UNCLASSIFIED - NO CUI

Skip to content

Updating Renovate postupgradetasks

Cody Williams requested to merge renovate_postupgrade into main

Updated Renovate to utilize new postupgrade tasks. Tested using following instructions:

  1. Create repository under user namespace to test renovate tasks (package-test in example) and clone locally
  2. Pull down minio branch (renovate_postupgrade) and place in new local repository rsync -av --exclude=".*" . ~/<BIGBANG_DIR>/package-test
  3. Edit copied chart/Chart.yaml and set annotations: bigbang.dev/applicationVersions: back to some lower value than current. This will allow renovate to act. Also drop the version of any annotations for the same application within the chart file
  4. Commit changes and push to branch under user namespace (package-test)
  5. Attempt to run a Docker container with Renovate and execute the subsequent commands. Modify volume mounts to match local resources for pipeline-templates projects and renovate-runner projects, which must be cloned from their respective repos. renovate-config.js should also be customized with personal account information and placed in an overrides folder
docker run --rm -it -v /var/run/docker.sock:/var/run/docker.sock -v ~/bigbang-projects/pipeline-templates/renovate-runner/scripts:/usr/src/app/scripts -v ~/bigbang-projects/overrides/renovate-config.js:/usr/src/app/config.js -v ~/bigbang-projects/pipeline-templates/pipeline-templates/library/templates.sh:/usr/src/app/templates.sh registry1.dso.mil/ironbank/container-hardening-tools/renovate/renovate:32.38.0 bash

export PATH=/usr/src/app/scripts:$PATH

renovate
  1. Validate that an issue was correctly created in your local project, with a related merge request which updated:
  • the chart/Chart.yaml annotation for bigbang.dev/applicationVersions: Minio (performed by renovate)
  • the chart/Chart.yaml Version (bump-chart-yaml) (incremented patch by 1, due to the version being handled internally)
  • the chart/Chart.yaml appVersion (bump-chart-yaml) (incremented patch by 1, due to the version being handled internally)
  • README.md was regenerated (regenerate-helm-docs-postupgrade)
  • CHANGELOG.md should have a new entry stating that the appVersion of the primary resource was updated (bump-changelog) and any renovate change actions completed

Merge request reports

UNCLASSIFIED - NO CUI