mirror of
https://github.com/edgelesssys/constellation.git
synced 2024-10-01 01:36:09 -04:00
85f33b2140
* fix scorecard/pinned-dependencies findings * make renovate update go install Signed-off-by: Fabian Kammel <fk@edgeless.systems>
248 lines
6.6 KiB
JSON
248 lines
6.6 KiB
JSON
{
|
|
"$schema": "https://docs.renovatebot.com/renovate-schema.json",
|
|
"extends": [
|
|
"config:base",
|
|
":preserveSemverRanges",
|
|
"helpers:pinGitHubActionDigests",
|
|
":separateMajorReleases",
|
|
":semanticCommitsDisabled"
|
|
],
|
|
"addLabels": [
|
|
"dependencies"
|
|
],
|
|
"postUpdateOptions": [
|
|
"gomodTidy",
|
|
"gomodUpdateImportPaths"
|
|
],
|
|
"prConcurrentLimit": 4,
|
|
"ignorePaths": [
|
|
"cli/internal/helm/charts/cilium/**",
|
|
"operators/constellation-node-operator/config/manager/kustomization.yaml"
|
|
],
|
|
"ignoreDeps": [
|
|
"github.com/edgelesssys/constellation/v2"
|
|
],
|
|
"packageRules": [
|
|
{
|
|
"matchPackagePatterns": [
|
|
"^k8s.io",
|
|
"^sigs.k8s.io"
|
|
],
|
|
"groupName": "K8s dependencies"
|
|
},
|
|
{
|
|
"matchPackagePatterns": [
|
|
"^go.etcd.io/etcd"
|
|
],
|
|
"groupName": "etcd dependencies"
|
|
},
|
|
{
|
|
"matchPackagePatterns": [
|
|
"^github.com/aws/aws-sdk-go-v2"
|
|
],
|
|
"groupName": "AWS SDK",
|
|
"prPriority": -10
|
|
},
|
|
{
|
|
"matchPackagePatterns": [
|
|
"^github.com/Azure/",
|
|
"^github.com/AzureAD/microsoft-authentication-library-for-go"
|
|
],
|
|
"groupName": "Azure SDK"
|
|
},
|
|
{
|
|
"matchPackagePatterns": [
|
|
"^cloud.google.com/go"
|
|
],
|
|
"groupName": "Google SDK"
|
|
},
|
|
{
|
|
"matchPackagePatterns": [
|
|
"^google.golang.org/genproto"
|
|
],
|
|
"prPriority": -10
|
|
},
|
|
{
|
|
"matchPackagePatterns": [
|
|
"^libvirt.org/go"
|
|
],
|
|
"groupName": "libvirt.org/go"
|
|
},
|
|
{
|
|
"matchDatasources": [
|
|
"golang-version"
|
|
],
|
|
"allowedVersions": "1.19"
|
|
},
|
|
{
|
|
"matchManagers": [
|
|
"pip_requirements"
|
|
],
|
|
"groupName": "Python dependencies"
|
|
},
|
|
{
|
|
"matchManagers": [
|
|
"github-actions"
|
|
],
|
|
"groupName": "GitHub action dependencies",
|
|
"matchUpdateTypes": [
|
|
"minor",
|
|
"patch",
|
|
"pin",
|
|
"pinDigest",
|
|
"digest",
|
|
"lockFileMaintenance",
|
|
"rollback",
|
|
"bump"
|
|
]
|
|
},
|
|
{
|
|
"matchPackageNames": [
|
|
"kubernetes/kubernetes"
|
|
],
|
|
"versioning": "regex:^(?<compatibility>v?\\d+\\.\\d+\\.)(?<patch>\\d+)$",
|
|
"groupName": "Kubernetes versions",
|
|
"prPriority": 15
|
|
},
|
|
{
|
|
"matchPackageNames": [
|
|
"registry.k8s.io/provider-aws/cloud-controller-manager"
|
|
],
|
|
"versioning": "regex:^(?<compatibility>v?\\d+\\.\\d+\\.)(?<patch>\\d+)$",
|
|
"groupName": "K8s constrained AWS versions",
|
|
"prPriority": 15
|
|
},
|
|
{
|
|
"matchPackageNames": [
|
|
"mcr.microsoft.com/oss/kubernetes/azure-cloud-controller-manager",
|
|
"mcr.microsoft.com/oss/kubernetes/azure-cloud-node-manager"
|
|
],
|
|
"versioning": "regex:^(?<compatibility>v?\\d+\\.\\d+\\.)(?<patch>\\d+)$",
|
|
"groupName": "K8s constrained Azure versions",
|
|
"prPriority": 15
|
|
},
|
|
{
|
|
"matchPackageNames": [
|
|
"registry.k8s.io/autoscaling/cluster-autoscaler"
|
|
],
|
|
"versioning": "regex:^(?<compatibility>v?\\d+\\.\\d+\\.)(?<patch>\\d+)$",
|
|
"groupName": "K8s constrained GCP versions",
|
|
"prPriority": 15
|
|
},
|
|
{
|
|
