AWS CodeCommit support

[carlosfunk]

Are there any plans to support AWS CodeCommit?

[rarkins]

I haven't planned on it before now, but it looks they have an API with endpoints such as CreatePullRequest, so it looks promising.

[jessieweiyi]

Any update on this?

[rarkins]

No, it likely needs some outside contributions to get it moving.

[olegkrivtsov]

I'd like to take this one.

[rarkins]

@olegkrivtsov this could be a lot of work. but at least we can start with the research side of things (working out if all the APIs we need are supported, such as issues, PRs, etc). Do you have an AWS account you can test with?

[olegkrivtsov]

Hi @rarkins ok, I can start by reviewing the AWS APIs and check what capabilities they have. Creating AWS account shouldn't be difficult.

[olegkrivtsov]

Could you please assign this to me so it's easier for me to track?

[olegkrivtsov]

Hi @rarkins I found this page describing AWS CodeCommit APIs: https://docs.aws.amazon.com/AWSJavaScriptSDK/latest/AWS/CodeCommit.html

It seems that CodeCommit APIs support managing the following:

• repos
• branches
• commits
• pull requests
• merges

However, it doesn't have an integrated issue tracker. And it also seems it has some support of "labels" they call "tags", so it may be possible to label a PR.

[rarkins]

We can get by without issues if they don't have them. Please map each of these to API documentation:

renovate/lib/platform/types.ts

Lines 150 to 190 in db5137b

	export interface Platform {
	findIssue(title: string): Promise<Issue | null>;
	getIssueList(): Promise<Issue[]>;
	getIssue?(number: number, useCache?: boolean): Promise<Issue>;
	getVulnerabilityAlerts(): Promise<VulnerabilityAlert[]>;
	getRawFile(fileName: string, repo?: string): Promise<string | null>;
	getJsonFile(fileName: string, repo?: string): Promise<any | null>;
	initRepo(config: RepoParams): Promise<RepoResult>;
	getPrList(): Promise<Pr[]>;
	ensureIssueClosing(title: string): Promise<void>;
	ensureIssue(
	issueConfig: EnsureIssueConfig
	): Promise<EnsureIssueResult | null>;
	massageMarkdown(prBody: string): string;
	updatePr(prConfig: UpdatePrConfig): Promise<void>;
	mergePr(config: MergePRConfig): Promise<boolean>;
	addReviewers(number: number, reviewers: string[]): Promise<void>;
	addAssignees(number: number, assignees: string[]): Promise<void>;
	createPr(prConfig: CreatePRConfig): Promise<Pr>;
	getRepos(): Promise<string[]>;
	getRepoForceRebase(): Promise<boolean>;
	deleteLabel(number: number, label: string): Promise<void>;
	setBranchStatus(branchStatusConfig: BranchStatusConfig): Promise<void>;
	getBranchStatusCheck(
	branchName: string,
	context: string
	): Promise<BranchStatus | null>;
	ensureCommentRemoval(
	ensureCommentRemoval:
	| EnsureCommentRemovalConfigByTopic
	| EnsureCommentRemovalConfigByContent
	): Promise<void>;
	ensureComment(ensureComment: EnsureCommentConfig): Promise<boolean>;
	getPr(number: number): Promise<Pr>;
	findPr(findPRConfig: FindPRConfig): Promise<Pr>;
	refreshPr?(number: number): Promise<void>;
	getBranchStatus(branchName: string): Promise<BranchStatus>;
	getBranchPr(branchName: string): Promise<Pr | null>;
	initPlatform(config: PlatformParams): Promise<PlatformResult>;
	filterUnavailableUsers?(users: string[]): Promise<string[]>;
	}

[olegkrivtsov]

I tried to map those functions to the API endpoints (https://docs.aws.amazon.com/codecommit/latest/APIReference):

findIssue(title: string): Promise<Issue | null>;
getIssueList(): Promise<Issue[]>;
getIssue?(number: number, useCache?: boolean): Promise<Issue>;

The above are not available. CodeCommit doesn't support issues.

getVulnerabilityAlerts(): Promise<VulnerabilityAlert[]>;

It seems that vulnerability alerts are not supported by CodeCommit.

