Skip to content

Commit

Permalink
chore(renovate): use upstream matchers to update bundled binaries
Browse files Browse the repository at this point in the history
This is Tanka's version of [a `shared-workflows` change][change]. I
noticed that Renovate has [built-in managers][managers] for substituting
versions of things. Here we switch to using those and apply these
consistently in our `Dockerfile` so we're keeping `kubectl`, `jb` (now
downloaded instead of built)`, `helm` and `kustomize` up to date.

Additionally this fixes and enables keeping of Renovate's own version up
to date too.

[change]: grafana/shared-workflows#647
[managers]: https://docs.renovatebot.com/presets-customManagers
  • Loading branch information
iainlane committed Dec 12, 2024
1 parent feac755 commit a393cd1
Show file tree
Hide file tree
Showing 4 changed files with 38 additions and 74 deletions.
62 changes: 6 additions & 56 deletions .github/renovate-config.json5
Original file line number Diff line number Diff line change
@@ -1,65 +1,15 @@
{
$schema: "https://docs.renovatebot.com/renovate-schema.json",
branchPrefix: "grafanarenovatebot/",
customDatasources: {
"kubectl": {
"defaultRegistryUrlTemplate": "https://cdn.dl.k8s.io/release/stable.txt",
"format": "plain",
"transformTemplates": [
"{\"releases\": [releases . {\"version\": $substring(version, 1)}]}",
],
},
"helm": {
"defaultRegistryUrlTemplate": "https://api.github.com/repos/helm/helm/releases",
"format": "json",
"transformTemplates": [
"{\"releases\": [$.tag_name . {\"version\": $substring($, 1)}]}",
],
},
"kustomize": {
"defaultRegistryUrlTemplate": "https://api.github.com/repos/kubernetes-sigs/kustomize/releases",
"format": "json",
"transformTemplates": [
"{\"releases\": [$$ [$match(tag_name, /kustomize.*/) and $not(draft) and $not(prerelease) ] . {\"version\": $substringAfter(tag_name, \"/v\")}]}",
],
},
},

customManagers: [
{
"customType": "regex",
"fileMatch": ["Dockerfile"],
"matchStrings": [
"ARG KUBECTL_VERSION=(?<currentValue>\\S+)",
],
"datasourceTemplate": "custom.kubectl",
"depNameTemplate": "kubectl",
},
{
"customType": "regex",
"fileMatch": ["Dockerfile"],
"matchStrings": [
"ARG HELM_VERSION=(?<currentValue>\\S+)",
],
"datasourceTemplate": "custom.helm",
"depNameTemplate": "helm",
"versioningTemplate": "semver",
},
{
"customType": "regex",
"fileMatch": ["Dockerfile"],
"matchStrings": [
"ARG KUSTOMIZE_VERSION=(?<currentValue>\\S+)",
],
"datasourceTemplate": "custom.kustomize",
"depNameTemplate": "kustomize",
"versioningTemplate": "semver",
},
],
dependencyDashboard: false,
enabledManagers: ["custom.regex"],
forkProcessing: "enabled",
globalExtends: [":pinDependencies", "config:best-practices"],
globalExtends: [
":pinDependencies",
"config:best-practices",
"customManagers:dockerfileVersions",
"customManagers:githubActionsVersions",
],
onboarding: false,
osvVulnerabilityAlerts: true,
packageRules: [
Expand Down
5 changes: 3 additions & 2 deletions .github/workflows/renovate.yml
Original file line number Diff line number Diff line change
Expand Up @@ -63,8 +63,7 @@ jobs:
uses: renovatebot/github-action@e3a862510f27d57a380efb11f0b52ad7e8dbf213 # v41.0.6
with:
configurationFile: .github/renovate-config.json5
# renovate: datasource=docker depName=ghcr.io/renovatebot/renovate
renovate-version: 39.42.4@sha256:c5d718e312cdacc0746e37f13c215ff498be28c51e50efd24c070ae29f5b636a
renovate-version: ${{ env.RENOVATE_VERSION}}
token: ${{ steps.generate-token.outputs.token }}
env:
LOG_LEVEL: ${{ github.event_name == 'pull_request' && 'debug' || 'info' }}
Expand All @@ -77,3 +76,5 @@ jobs:
RENOVATE_PLATFORM: github
RENOVATE_REPOSITORIES: ${{ github.repository }}
RENOVATE_USERNAME: GrafanaRenovateBot
# renovate: datasource=docker depName=ghcr.io/renovatebot/renovate
RENOVATE_VERSION: 39.42.4@sha256:c5d718e312cdacc0746e37f13c215ff498be28c51e50efd24c070ae29f5b636a
42 changes: 26 additions & 16 deletions Dockerfile
Original file line number Diff line number Diff line change
@@ -1,48 +1,58 @@
# base stage for downloading binaries
FROM golang:1.23.4-alpine3.21 AS base
RUN apk add --no-cache curl


