diff --git a/.github/workflows/ci-build.yaml b/.github/workflows/ci-build.yaml index 6c62ad0e0f257..c0abd7dbeef77 100644 --- a/.github/workflows/ci-build.yaml +++ b/.github/workflows/ci-build.yaml @@ -308,7 +308,7 @@ jobs: uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4.0.4 with: # renovate: datasource=node-version packageName=node versioning=node - node-version: '22.8.0' + node-version: '22.9.0' - name: Restore node dependency cache id: cache-dependencies uses: actions/cache@2cdf405574d6ef1f33a1d12acccd3ae82f47b3f2 # v4.1.0 diff --git a/renovate-presets/README.md b/renovate-presets/README.md new file mode 100644 index 0000000000000..7427c9b9d8190 --- /dev/null +++ b/renovate-presets/README.md @@ -0,0 +1,64 @@ +# Renovate shared presets + +This folder contains shared presets. +It also improve separation of concerns between packageRules in a single file quickly become hard to maintain. + +# How to use a preset + +1. Add the preset to your renovate.json file: + +```json +{ + //json + "extends": [ + "github>argoproj/argo-cd//renovate-presets:argoproj" +] +} +``` + +### Note : + +It would make sense to move this folder to a new repository in the future. + +Benefits: +- Improved feedback loop for configuration changes, no need to wait for a PR to be merged into master. +- Avoid polluting git history. +- Avoids consuming the repository's CI/CD resources. +- The `renovate.json` in each repository can be simplified to only include a single presets : + ```json + { + "$schema": "https://docs.renovatebot.com/renovate-schema.json", + "extends": [ + "github>argoproj/renovate-presets//argoproj/renovate.json5" + ], + // rules are empty and this file won't need to be modified again. + "packageRules": [] + } + ``` +Inconvenient: +- Owners of a repository can impact the configuration of all repositories. Use codeowners to prevent this. + +Example of repo structure : +```shell +. +├── README.md +├── .github/CODEOWNERS +├── common.json5 # common presets for all repositories +├── fix/ +│ └── openssf-merge-confidence-columns.json5 +├── custom-managers/ +│ ├── bash.json5 +│ └── yaml.json5 +└── argoproj/ # organization + ├── argo-cd/ # repository + ├── devtools.json5 # rules specific to the devtool (CI and dev environment...) + ├── doc.json5 # rules specific to the doc written with mkdoc. + ├── # etc... + └── renovate.json5 # A single preset referenced from the repository argopro/argo-cd. + ├── argo-rollouts/ # repository + │ ── renovate.json5 + + + + +``` diff --git a/renovate-presets/commons.json5 b/renovate-presets/commons.json5 new file mode 100644 index 0000000000000..a1608f321bc68 --- /dev/null +++ b/renovate-presets/commons.json5 @@ -0,0 +1,55 @@ +{ + "$schema": "https://docs.renovatebot.com/renovate-schema.json", + "description": "Contains rules that makes sense to enforce by default.", + "dependencyDashboard": true, + "dependencyDashboardOSVVulnerabilitySummary": "all", + "osvVulnerabilityAlerts": true, + "extends": [ + "config:best-practices", + "customManagers:dockerfileVersions", + "security:openssf-scorecard", + "mergeConfidence:all-badges", + "github>argoproj/argo-cd//renovate-presets/fix/openssf-merge-confidence-columns.json5", + ], + "packageRules": [ + { + "description": "Define labels used for all PRs", + "matchPackageNames": [ + "*" + ], + "labels": [ + "dependencies" + ] + }, + { + "description": "Define labels of the dependency dashboard issues.", + "dependencyDashboardLabels": [ + "dependencies", + ] + }, + { + "description": "Add labels for PRs related to javascript", + "matchDatasources": [ + "node-version", + "npm" + ], + "addLabels": [ + "javascript" + ] + }, + { + "description": "Add labels for PRs related to go", + "matchDatasources": [ + "golang-version", + "go" + ], + "addLabels": [ + "go" + ] + }, + { + "description": "Define the label to make Renovate stop updating a PR.", + "stopUpdatingLabel": "dependencies:stop-updating" + } + ] +} \ No newline at end of file diff --git a/renovate-presets/custom-managers/yaml.json5 b/renovate-presets/custom-managers/yaml.json5 index 70cc6629ef756..8729f611c8ea7 100644 --- a/renovate-presets/custom-managers/yaml.json5 +++ b/renovate-presets/custom-managers/yaml.json5 @@ -2,7 +2,7 @@ "$schema": "https://docs.renovatebot.com/renovate-schema.json", "customManagers": [ { - "description": "A generic custom manager for updating any yaml fields ending by *version: case incensitive", + "description": "A generic custom manager for updating any yaml fields ending by 'version:' (case insensitive)", "customType": "regex", "fileMatch": [ ".github\\/workflows.+\\.