From b5544221dff7c7a7ce74ca2623c8cd0a7b09d6ed Mon Sep 17 00:00:00 2001 From: JesseBot Date: Tue, 9 Jul 2024 13:17:43 +0200 Subject: [PATCH] add renovatebot self hosted app and update helm chart docker tag to `v0.6.0` (#37) * add renovatebot self hosted app and update helm chart docker tag to v0.6.0 * add automated helm docs updates --- .github/renovate-config.json | 11 +++++ .github/workflows/helm-docs.yaml | 26 +++++++++++ .github/workflows/renovate.yml | 33 ++++++++++++++ charts/appset-secret-plugin/Chart.yaml | 4 +- charts/appset-secret-plugin/README.md | 2 +- renovate.json | 61 +++++++++++++++++++++----- scripts/bump-chart-version.sh | 31 +++++++++++++ 7 files changed, 154 insertions(+), 14 deletions(-) create mode 100644 .github/renovate-config.json create mode 100644 .github/workflows/helm-docs.yaml create mode 100644 .github/workflows/renovate.yml create mode 100755 scripts/bump-chart-version.sh diff --git a/.github/renovate-config.json b/.github/renovate-config.json new file mode 100644 index 0000000..3380bad --- /dev/null +++ b/.github/renovate-config.json @@ -0,0 +1,11 @@ +{ + "$schema": "https://docs.renovatebot.com/renovate-schema.json", + "onboarding": false, + "username": "renovate-release", + "gitAuthor": "Renovate Bot ", + "platform": "github", + "repositories": [ + "small-hack/appset-secret-plugin" + ], + "allowedPostUpgradeCommands": ["^scripts"] +} diff --git a/.github/workflows/helm-docs.yaml b/.github/workflows/helm-docs.yaml new file mode 100644 index 0000000..8d9143e --- /dev/null +++ b/.github/workflows/helm-docs.yaml @@ -0,0 +1,26 @@ +name: Generate helm docs + +on: + pull_request: + paths: + - 'charts/matrix/**' + +permissions: + contents: write + pull-requests: write + +jobs: + update-docs: + name: update-docs + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v4 + with: + ref: ${{ github.event.pull_request.head.ref }} + + - name: Render helm docs inside the README.md and push changes back to PR branch + uses: netfoundry/helm-docs-action@v1 + with: + working-dir: charts/matrix + git-push: "true" diff --git a/.github/workflows/renovate.yml b/.github/workflows/renovate.yml new file mode 100644 index 0000000..3d272f3 --- /dev/null +++ b/.github/workflows/renovate.yml @@ -0,0 +1,33 @@ +name: Renovate +on: + workflow_dispatch: + schedule: + # This should be every hour + - cron: '0 * * * *' + push: + branches: + - main + paths: + - ".github/renovate-config.json" + - ".github/workflows/renovate.yml" + - "renovate.json" + - "scripts/**" +jobs: + renovate: + runs-on: ubuntu-latest + steps: + - name: Get token + id: app-token + uses: actions/create-github-app-token@v1 + with: + private-key: ${{ secrets.PRIVATE_KEY }} + app-id: ${{ secrets.APP_ID }} + + - name: Checkout + uses: actions/checkout@v4.1.7 + + - name: Self-hosted Renovate + uses: renovatebot/github-action@v40.1.12 + with: + token: '${{ steps.app-token.outputs.token }}' + configurationFile: .github/renovate-config.json diff --git a/charts/appset-secret-plugin/Chart.yaml b/charts/appset-secret-plugin/Chart.yaml index b454f47..b7da630 100644 --- a/charts/appset-secret-plugin/Chart.yaml +++ b/charts/appset-secret-plugin/Chart.yaml @@ -15,7 +15,7 @@ maintainers: # pipeline. Library charts do not define any templates and therefore cannot be deployed. type: application -version: 0.7.0 +version: 0.8.0 # renovate: image=jessebot/argocd-appset-secret-plugin -appVersion: "v0.5.0" +appVersion: "v0.6.0" diff --git a/charts/appset-secret-plugin/README.md b/charts/appset-secret-plugin/README.md index 54717fd..7fe75ad 100644 --- a/charts/appset-secret-plugin/README.md +++ b/charts/appset-secret-plugin/README.md @@ -1,6 +1,6 @@ # appset-secret-plugin -![Version: 0.7.0](https://img.shields.io/badge/Version-0.7.