chore: Configure Renovate #320

elastic-renovate-prod · 2024-08-09T10:55:28Z

Welcome to Renovate! This is an onboarding PR to help you understand and configure settings before regular Pull Requests begin.

🚦 To activate Renovate, merge this Pull Request. To disable Renovate, simply close this Pull Request unmerged.

Detected Package Files

packages/mockotlpserver/Dockerfile (dockerfile)
packages/mockotlpserver/share/k8s/example-app-manual/Dockerfile (dockerfile)
.github/workflows/labeler.yml (github-actions)
.github/workflows/lint.yml (github-actions)
.github/workflows/release-mockotlpserver.yml (github-actions)
.github/workflows/release.yml (github-actions)
.github/workflows/test.yml (github-actions)
package.json (npm)
packages/mockotlpserver/package.json (npm)
packages/mockotlpserver/share/k8s/example-app-manual/package.json (npm)
packages/opentelemetry-node/package.json (npm)
packages/mockotlpserver/Dockerfile (regex)
packages/mockotlpserver/share/k8s/example-app-manual/Dockerfile (regex)
packages/mockotlpserver/Dockerfile (regex)
packages/mockotlpserver/share/k8s/example-app-manual/Dockerfile (regex)

Configuration Summary

Based on the default config's presets, Renovate will:

Start dependency updates only once this onboarding PR is merged
Chainguard Renovate configuration (https://ela.st/wolfi)
Chainguard Renovate configuration (https://ela.st/wolfi)
Enable Renovate Dependency Dashboard creation.
Use semantic commit type fix for dependencies and chore for all others if semantic commits are in use.
Ignore node_modules, bower_components, vendor and various test/tests directories.
Group known monorepo packages together.
Use curated list of recommended non-monorepo package groupings.
Apply crowd-sourced package replacement rules.
Apply crowd-sourced workarounds for known problems with packages.
Pin Docker digests.
Pin github-action digests.
Pin dependency versions for devDependencies.
Preset with best practices from the Renovate maintainers. Recommended for advanced users, who want to follow our best practices.
Shared Renovate configuration for an out-of-the-box set of defaults for Renovate at Elastic

🔡 Do you want to change how Renovate upgrades your dependencies? Add your custom config to renovate.json in this branch. Renovate will update the Pull Request description the next time it runs.

What to Expect

With your current configuration, Renovate will create 17 Pull Requests:

chore(deps): pin dependencies

Schedule: ["at any time"]
Branch name: renovate/pin-dependencies
Merge into: main
Pin @aws-sdk/client-dynamodb to 3.651.1
Pin @aws-sdk/client-s3 to 3.651.1
Pin @aws-sdk/client-sns to 3.651.1
Pin @aws-sdk/client-sqs to 3.651.1
Pin @grpc/grpc-js to 1.11.1
Pin @grpc/proto-loader to 0.7.13
Pin @hapi/hapi to 21.3.10
Pin @opentelemetry/api to 1.9.0
Pin @types/node to 22.5.5
Pin @types/tape to 5.6.4
Upgrade actions/checkout to 692973e3d937129bcbf40652eb9f2f61becf3332
Upgrade actions/github-script to 60a0d83039c74a4aee543508d2ffcb1c3799cdea
Upgrade actions/setup-node to 0a44ba7841725637a19e28fa30b79a866c81b0a6
Pin bunyan to 1.8.15
Pin dependency-check to 4.1.0
Pin dotenv to 16.4.5
Upgrade elastic/apm-pipeline-library to 0abb7c92aa7ed263e7d896db50a1ad3389c3fca1
Upgrade elastic/oblt-actions to 5dc589756c6d6efb6a4fc772fdca4b465f60f73c
Pin eslint to 8.57.0
Pin eslint-config-prettier to 9.1.0
Pin eslint-plugin-import to 2.29.1
Pin eslint-plugin-license-header to 0.6.1
Pin eslint-plugin-n to 16.6.2
Pin eslint-plugin-prettier to 5.1.3
Pin eslint-plugin-promise to 6.1.1
Pin express to 4.21.0
Pin fastify to 4.28.1
Pin glob to 10.4.5
Pin ioredis to 5.4.1
Pin json to 11.0.0
Upgrade mcr.microsoft.com/mssql/server to sha256:8ca3956bcb1f3373e5b04f946a527abb24c07655c2044bd5c9c8852d02fbec7c
Pin minimatch to 9.0.5
Pin module-details-from-path to 1.0.3
Upgrade mongo to sha256:244afb1488edfc42aaa8ffa6153393bbc075d63516ab0305daa2eaa35241eb52
Pin mongodb to 6.9.0
Upgrade node to sha256:02376a266c84acbf45bd19440e08e48b1c8b98037417334046029ab585de03e2
Pin pg to 8.12.0
Pin pino to 9.4.0
Upgrade postgres to sha256:026d0ab72b34310b68160ab9299aa1add5544e4dc3243456b94f83cb1c119c2c
Pin protobufjs-cli to 1.1.3
Pin redis to 4.7.0
Upgrade redis to sha256:eadf354977d428e347d93046bb1a5569d701e8deb68f090215534a99dbcb23b9
Pin semver to 7.6.3
Pin tape to 5.9.0
Pin tedious to 18.6.1
Pin typescript to 4.9.5
Pin undici to 6.19.8
Pin winston to 3.14.2

