[P1BIGROCKS-2652](https://jira.il2.dso.mil/browse/P1BIGROCKS-2652) Problem Statement: Renovate currently tracks containers in Iron Bank for outdated images. Renovate was built on the assumption that when an application releases, all of the containers are available. With Iron Bank, the images are not approved as a bundle. So, Big Bang ends up with renovate tickets that cannot be worked because not all the images are available. Periodically, each ticket must be manually checked for whether all of the images are available for the upgrade. We have also had customers ask why we are using EOL Proposed Solution: Create a bot/script that can identify the following: 1. What images (used or unused) are included in the Helm Chart for the application? Do we look for `Deployment`, `StatefulSet`, `DaemonSet`, `Pod`, `Job`, and `Cronjob` and backtrace the image? Can Zarf be used for this? Do we maintain a static list? 2. Identify the image tags required for upstream releases 3. Map the upstream image names with image names in Iron Bank 4. Identify if all of the upstream release images are approved in Iron Bank The solution should be able to provide: - The latest release's image tags - The latest image tags from Iron Bank - The upstream release and image tags where all of its images are approved in Iron Bank (this is the latest version Big Bang could upgrade to) - The upstream release and image tags that corresponds to the current package release - Identify if the package could be upgraded to a new release. - Identify what images are currently blocking upgrade to the latest release And, add info to issues: - Add results to renovate issues - Add or remove tags to renovate issues to indicate if issue is blocked or not by Iron Bank images - Schedule issue for next sprint / milestone if upgrade can be achieved. Unschedule issue if blocked by Iron Bank or up-to-date. |Name|Big Bang|Iron Bank Release|Iron Bank Latest|Upstream| |--|--|--|--|--| |Release|2.1.0|2.1.1|N/A|2.1.2| |image1|1.2.5|1.2.5|1.2.6|1.2.6| |image2|1.6.0|1.6.1|1.6.1|1.7.0| Notes: Need to discuss whether this bot/script would completely replace renovate or continue to let renovate do its thing and have this complement it. Renovate creates an MR with the new values. Is that helpful or not since the MR will always have the "latest" values.