diff --git a/bundles/uds-bundle.yaml b/bundles/uds-bundle.yaml index 114a5be..42ceb56 100644 --- a/bundles/uds-bundle.yaml +++ b/bundles/uds-bundle.yaml @@ -8,7 +8,7 @@ packages: - name: uds-k3d-dev repository: ghcr.io/defenseunicorns/packages/uds-k3d # renovate: datasource=github-tags depName=defenseunicorns/uds-k3d versioning=semver - ref: 0.7.0 + ref: 0.8.0 - name: init repository: ghcr.io/defenseunicorns/packages/init @@ -22,7 +22,7 @@ packages: - name: core-slim-dev path: ../uds-core/build/ # renovate: datasource=github-tags depName=defenseunicorns/uds-core versioning=semver - ref: 0.24.0 + ref: 0.23.0 overrides: keycloak: keycloak: diff --git a/renovate.json b/renovate.json index a257b2c..babc15f 100644 --- a/renovate.json +++ b/renovate.json @@ -1,24 +1,188 @@ { + "enabled": true, + "forkProcessing": "enabled", + "$schema": "https://docs.renovatebot.com/renovate-schema.json", "extends": [ - "github>defenseunicorns/uds-common//config/renovate.json5", - ":semanticCommits", - ":semanticPrefixFixDepsChoreOthers", - "group:all", - "replacements:all", - "workarounds:all" + ":dependencyDashboard", + "config:base", + "helpers:pinGitHubActionDigests" ], - "hostRules": [ - { - "matchHost": "registry1.dso.mil", - "hostType": "docker", - "description": "Encrypted creds for registry1, scoped to this Github org using: https://github.com/renovatebot/renovate/blob/main/docs/usage/configuration-options.md#encrypted", - "encrypted": { - "username": "wcFMA/xDdHCJBTolARAAiYqwOfwkjFnb7ifSRLxTGwyh5K8sUv4LFnEt9+clanU0hAoab9qY+98XLG9F5q+JuNWW9XSRgEYvg21LPhpux+2n+sF/n5UHNEc0X2C9zPVKBzRBu4RoNlsWNdq+wQaznHuw/iKmcDKddB29GTcXAC27ON78ex4jW4GBBEIY75OYfWUVJl3VM8cbK3t5iPNeldmdtS/1rEe8U2tGRdYvkwbMjM1hscHfc5wK06zt8NKz874jpqDYs9jT3FVrJbG9FHoTsrLvC9cEknu1BR3+LrEEV2UTpN+xkLbkCiI9F3rHwwYrAKpm3VDxjieWP2PbAZcazPvqNrC12pR3QrdbIN+6w7Xc9lIOuCcR+nB1mCTaZv4wGYoHmXat/nW58wAHqGzEnkfgfW7/dXvvZPoV/54CW2B8/iEp3oCf/mHk6tM/nlaN0fOcyFuLthD2t3L8bZEU8v88Bpa9sZgQYTg8vO3zGZeXqTznmq8NfseCXezho0syBize/4c7NI67JoVGJGUtOSZ56cNJkmNEhzH3CCKoD+j6shrojQ1yPLFgfxMa1zkp0tcAJ2dMxBbdMiGRKJcnJLRUi3N0z5I+JdydSZlFFj6Y+w7jWs1cff3mTyFCyhK3USyz+pF/ctTwpWixWWR7Zu/I0lqOr90LMri0bjzOf3xWP0eV3Osbi40BmdjScgG2LbZNVbKesnxaKLqzeubgLz9aTVTjHfHWQ753t4Ge/NPq+618M8JXuujYRc/Hw4bm1G7NHTKxPhiHCmDu+wPsNvt+nUvyk9Wb72XHYNdA8bUjV1gHj/1oSc3yGjOyiyaxDUR+nkPB8B+tr1cMWcVczw", - "password": "wcFMA/xDdHCJBTolAQ/9FqgG7wEhIpomA4DpTgDIQdShdkpUHxRCAaOXOaYamKxmyqQgX0N55hVvMt100/JK0AomtTehrWjsyYmvOA5bi2QqkJgEu7Vk/Nyg+CeJj27lZnbZ2wkWhIPUUZKbnGzNg8vmFqeSbI/nhcwwG+1Iiy06pBf/NB1V8KeezD3ICPJAe7HfW5FYDpuAnqo4ktagTEcmKp9bSztAEmNVgS325mE+SB5oGI7zZre4WLDmYCcawCJfwE2HqiWp9E42oiyEgsAa2RNmy/9RLMRq8QmAJY9UuAMDgyRUKh1bVEh2rhg3pV8N8ImqD8a7y/b5HOH5SE1b459K7rUACimJf8GtQtuUmU3bEhhYzafbN8sB6PByOgWEqPKvcCffLghCzsene4lOyie48rC0UZSTRrNiebcLLeJTnkQsUNm8x6GN34mZU4qkBam7Isvdyc7BcSo2rvMbsuMJEuns8Ua3TQlAab1PXofHjwf7aDPee4hLtJsR75IdeWA3mhPKo2hnZ08cBDwhsB7aXYxrH3rXAbPx7FvgcxGA73gCFwNXLf6S2xHb+D7C/ny4z9XhIQk4BrxKlmPFlfpELoijHQ34VBilM/XkeICbtBJghE31X3Ef/LZdLBsR9gvT4nK+zRRLVnEqndO4YkHFOjwKWQxyaGmN+ZE5gSbPx0R1EBo7vM48merSdgGRZxfF5OodxM/b3+xxBe6CXqi5yYVeNf/Op/lH/5baX6LUQCYHSNPXPHMstFYQm9QBwn6rA2aOYXojRehYwj8ymQo0wJ0TgVtGHDu+ODhTiPjZV1Mm7vVkucl63FLCDe7odIAgNVMBRInDbGYhKmA+I7To1gU" + "reviewersFromCodeOwners": false, + "timezone": "America/New_York", + "rebaseStalePrs": true, + "dependencyDashboard": true, + "dependencyDashboardTitle": "Renovate Dashboard 🤖", + "rebaseWhen": "conflicted", + "commitBodyTable": true, + "suppressNotifications": ["prIgnoreNotification"], + "pre-commit": { + "enabled": true + }, + "helm-values": { + "fileMatch": [".*\\.ya?ml$"] + }, + "kubernetes": { + "fileMatch": [".*\\.ya?ml$"], + "ignorePaths": [ + ".github" + ] + }, + "regexManagers": [ + { + "fileMatch": [".*(\\.ya?ml|\\.json)$"], + "matchStrings": [ + "https:\\/\\/raw\\.githubusercontent\\.com\\/(?[^\\/]+\\/[^\\/]+)\\/(?[^\\/]+)" + ], + "datasourceTemplate": "github-tags" + }, + { + "fileMatch": [".*(\\.ya?ml|\\.json)$"], + "matchStrings": [ + "https:\\/\\/github\\.com\\/(?[^\\/]+\\/[^\\/]+)\\/raw\\/(?[^\\/]+)" + ], + "datasourceTemplate": "github-tags" + }, + { + "fileMatch": [".*(\\.ya?ml|\\.json)$"], + "matchStrings": [ + "https:\\/\\/github\\.com\\/(?[^\\/]+\\/[^\\/]+)\\/releases\\/download\\/(?[^\\/]+)" + ], + "datasourceTemplate": "github-tags" + }, + { + "fileMatch": [".*(\\.ya?ml|\\.json)$"], + "matchStrings": [ + "npm install ([\\w\\- ]+ )?(?@?[^\\s]*?)@(?[^\\s]+)" + ], + "datasourceTemplate": "npm" + }, + { + "fileMatch": [".*\\.ya?ml$"], + "matchStrings": [ + "# renovate: datasource=(?.*?) depName=(?.*?)( versioning=(?.*?))?( extractVersion=(?.*?))?( registryUrl=(?.*?))?\\s.*:\\s*['\"]?(?[v0-9].*?)['\"]?(\\s|$)" + ], + "extractVersionTemplate": "{{#if extractVersion}}{{{extractVersion}}}{{else}}^(?.*)${{/if}}" + }, + { + "fileMatch": [".*\\.ya?ml$", ".*\\.sh$", ".*\\.?Dockerfile$"], + "matchStrings": [ + "# renovate: datasource=(?.*?) depName=(?.*?)( versioning=(?.*?))?( extractVersion=(?.*?))?( registryUrl=(?.*?))?\\s.*[A-Z]+=['\"]?(?[v0-9].*?)['\"]?(\\s|$)" + ], + "extractVersionTemplate": "{{#if extractVersion}}{{{extractVersion}}}{{else}}^(?.*)${{/if}}" + }, + { + "fileMatch": [".