getRawFile(fileName: string, repo?: string): Promise<string | null>;
getJsonFile(fileName: string, repo?: string): Promise<any | null>;

https://docs.aws.amazon.com/codecommit/latest/APIReference/API_GetFile.html

initRepo(config: RepoParams): Promise<RepoResult>;

https://docs.aws.amazon.com/codecommit/latest/APIReference/API_GetRepository.html

getPrList(): Promise<Pr[]>;

https://docs.aws.amazon.com/codecommit/latest/APIReference/API_ListPullRequests.html

  ensureIssueClosing(title: string): Promise<void>;
  ensureIssue(
    issueConfig: EnsureIssueConfig
  ): Promise<EnsureIssueResult | null>;

The above are not supported by CodeCommit.

  massageMarkdown(prBody: string): string;

This is non-related to API, right?

  updatePr(prConfig: UpdatePrConfig): Promise<void>;

https://docs.aws.amazon.com/codecommit/latest/APIReference/API_UpdatePullRequestDescription.html
https://docs.aws.amazon.com/codecommit/latest/APIReference/API_UpdatePullRequestTitle.html

  mergePr(config: MergePRConfig): Promise<boolean>;

https://docs.aws.amazon.com/codecommit/latest/APIReference/API_MergePullRequestByThreeWay.html
https://docs.aws.amazon.com/codecommit/latest/APIReference/API_MergePullRequestBySquash.html
https://docs.aws.amazon.com/codecommit/latest/APIReference/API_MergePullRequestByFastForward.html

  addReviewers(number: number, reviewers: string[]): Promise<void>;
  addAssignees(number: number, assignees: string[]): Promise<void>;

I don't think the API has endpoints for these. It seems that CodeCommit uses AWS IAM roles as "usernames". When we create a PR, it is assigned an ARN (IAM role ID). I'm not aware of its ability to add assignees/reviewers.

  createPr(prConfig: CreatePRConfig): Promise<Pr>;

https://docs.aws.amazon.com/codecommit/latest/APIReference/API_CreatePullRequest.html

  getRepos(): Promise<string[]>;

https://docs.aws.amazon.com/codecommit/latest/APIReference/API_ListRepositories.html

  getRepoForceRebase(): Promise<boolean>;

It seems this is not related to API.

  deleteLabel(number: number, label: string): Promise<void>;

https://docs.aws.amazon.com/codecommit/latest/APIReference/API_UntagResource.html

  setBranchStatus(branchStatusConfig: BranchStatusConfig): Promise<void>;

As far as I could determine:
https://docs.aws.amazon.com/codecommit/latest/APIReference/API_GetBranch.htm
https://docs.aws.amazon.com/codecommit/latest/APIReference/API_GetCommit.html

  getBranchStatusCheck(
    branchName: string,
    context: string
  ): Promise<BranchStatus | null>;

https://docs.aws.amazon.com/codecommit/latest/APIReference/API_GetBranch.html
https://docs.aws.amazon.com/codecommit/latest/APIReference/API_GetCommit.html

  ensureCommentRemoval(
    ensureCommentRemoval:
      | EnsureCommentRemovalConfigByTopic
      | EnsureCommentRemovalConfigByContent
  ): Promise<void>;

https://docs.aws.amazon.com/codecommit/latest/APIReference/API_DeleteCommentContent.html

  ensureComment(ensureComment: EnsureCommentConfig): Promise<boolean>;

https://docs.aws.amazon.com/codecommit/latest/APIReference/API_UpdateComment.html

  getPr(number: number): Promise<Pr>;
  findPr(findPRConfig: FindPRConfig): Promise<Pr>;

https://docs.aws.amazon.com/codecommit/latest/APIReference/API_GetPullRequest.html

``
refreshPr?(number: number): Promise;

https://docs.aws.amazon.com/codecommit/latest/APIReference/API_GetPullRequest.html

``
  getBranchStatus(branchName: string): Promise<BranchStatus>;

https://docs.aws.amazon.com/codecommit/latest/APIReference/API_GetCommit.html

  getBranchPr(branchName: string): Promise<Pr | null>;

https://docs.aws.amazon.com/codecommit/latest/APIReference/API_GetPullRequest.html

  initPlatform(config: PlatformParams): Promise<PlatformResult>;

I guess this is not related to API.

  filterUnavailableUsers?(users: string[]): Promise<string[]>;

I think this is not supported by AWS CodeCommit.

[PhilipAbed]

I've created a POC Code that will clone + create branch + commit + create PR, and it works like a charm.

