diff --git a/.circleci/config.yml b/.circleci/config.yml index 6ad1d18fa4..fd5da0f9fd 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -15,7 +15,8 @@ jobs: # We do this instead of setting --default-tf-version because setting # that flag starts the download asynchronously so we'd have a race # condition. - TERRAFORM_VERSION: 1.3.6 + # renovate: datasource=github-releases depName=hashicorp/terraform versioning=hashicorp + TERRAFORM_VERSION: 1.3.5 steps: - checkout - run: make build-service diff --git a/.node-version b/.node-version new file mode 100644 index 0000000000..261767ca41 --- /dev/null +++ b/.node-version @@ -0,0 +1 @@ +14.21.2 diff --git a/Dockerfile b/Dockerfile index 4f05342c4c..4248c29f36 100644 --- a/Dockerfile +++ b/Dockerfile @@ -20,6 +20,7 @@ FROM ${ATLANTIS_BASE}:${ATLANTIS_BASE_TAG_DATE}-${ATLANTIS_BASE_TAG_TYPE} AS bas ARG TARGETPLATFORM # install terraform binaries +# renovate: datasource=github-releases depName=hashicorp/terraform versioning=hashicorp ENV DEFAULT_TERRAFORM_VERSION=1.3.6 # In the official Atlantis image we only have the latest of each Terraform version. @@ -43,6 +44,7 @@ RUN AVAILABLE_TERRAFORM_VERSIONS="1.0.11 1.1.9 1.2.9 ${DEFAULT_TERRAFORM_VERSION done && \ ln -s "/usr/local/bin/tf/versions/${DEFAULT_TERRAFORM_VERSION}/terraform" /usr/local/bin/terraform +# renovate: datasource=github-releases depName=open-policy-agent/conftest ENV DEFAULT_CONFTEST_VERSION=0.35.0 RUN AVAILABLE_CONFTEST_VERSIONS="${DEFAULT_CONFTEST_VERSION}" && \ diff --git a/Dockerfile.dev b/Dockerfile.dev index d9ed7aad63..bff737fc1f 100644 --- a/Dockerfile.dev +++ b/Dockerfile.dev @@ -1,6 +1,7 @@ FROM ghcr.io/runatlantis/atlantis:latest COPY atlantis /usr/local/bin/atlantis # TODO: remove this once we get this in the base image +# renovate: datasource=github-releases depName=open-policy-agent/conftest ENV DEFAULT_CONFTEST_VERSION=0.35.0 WORKDIR /atlantis/src diff --git a/go.mod b/go.mod index 651284cdeb..cabe6d01e5 100644 --- a/go.mod +++ b/go.mod @@ -39,7 +39,8 @@ require ( github.com/stretchr/testify v1.8.1 github.com/urfave/cli v1.22.10 github.com/urfave/negroni v1.0.0 - github.com/warrensbox/terraform-switcher v0.1.1-0.20221027055942-201c8e92e997 + // renovate: datasource=github-releases depName=warrensbox/terraform-switcher + github.com/warrensbox/terraform-switcher v0.1.1-0.20220704061544-b24be8c19820 github.com/xanzy/go-gitlab v0.77.0 go.etcd.io/bbolt v1.3.6 go.uber.org/zap v1.24.0 diff --git a/go.sum b/go.sum index 94e40b2f42..f2008f37fb 100644 --- a/go.sum +++ b/go.sum @@ -475,8 +475,8 @@ github.com/urfave/cli v1.22.10 h1:p8Fspmz3iTctJstry1PYS3HVdllxnEzTEsgIgtxTrCk= github.com/urfave/cli v1.22.10/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0= github.com/urfave/negroni v1.0.0 h1:kIimOitoypq34K7TG7DUaJ9kq/N4Ofuwi1sjz0KipXc= github.com/urfave/negroni v1.0.0/go.mod h1:Meg73S6kFm/4PpbYdq35yYWoCZ9mS/YSx+lKnmiohz4= -github.com/warrensbox/terraform-switcher v0.1.1-0.20221027055942-201c8e92e997 h1:be5WC0FHdhimAhe2G3DPhduX117RM8qdTMYCMHDt4DM= -github.com/warrensbox/terraform-switcher v0.1.1-0.20221027055942-201c8e92e997/go.mod h1:saryXNaL624mlulV138FP+HhVw7IpvETUXLS3nTvH1g= +github.com/warrensbox/terraform-switcher v0.1.1-0.20220704061544-b24be8c19820 h1:lumP//y6bmEKvAR10stm//yptyzxoulO+sarVVdIdic= +github.com/warrensbox/terraform-switcher