Tips about Renovate

suzukishunsuke

Shunsuke Suzuki

Posted on September 25, 2021

Tips about Renovate

In this post, I introduce some tips about Renovate.

Assign reviewers

https://docs.renovatebot.com/configuration-options/#reviewers

It's good to assign reviewers to prevent pull requests from being left.
You can assign GitHub Users and Teams.
On the other hand, if pull requests would be merged automatically, it is not good to assign reviewers because it is noisy.

Restrict targets

By default, all Managers are enabled.
If you want to update only specific packages, you have to configure enableManagers.
And if you want to update only specific files, includePaths would be useful.
If you want to exclude some files, ignorePaths is also useful.
Especially if you want to update packages for the specific service in Monorepo, this would be helpful.

Automerge

automerge drastically decreases the burden of handling pull requests by Renovate.
You should use automerge actively.
On the other hand, in some cases automerge isn't desirable so you have to restrict targets of automerge.
For example, it is good to exclude the major update.

    {
      "matchUpdateTypes": ["major"],
      "automerge": false
    }
Enter fullscreen mode Exit fullscreen mode

renovate-approve app

If at least one approval is required to merge pull requests, the GitHub App renovate-approve would be useful.

Automerge safely

In case of Terraform CI/CD, it would be dangerous to merge pull requests automatically even if CI passes,
because unexpected changes may be applied.
By making CI failed if the pull request author is renovate[bot] and the exit code of terraform plan -detailed-exitcode is two, you can prevent unexpected changes.

Regex Manager

Renovate supports various Managers, but sometimes you want to update packages which aren't supported by any Managers.
In that case, Regex Manager would be helpful.
For example, if you download tools from GitHub Releases in shell scripts, you can update tools with Regex Managers.

version=v0.7.2 # renovate: depName=suzuki-shunsuke/aqua
URL=https://github.com/suzuki-shunsuke/aqua/releases/download/${version}/aqua_linux_amd64.tar.gz
curl --fail -L "$URL" -o aqua_linux_amd64.tar.gz
Enter fullscreen mode Exit fullscreen mode
{
  "regexManagers": [
    {
      "fileMatch": ["^.*\\.sh"],
      "matchStrings": ["version=(?<currentValue>.*?) # renovate: depName=(?<depName>.*?)\\n"],
      "datasourceTemplate": "github-releases"
    }
  ]
}
Enter fullscreen mode Exit fullscreen mode

For detail of Regex Manger, please see the document.

https://docs.renovatebot.com/modules/manager/regex/

renovate-config-validator

When Renovate Configuration is updated, it should be validated with renovate-config-validator.
GitHub Actions is useful for it.

e.g. https://github.com/suzuki-shunsuke/aqua/blob/v0.7.2/.github/workflows/renovate-config-validator.yaml

Split pull requests by additionalBranchPrefix

If the same package is used in multiple services in Monorepo,
by default Renovate updates them in the same pull request.
If you want to split pull requests per service,
additionalBranchPrefix and commitMessageSuffix are useful.

For example, in case of Monorepo of Terraform,
by the following configuration you can update Terraform Providers per service.

{
  "packageRules": [
    {
      "managers": ["terraform"],
      "additionalBranchPrefix": "{{baseDir}}-",
      "packagePatterns": [".*"],
      "commitMessageSuffix": "({{baseDir}})"
    }
  ]
}
Enter fullscreen mode Exit fullscreen mode

About the template variables, please see https://docs.renovatebot.com/templates/

JSON5

Renovate Configuration supports JSON and JSON5.
If you want to write code comments, JSON5 is useful.
On the other hand, the support of JSON5 by tools like editor, IDE, formatter, and linter is poorer than JSON.

Test Configuration in test repository

When you change Renovate Configuration, you can validate it with renovate-config-validator but it is difficult to test it in CI.

I created some repositories for testing Renovate Configuration.

It is good to test Renovate Configuration before sending pull requests.

For example, please see the pull request https://github.com/renovatebot/github-action/pull/557 .
Before sending this pull request, I tested the Configuration in a test repository and described it in the pull request description.

Restrict

If you are tired to handle pull requests by Renovate, it maybe good to restrict pull requests.

Add links to pull requests

Using prBodyNotes, you can add helpful links to pull requests.

For example, in case of the package ingress-nginx, I added the following links.

e.g.

    {
      "matchManagers": ["helmfile"],
      "matchPackageNames": ["ingress-nginx"],
      "prBodyNotes": [
        "[compare](https://github.com/kubernetes/ingress-nginx/compare/helm-chart-{{currentVersion}}...helm-chart-{{newVersion}}), [Changelog](https://github.com/kubernetes/ingress-nginx/blob/main/charts/ingress-nginx/CHANGELOG.md), [Artifact Hub](https://artifacthub.io/packages/helm/ingress-nginx/ingress-nginx?modal=changelog)"
      ]
    }
Enter fullscreen mode Exit fullscreen mode

It is bothersome that you have to configure links per package, but it is helpful to review the pull request.

Debug

If Renovate doesn't work as expected, there are some ways for debug.
If you use GitHub App of Renovate, you can check the log with Renovate Dashboard.
You can also run Renovate at localhost.

$ npm i -g renovate
$ export RENOVATE_TOKEN=xxx # GitHub Access Token
$ LOG_LEVEL=debug renovate --dry-run=true <repository>
Enter fullscreen mode Exit fullscreen mode

Dependency Dashboard is also useful to find the problem.

Decrease the priority of the specific package for other packages

If the package A is updated so frequently that other packages aren't updated,
maybe it may be good to decrease the priority of the package A.

đź’– đź’Ş đź™… đźš©
suzukishunsuke
Shunsuke Suzuki

Posted on September 25, 2021

Join Our Newsletter. No Spam, Only the good stuff.

Sign up to receive the latest update from our blog.

Related