Requirements input from user:

1. repository name
2. AWS Region ( will default to us-east-1 if not set)
3. Access Key Id
4. Secret Access Key
   3 and 4 are provided by AWS on the IAM user level PSB picture,

Note: according to the documentation it tells you to create an HTTP user and password for http calls
which actually works for git.clone, but we don't wanna ask too much of the user so i looked for a different way to connect to http using the Access Key id and Secret Access Key, using Signature v4, which is actually more secure
see: https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html for more info

Code Sample for git clone

    const localDir = 'path to your local dir where you want to clone to';
    const credentials = {
        accessKeyId: 'ACCESS_KEY_ID',
        secretAccessKey: 'ACCESS_SECRET_KEY',
        sessionToken: null
    };
    const git: SimpleGit = simpleGit(localDir, simpleGitConfig());
    const signer = new aws4.RequestSigner(
        {
            service: "codecommit",
            host: `git-codecommit.${REGION}.amazonaws.com`,
            method: "GIT",
            path: `v1/repos/${REPO_NAME}`
        },
        credentials
    );
    const username = credentials.accessKeyId;
    const password = signer.getDateTime() + "Z" + signer.signature();
    const url = `https://${username}:${password}@git-codecommit.${REGION}.amazonaws.com/v1/repos/${REPONAME}`;
    const opts: string[] = ['--filter=blob:none'];
    try {
        await git.clone(url, opts);
    } catch (e) {
        console.log(e);
    }

Code Sample for API call

    const client = new CodeCommitClient({region: ${REGION}, credentials: credentials});
    const getBranchInput:GetBranchInput = {
        branchName:'main',
        repositoryName: ${repoName}
    }
    let getBranchMain = new GetBranchCommand(getBranchInput);
    try {
        await client.send(getBranchMain);
    } catch (error) {
       // handle error
    }

API Reference: https://docs.aws.amazon.com/codecommit/latest/APIReference/Welcome.html

im planning to start implementing the platform interfaces

WDYT guys?

[rarkins]

Awesome! Can we incorporate the region as part of "endpoint"? And key/secret as username/password? Ie to avoid adding new config fields.

Best if you can clarify what new configuration you think is necessary so we can confirm.

[PhilipAbed]

Well i dont think we need any new configurations if we are going to use
endpoint for region
username for access key id
password for secret access key

What do you mean "part of endpoint"? what do you want the endpoint to be? the full host?
like endpoint = 'git-codecommit.${REGION}.amazonaws.com'?

[rarkins]

Our endpoints all start with https:// so far

[lorengordon]

Can we eliminate the requirement for an access/secret key? It should fall through to the SDK credential chain, making it compatible with aws-cli config, environment variables, or an execution role (ec2 instance profile, for example).

Also, when I clone from codecommit, I write this to my .gitconfig and let the aws-cli helper authenticate me:

[credential "https://git-codecommit.*.amazonaws.com"]
        helper = !aws codecommit credential-helper $@
        UseHttpPath = true

(fwiw, our team has been heavily involved in the Dependabot support for CodeCommit, and can confirm that this setup works there... happy to consult here also!)

[viceice]

i think that can be improved in a later PR. for first implementation it would be ok to force the manual config

[PhilipAbed]

Not Supported Platform API list

addAssignees,
addReviewers,
ensureIssue,
ensureIssueClosing,
findIssue,
getIssue,
getIssueList,
getVulnerabilityAlerts,
getBranchStatus,
getBranchStatusCheck,
setBranchStatus,
deleteLabel,

[rarkins]

deleteLabel is used here:

renovate/lib/workers/repository/update/branch/reuse.ts

Line 54 in b1dd241

await platform.deleteLabel(pr.number, config.rebaseLabel!);

It's a way of requesting a rebase for a PR. We prefer using the checkbox approach, but that doesn't work on every platform

[rarkins]

Not Supported Platform API list

addAssignees, addReviewers,

Do CodeCommit PRs have the concept of assignees or reviewers? i.e. is it a codecommit limitation in general or just a missing API for something which is available in the UI?

ensureIssue, ensureIssueClosing, findIssue, getIssue, getIssueList,

No issue support in the CodeCommit platform? Same as Bitbucket Cloud and Azure DevOps if so

getVulnerabilityAlerts,

No problem here, only GitHub supports

getBranchStatus, getBranchStatusCheck, setBranchStatus,

Makes automerge not possible, maybe impacts some other things. I don't recall if any other platforms have this gap

deleteLabel,

Makes rebaseLabel functionality impossible

[PhilipAbed]

1. codeCommit PRs have the concept of approvers
   there's no assignees, but there are approvers and approval rules(u can define which approvers can approve a specific rule by editing the pool)
   looks like this:

2. yes its the same as bitbucket/azure, even with the HTML issues, its a markdown body, but it can include Hidden comments!