fix(deps): update dependency @grpc/grpc-js to v1.11.3

Schedule: ["at any time"]
Branch name: renovate/grpc-grpc-js-1.x-lockfile
Merge into: main
Upgrade @grpc/grpc-js to 1.11.3

chore(deps): update aws-sdk-js-v3 monorepo

Schedule: ["at any time"]
Branch name: renovate/aws-sdk-js-v3-monorepo
Merge into: main
Upgrade @aws-sdk/client-dynamodb to ^3.656.0
Upgrade @aws-sdk/client-s3 to ^3.654.0
Upgrade @aws-sdk/client-sns to ^3.654.0
Upgrade @aws-sdk/client-sqs to ^3.654.0

chore(deps): update dependency eslint-plugin-import to ^2.30.0

Schedule: ["at any time"]
Branch name: renovate/eslint-plugin-import-2.x
Merge into: main
Upgrade eslint-plugin-import to ^2.30.0

chore(deps): update dependency eslint-plugin-prettier to ^5.2.1

Schedule: ["at any time"]
Branch name: renovate/eslint-plugin-prettier-5.x
Merge into: main
Upgrade eslint-plugin-prettier to ^5.2.1

chore(deps): update dependency eslint-plugin-promise to ^6.6.0

Schedule: ["at any time"]
Branch name: renovate/eslint-plugin-promise-6.x
Merge into: main
Upgrade eslint-plugin-promise to ^6.6.0

chore(deps): update elastic/oblt-actions action to v1.16.0

Schedule: ["at any time"]
Branch name: renovate/elastic-oblt-actions-1.x
Merge into: main
Upgrade elastic/oblt-actions to 1e369e6c3936dd35ed0612fd67e6e8e2239dc40f

fix(deps): update dependency safe-stable-stringify to v2.5.0

Schedule: ["at any time"]
Branch name: renovate/safe-stable-stringify-2.x-lockfile
Merge into: main
Upgrade safe-stable-stringify to 2.5.0

chore(deps): update dependency eslint to v9

Schedule: ["at any time"]
Branch name: renovate/major-eslint-monorepo
Merge into: main
Upgrade eslint to ^9.0.0

chore(deps): update dependency eslint-plugin-n to v17

Schedule: ["at any time"]
Branch name: renovate/eslint-plugin-n-17.x
Merge into: main
Upgrade eslint-plugin-n to ^17.0.0