*\\.ya?ml$"], + "matchStrings": [ + "# renovate: datasource=(?.*?) depName=(?.*?)( versioning=(?.*?))?\\s.*brew.*@\\s*['\"]?(?[v0-9].*?)['\"]?(\\s|$)" + ], + "extractVersionTemplate": "^v(?.*)$" + }, + { + "fileMatch": ["\\.*\\.ya?ml$"], + "matchStrings": [ + "# renovate: image=(?.*?)\\s*image:\\s.*:(?[^\\s\"]*)" + ], + "datasourceTemplate": "docker" + }, + { + "fileMatch": [ "(^|/)zarf\\.ya?ml$" ], + "matchStrings": [ + "- ['\"]?(?[^\"'\\s]+):(?[^\"'\\s]+)['\"]?( # renovate:( versioning=(?.*?))?( extractVersion=(?.*?))?)?(\\s|$)" + ], + "extractVersionTemplate": "{{#if extractVersion}}{{{extractVersion}}}{{else}}^(?.*)${{/if}}", + "datasourceTemplate": "docker" + }, + { + "fileMatch": [ "(^|/)zarf\\.ya?ml$" ], + "matchStringsStrategy": "recursive", + "matchStrings": [ + "(?m)charts:(.|\\n)*?(^\\s{4}[\\w:]+|\\n$|^\\s{2}-)", + "(?m)name:(.|\\n)+?(^\\s{4}[\\w\\-:]+|\\n$|^\\s{2}-|^\\s{6}-)", + "(?m)name: [\"']?(?.+?)[\"']?$(.|\\n)*?version: [\"']?(?.+?)[\"']?$(.|\\n)*?url: [\"']?(?(https|http|file):\\/\\/.+?)[\"']?$" + ], + "datasourceTemplate": "helm" + }, + { + "fileMatch": [ "(^|/)zarf.yaml$" ], + "matchStringsStrategy": "recursive", + "matchStrings": [ + "(?m)charts:(.|\\n)*?(^\\s{4}[\\w:]+|\\n$|^\\s{2}-)", + "(?m)name:(.|\\n)+?(^\\s{4}[\\w\\-:]+|\\n$|^\\s{2}-|^\\s{6}-)", + "(?m)name: [\"']?(?.+?)[\"']?$(.|\\n)*?url: [\"']?(?(https|http|file):\\/\\/.+?)[\"']?$(.|\\n)*?version: [\"']?(?.+?)[\"']?$" + ], + "datasourceTemplate": "helm" + }, + { + "fileMatch": [ "(^|/)zarf\\.ya?ml$" ], + "matchStringsStrategy": "recursive", + "matchStrings": [ + "(?m)charts:(.|\\n)*?(^\\s{4}[\\w:]+|\\n$|^\\s{2}-)", + "(?m)name:(.|\\n)+?(^\\s{4}[\\w\\-:]+|\\n$|^\\s{2}-|^\\s{6}-)", + "(?m)name:(.|\\n)*?version: [\"']?(?.+?)[\"']?$(.|\\n)*?url: [\"']?(?.+?\\.git)[\"']?$" + ], + "datasourceTemplate": "git-tags" + }, + { + "fileMatch": [ "(^|/)zarf.yaml$" ], + "matchStringsStrategy": "recursive", + "matchStrings": [ + "(?m)charts:(.|\\n)*?(^\\s{4}[\\w:]+|\\n$|^\\s{2}-)", + "(?m)name:(.|\\n)+?(^\\s{4}[\\w\\-:]+|\\n$|^\\s{2}-|^\\s{6}-)", + "(?m)name:(.|\\n)*?url: [\"']?(?.+?\\.git)[\"']?$(.|\\n)*?version: [\"']?(?.+?)[\"']?$" + ], + "datasourceTemplate": "git-tags" + }, + { + "fileMatch": [ "(^|/)zarf\\.ya?ml$" ], + "matchStringsStrategy": "recursive", + "matchStrings": [ + "(?m)charts:(.|\\n)*?(^\\s{4}[\\w:]+|\\n$|^\\s{2}-)", + "(?m)name:(.|\\n)+?(^\\s{4}[\\w\\-:]+|\\n$|^\\s{2}-|^\\s{6}-)", + "(?m)name:(.|\\n)*?version: [\"']?(?.+?)[\"']?$(.|\\n)*?url: [\"']?oci:\\/\\/(?.+?)[\"']?