3. the build is happening in CodeBuild and there's AWS Lambda which watches over the PRs and creates builds in codebuild, it's separated from CodeCommit, i cant see anything that can help us find the build check status, but i will keep this issue open for questions with AWS team.

4. Labels are supported as TAGS {key,value} on the Repository level not the PR level,
   unless there's a way to use that, it's not supprted, we might need to do the same as bitbucket/azure where we need to change PR name to get it rebased or something
   i thought maybe adding the PR id + rebase in the tags key/value of the repo maybe
   but i see only deleteLabel and no addLabel so im not sure where should i add the labels in which step..

there's also this git tags are supported
you can git push --tags which has 4 values {tag name, commit id, commit message, commit date} and its on the commit level,

[rarkins]

1. Can you "request" approvers? It sounds like Reviewers
2. Can you "tick" the box on from their web UI?
3. noted
4. Sounds like no labels supported? We don't have the concept of repo labels

[PhilipAbed]

1. no i cant request approvers, i can only update the status of a PR with Approved/Revoked, actually in the UI you can add an Approval Rule, that only a specific pool of people can approve the PRs but no access to that pool from api that i can see

2. i tried ticking box in UI already for rebase and stuff, its a markdown it doesn't let you.

3. yes no support for labels on PRs, only Repo tags(repo level) or git tags(commit level).

[PhilipAbed]

tests i ran on a real repo:

If there are more flows you'd like to test and i'm not aware of, please list them to me so i can test them,

[PhilipAbed]

@viceice https://docs.aws.amazon.com/codebuild/latest/APIReference/API_BuildStatusConfig.html is not build status its just the config

after deeper investigation i still cant figure out how to do this, i will check with AWS team in meeting when we will have it :

https://docs.aws.amazon.com/codebuild/latest/APIReference/API_Build.html looks promising it has :

buildStatus
The current status of the build. Valid values include:

FAILED: The build failed.

FAULT: The build faulted.

IN_PROGRESS: The build is still in progress.

STOPPED: The build stopped.

SUCCEEDED: The build succeeded.

TIMED_OUT: The build timed out.

so i could do CodeBuildAPI => ListBuilds
which would return the build ids ( ordered by newest)

 {
 "ids": [ "string" ],
 "nextToken": "string"
}

then use BatchGetBuilds, which accepts the build ids and then we get an array of builds as a result,
we care ofcourse about the latest builds,
but those builds could be on multiple repositories, so we might to get as much builds as we can in the request

those builds include the field : "buildStatus": "string",

but im having a problem connecting that build to the repo or branch, see all params coming back from builds:

{
 "builds": [
 {
 "arn": "string",
 "artifacts": {
 "artifactIdentifier": "string",
 "bucketOwnerAccess": "string",
 "encryptionDisabled": boolean,
 "location": "string",
 "md5sum": "string",
 "overrideArtifactName": boolean,
 "sha256sum": "string"
 },
 "buildBatchArn": "string",
 "buildComplete": boolean,
 "buildNumber": number,
 "buildStatus": "string",
 "cache": {
 "location": "string",
 "modes": [ "string" ],
 "type": "string"
 },
 "currentPhase": "string",
 "debugSession": {
API Version 2016-10-06
11
AWS CodeBuild API Reference
Response Syntax
 "sessionEnabled": boolean,
 "sessionTarget": "string"
 },
 "encryptionKey": "string",
 "endTime": number,
 "environment": {
 "certificate": "string",
 "computeType": "string",
 "environmentVariables": [
 {
 "name": "string",
 "type": "string",
 "value": "string"
 }
 ],
 "image": "string",
 "imagePullCredentialsType": "string",
 "privilegedMode": boolean,
 "registryCredential": {
 "credential": "string",
 "credentialProvider": "string"
 },
 "type": "string"
 },
 "exportedEnvironmentVariables": [
 {
 "name": "string",
 "value": "string"
 }
 ],
 "fileSystemLocations": [
 {
 "identifier": "string",
 "location": "string",
 "mountOptions": "string",
 "mountPoint": "string",
 "type": "string"
 }
 ],
 "id": "string",
 "initiator": "string",
 "logs": {
 "cloudWatchLogs": {
 "groupName": "string",
 "status": "string",
 "streamName": "string"
 },
 "cloudWatchLogsArn": "string",
 "deepLink": "string",
 "groupName": "string",
 "s3DeepLink": "string",
 "s3Logs": {
 "bucketOwnerAccess": "string",
 "encryptionDisabled": boolean,
 "location": "string",
 "status": "string"
 },
 "s3LogsArn": "string",
 "streamName": "string"
 },
 "networkInterface": {
 "networkInterfaceId": "string",
 "subnetId": "string"
 },
 "phases": [
 {
API Version 2016-10-06
12
AWS CodeBuild API Reference
Response Syntax
 "contexts": [
 {
 "message": "string",
 "statusCode": "string"
 }
 ],
 "durationInSeconds": number,
 "endTime": number,
 "phaseStatus": "string",
 "phaseType": "string",
 "startTime": number
 }
 ],
 "projectName": "string",
 "queuedTimeoutInMinutes": number,
 "reportArns": [ "string" ],
 "resolvedSourceVersion": "string",
 "secondaryArtifacts": [
 {
 "artifactIdentifier": "string",
 "bucketOwnerAccess": "string",
 "encryptionDisabled": boolean,
 "location": "string",
 "md5sum": "string",
 "overrideArtifactName": boolean,
 "sha256sum": "string"
 }
 ],
 "secondarySources": [
 {
 "auth": {
 "resource": "string",
 "type": "string"
 },
 "buildspec": "string",
 "buildStatusConfig": {
 "context": "string",
 "targetUrl": "string"
 },
 "gitCloneDepth": number,
 "gitSubmodulesConfig": {
 "fetchSubmodules": boolean
 },
 "insecureSsl": boolean,
 "location": "string",
 "reportBuildStatus": boolean,
 "sourceIdentifier": "string",
 "type": "string"
 }
 ],
 "secondarySourceVersions": [
 {
 "sourceIdentifier": "string",
 "sourceVersion": "string"
 }
 ],
 "serviceRole": "string",
 "source": {
 "auth": {
 "resource": "string",
 "type": "string"
 },
 "buildspec": "string",
 "buildStatusConfig": {
 "context": "string",
 "targetUrl": "string"
API Version 2016-10-06
13
AWS CodeBuild API Reference
Response Elements
 },
 "gitCloneDepth": number,
 "gitSubmodulesConfig": {
 "fetchSubmodules": boolean
 },
 "insecureSsl": boolean,
 "location": "string",
 "reportBuildStatus": boolean,
 "sourceIdentifier": "string",
 "type": "string"
 },
 "sourceVersion": "string",
 "startTime": number,
 "timeoutInMinutes": number,
 "vpcConfig": {
 "securityGroupIds": [ "string" ],
 "subnets": [ "string" ],
 "vpcId": "string"
 }
 }
 ],
 "buildsNotFound": [ "string" ]
}

[viceice]

ok, Sounds good

[PhilipAbed]

update:
ListBuilds (sorted by order desc/asc + NextToken for pagination) will return last 100 builds every call,
BatchGetBuilds will take the build ids returned from listBuilds, and return the 100 builds info.
after
i found these interesting fields in the response:

the repo name where this build happened
"location": "https://git-codecommit.eu-central-1.amazonaws.com/v1/repos/RenovateTest3",

the branch i believe where this build ran
"sourceVersion": "refs/heads/main",

the build status( see above comment for more info about buildStatus):
"buildStatus": "FAILED",

so we have a way to reach this, in a different way,
we can reach the repo/branch if we see builds, but we cant look at the branch and know what build we are running, its the opposite direction.

[viceice]

can we use ListBuildsForProject to limit the builds for the repo? so we don't get all build for the whole region?

