Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ci: update renovate config and workflow #4962

Merged
merged 1 commit into from
Aug 15, 2024
Merged

ci: update renovate config and workflow #4962

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
112 changes: 85 additions & 27 deletions .github/renovate.json5
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,45 +1,94 @@
{
// Configuration file for RenovateBot: https://docs.renovatebot.com/configuration-options
extends: ["config:base"],
extends: ["config:recommended", ":semanticCommitTypeAll(build)"],
labels: ["dependencies"], // For convenient searching in GitHub
baseBranches: ["$default", "/^hotfix\\/.*/"],
pip_requirements: {
fileMatch: ["^tox.ini$", "(^|/)requirements([\\w-]*)\\.txt$"]
fileMatch: ["^tox.ini$", "(^|/)requirements([\\w-]*)\\.txt$", "^.pre-commit-config.yaml$"]
},
packageRules: [
{
// Internal package minor patch updates get top priority, with auto-merging
groupName: "internal package minor releases",
matchPackagePatterns: ["^craft-.*"],
matchUpdateTypes: ["minor", "patch", "pin", "digest"],
prPriority: 10,
automerge: true,
minimumReleaseAge: "0 seconds",
schedule: ["at any time"],
matchBaseBranches: ["$default"], // Only do minor releases on main
},
{
// Same as above, but for hotfix branches, only for patch, and without auto-merging.
groupName: "internal package patch releases (hotfix)",
matchPackagePatterns: ["^craft-.*"],
matchUpdateTypes: ["patch", "pin", "digest"],
prPriority: 10,
minimumReleaseAge: "0 seconds",
schedule: ["at any time"],
matchBaseBranches: ["/^hotfix\\/.*/"], // All hotfix branches
},
{
// Automerge patches, pin changes and digest changes.
// Also groups these changes together.
groupName: "bugfixes",
excludePackagePrefixes: ["dev", "lint", "types"],
excludeDepPatterns: ["lint/.*", "types/.*"],
matchUpdateTypes: ["patch", "pin", "digest"],
prPriority: 3, // Patches should go first!
automerge: true
},
{
// Update all internal packages in one higher-priority PR
groupName: "internal packages",
matchPackagePrefixes: ["craft-", "snap-"],
matchLanguages: ["python"],
prPriority: 2
matchDepPatterns: ["craft-.*", "snap-.*"],
matchCategories: ["python"],
prPriority: 2,
matchBaseBranches: ["$default"], // Not for hotfix branches
},
{
// GitHub Actions are higher priority to update than most dependencies.
// GitHub Actions are higher priority to update than most dependencies since they don't tend to break things.
groupName: "GitHub Actions",
matchManagers: ["github-actions"],
prPriority: 1,
automerge: true,
},
// Everything not in one of these rules gets priority 0 and falls here.
{
//Do all pydantic-related updates together
groupName: "pydantic etc.",
matchPackagePatterns: ["^pydantic"],
},
{
// Minor changes can be grouped and automerged for dev dependencies, but are also deprioritised.
groupName: "development dependencies (non-major)",
groupSlug: "dev-dependencies",
matchPackagePrefixes: [
"dev",
"lint",
"types"
matchDepPatterns: [
"dev/.*",
"lint/.*",
"types/.*"
],
matchPackagePatterns: [
// Brought from charmcraft. May not be complete.
// This helps group dependencies in requirements-dev.txt files.
"^(.*/)?autoflake$",
"^(.*/)?black$",
"^(.*/)?codespell$",
"^(.*/)?coverage$",
"^(.*/)?flake8$",
"^(.*/)?hypothesis$",
"^(.*/)?mypy$",
"^(.*/)?pycodestyle$",
"^(.*/)?docstyle$",
"^(.*/)?pyfakefs$",
"^(.*/)?pyflakes$",
"^(.*/)?pylint$",
"^(.*/)?pytest",
"^(.*/)?responses$",
"^(.*/)?ruff$",
"^(.*/)?twine$",
"^(.*/)?tox$",
"^(.*/)?types-",
],
excludePackagePatterns: ["ruff"],
matchUpdateTypes: ["minor", "patch", "pin", "digest"],
prPriority: -1,
automerge: true
Expand All @@ -48,34 +97,39 @@
// Documentation related updates
