renovate-bot

• Github
• Installing and onboarding Renovate into repositories
• Support

Gitlab

• GitLab platform module
• Automated Dependency Updates for Gitlabci Include
• Automated dependency updates with Renovate Bot integrated into Gitlab CI

Renovate Gitlab howto

Follow the steps of the Official gitlab-runner template

• Create a new project to host the runner
• Create a dedicated gitlab user (i.e. varac-renovate)
  • As the new user, create a GitLab Personal Access Token (scopes: read_user, api and write_repository), named i.d. RENOVATE_TOKEN
  • Add the new Gitlab PAT as CI variable RENOVATE_TOKEN to the new project (Environments: All, Visibility: Masked, Not protected, not expanded)
• Create a Github token with the repo scope and add it to the renovate user's CI/CD variables. "Fine-grained Personal Access Tokens do not support the GitHub GraphQL API and cannot be used with Renovate." This is important otherwise renovate might be rate-limited and MRs will fail.
  • Add the new GitHub token as a CI variable GITHUB_COM_TOKEN to the new project (Environments: All, Visibility: Masked, Not protected, not expanded)
• Add the new user as member to all projects/groups that should get renovates
  • Role: Developer (to create MRs)
• Create a new main pipeline that includes this project's template
• Set up a schedule to run the pipeline regularly owned by the new renovate user

Use renovate docker image locally

docker run --rm -it renovate/renovate bash
  export RENOVATE_REQUIRE_CONFIG=false RENOVATE_PLATFORM=gitlab \
    RENOVATE_ENDPOINT=https://open.greenhost.net/api/v4 \
    RENOVATE_LOG_FILE_LEVEL=debug RENOVATE_TOKEN=XXXX
  renovate --dry-run true --autodiscover=true --autodiscover-filter='stackspin/!(admin-frontend|admin-backend|user-panel|single-sign-on|local-path-provisioner|gitlab-k8s-executor-management|nextcloud)'

Local platform

Use local platform to perform a dry run against the local file system.

podman run --rm -v $(pwd):/usr/src/app --env RENOVATE_PLATFORM=local docker.io/renovate/renovate

Logging / Debug

Search debug log for errors:

grep -Ei '(erorr|denied|fatal|warn)' /tmp/renovate-log.ndjson | grep -Eiv '(warnings\":\[\]| 0 errors )

Update flux2 helmReleases

https://docs.renovatebot.com/modules/manager/flux/

Disable renovate per repo

Edit renovate.json and add { "enabled": false }

Datasources

Helm

• Helm datasource
  • helm datasource now failing with couldn't get index.yaml file

Repology

• Repology datasource

Issues with repology:

• The example in Repology docs show musl-dev but Repology can't find musl-dev Same for python3-dev which is the reason this MR build job fails

Debug/Test configuration options

• Github discussion: How do we debug/test configuration options
  • From this commit:

For me running npx renovate --platform=local helped me check configuration issues (wrongs keys) before going through the steps running the pipeline on GitLab.

Local platform

With the "local" platform you can perform dry runs of Renovate against the local file system. This can be handy when testing a new Renovate configuration for example.