[PhilipAbed]

i actually tested that already, but Project doesn't mean repository, it is a FREE TEXT field that you can fill when you create your build config, you get to fill in the repository + branch down there too but its too long for a big screenshot, here's the field:

[viceice]

thats bad, we should exclude status checks from initial support until we find a proper solution for it. maybe the aws team can provide a new api ?🙃

[PhilipAbed]

i'm planning on asking them, that's why i investigated the current possibilities fully, still waiting for the meeting,
im also not sure about auto-merge, they have another level of verification, the "ApprovalRule" but it seems vague, the only options i see there is: this needs to be approved by 2 approvers or something..
so not sure if we can auto-merge and bypass that or not yet, we'll have to test and see

[PhilipAbed]

adding reviewers is supported!,
we should use the CreatePullRequestApprovalRule Api in order to do that

it supports multiple assignees/Approvers too.

[rarkins]

Regarding getPrList():

• Using the ListPullRequests API, we can only get a list of PR IDs and not the titles, bodies, timestamps, etc
• We can choose to get only open or only closed
• To get full PR details, we must do it one by one once we know the IDs

If someone were to use Renovate with CodeCommit for long they'd build up hundreds or thousands of closed PRs, so fetching this full list for both open and closed would be too inefficient. Therefore I'm considering:

• We fetch only open PRs
• We recommend always limiting concurrent PRs when on CodeCommit (e.g. <10)

This would mean that functionality such as "Close to ignore this PR" is unavailable, because we won't know about closed PRs. Otherwise, most functionality should work.

[PhilipAbed]

@rarkins i like the idea, im just worried about the limitation,
If a user closes a PR, it will be re-opened the next run.
how can the user close PRs which he doesnt want to be re-opened?
won't that cause an Immortal PR?

what's the alternative for "Close to ignore this PR"?
im thinking about Package rules maybe so wanted to ask what do you think

[rarkins]

Yes, it will mean all PRs are immortal. Realistically we need AWS to fix this feature gap so that there is not diminished performance or experience.

[PhilipAbed]

i have tried to use AWS Enterprise account with a low profile user, and i asked for permission from devops for codecommit access.
the access i got is temporary see this:
https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_use-resources.html

so i added support for it using the Environment Variable AWS_SESSION_TOKEN
but i dont think renovate should support this, since its temporary and renovate should be running on daily basis.

should i add support in config as well? WDYT?

[betterPeleg]

And there is

i have tried to use AWS Enterprise account with a low profile user, and i asked for permission from devops for codecommit access. the access i got is temporary see this: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_use-resources.html

so i added support for it using the Environment Variable AWS_SESSION_TOKEN but i dont think renovate should support this, since its temporary and renovate should be running on daily basis.

should i add support in config as well? WDYT?

Is there no way to gain a permanent access?

[PhilipAbed]

Permamenent access is the default. But it comes at the risk of a security breach.
So it should be given only to one user that will run renovate. But for testing purposes i added support to AWS_SESSION_TOKEN environment variable.

i've used
username for access key
password for secret access key
endpoint for http url with region, will use it to extract region

i'm not sure if to add the session token to the config or keep it as an environment support only.
meanwhile i will keep it as environment until i get feedback from the maintainers

[lorengordon]

Supporting AWS_SESSION_TOKEN could be valuable mostly for self-hosted renovate, I'd think.

It's a bit similar as the option I mentioned earlier, relying on the AWS SDK to resolve the credential chain without specifying an access/secret key in the renovate config. That would then work with self-hosted renovate when running with an EC2 instance profile or a Codebuild execution role. That setup also uses temporary credentials that can be refreshed automatically.

[betterPeleg]

hey all,
we have released the CodeCommit-Renovate integration for user-testing.
We invite you to test out the new integration and provide feedback.
To run Renovate with CodeCommit on your repos follow the instructions described here.
make sure to have an up-to-date Renovate version.

[betterPeleg]

@carlosfunk , @jspenguin2017 , @chris2k2 , @jessieweiyi , @olegkrivtsov , @lorengordon

Do any of you guys still have an interest in this feature? would appreciate your feedback

[lorengordon]

I probably won't get a chance to actually run it, but did have a question about this part:

Due to current platform limitations, if you close a PR but don’t want for Renovate to recreate the PR

If I close the PR, but leave the branch behind, will Renovate still recreate the PR? I know Dependabot in that condition will skip that dependency update, no need to change any config. Makes for a nice compromise.

[PhilipAbed]

@lorengordon

the reason behind this is that AWS requires you to pull all pull requests one by one.

so if you have a repository with 2000 pull requests, it will do 2001 client requests

we opened #19427 to give users that option.

[rarkins]

I will now close this issue as completed, as AWS CodeCommit is officially supported