# download kubectl
FROM golang:1.23.4-alpine AS kubectl
FROM base AS kubectl
# renovate: datasource=github-releases packageName=kubernetes/kubernetes
ARG KUBECTL_VERSION=1.32.0
RUN apk add --no-cache curl
RUN export OS=$(go env GOOS) && \
export ARCH=$(go env GOARCH) &&\
curl -o /usr/local/bin/kubectl -L https://cdn.dl.k8s.io/release/v${KUBECTL_VERSION}/bin/${OS}/${ARCH}/kubectl &&\
chmod +x /usr/local/bin/kubectl

# build jsonnet-bundler
FROM golang:1.23.4-alpine AS jb
# download jsonnet-bundler
FROM base AS jb
WORKDIR /tmp
RUN apk add --no-cache git make bash &&\
git clone https://github.com/jsonnet-bundler/jsonnet-bundler &&\
ls /bin &&\
cd jsonnet-bundler &&\
make static &&\
mv _output/jb /usr/local/bin/jb
# renovate: datasource=github-releases packageName=jsonnet-bundler/jsonnet-bundler
ARG JB_VERSION=0.5.1
RUN apk add --no-cache curl && \
OS=$(go env GOOS) && \
ARCH=$(go env GOARCH) && \
curl -o /usr/local/bin/jb -SL "https://github.com/jsonnet-bundler/jsonnet-bundler/releases/download/v${JB_VERSION}/jb-${OS}-${ARCH}" && \
chmod +x /usr/local/bin/jb

FROM golang:1.23.4-alpine AS helm
# download helm
FROM base AS helm
WORKDIR /tmp/helm
# renovate: datasource=github-releases packageName=helm/helm
ARG HELM_VERSION=3.16.3
RUN apk add --no-cache jq curl
RUN apk add --no-cache curl
RUN export OS=$(go env GOOS) && \
export ARCH=$(go env GOARCH) &&\
curl -SL "https://get.helm.sh/helm-v${HELM_VERSION}-${OS}-${ARCH}.tar.gz" > helm.tgz && \
tar -xvf helm.tgz --strip-components=1

FROM golang:1.23.4-alpine AS kustomize
# download kustomize
FROM base AS kustomize
WORKDIR /tmp/kustomize
# renovate: datasource=github-releases packageName=kubernetes-sigs/kustomize
ARG KUSTOMIZE_VERSION=5.5.0
RUN apk add --no-cache jq curl
RUN apk add --no-cache curl
RUN export OS=$(go env GOOS) &&\
export ARCH=$(go env GOARCH) &&\
echo "https://github.com/kubernetes-sigs/kustomize/releases/download/kustomize/v${KUSTOMIZE_VERSION}/kustomize_v${KUSTOMIZE_VERSION}_${OS}_${ARCH}.tar.gz" && \
curl -SL "https://github.com/kubernetes-sigs/kustomize/releases/download/kustomize/v${KUSTOMIZE_VERSION}/kustomize_v${KUSTOMIZE_VERSION}_${OS}_${ARCH}.tar.gz" > kustomize.tgz && \
tar -xvf kustomize.tgz