chore(deps): update dependency eslint-plugin-promise to v7

Schedule: ["at any time"]
Branch name: renovate/eslint-plugin-promise-7.x
Merge into: main
Upgrade eslint-plugin-promise to ^7.0.0

chore(deps): update dependency fastify to v5

Schedule: ["at any time"]
Branch name: renovate/fastify-5.x
Merge into: main
Upgrade fastify to ^5.0.0

chore(deps): update dependency glob to v11

Schedule: ["at any time"]
Branch name: renovate/glob-11.x
Merge into: main
Upgrade glob to ^11.0.0

chore(deps): update dependency minimatch to v10

Schedule: ["at any time"]
Branch name: renovate/minimatch-10.x
Merge into: main
Upgrade minimatch to ^10.0.0

chore(deps): update dependency typescript to v5

Schedule: ["at any time"]
Branch name: renovate/typescript-5.x
Merge into: main
Upgrade typescript to ^5.0.0

chore(deps): update mongo docker tag to v8

Schedule: ["at any time"]
Branch name: renovate/mongo-8.x
Merge into: main
Upgrade mongo to sha256:a3d0dec40b95df592c7e7eef603019ba03b164998c3b394739e0dd4cd45d490d

chore(deps): update node.js to v20

Schedule: ["at any time"]
Branch name: renovate/node-20.x
Merge into: main
Upgrade node to sha256:2d07db07a2df6830718ae2a47db6fedce6745f5bcd174c398f2acdda90a11c03

🚸 Branch creation will be limited to maximum 2 per hour, so it doesn't swamp any CI resources or overwhelm the project. See docs for prhourlylimit for details.

❓ Got questions? Check out Renovate's Docs, particularly the Getting Started section.
If you need any further assistance then you can also request help here.

This PR has been generated by Renovate Bot.

v1v · 2024-08-09T14:26:36Z

dependabot is available, hence I close this

trentm · 2024-08-09T15:12:20Z

dependabot is available, hence I close this

@v1v Note that I think Renovate is the only option to update Dockerfile.wolfi images from docker.elastic.co. At least I think so. If/when we create Docker images from this repo and want to use Wolfi/Chainguard images, I think we may want this. Anyway, I assume we can come back later when that is relevant. Currently this repo has no need for Renovate.

v1v · 2024-08-09T15:35:52Z

renovate.json

+{
+  "$schema": "https://docs.renovatebot.com/renovate-schema.json",
+  "extends": [
+    "local>elastic/renovate-config"


To support the chainguard images only:

Suggested change

"local>elastic/renovate-config"

"github>elastic/renovate-config:only-chainguard"

trentm · 2024-08-09T17:03:23Z

Thanks. I propose leaving this PR open and not merged until we do have a Dockerfile.wolfi to publish -- which is expected to come with #255 work.

Add renovate.json

4caf9e5

github-actions bot added community triage labels Aug 9, 2024

v1v closed this Aug 9, 2024

v1v reopened this Aug 9, 2024

v1v reviewed Aug 9, 2024

View reviewed changes

trentm removed the community label Aug 13, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore: Configure Renovate #320

chore: Configure Renovate #320

elastic-renovate-prod bot commented Aug 9, 2024 •

edited

Loading

v1v commented Aug 9, 2024

trentm commented Aug 9, 2024

v1v Aug 9, 2024

trentm commented Aug 9, 2024

	"local>elastic/renovate-config"
	"github>elastic/renovate-config:only-chainguard"

chore: Configure Renovate #320

Are you sure you want to change the base?

chore: Configure Renovate #320

Conversation

elastic-renovate-prod bot commented Aug 9, 2024 • edited Loading

Detected Package Files

Configuration Summary

What to Expect

v1v commented Aug 9, 2024

trentm commented Aug 9, 2024

v1v Aug 9, 2024

Choose a reason for hiding this comment

trentm commented Aug 9, 2024

elastic-renovate-prod bot commented Aug 9, 2024 •

edited

Loading