"matchPackageNames": [
|
|
"ghcr.io/edgelesssys/cloud-provider-gcp"
|
|
],
|
|
"versioning": "regex:^(?<compatibility>v\\d+\\.)(?<minor>\\d+)\\.(?<patch>\\d+)$",
|
|
"groupName": "K8s version constrained containers (missing v1 prefix)",
|
|
"prPriority": 15
|
|
},
|
|
{
|
|
"matchPackagePrefixes": [
|
|
"ghcr.io/edgelesssys/constellation/"
|
|
],
|
|
"versioning": "semver",
|
|
"groupName": "Constellation containers",
|
|
"prPriority": 20
|
|
},
|
|
{
|
|
"matchPackageNames": [
|
|
"registry.k8s.io/kas-network-proxy/proxy-agent",
|
|
"registry.k8s.io/kas-network-proxy/proxy-server"
|
|
],
|
|
"versioning": "semver",
|
|
"groupName": "K8s version independent containers",
|
|
"prPriority": 15
|
|
},
|
|
{
|
|
"matchPackageNames": [
|
|
"^k8s.io/client-go"
|
|
],
|
|
"matchUpdateTypes": [
|
|
"major"
|
|
],
|
|
"enabled": false
|
|
},
|
|
{
|
|
"matchLanguages": [
|
|
"python",
|
|
"js",
|
|
"node"
|
|
],
|
|
"prPriority": -20
|
|
},
|
|
{
|
|
"matchManagers": [
|
|
"github-actions"
|
|
],
|
|
"matchPackageNames": [
|
|
"slsa-framework/slsa-github-generator"
|
|
],
|
|
"pinDigests": false
|
|
}
|
|
],
|
|
"regexManagers": [
|
|
{
|
|
"fileMatch": [
|
|
"(^|\\/)versions.go$"
|
|
],
|
|
"matchStrings": [
|
|
" \"(?<depName>[^\"]*?):(?<currentValue>[^\"]*?)@(?<currentDigest>sha256:[a-f0-9]+)\"[^\\n]+\\/\\/ renovate:container"
|
|
],
|
|
"datasourceTemplate": "docker"
|
|
},
|
|
{
|
|
"fileMatch": [
|
|
"(^|\\/)versions.go$"
|
|
],
|
|
"matchStrings": [
|
|
" \"https:\\/\\/storage\\.googleapis\\.com\\/kubernetes-release\\/release\\/(?<currentValue>[^\\/\\s\"]+)\\/[^\"]+\"[^\\n]+\\/\\/ renovate:kubernetes-release",
|
|
" \"(?<currentValue>v\\d+\\.\\d+\\.\\d+)\"[^\\n]+\\/\\/ renovate:kubernetes-release"
|
|
],
|
|
"depNameTemplate": "kubernetes/kubernetes",
|
|
"datasourceTemplate": "github-releases"
|
|
},
|
|
{
|
|
"fileMatch": [
|
|
"(^|\\/)versions.go$"
|
|
],
|
|
"matchStrings": [
|
|
" \"https:\\/\\/github\\.com\\/(?<depName>[^\\/\\s\"]+\\/[^\\/\\s\"]+)\\/releases\\/download\\/(?<currentValue>[^\\/\\s\"]+)\\/[^\"]+\"[^\\n]+\\/\\/ renovate:github-release"
|
|
],
|
|
"datasourceTemplate": "github-releases"
|
|
},
|
|
{
|
|
"fileMatch": [
|
|
"(^|\\/)versions.go$"
|
|
],
|
|
"matchStrings": [
|
|
" \"https:\\/\\/github\\.com\\/kubernetes-sigs\\/cri-tools\\/releases\\/download\\/(?<currentValue>[^\\/\\s\"]+)\\/[^\"]+\""
|
|
],
|
|
"depNameTemplate": "kubernetes-sigs/cri-tools",
|
|
"datasourceTemplate": "github-releases",
|
|
"autoReplaceStringTemplate": " \"https://github.com/kubernetes-sigs/cri-tools/releases/download/{{{newValue}}}/crictl-{{{newValue}}}-linux-amd64.tar.gz\""
|
|
},
|
|
{
|
|
"fileMatch": [
|
|
"versions.go$"
|
|
],
|
|
"matchStrings": [
|
|
" \"https:\\/\\/github\\.com\\/containernetworking\\/plugins\\/releases\\/download\\/(?<currentValue>[^\\/\\s\"]+)\\/[^\"]+\""
|
|
],
|
|
"depNameTemplate": "containernetworking/plugins",
|
|
"datasourceTemplate": "github-releases",
|
|
"autoReplaceStringTemplate": " \"https://github.com/containernetworking/plugins/releases/download/{{{newValue}}}/cni-plugins-linux-amd64-{{{newValue}}}.tgz\""
|
|
},
|
|
{
|
|
"fileMatch": [
|
|
"\\.yaml$",
|
|
"\\.yml$"
|
|
],
|
|
"matchStrings": [
|
|
"go install (?<depName>[^@]+?)@(?<currentValue>[0-9a-f]{40})"
|
|
],
|
|
"datasourceTemplate": "go"
|
|
}
|
|
]
|
|
}
|