action',
+      matchFileNames: [
+        '.github/workflows/**',
+        'action.yaml',
+      ],
+      matchUpdateTypes: [
+        'major',
+        'minor',
+        'digest',
+        'patch',
+        'pin',
+        'pinDigest',
+      ],
     },
     {
-      "groupName": "all go dependencies main",
-      "groupSlug": "all-go-deps-main",
-      "matchFiles": [
-        "go.mod",
-        "go.sum"
+      groupName: 'all go dependencies main',
+      groupSlug: 'all-go-deps-main',
+      matchFiles: [
+        'go.mod',
+        'go.sum',
       ],
-      "postUpdateOptions": [
+      postUpdateOptions: [
         // update source import paths on major updates
-        "gomodUpdateImportPaths",
+        'gomodUpdateImportPaths',
       ],
-      "matchUpdateTypes": [
-        "major",
-        "minor",
-        "digest",
-        "patch",
-        "pin",
-        "pinDigest"
+      matchUpdateTypes: [
+        'major',
+        'minor',
+        'digest',
+        'patch',
+        'pin',
+        'pinDigest',
       ],
       matchBaseBranches: [
-        "main"
+        'main',
       ],
-      "schedule": [
-        "on friday"
+      schedule: [
+        'on friday',
       ],
     },
     {
       // Avoid updating patch releases of golang in go.mod
-      "enabled": "false",
-      "matchFiles": [
-        "go.mod",
+      enabled: 'false',
+      matchFileNames: [
+        'go.mod',
       ],
-      "matchDepNames": [
-        "go"
+      matchDepNames: [
+        'go',
       ],
-      "matchDatasources": [
-        "golang-version"
+      matchDatasources: [
+        'golang-version',
       ],
-      "matchUpdateTypes": [
-        "patch"
+      matchUpdateTypes: [
+        'patch',
       ],
       matchBaseBranches: [
-        "main",
-      ]
-    },
-    {
-      "enabled": false,
-      "matchPackageNames": [
-        // All of these packages are maintained on a Cilium fork. Thus, we don't
-        // want to update them automatically.
-        "go.universe.tf/metallb",
-        "github.com/cilium/metallb",
-        "github.com/miekg/dns",
-        "github.com/cilium/dns",
-        "sigs.k8s.io/controller-tools",
-        "github.com/cilium/controller-tools",
-        // We update this dependency manually together with envoy proxy updates
-        "github.com/cilium/proxy",
-        // We need v1.0.6-0.20210604193023-d5e0c0615ace from pflag, but
-        // renovate wants to downgrade to 1.0.5. Can be removed if pflag ever
-        // tags a new release.
-        "github.com/spf13/pflag",
-        // v0.0.0-20230801115018-d63ba01acd4b causes this complilation error:
-        //
-        // # github.com/cilium/cilium/pkg/hive/cell
-        // Error: vendor/github.com/cilium/cilium/pkg/hive/cell/health.go:194:23:
-        // type func(a Status, b Status) bool of func(a, b Status) bool {…} does not match inferred
-        // type func(a Status, b Status) int for func(a E, b E) int
-        "golang.org/x/exp",
-	// This package is not versioned leading to "empty" updates every week.
-	// Update it manually once newly introduces tetragon CRDs are required.
-	"github.com/cilium/tetragon/pkg/k8s",
-        // Do not update GoBGP until https://github.com/osrg/gobgp/issues/2777
-        // is resolved and a new version is released.
-        // Ref: https://github.com/cilium/cilium/pull/31123
-        "github.com/osrg/gobgp/v3",
-      ],
-      "matchPackagePatterns": [
-        // k8s dependencies will be updated manually in lockstep.
-        "k8s.io/*",
-        "sigs.k8s.io/*"
-      ]
+        'main',
+      ],
     },
     {
       // Allow github.com/cilium/cilium to upgrade to prerelease versions.
-      "ignoreUnstable": false,
-      "matchPackageNames": [
-        "github.com/cilium/cilium",
+      ignoreUnstable: false,
+      matchPackageNames: [
+        'github.com/cilium/cilium',
       ],
     },
     {
       // Images that directly use docker.io/library/golang for building.
