diff --git a/.github/dependabot.yml b/.github/dependabot.yml deleted file mode 100644 index 365eeece..00000000 --- a/.github/dependabot.yml +++ /dev/null @@ -1,11 +0,0 @@ -version: 2 -updates: - - package-ecosystem: github-actions - directory: / - schedule: - interval: daily - - - package-ecosystem: docker - directory: / - schedule: - interval: daily diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 403d871b..e3e6908d 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -163,6 +163,8 @@ jobs: runs-on: ubuntu-22.04 needs: [build, e2e-test] if: ${{ github.ref_type == 'tag' }} + env: + preflight_version: 1.14.1 # renovate: datasource=github-releaser depName=preflight packageName=redhat-openshift-ecosystem/openshift-preflight steps: - name: Checkout Repository uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 @@ -170,7 +172,7 @@ jobs: - name: Certify Images continue-on-error: false run: | - curl -fsSL https://github.com/redhat-openshift-ecosystem/openshift-preflight/releases/download/1.14.1/preflight-linux-amd64 --output preflight + curl -fsSL https://github.com/redhat-openshift-ecosystem/openshift-preflight/releases/download/${{ env.preflight_version }}/preflight-linux-amd64 --output preflight chmod +x preflight IFS=',' read -ra arch_list <<< "${{ env.platforms }}" diff --git a/.github/workflows/f5-cla.yml b/.github/workflows/f5-cla.yml index 874ad62c..bacb4d1e 100644 --- a/.github/workflows/f5-cla.yml +++ b/.github/workflows/f5-cla.yml @@ -43,7 +43,7 @@ jobs: remote-repository-name: "f5-cla-data" path-to-signatures: "signatures/beta/signatures.json" # Comma separated list of usernames for maintainers or any other individuals who should not be prompted for a CLA. - allowlist: bot* + allowlist: bot*,renovate # Do not lock PRs after a merge. lock-pullrequest-aftermerge: false env: diff --git a/Dockerfile b/Dockerfile index 0de9e65f..85521a16 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,3 +1,4 @@ +# syntax=docker/dockerfile:1.18 FROM quay.io/operator-framework/helm-operator:v1.41.1 ENV HOME=/opt/helm diff --git a/Makefile b/Makefile index 6fc8b61d..739b9119 100644 --- a/Makefile +++ b/Makefile @@ -53,8 +53,17 @@ endif # Set the Operator SDK version to use. By default, what is installed on the system is used. # This is useful for CI or a project to utilize a specific version of the operator-sdk toolkit. +# renovate: datasource=github-releaser depName=operator-sdk packageName=operator-framework/operator-sdk OPERATOR_SDK_VERSION ?= v1.40.0 +# renovate: datasource=github-releaser depName=operator-registry packageName=operator-framework/operator-registry +OPM_VERSION ?= v1.28.0 + +# Set the Kustomize version to use. By default, what is installed on the system is used. +# This is useful for CI or a project to utilize a specific version of the kustomize toolkit. +# renovate: datasource=github-releaser depName=kustomize packageName=kubernetes-sigs/kustomize +KUSTOMIZE_VERSION ?= v5.0.1 + # Image URL to use all building/pushing image targets IMG ?= $(IMAGE_TAG_BASE):$(VERSION) @@ -62,7 +71,8 @@ IMG ?= $(IMAGE_TAG_BASE):$(VERSION) KRP_IMAGE_BASE ?= quay.io/brancz/kube-rbac-proxy # kube-rbac-proxy image tag -KRP_IMAGE_TAG ?= v0.18.0 +# renovate: datasource=docker depName=depName=quay.io/brancz/kube-rbac-proxy +KRP_IMAGE_VERSION ?= v0.18.0 # image pull secret name: eg regcred IMAGE_PULL_SECRET_NAME ?= @@ -134,7 +144,7 @@ uninstall: kustomize ## Uninstall CRDs from the K8s cluster specified in ~/.kube .PHONY: deploy deploy: kustomize ## Deploy controller to the K8s cluster specified in ~/.kube/config. cd config/manager && $(KUSTOMIZE) edit set image controller=${IMG} - cd config/default && $(KUSTOMIZE) edit set image kube-rbac-proxy=$(KRP_IMAGE_BASE):$(KRP_IMAGE_TAG) + cd config/default && $(KUSTOMIZE) edit set image kube-rbac-proxy=$(KRP_IMAGE_BASE):$(KRP_IMAGE_VERSION) if [ -n "$(IMAGE_PULL_SECRET_NAME)" ]; then cd config/default && $(KUSTOMIZE) edit add patch --kind Deployment --group apps --version v1 --name