From a02fef7c070e14018ee4898f697ed2a5ffb915d0 Mon Sep 17 00:00:00 2001 From: Derek Roberts Date: Thu, 17 Aug 2023 10:58:02 -0700 Subject: [PATCH 01/17] Disable major image updates through Docker --- renovate.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/renovate.json b/renovate.json index f4f81f4..756d87e 100644 --- a/renovate.json +++ b/renovate.json @@ -8,7 +8,7 @@ ":rebaseStalePrs", ":semanticCommits", ":semanticCommitScope(deps)", - "docker:enableMajor", + "docker:disableMajor", "group:linters" ], "onboarding": true, From a33b9fe33355ddbe448d803cde6192cc69744833 Mon Sep 17 00:00:00 2001 From: Derek Roberts Date: Thu, 17 Aug 2023 10:59:59 -0700 Subject: [PATCH 02/17] Disable major image updates through Docker --- renovate.json | 10 ---------- 1 file changed, 10 deletions(-) diff --git a/renovate.json b/renovate.json index 756d87e..af9eb32 100644 --- a/renovate.json +++ b/renovate.json @@ -37,16 +37,6 @@ ], "prConcurrentLimit": 3, "packageRules": [ - { - "matchDatasources": [ - "docker" - ], - "matchPackageNames": [ - "postgis", - "postgres" - ], - "enabled": false - }, { "matchManagers": [ "npm" From 754788f742845abca786581a8508076880e95d00 Mon Sep 17 00:00:00 2001 From: Derek Roberts Date: Thu, 17 Aug 2023 11:03:57 -0700 Subject: [PATCH 03/17] Do not separate patch and minor for the same dep --- renovate.json | 1 + 1 file changed, 1 insertion(+) diff --git a/renovate.json b/renovate.json index af9eb32..24660d4 100644 --- a/renovate.json +++ b/renovate.json @@ -3,6 +3,7 @@ "description": "Default preset for use with Renovate's repos", "extends": [ "config:recommended", + ":combinePatchMinorReleases", ":maintainLockFilesWeekly", ":preserveSemverRanges", ":rebaseStalePrs", From cf80efe8fea48899a43e3e11961248c55aa3716e Mon Sep 17 00:00:00 2001 From: Derek Roberts Date: Thu, 17 Aug 2023 11:05:23 -0700 Subject: [PATCH 04/17] Maintain lockfiles monthly --- renovate.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/renovate.json b/renovate.json index 24660d4..9dccb6e 100644 --- a/renovate.json +++ b/renovate.json @@ -4,7 +4,7 @@ "extends": [ "config:recommended", ":combinePatchMinorReleases", - ":maintainLockFilesWeekly", + ":maintainLockFilesMonthly", ":preserveSemverRanges", ":rebaseStalePrs", ":semanticCommits", From bcbcf980a7619acdabb47a52ade9a26c30693e65 Mon Sep 17 00:00:00 2001 From: Derek Roberts Date: Thu, 17 Aug 2023 11:35:28 -0700 Subject: [PATCH 05/17] Raise PR when vulnerability alerts are detected --- renovate.json | 1 + 1 file changed, 1 insertion(+) diff --git a/renovate.json b/renovate.json index 9dccb6e..e3bca3c 100644 --- a/renovate.json +++ b/renovate.json @@ -4,6 +4,7 @@ "extends": [ "config:recommended", ":combinePatchMinorReleases", + ":enableVulnerabilityAlerts", ":maintainLockFilesMonthly", ":preserveSemverRanges", ":rebaseStalePrs", From 9fd020d94f39b5406999a2d664b8ae74746e7d1b Mon Sep 17 00:00:00 2001 From: Derek Roberts Date: Thu, 17 Aug 2023 11:46:16 -0700 Subject: [PATCH 06/17] Combine all actions dependencies, including major --- renovate.json | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/renovate.json b/renovate.json index e3bca3c..b66e3fc 100644 --- a/renovate.json +++ b/renovate.json @@ -56,12 +56,8 @@ "matchManagers": [ "github-actions" ], - "matchUpdateTypes": [ - "minor", - "patch" - ], - "groupName": "github actions all non-major dependencies", - "groupSlug": "github actions all-minor-patch", + "groupName": "github actions all dependencies", + "groupSlug": "github actions all", "minimumReleaseAge": "3 days" }, { From 52972e1495cf594037a489b40ec791b1bff1253c Mon Sep 17 00:00:00 2001 From: Derek Roberts Date: Thu, 17 Aug 2023 11:59:08 -0700 Subject: [PATCH 07/17] Test --- .github/workflows/renovate.yml | 2 +- renovate.json | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/renovate.yml b/.github/workflows/renovate.yml index b2caafa..e16ab87 100644 --- a/.github/workflows/renovate.yml +++ b/.github/workflows/renovate.yml @@ -35,7 +35,7 @@ jobs: if: github.event_name == 'pull_request' run: | # Dry run and short repo list - cat <<< $(jq '.