(?:yml|yaml)$" diff --git a/renovate-presets/devtool.json5 b/renovate-presets/devtool.json5 new file mode 100644 index 0000000000000..eaf6a365168b5 --- /dev/null +++ b/renovate-presets/devtool.json5 @@ -0,0 +1,72 @@ +{ + "$schema": "https://docs.renovatebot.com/renovate-schema.json", + "description": "Rules specific to the devtool (CI, dev environment...)", + "packageRules": [ + { + "description": "Enable updates from specified datasources", + "matchDatasources": [ + "node-version", + "golang-version" + ], + "enabled": true + }, + { + "description": "Enable updates from specified go modules", + "matchDatasources": [ + "go" + ], + "matchPackageNames": [ + "github.com/golangci/golangci-lint" + ], + "enabled": true + }, + { + "description": "Enable updates from specified docker images", + "matchDatasources": [ + "docker" + ], + "matchPackageNames": [ + "docker.io/library/node", + "docker.io/library/golang" + ], + "enabled": true + }, + { + "description": "Group golang-version packages", + "groupName": "golang version", + "matchDepNames": [ + "go", + "golang", + "docker.io/golang", + "docker.io/library/golang" + ], + "separateMajorMinor": true + }, + { + "description": "Group node-version packages", + "groupName": "node version", + "matchDepNames": [ + "node", + "docker.io/library/node" + ], + "separateMajorMinor": true + }, + { + "description": "Separate major into their PRs", + "matchDatasources": [ + "node-version", + "golang-version" + ], + "separateMultipleMajor": true + }, + { + "description": "Example: reduce noise by automerging safe pkgs. Multiple match fields can be used to reduce the scope of this rule...", + "matchUpdateTypes": [ + "patch", + "pin", + "digest" + ], + "automerge": false + } + ] +} diff --git a/renovate-presets/fix/disable-all-updates.json5 b/renovate-presets/fix/disable-all-updates.json5 new file mode 100644 index 0000000000000..83f88bba8ebd9 --- /dev/null +++ b/renovate-presets/fix/disable-all-updates.json5 @@ -0,0 +1,13 @@ +{ + "$schema": "https://docs.renovatebot.com/renovate-schema.json", + "description": "Contains rules specific to the devtool (CI and dev environment...)", + "packageRules": [ + { + "description": "Disable all updates to avoid conflicts with dependabot, then enable what you need.", + "matchPackageNames": [ + "*" + ], + "enabled": false + } + ] +} diff --git a/renovate.json b/renovate.json index 228b3d77f4616..a621aaa1676e4 100644 --- a/renovate.json +++ b/renovate.json @@ -1,113 +1,10 @@ { "$schema": "https://docs.renovatebot.com/renovate-schema.json", - "dependencyDashboard": true, - "dependencyDashboardOSVVulnerabilitySummary": "all", - "osvVulnerabilityAlerts": true, - "reviewersFromCodeOwners": true, "extends": [ - "config:best-practices", - "customManagers:dockerfileVersions", - "security:openssf-scorecard", - "mergeConfidence:all-badges", - "github>argoproj/argo-cd//renovate-presets/fix/openssf-merge-confidence-columns.json5", + "github>ggjulio/argo-cd//renovate-presets/commons.json5", "github>argoproj/argo-cd//renovate-presets/custom-managers/shell.json5", - "github>argoproj/argo-cd//renovate-presets/custom-managers/yaml.json5" - ], - "packageRules": [ - { - "description": "Disable all updates to avoid conflicts with dependabot, then enable what we want", - "matchPackageNames": [ - "*" - ], - "enabled": false - }, - { - "description": "Add label dependencies to all PRs", - "matchPackageNames": [ - "*" - ], - "labels": [ - "dependencies" - ] - }, - { - "description": "Enable node-version", - "matchDatasources": [ - "node-version" - ], - "addLabels": [ - "javascript" - ], - "enabled": true - }, - { - "description": "Enable golang-version", - "matchDatasources": [ - "golang-version" - ], - "addLabels": [ - "go" - ], - "enabled": true - }, - { - "description": "Enable some go modules", - "matchDatasources": [ - "go" - ], - "matchPackageNames": [ - "go", - "github.com/golangci/golangci-lint" - ], - "addLabels": [ - "go" - ], - "enabled": true - }, - { - "description": "Enable bump of golang version in go.mod", - "matchDatasources": [ - "golang-version" - ], - "rangeStrategy": "bump" - }, - { - "description": "Enable some docker images", - "matchDatasources": [ - "docker" - ], - "matchPackageNames": [ - "docker.io/library/node", - "docker.io/library/golang" - ], - "enabled": true - }, - { - "description": "Group golang-version packages", - "groupName": "golang version", - "matchDepNames": [ - "go", - "golang", - "docker.io/golang", - "docker.io/library/golang" - ] - }, - { - "description": "Group node-version packages", - "groupName": "node version", - "matchDepNames": [ - "node", - "docker.io/library/node" - ] - }, - { - "description": "an example to reduce noise by automerging pkgs that are safe to merge, multiple match fields can be used to reduce the scope of this rule...)", - "matchUpdateTypes": [ - "patch", - "pin", - "digest" - ], - "automerge": false - } + "github>argoproj/argo-cd//renovate-presets/custom-managers/yaml.json5", + "github>ggjulio/argo-cd//renovate-presets/fix/disable-all-updates.json5", + "github>ggjulio/argo-cd//renovate-presets/devtool.json5" ] } diff --git a/ui/.nvmrc b/ui/.nvmrc index a8d3ff91fa10d..a7ac3d0d0258a 100644 --- a/ui/.nvmrc +++ b/ui/.nvmrc @@ -1 +1 @@ -v21.6.1 +21.7.3