diff --git a/.github/renovate.json5 b/.github/renovate.json5 index e372c10598b59..28ae5fc9694b2 100644 --- a/.github/renovate.json5 +++ b/.github/renovate.json5 @@ -48,9 +48,12 @@ ], "pinDigests": true, "ignorePresets": [":prHourlyLimit2"], - "separateMajorMinor": true, - "separateMultipleMajor": true, - "separateMinorPatch": true, + // We don't want to separate major and minor upgrades in separate PRs since + // we can upgrade them together in a single PR. + "separateMajorMinor": false, + // We don't want to separate minor patch upgrades in separate PRs since + // we can upgrade them together in a single PR. + "separateMinorPatch": false, "pruneStaleBranches": true, "baseBranches": [ "main", @@ -70,28 +73,28 @@ "stopUpdatingLabel": "renovate/stop-updating", "packageRules": [ { - "groupName": "all github action dependencies", - "groupSlug": "all-github-action", - "matchPaths": [ - ".github/workflows/**" - ], - "excludeDepNames": [ - "cilium/little-vm-helper", - "quay.io/lvh-images/complexity-test", - "quay.io/lvh-images/kind", - "quay.io/cilium/kindest-node" - ], + // Try to group all updates for all dependencies in a single PR. More + // specific packageRules are followed by this one. "matchUpdateTypes": [ "major", "minor", - "digest", "patch", "pin", - "pinDigest" + "pinDigest", + "digest", + "lockFileMaintenance", + "rollback", + "bump", + "replacement", + ], + "groupName": "all-dependencies" + }, + { + "groupName": "all github action dependencies", + "groupSlug": "all-github-action", + "matchPaths": [ + ".github/workflows/**" ], - "schedule": [ - "on monday" - ] }, { "matchPaths": [ @@ -113,14 +116,6 @@ // update source import paths on major updates "gomodUpdateImportPaths" ], - "matchUpdateTypes": [ - "major", - "minor", - "digest", - "patch", - "pin", - "pinDigest" - ], matchBaseBranches: [ "main" ] @@ -198,6 +193,8 @@ ] }, { + // Grouped these together because they require a re-creation of the base + // image. "groupName": "base-images", "matchFiles": [ "images/builder/Dockerfile", @@ -207,44 +204,6 @@ "docker.io/library/golang" ], }, - { - // Images that directly use docker.io/library/golang for building. - "groupName": "golang-images", - "matchFiles": [ - "contrib/backporting/Dockerfile", - "images/cilium-docker-plugin/Dockerfile", - "images/clustermesh-apiserver/Dockerfile", - "images/hubble-relay/Dockerfile", - "images/operator/Dockerfile", - "images/kvstoremesh/Dockerfile" - ], - }, - { - // Images that directly use docker.io/library/alpine for building. - "groupName": "alpine-images", - "matchFiles": [ - "contrib/coccinelle/Dockerfile", - "images/cache/Dockerfile", - "images/clustermesh-apiserver/Dockerfile", - "images/hubble-relay/Dockerfile", - "images/operator/Dockerfile", - "images/kvstoremesh/Dockerfile" - ], - }, - { - "groupName": "spire-images", - "matchFiles": [ - "install/kubernetes/cilium/values.yaml.tmpl" - ], - "matchPackageNames": [ - "ghcr.io/spiffe/spire-agent", - "ghcr.io/spiffe/spire-server" - ], - "matchBaseBranches": [ - "main" - ], - "allowedVersions": ">1.6" - }, { "groupName": "spire-images", "matchFiles": [ @@ -280,15 +239,6 @@ "v1.12" ], }, - { - "matchPackageNames": [ - "docker.io/library/busybox" - ], - "allowedVersions": ">=1.35", - "matchPaths": [ - "install/kubernetes/cilium/templates/spire/**" - ] - }, { "matchPackageNames": [ "docker.io/library/golang", @@ -347,6 +297,15 @@ "v1.12" ] }, + { + "matchPackageNames": [ + "gcr.io/etcd-development/etcd" + ], + "allowedVersions": "<3.16", + "matchBaseBranches": [ + "v1.15" + ] + }, { "matchDepNames": [ "golang.zx2c4.com/wireguard" @@ -455,20 +414,6 @@ "main" ], }, - { - "groupName": "all kind-images main", - "groupSlug": "all-kind-images-main", - "matchPackageNames": [ - "kindest/node", - "quay.io/cilium/kindest-node" - ], - "matchUpdateTypes": [ - "digest", - "patch", - "pin", - "pinDigest" - ], - }, { // Do not allow any updates for major.minor, they will be done by maintainers "enabled": false,