+= {"dryRun": "full"}' ${{ env.config }}) > ${{ env.config }} + # cat <<< $(jq '.+= {"dryRun": "full"}' ${{ env.config }}) > ${{ env.config }} cat <<< $(jq '. | .repositories = ${{ env.pr_set }}' ${{ env.config }}) > ${{ env.config }} cat ${{ env.config }} | jq .repositories diff --git a/renovate.json b/renovate.json index b66e3fc..4c18a26 100644 --- a/renovate.json +++ b/renovate.json @@ -17,7 +17,7 @@ "platform": "github", "forkProcessing": "disabled", "configMigration": true, - "dependencyDashboard": false, + "dependencyDashboard": true, "prCreation": "not-pending", "rebaseWhen": "behind-base-branch", "repositories": [ From 62eddbbda10f3c4a6d8b7a5390f4a8cf4c846f3b Mon Sep 17 00:00:00 2001 From: Derek Roberts Date: Thu, 17 Aug 2023 12:11:51 -0700 Subject: [PATCH 08/17] Preset: group all non major --- renovate.json | 14 +------------- 1 file changed, 1 insertion(+), 13 deletions(-) diff --git a/renovate.json b/renovate.json index 4c18a26..e25eb85 100644 --- a/renovate.json +++ b/renovate.json @@ -11,6 +11,7 @@ ":semanticCommits", ":semanticCommitScope(deps)", "docker:disableMajor", + "group:allNonMajor", "group:linters" ], "onboarding": true, @@ -39,19 +40,6 @@ ], "prConcurrentLimit": 3, "packageRules": [ - { - "matchManagers": [ - "npm" - ], - "matchUpdateTypes": [ - "minor", - "patch", - "lockFileMaintenance" - ], - "groupName": "npm all non-major dependencies", - "groupSlug": "npm all-minor-patch", - "minimumReleaseAge": "3 days" - }, { "matchManagers": [ "github-actions" From af2be58c222c193a2af9125ff7adab12df30ee3b Mon Sep 17 00:00:00 2001 From: Derek Roberts Date: Thu, 17 Aug 2023 12:12:21 -0700 Subject: [PATCH 09/17] Preset: group definitely typed --- renovate.json | 7 ------- 1 file changed, 7 deletions(-) diff --git a/renovate.json b/renovate.json index e25eb85..ad9242c 100644 --- a/renovate.json +++ b/renovate.json @@ -119,13 +119,6 @@ "nest-winston" ] }, - { - "description": "JS - group @types", - "groupName": "types", - "matchPackagePatterns": [ - "^@types\\/" - ] - }, { "description": "One week stability period for npm packages", "matchDatasources": [ From ecdeb82bfa74c835c061fa3e6da4978d05bd11e0 Mon Sep 17 00:00:00 2001 From: Derek Roberts Date: Thu, 17 Aug 2023 12:13:53 -0700 Subject: [PATCH 10/17] Preset: group react --- renovate.json | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/renovate.json b/renovate.json index ad9242c..90723f1 100644 --- a/renovate.json +++ b/renovate.json @@ -12,7 +12,9 @@ ":semanticCommitScope(deps)", "docker:disableMajor", "group:allNonMajor", - "group:linters" + "group:definitelyTyped", + "group:linters", + "group:react" ], "onboarding": true, "platform": "github", From efb68f408b24e7f0bfe8fd3e39d6988a3258010c Mon Sep 17 00:00:00 2001 From: Derek Roberts Date: Thu, 17 Aug 2023 12:14:42 -0700 Subject: [PATCH 11/17] Preset: group recommended (list) --- renovate.json | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/renovate.json b/renovate.json index 90723f1..824fb42 100644 --- a/renovate.json +++ b/renovate.json @@ -14,7 +14,8 @@ "group:allNonMajor", "group:definitelyTyped", "group:linters", - "group:react" + "group:react", + "group:recommended" ], "onboarding": true, "platform": "github", From 6e001a0527221d01408b4ccbb0c8468ac66c128b Mon Sep 17 00:00:00 2001 From: Derek Roberts Date: Thu, 17 Aug 2023 12:18:45 -0700 Subject: [PATCH 12/17] Preset: multiple angular monorepos --- renovate.json | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/renovate.json b/renovate.json index 824fb42..630c6ed 100644 --- a/renovate.json +++ b/renovate.json @@ -12,6 +12,11 @@ ":semanticCommitScope(deps)", "docker:disableMajor", "group:allNonMajor", + "group:angularMonorepo", + "group:angular-cliMonorepo", + "group:angular-eslintMonorepo", + "group:angularfireMonorepo", + "group:angularjsMonorepo", "group:definitelyTyped", "group:linters", "group:react", From e02bda533cb37fdffe702650f17ac319c2ef5c13 Mon Sep 17 00:00:00 2001 From: Derek Roberts Date: Thu, 17 Aug 2023 12:21:13 -0700 Subject: [PATCH 13/17] Preset: typescript-eslint monorepo --- renovate.json | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/renovate.json b/renovate.json index 630c6ed..35954d7 100644 --- a/renovate.json +++ b/renovate.json @@ -20,7 +20,8 @@ "group:definitelyTyped", "group:linters", "group:react", - "group:recommended" + "group:recommended", + "group:typescript-eslintMonorepo" ], "onboarding": true, "platform": "github", From 52ceb6f1ce87e768742e7158bf554945a5826112 Mon Sep 17 00:00:00 2001 From: Derek Roberts Date: Thu, 17 Aug 2023 12:21:48 -0700 Subject: [PATCH 14/17] Preset: yarn monorepo --- renovate.json | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/renovate.json b/renovate.json index 35954d7..1566b97 100644 --- a/renovate.json +++ b/renovate.json @@ -21,7 +21,8 @@ "group:linters", "group:react", "group:recommended", - "group:typescript-eslintMonorepo" + "group:typescript-eslintMonorepo", + "group:yarnMonorepo" ], "onboarding": true, "platform": "github", From d2ff9b64fd8528d3173b91041a49bb0b8a703777 Mon Sep 17 00:00:00 2001 From: Derek Roberts Date: Thu, 17 Aug 2023 12:22:44 -0700 Subject: [PATCH 15/17] Preset: group monorepos (list) --- renovate.json | 10 ++-------- 1 file changed, 2 insertions(+), 8 deletions(-) diff --git a/renovate.json b/renovate.json index 1566b97..aafd558 100644 --- a/renovate.json +++ b/renovate.json @@ -12,17 +12,11 @@ ":semanticCommitScope(deps)", "docker:disableMajor", "group:allNonMajor", - "group:angularMonorepo", - "group:angular-cliMonorepo", - "group:angular-eslintMonorepo", - "group:angularfireMonorepo", - "group:angularjsMonorepo", "group:definitelyTyped", "group:linters", + "group:monorepos", "group:react", - "group:recommended", - "group:typescript-eslintMonorepo", - "group:yarnMonorepo" + "group:recommended" ], "onboarding": true, "platform": "github", From 8ce2a72f1d17b56ca0c9e0cee4486e7f71023695 Mon Sep 17 00:00:00 2001 From: Derek Roberts Date: Thu, 17 Aug 2023 12:32:05 -0700 Subject: [PATCH 16/17] Test --- .github/workflows/renovate.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/renovate.yml b/.github/workflows/renovate.yml index e16ab87..ba46d12 100644 --- a/.github/workflows/renovate.yml +++ b/.github/workflows/renovate.yml @@ -20,7 +20,8 @@ concurrency: # Variables env: config: renovate.json - pr_set: '["bcgov/nr-renovate", "bcgov/quickstart-openshift"]' + # pr_set: '["bcgov/nr-renovate", "bcgov/quickstart-openshift"]' + pr_set: '["bcgov/nr-spar"]' jobs: Renovate: From eea41d572ccf0c5165c97ab0519776a979caeb20 Mon Sep 17 00:00:00 2001 From: Derek Roberts Date: Thu, 17 Aug 2023 13:07:53 -0700 Subject: [PATCH 17/17] Restore workflow --- .github/workflows/renovate.yml | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/.github/workflows/renovate.yml b/.github/workflows/renovate.yml index ba46d12..b2caafa 100644 --- a/.github/workflows/renovate.yml +++ b/.github/workflows/renovate.yml @@ -20,8 +20,7 @@ concurrency: # Variables env: config: renovate.json - # pr_set: '["bcgov/nr-renovate", "bcgov/quickstart-openshift"]' - pr_set: '["bcgov/nr-spar"]' + pr_set: '["bcgov/nr-renovate", "bcgov/quickstart-openshift"]' jobs: Renovate: @@ -36,7 +35,7 @@ jobs: if: github.event_name == 'pull_request' run: | # Dry run and short repo list - # cat <<< $(jq '.+= {"dryRun": "full"}' ${{ env.config }}) > ${{ env.config }} + cat <<< $(jq '.+= {"dryRun": "full"}' ${{ env.config }}) > ${{ env.config }} cat <<< $(jq '. | .repositories = ${{ env.pr_set }}' ${{ env.config }}) > ${{ env.config }} cat ${{ env.config }} | jq .repositories