Konflux onboarding: add Renovate configuration#961
Conversation
The newly introduced renovate.json file essentially copies the configuration that currently exists in the dependabot.yml file. The only configuration not carried over is the one that ignores updates to pydantic-core, since we want to test Renovate's behavior regarding this package, to avoid needing to convert the dependabot-pipcompile.yml hook. Signed-off-by: Bruno Pimentel <bpimente@redhat.com>
Definitely not both. Renovate seems to be more feature-complete than Dependabot and as a bonus is vendor-agnostic which Dependabot is not. Quickly skimmed through the docs and with the plethora of examples it looks like a step in the right direction. Edit: YAML is definitely more human-readable than JSON, but I think I can live with that :) |
|
Does the renovate bot support Containerfiles too ? Currently, we have a symlink to Dockerfile. |
Yes, it does: https://docs.renovatebot.com/modules/manager/dockerfile/#default-config |
|
Just reviewing stale PRs: This looks like it has been overcome-by-events and is no longer relevant? I think we can close this after the new downstream is live |
|
Closing because we abandoned the intent of onboarding this repository to Konflux. |
In order to avoid getting a flood of PRs by Renovate, we need to configure package group for the updates. The initial
renovate.jsonfile introduced here tries to mostly copy what we have configured for Dependabot. The only configuration I have not copied yet is the supression ofpydating-coreupdates (see this commit), since I want to test how Renovate deals with this particular dependency.In any case, this change assumes that we want all the updates to be handled by Renovate. Alternatively, we can still keep all the updates by Dependabot, and only rely on Renovate to update the Tekton CI definitions.
For more info on Renovate configuration, check the official docs.
This should only be merged after #930.
Maintainers will complete the following section