Run and configure Renovate via devshell. This setup allows Renovate to run as an on-demand or scheduled CI job without requiring a continuously running server.
If you're using NixOS, consider the NixOS Renovate module, as it runs Renovate as a continuously running systemd service.
This project also includes renovate-preview, a wrapper around Renovate that prints pending updates in a human-readable format.
Add this repository as a flake input:
inputs.renovate.url = "github:raphiz/renovate-devshell";Import the module into your devenv.sh or devshell.nix setup:
imports = [
inputs.renovate.modules.default
];
renovate.enable = true;
renovate.settings = {
# Your Renovate configuration, for example:
# platform = "gitea";
# endpoint = "https://git.example.com";
};This setup:
- Adds the
renovateandrenovate-previewcommands to your$PATH. - Automatically sets the
RENOVATE_CONFIG_FILEenvironment variable with the provided settings.
Note
It's recommended to use a dedicated shell environment for Renovate to reduce the closure size for both CI jobs and local development.
Ensure your project includes a renovate.json file.
Preview pending updates with:
renovate-previewTo integrate Renovate into your CI system, configure Renovate settings according to your needs. At a minimum, configure the platform-specific settings.
For sensitive information such as tokens (RENOVATE_GITHUB_COM_TOKEN, RENOVATE_PASSWORD, RENOVATE_TOKEN), use environment variables and your CI's secret management system.
This approach supports any CI system, including:
- GitHub Actions
- GitLab CI/CD
- Jenkins
The renovate-preview CLI provides a simple, readable summary of available updates.
In most cases, you can run the command without additional parameters:
For more details, run:
renovate-preview --helpYou can run this preview script independently of the devshell module by executing:
nix run github:raphiz/renovate-devshell#renovate-preview -- --no-validate...to be done...
Contributions are welcome! Feel free to open an issue or submit a pull request.