v0.1.1-0.20220704061544-b24be8c19820/go.mod h1:saryXNaL624mlulV138FP+HhVw7IpvETUXLS3nTvH1g= github.com/xanzy/go-gitlab v0.77.0 h1:UrbGlxkWVCbkpa6Fk6cM8ARh+rLACWemkJnsawT7t98= github.com/xanzy/go-gitlab v0.77.0/go.mod h1:d/a0vswScO7Agg1CZNz15Ic6SSvBG9vfw8egL99t4kA= github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= diff --git a/renovate.json5 b/renovate.json5 new file mode 100644 index 0000000000..ca51595c2b --- /dev/null +++ b/renovate.json5 @@ -0,0 +1,106 @@ +{ + extends: [ + "config:base", + ], + includeForks: true, + renovateFork: true, + automerge: false, + platformAutomerge: false, + labels: ["dependencies"], + postUpdateOptions: ["gomodTidy", "yarnDedupeHighest"], + prHourlyLimit: 0, + prConcurrentLimit: 0, + packageRules: [ + // e2e test depends on testing/Dockefile testing-image which has conftest specific version. + // to upgrade conftest versions, we need following PRs. + // 1. update testing/Dockerfile conftest version + // 2. update testing-image tag + // 3. update e2e conftest version + // this settings allow to create only testing/Dockefile contest version update PR which uses branch prefix. + { + matchPaths: ["testing/**"], + matchPackagePatterns: ["conftest"], + additionalBranchPrefix: "{{baseDir}}-", + groupName: "conftest-testing", + prBodyNotes: [ + ":warning: You need to upgrade testing-image conftest firstly, then upgrade other conftest versions for e2e :warning:", + ], + }, + { + ignorePaths: ["testing/**"], + matchPackagePatterns: ["conftest"], + groupName: "conftest-upgrade", + prBodyNotes: [ + ":warning: You need to upgrade testing-image conftest firstly, then upgrade other conftest versions for e2e :warning:", + ], + }, + // terraform-switcher use release branch, not default branch + // to support it, disable gomod manager and update by regex manager + { + // terraform-switcher use release branch, not default branch + // to support it, disable gomod manager and update by regex manager + matchManagers: ["gomod"], + matchPackageNames: ["github.com/warrensbox/terraform-switcher"], + enabled: false + }, + { + // we need to upgrade testing-env on ci quickly + matchPackageNames: ["ghcr.io/runatlantis/testing-env"], + groupName: "testing-env-ci-test", + schedule: ["every 1 hour after 00:00 and before 23:59 every day"], + }, + { + // use LTS node version for node docker image + matchDatasources: ["docker"], + matchPackageNames: ["node"], + versioning: "node", + } + ], + // https://docs.renovatebot.com/modules/manager/regex/ + regexManagers: [ + { + fileMatch: ["(^|/)Dockerfile$", "(^|/)Dockerfile\\.[^/]*$"], + matchStrings: [ + // example: + // renovate: datasource=github-releases depName=hashicorp/terraform versioning=hashicorp + // ENV DEFAULT_TERRAFORM_VERSION=x.x.x + "renovate: datasource=(?.*?) depName=(?.*?)( versioning=(?.*?))?\\sENV .*?_VERSION=(?.*)\\s", + ], + versioningTemplate: "{{#if versioning}}{{{versioning}}}{{else}}semver{{/if}}", + extractVersionTemplate: '^v(?\\d+\\.\\d+\\.\\d+)', + }, + { + fileMatch: [".*go$"], + matchStrings: [ + // example: + // const ConftestVersion = "x.x.x" // renovate: datasource=github-releases depName=open-policy-agent/conftest + "\\sconst .*Version = \"(?.*)\"\\s// renovate: datasource=(?.*?) depName=(?.*?)( versioning=(?.*?))