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v0.5.0](https://img.shields.io/badge/AppVersion-v0.5.0-informational?style=flat-square) +![Version: 0.8.0](https://img.shields.io/badge/Version-0.8.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v0.6.0](https://img.shields.io/badge/AppVersion-v0.6.0-informational?style=flat-square) A Helm chart for adding a K8s Secret Plugin Generator to Argo CD ApplicationSets diff --git a/renovate.json b/renovate.json index 2e1afdf..cbbaea4 100644 --- a/renovate.json +++ b/renovate.json @@ -1,15 +1,54 @@ { - "$schema": "https://docs.renovatebot.com/renovate-schema.json", - "extends": [ - "config:base" - ], - "regexManagers": [ + "$schema": "https://docs.renovatebot.com/renovate-schema.json", + "extends": [ + "config:recommended", ":disableDependencyDashboard" + ], + "customManagers": [ { - "fileMatch": ["(^|/)Chart\\.yaml$"], - "matchStrings": [ - "#\\s?renovate: image=(?.*?)\\s?appVersion:\\s?\\\"?(?[\\w+\\.\\-]*)", - ], - "datasourceTemplate": "docker" - }, + "customType": "regex", + "datasourceTemplate": "docker", + "fileMatch": [ + "(^|/)Chart\\.yaml$" + ], + "matchStrings": [ + "#\\s*renovate: image=(?.*?)\\s+appVersion:\\s*[\"']?(?[\\w+\\.\\-]*)" + ] + } + ], + "packageRules": [ + { + "description": "Fix subchart archives for helm chart", + "matchManagers": ["helmv3"], + "postUpdateOptions": ["helmUpdateSubChartArchives"] + }, + { + "description": "Fix version in Chart.yaml after helmv3 dep patch updates", + "matchManagers": ["helmv3"], + "matchUpdateTypes": ["patch"], + "bumpVersion": "patch" + }, + { + "description": "Fix version in Chart.yaml after helmv3 dep minor updates", + "matchManagers": ["helmv3"], + "matchUpdateTypes": ["minor"], + "bumpVersion": "minor" + }, + { + "description": "Fix version in Chart.yaml after helmv3 dep major updates", + "matchManagers": ["helmv3"], + "matchUpdateTypes": ["major"], + "bumpVersion": "major" + }, + { + "description": "Bump helm chart versions by a patch when updating values files. This can be removed when https://github.com/renovatebot/renovate/issues/8231 is implemented and enabled.", + "matchManagers": ["helm-values", "regex"], + "postUpgradeTasks": { + "commands": [ + "scripts/bump-chart-version.sh '{{{updateType}}}'" + ], + "fileFilters": ["**/Chart.yaml"], + "executionMode": "branch" + } + } ] } diff --git a/scripts/bump-chart-version.sh b/scripts/bump-chart-version.sh new file mode 100755 index 0000000..7f570ca --- /dev/null +++ b/scripts/bump-chart-version.sh @@ -0,0 +1,31 @@ +#!/usr/bin/env bash +# thanks to original comment: https://github.com/renovatebot/renovate/issues/8231#issuecomment-1978929997 +# converted to discussion: https://github.com/renovatebot/renovate/discussions/28861#discussioncomment-9326722 + +set -euo pipefail + +update_type="$1" +version=$(grep "^version:" "./charts/appset-secret-plugin/Chart.yaml" | awk '{print $2}') + +if [[ ! $version ]]; then + echo "No valid version was found" + exit 1 +fi + +major=$(echo "$version" | cut -d. -f1) +minor=$(echo "$version" | cut -d. -f2) +patch=$(echo "$version" | cut -d. -f3) + +if [[ "$update_type" =~ (major|replacement) ]]; then + major=$(( major + 1 )) + minor=0 + patch=0 +elif [[ "$update_type" =~ 'minor' ]]; then + minor=$(( minor + 1 )) + patch=0 +else + patch=$(( patch + 1 )) +fi + +echo "Bumping version for appset-secret-plugin chart from $version to $major.$minor.$patch" +sed -i "s/^version:.*/version: ${major}.${minor}.${patch}/g" "charts/appset-secret-plugin/Chart.yaml"