groupName: "documentation dependencies",
groupSlug: "doc-dependencies",
matchPackageNames: ["Sphinx"],
matchPackagePatterns: ["^[Ss]phinx.*$", "^furo$"],
matchPackagePrefixes: ["docs"],
matchPackageNames: ["Sphinx", "furo"],
matchPackagePatterns: ["[Ss]phinx.*$"],
matchDepPatterns: ["docs/.*"],
matchBaseBranches: ["$default"], // Not for hotfix branches
},
{
// Other major dependencies get deprioritised below minor dev dependencies.
matchUpdateTypes: ["major"],
prPriority: -2
prPriority: -2,
matchBaseBranches: ["$default"], // Not for hotfix branches
},
{
// Major dev dependencies are stone last, but grouped.
groupName: "development dependencies (major versions)",
groupSlug: "dev-dependencies",
matchDepTypes: ["devDependencies"],
matchUpdateTypes: ["major"],
prPriority: -3
prPriority: -3,
matchBaseBranches: ["$default"], // Not for hotfix branches
},
{
// Ruff is still unstable, so update it separately.
groupName: "ruff",
matchPackagePatterns: ["^(lint/)?ruff$"],
prPriority: -3
// Pyright makes regular breaking changes in patch releases, so we separate these
// and do them independently.
matchPackageNames: ["pyright", "types/pyright"],
prPriority: -4,
matchBaseBranches: ["$default"], // Not for hotfix branches
}
],
regexManagers: [
customManagers: [
{
// tox.ini can get updates too if we specify for each package.
fileMatch: ["tox.ini"],
customType: "regex",
depTypeTemplate: "devDependencies",
matchStrings: [
"# renovate: datasource=(?<datasource>\\S+)\n\\s+(?<depName>.*?)(\\[[\\w]*\\])*[=><]=?(?<currentValue>.*?)\n"
Expand All @@ -84,18 +138,22 @@
{
// .pre-commit-config.yaml version updates
fileMatch: [".pre-commit-config.yaml"],
depTypeTemplate: "devDependencies",
customType: "regex",
datasourceTemplate: "pypi",
depTypeTemplate: "lint",
matchStrings: [
"# renovate: datasource=(?<datasource>\\S+);\\s*depName=(?<depName>.*?)\n\s+rev: \"v?(?<currentValue>.*?)\""
"- repo: .*/<(?<depName>\\S+)\\s*\\n\\s*rev:\s+\"?v?(?<currentValue>\\S*)\"?",
]
}
],
timezone: "Etc/UTC",
automergeSchedule: ["every weekend"],
schedule: ["every weekend"],
prConcurrentLimit: 2, // No more than 2 open PRs at a time.
branchConcurrentLimit: 20, // No more than 20 open branches at a time.
prCreation: "not-pending", // Wait until status checks have completed before raising the PR
prNotPendingHours: 4, // ...unless the status checks have been running for 4+ hours.
prHourlyLimit: 1, // No more than 1 PR per hour.
stabilityDays: 2 // Wait 2 days from release before updating.
}
minimumReleaseAge: "2 days",
automergeStrategy: "squash", // Squash & rebase when auto-merging.
semanticCommitType: "build" // use `build` as commit header type (i.e. `build(deps): <description>`)
}
40 changes: 40 additions & 0 deletions .github/workflows/check-renovate.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,40 @@
name: Renovate check
on:
pull_request:
paths:
- ".github/workflows/check-renovate.yaml"
- ".github/renovate.json5"

# Allows triggering the workflow manually from the Actions tab
workflow_dispatch:
inputs:
enable_ssh_access:
type: boolean
description: 'Enable ssh access'
required: false
default: false

jobs:
renovate:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Install node
uses: actions/setup-node@v4
with:
node-version: 22
- name: Install renovate
run: npm install --global renovate
- name: Enable ssh access
uses: mxschmitt/action-tmate@v3
if: ${{ inputs.enable_ssh_access }}
with:
limit-access-to-actor: true
- name: Check renovate config
run: renovate-config-validator .github/renovate.json5
- name: Renovate dry-run
run: renovate --dry-run --autodiscover
env:
RENOVATE_TOKEN: ${{ secrets.GITHUB_TOKEN }}
RENOVATE_USE_BASE_BRANCH_CONFIG: ${{ github.ref }}
Loading