controller-manager --patch '${image_pull_secrets_patch}'; fi $(KUSTOMIZE) build config/default | kubectl apply -f - @@ -153,7 +163,7 @@ ifeq (,$(shell which kustomize 2>/dev/null)) @{ \ set -e ;\ mkdir -p $(dir $(KUSTOMIZE)) ;\ - curl -sSLo - https://github.com/kubernetes-sigs/kustomize/releases/download/kustomize/v5.0.1/kustomize_v5.0.1_$(OS)_$(ARCH).tar.gz | \ + curl -sSLo - https://github.com/kubernetes-sigs/kustomize/releases/download/$(KUSTOMIZE_VERSION)/kustomize_$(KUSTOMIZE_VERSION)_$(OS)_$(ARCH).tar.gz | \ tar xzf - -C bin/ ;\ } else @@ -198,7 +208,7 @@ bundle: kustomize operator-sdk ## Generate bundle manifests and metadata, then v $(OPERATOR_SDK) generate kustomize manifests --interactive=false -q cd config/manager && $(KUSTOMIZE) edit set image controller=$(IMG) cd config/manifests/bases && $(KUSTOMIZE) edit set annotation containerImage:$(IMG) - cd config/default && $(KUSTOMIZE) edit set image kube-rbac-proxy=$(KRP_IMAGE_BASE):$(KRP_IMAGE_TAG) + cd config/default && $(KUSTOMIZE) edit set image kube-rbac-proxy=$(KRP_IMAGE_BASE):$(KRP_IMAGE_VERSION) if [ -n "$(IMAGE_PULL_SECRET_NAME)" ]; then cd config/default && $(KUSTOMIZE) edit add patch --kind Deployment --group apps --version v1 --name controller-manager --patch '${image_pull_secrets_patch}'; fi $(KUSTOMIZE) build config/manifests | $(OPERATOR_SDK) generate bundle $(BUNDLE_GEN_FLAGS) @printf "%s\n" '' 'LABEL com.redhat.openshift.versions="$(OPENSHIFT_VERSION)"' 'LABEL com.redhat.delivery.operator.bundle=true' 'LABEL com.redhat.delivery.backport=true' >> bundle.Dockerfile @@ -221,7 +231,7 @@ ifeq (,$(shell which opm 2>/dev/null)) @{ \ set -e ;\ mkdir -p $(dir $(OPM)) ;\ - curl -sSLo $(OPM) https://github.com/operator-framework/operator-registry/releases/download/v1.28.0/$(OS)-$(ARCH)-opm ;\ + curl -sSLo $(OPM) https://github.com/operator-framework/operator-registry/releases/download/$(OPM_VERSION)/$(OS)-$(ARCH)-opm ;\ chmod +x $(OPM) ;\ } else diff --git a/bundle.Dockerfile b/bundle.Dockerfile index 7e64942b..9483a4e0 100644 --- a/bundle.Dockerfile +++ b/bundle.Dockerfile @@ -7,6 +7,7 @@ LABEL operators.operatorframework.io.bundle.metadata.v1=metadata/ LABEL operators.operatorframework.io.bundle.package.v1=nginx-ingress-operator LABEL operators.operatorframework.io.bundle.channels.v1=alpha LABEL operators.operatorframework.io.bundle.channel.default.v1=alpha +# renovate: datasource=github-releaser depName=operator-sdk packageName=operator-framework/operator-sdk LABEL operators.operatorframework.io.metrics.builder=operator-sdk-v1.40.0 LABEL operators.operatorframework.io.metrics.mediatype.v1=metrics+v1 LABEL operators.operatorframework.io.metrics.project_layout=helm.sdk.operatorframework.io/v1 diff --git a/renovate.json b/renovate.json new file mode 100644 index 00000000..8ac6f297 --- /dev/null +++ b/renovate.json @@ -0,0 +1,39 @@ +{ + "$schema": "https://docs.renovatebot.com/renovate-schema.json", + "extends": [ + "github>nginx/k8s-common", + "schedule:daily" + ], + "kubernetes": { + "managerFilePatterns": [ + "/bundle/manifests/.+\\.yaml$/", + "/bundle/tests/scorecard/.+\\.yaml$/", + "/config/.+\\.yaml$/", + "/examples/.+\\.yaml$/", + "/helm-charts/nginx-ingress/crds/.+\\.yaml$/", + "/helm-charts/nginx-ingress/templates/.+\\.yaml$/" + ] + }, + "customManagers": [ + { + "customType": "regex", + "description": "Update env variable version in Github Actions workflow", + "fileMatch": [ + "/.github/workflows/.+\\.ya?ml$/" + ], + "matchStrings": [ + "\\s+.+?: (?.+?) # renovate: datasource=(?[a-z-]+?) depName=(?.+?)(?: (?:packageName|lookupName)=(?.+?))?(?: versioning=(?[a-z-]+?))?\\s" + ] + }, + { + "customType": "regex", + "description": "Update Operator SDK version in bundle Dockerfile", + "fileMatch": [ + "bundle\\.Dockerfile$" + ], + "matchStrings": [ + "# renovate: datasource=(?[a-z-]+?) depName=(?.+?)(?: (?:packageName|lookupName)=(?.+?))?(?: versioning=(?[a-z-]+?))?\\sLABEL operators.operatorframework.io.metrics.builder=operator-sdk-(?.+?)\\s" + ] + } + ] +}