FROM golang:1.23.4 AS build
FROM base AS build
WORKDIR /app
COPY . .
RUN make static

# assemble final container
FROM alpine:3.21
FROM alpine:3.21.0
RUN apk add --no-cache coreutils diffutils less git openssh-client && \
apk upgrade --quiet
COPY --from=build /app/tk /usr/local/bin/tk
Expand Down
3 changes: 3 additions & 0 deletions go.work.sum
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ github.com/PuerkitoBio/goquery v1.8.1/go.mod h1:Q8ICL1kNUJ2sXGoAhPGUdYDJvgQgHzJs
github.com/PuerkitoBio/goquery v1.9.2/go.mod h1:GHPCaP0ODyyxqcNoFGYlAprUFH81NuRPd0GX3Zu2Mvk=
github.com/PuerkitoBio/goquery v1.9.3/go.mod h1:1ndLHPdTz+DyQPICCWYlYQMPl0oXZj0G6D4LCYA6u4U=
github.com/agnivade/levenshtein v1.1.1/go.mod h1:veldBMzWxcCG2ZvUTKD2kJNRdCk5hVbJomOvKkmgYbo=
github.com/agnivade/levenshtein v1.2.0/go.mod h1:QVVI16kDrtSuwcpd0p1+xMC6Z/VfhtCyDIjcwga4/DU=
github.com/alexflint/go-arg v1.4.2/go.mod h1:9iRbDxne7LcR/GSvEr7ma++GLpdIU1zrghf2y2768kM=
github.com/alexflint/go-scalar v1.0.0/go.mod h1:GpHzbCOZXEKMEcygYQ5n/aa4Aq84zbxjy3MxYW0gjYw=
github.com/andybalholm/cascadia v1.3.1/go.mod h1:R4bJ1UQfqADjvDa4P6HZHLh/3OxWWEqc0Sk8XGwHqvA=
Expand Down Expand Up @@ -145,12 +146,14 @@ golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/sys v0.18.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/sys v0.21.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/sys v0.23.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/sys v0.26.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/telemetry v0.0.0-20240208230135-b75ee8823808/go.mod h1:KG1lNk5ZFNssSZLrpVb4sMXKMpGwGXOxSG3rnu2gZQQ=
golang.org/x/telemetry v0.0.0-20240228155512-f48c80bd79b2/go.mod h1:TeRTkGYfJXctD9OcfyVLyj2J3IxLnKwHJR8f4D8a3YE=
golang.org/x/telemetry v0.0.0-20240521205824-bda55230c457/go.mod h1:pRgIJT+bRLFKnoM1ldnzKoxTIn14Yxz928LQRYYgIN0=
golang.org/x/term v0.18.0/go.mod h1:ILwASektA3OnRv7amZ1xhE/KTR+u50pbXfZ03+6Nx58=
golang.org/x/term v0.20.0/go.mod h1:8UkIAJTvZgivsXaD6/pH6U9ecQzZ45awqEOzuCvwpFY=
golang.org/x/term v0.21.0/go.mod h1:ooXLefLobQVslOqselCNF4SxFAaoS6KujMbsGzSDmX0=
golang.org/x/term v0.25.0/go.mod h1:RPyXicDX+6vLxogjjRxjgD2TKtmAO6NZBsBRfrOLu7M=
golang.org/x/text v0.3.8/go.mod h1:E6s5w1FMmriuDzIBO73fBruAKo1PCIq6d2Q6DHfQ8WQ=
golang.org/x/text v0.19.0/go.mod h1:BuEKDfySbSR4drPmRPG/7iBdf8hvFMuRexcpahXilzY=
golang.org/x/time v0.3.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
Expand Down

0 comments on commit a393cd1

Please sign in to comment.