-      "groupName": "golang-images",
-      "matchFiles": [
-        "Dockerfile",
-        "Makefile"
-      ]
+      groupName: 'golang-images',
+      matchFileNames: [
+        'Dockerfile',
+        'Makefile',
+      ],
     },
     {
-      "matchPackageNames": [
-        "docker.io/library/busybox"
+      groupName: 'Go',
+      matchDepNames: [
+        'go',
+        'docker.io/library/golang',
       ],
-      "matchPaths": [
-        "Dockerfile"
+      schedule: [
+        'on friday',
       ],
     },
-    {
-      "groupName": "Go",
-      "matchDepNames": [
-        "go",
-        "docker.io/library/golang"
-      ],
-      "schedule": [
-        "on friday"
-      ]
-    },
     {
       // Group golangci-lint updates to overrule grouping of version updates in the GHA files.
       // Without this, golangci-lint updates are not in sync for GHA files and other usages.
-      "groupName": "golangci-lint",
-      "matchDepNames": [
-        "golangci/golangci-lint"
-      ]
+      groupName: 'golangci-lint',
+      matchDepNames: [
+        'golangci/golangci-lint',
+      ],
     },
     {
       // Group cilium updates to overrule grouping of version updates in the GHA files.
       // Without this, cilium updates are not in sync for GHA files and other usages.
-      "groupName": "cilium",
-      "matchDepNames": [
-        "cilium/cilium"
-      ]
-    }
+      groupName: 'cilium',
+      matchDepNames: [
+        'cilium/cilium',
+      ],
+    },
   ],
-  "regexManagers": [
+  customManagers: [
     {
-      "fileMatch": [
-        "^\\.github/workflows/[^/]+\\.yaml$",
-	"^action.yaml$"
+      customType: 'regex',
+      fileMatch: [
+        '^\\.github/workflows/[^/]+\\.yaml$',
+        '^action.yaml$',
       ],
+
       // This regex manages version strings in GitHub actions workflow files,
       // similar to the examples shown here:
       //   https://docs.renovatebot.com/modules/manager/regex/#advanced-capture
-      "matchStrings": [
-        "# renovate: datasource=(?<datasource>.*?) depName=(?<depName>.*?)\\s+.+version: (?<currentValue>.*)"
-      ]
+      matchStrings: [
+        '# renovate: datasource=(?<datasource>.*?) depName=(?<depName>.*?)\\s+.+version: (?<currentValue>.*)',
+      ],
     },
     {
-      "fileMatch": [
-        "^Makefile$"
+      customType: 'regex',
+      fileMatch: [
+        '^Makefile$',
       ],
+
       // This regex manages version strings in the Makefile,
       // similar to the examples shown here:
       //   https://docs.renovatebot.com/modules/manager/regex/#advanced-capture
-      "matchStrings": [
-        "# renovate: datasource=(?<datasource>.*?) depName=(?<depName>.*?)\\s+.+_VERSION = (?<currentValue>.*)\\s+.+_SHA = (?<currentDigest>sha256:[a-f0-9]+)"
-      ]
-    },
-    {
-      "fileMatch": [
-        "^defaults/defaults.go$"
+      matchStrings: [
+        '# renovate: datasource=(?<datasource>.*?) depName=(?<depName>.*?)\\s+.+_VERSION = (?<currentValue>.*)\\s+.+_SHA = (?<currentDigest>sha256:[a-f0-9]+)',
       ],
-      // This regex manages image version strings in defaults/defaults.go
-      // similar to the examples shown here:
-      //   https://docs.renovatebot.com/modules/manager/regex/#advanced-capture
-      "matchStrings": [
-        "\/\/ renovate: datasource=(?<datasource>.*?)\\s+.+Image = \"(?<depName>.*):(?<currentValue>.*)@(?<currentDigest>sha256:[a-f0-9]+)\"",
-        "\/\/ renovate: datasource=(?<datasource>.*?) depName=(?<depName>.*?)\\s+Version = \"(?<currentValue>.*)\""
-      ]
     },
     {
-      "fileMatch": [
-        "^go\\.mod$"
+      customType: 'regex',
+      fileMatch: [
+        '^go\\.mod$',
+      ],
+      matchStrings: [
+        '// renovate: datasource=(?<datasource>.*?) depName=(?<depName>.*?)\\s+go (?<currentValue>.*)',
       ],
-      "matchStrings": [
-        "// renovate: datasource=(?<datasource>.*?) depName=(?<depName>.*?)\\s+go (?<currentValue>.*)"
-      ]
     },
-  ]
+  ],
 }