?\\s", + ], + versioningTemplate: "{{#if versioning}}{{{versioning}}}{{else}}semver{{/if}}", + extractVersionTemplate: '^v(?\\d+\\.\\d+\\.\\d+)', + }, + { + fileMatch: [".circleci/config.yml$"], + matchStrings: [ + // example: + // # renovate: datasource=github-releases depName=hashicorp/terraform versioning=hashicorp + // TRRAFORM_VERSION: x.x.x + "renovate: datasource=(?.*?) depName=(?.*?)( versioning=(?.*?))?\\s.*?_VERSION: (?.*)\\s", + ], + versioningTemplate: "{{#if versioning}}{{{versioning}}}{{else}}semver{{/if}}", + extractVersionTemplate: '^v(?\\d+\\.\\d+\\.\\d+)', + }, + { + // some go module cannot handle by gomod manager + // - github.com/warrensbox/terraform-switcher use release branch, not default branch + fileMatch: ["go.mod$"], + matchStrings: [ + // example: + // # renovate: datasource=github-releases depName=hashicorp/terraform versioning=hashicorp + // github.com/warrensbox/terraform-switcher vX.X.X-0.000000000-aaaaaaaaaa + "renovate: datasource=(?.*?) depName=(?.*?)( versioning=(?.*?))?\\s.*?github.com/.* (?.*)\\s", + ], + versioningTemplate: "{{#if versioning}}{{{versioning}}}{{else}}semver{{/if}}", + }, + ] +} diff --git a/server/controllers/events/events_controller_e2e_test.go b/server/controllers/events/events_controller_e2e_test.go index a5236d337c..80de4d4914 100644 --- a/server/controllers/events/events_controller_e2e_test.go +++ b/server/controllers/events/events_controller_e2e_test.go @@ -42,7 +42,7 @@ import ( . "github.com/runatlantis/atlantis/testing" ) -const ConftestVersion = "0.35.0" +const ConftestVersion = "0.35.0" // renovate: datasource=github-releases depName=open-policy-agent/conftest var applyLocker locking.ApplyLocker var userConfig server.UserConfig diff --git a/testdrive/utils.go b/testdrive/utils.go index a3b44d054d..2bcd210bfc 100644 --- a/testdrive/utils.go +++ b/testdrive/utils.go @@ -34,7 +34,7 @@ import ( ) const hashicorpReleasesURL = "https://releases.hashicorp.com" -const terraformVersion = "1.3.6" +const terraformVersion = "1.3.5" // renovate: datasource=github-releases depName=hashicorp/terraform versioning=hashicorp const ngrokDownloadURL = "https://bin.equinox.io/c/4VmDzA7iaHb" const ngrokAPIURL = "localhost:41414" // We hope this isn't used. const atlantisPort = 4141 diff --git a/testing/Dockerfile b/testing/Dockerfile index 9ad58a46f5..db23110992 100644 --- a/testing/Dockerfile +++ b/testing/Dockerfile @@ -5,6 +5,7 @@ RUN apt-get update && apt-get --no-install-recommends -y install unzip \ && rm -rf /var/lib/apt/lists/* # Install Terraform +# renovate: datasource=github-releases depName=hashicorp/terraform versioning=hashicorp ENV TERRAFORM_VERSION=1.3.6 RUN case $(uname -m) in x86_64|amd64) ARCH="amd64" ;; aarch64|arm64|armv7l) ARCH="arm64" ;; esac && \ wget -nv -O terraform.zip https://releases.hashicorp.com/terraform/${TERRAFORM_VERSION}/terraform_${TERRAFORM_VERSION}_linux_${ARCH}.zip && \ @@ -14,6 +15,7 @@ RUN case $(uname -m) in x86_64|amd64) ARCH="amd64" ;; aarch64|arm64|armv7l) ARCH rm terraform.zip # Install conftest +# renovate: datasource=github-releases depName=open-policy-agent/conftest ENV CONFTEST_VERSION=0.35.0 SHELL ["/bin/bash", "-o", "pipefail", "-c"] RUN case $(uname -m) in x86_64|amd64) ARCH="x86_64" ;; aarch64|arm64|armv7l) ARCH="arm64" ;; esac && \