$" + ], + "datasourceTemplate": "docker" + }, + { + "fileMatch": [ "(^|/)zarf.yaml$" ], + "matchStringsStrategy": "recursive", + "matchStrings": [ + "(?m)charts:(.|\\n)*?(^\\s{4}[\\w:]+|\\n$|^\\s{2}-)", + "(?m)name:(.|\\n)+?(^\\s{4}[\\w\\-:]+|\\n$|^\\s{2}-|^\\s{6}-)", + "(?m)name:(.|\\n)*?url: [\"']?oci:\\/\\/(?.+?)[\"']?$(.|\\n)*?version: [\"']?(?.+?)[\"']?$" + ], + "datasourceTemplate": "docker" + }, + { + "fileMatch": [ "(^|/)zarf\\.ya?ml$" ], + "matchStringsStrategy": "recursive", + "matchStrings": [ + "(?m)manifests:(.|\\n)*?(^\\s{4}[\\w:]+|\\n$|^\\s{2}-)", + "(?m)name:(.|\\n)+?(^\\s{4}[\\w\\-:]+|\\n$|^\\s{2}-|^\\s{6}-)", + "(?m)name:(.|\\n)*?kustomizations:(.|\n)*?- [\"']?github.com\\/(?.+?)\\/\\/.*\\?ref=(?.+?)[\"']?$" + ], + "datasourceTemplate": "github-tags" + }, + { + "fileMatch": [ "(^|/)uds-bundle.yaml$" ], + "matchStringsStrategy": "recursive", + "matchStrings": [ + "(?m)repository: [\"']?(?.+?)[\"']?$(.)*(\n.*){0,2}ref: [\"']?(?.+?)[\"']?$" + ], + "datasourceTemplate": "docker" + }, + { + "fileMatch": ["^tasks.ya?ml$", "^tasks/.*\\.ya?ml$", "^\\.vscode/settings\\.json$"], + "matchStrings": [ + "https:\\/\\/raw\\.githubusercontent\\.com\\/(?[^\\/]+\\/[^\\/]+)\\/(?[^\\/]+)" + ], + "datasourceTemplate": "github-tags" } - } ], "packageRules": [ + { + "matchPackageNames": ["registry1.dso.mil/ironbank/big-bang/base"], + "allowedVersions": "!/8.4/" + }, { "datasources": ["helm"], "commitMessageTopic": "Helm chart {{depName}}", @@ -61,20 +225,15 @@ "updateTypes": ["patch"], "labels": ["renovate/helm-release", "dependency/patch"] }, - { + { "description": "Group Github Actions and vscode/settings.json updates.", "matchPaths": [".github/**", ".vscode/settings.json"], "groupName": "GHA-DEPS" - } - ], - "regexManagers":[ + }, { - "fileMatch": ["^tasks.ya?ml$", "^tasks/.*\\.ya?ml$", "^\\.vscode/settings\\.json$"], - "matchStrings": [ - "https:\\/\\/raw\\.githubusercontent\\.com\\/(?[^\\/]+\\/[^\\/]+)\\/(?[^\\/]+)" - ], - "versioningTemplate": "semver-coerced", - "datasourceTemplate": "github-tags" - } + "description": "Group updates in src/plugin/pom.xml file into keycloak-updates group.", + "matchPaths": ["src/plugin/pom.xml"], + "groupName": "keycloak-updates" + } ] -} +} \ No newline at end of file diff --git a/tasks.yaml b/tasks.yaml index 9010017..5856629 100644 --- a/tasks.yaml +++ b/tasks.yaml @@ -12,7 +12,7 @@ variables: - name: CORE_VERSION description: UDS Core Version for Releases and Clone # renovate: datasource=github-tags depName=defenseunicorns/uds-core versioning=semver - default: "v0.24.0" + default: "v0.23.0" tasks: - name: build-and-publish