Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Adding dependabot config (for Dockerfiles) #4339

Closed
wants to merge 1 commit into from
Closed

Adding dependabot config (for Dockerfiles) #4339

wants to merge 1 commit into from

Conversation

waja
Copy link
Contributor

@waja waja commented Nov 25, 2021

Adding config for Dependabot keeping track of new versions.

@MAGICCC
Copy link
Member

MAGICCC commented Nov 26, 2021
edited
Loading

Seems the config is wrong, I fixed it by testing to

version: 2
updates:
  - package-ecosystem: docker
    directory: "/data/Dockerfiles"
    schedule:
      interval: daily
      time: "04:00"
    target-branch: "staging"
    pull-request-branch-name:
      separator: "-"
    open-pull-requests-limit: 10

Also then getting this error

Dependabot couldn't find a Dockerfile

Dependabot couldn't find a Dockerfile.

Dependabot requires a Dockerfile to evaluate your Docker dependencies. It had expected to find one at the path: /data/Dockerfiles/Dockerfile.

If this isn't a Docker project, you may wish to disable updates for it in the .github/dependabot.yml config file in this repo.

Seems dependabot cant into recursive folder search what I saw after googling for some secs
dependabot/feedback#145

I would use a config like this:

version: 2
updates:
# acme
  - package-ecosystem: docker
    directory: "/data/Dockerfiles/acme"
    schedule:
      interval: daily
      time: "04:00"
      timezone: "Europe/Berlin"
    target-branch: "staging"
    pull-request-branch-name:
      separator: "-"
    open-pull-requests-limit: 10
#    reviewers:
#      - "andryyy"
# clamd
  - package-ecosystem: docker
    directory: "/data/Dockerfiles/clamd"
    schedule:
      interval: daily
      time: "04:00"
      timezone: "Europe/Berlin"
    target-branch: "staging"
    pull-request-branch-name:
      separator: "-"
    open-pull-requests-limit: 10
#    reviewers:
#      - "andryyy"
# dockerapi
  - package-ecosystem: docker
    directory: "/data/Dockerfiles/dockerapi"
    schedule:
      interval: daily
      time: "04:00"
      timezone: "Europe/Berlin"
    target-branch: "staging"
    pull-request-branch-name:
      separator: "-"
    open-pull-requests-limit: 10
#    reviewers:
#      - "andryyy"
# dovecot
  - package-ecosystem: docker
    directory: "/data/Dockerfiles/dovecot"
    schedule:
      interval: daily
      time: "04:00"
      timezone: "Europe/Berlin"
    target-branch: "staging"
    pull-request-branch-name:
      separator: "-"
    open-pull-requests-limit: 10
#    reviewers:
#      - "andryyy"
# netfilter
  - package-ecosystem: docker
    directory: "/data/Dockerfiles/netfilter"
    schedule:
      interval: daily
      time: "04:00"
      timezone: "Europe/Berlin"
    target-branch: "staging"
    pull-request-branch-name:
      separator: "-"
    open-pull-requests-limit: 10
#    reviewers:
#      - "andryyy"
# olefy
  - package-ecosystem: docker
    directory: "/data/Dockerfiles/olefy"
    schedule:
      interval: daily
      time: "04:00"
      timezone: "Europe/Berlin"
    target-branch: "staging"
    pull-request-branch-name:
      separator: "-"
    open-pull-requests-limit: 10
#    reviewers:
#      - "andryyy"
# phpfpm
  - package-ecosystem: docker
    directory: "/data/Dockerfiles/phpfpm"
    schedule:
      interval: daily
      time: "04:00"
      timezone: "Europe/Berlin"
    target-branch: "staging"
    pull-request-branch-name:
      separator: "-"
    open-pull-requests-limit: 10
#    reviewers:
#      - "andryyy"
# postfix
  - package-ecosystem: docker
    directory: "/data/Dockerfiles/postfix"
    schedule:
      interval: daily
      time: "04:00"
      timezone: "Europe/Berlin"
    target-branch: "staging"
    pull-request-branch-name:
      separator: "-"
    open-pull-requests-limit: 10
#    reviewers:
#      - "andryyy"
# rspamd
  - package-ecosystem: docker
    directory: "/data/Dockerfiles/rspamd"
    schedule:
      interval: daily
      time: "04:00"
      timezone: "Europe/Berlin"
    target-branch: "staging"
    pull-request-branch-name:
      separator: "-"
    open-pull-requests-limit: 10
#    reviewers:
#      - "andryyy"
# sogo
  - package-ecosystem: docker
    directory: "/data/Dockerfiles/sogo"
    schedule:
      interval: daily
      time: "04:00"
      timezone: "Europe/Berlin"
    target-branch: "staging"
    pull-request-branch-name:
      separator: "-"
    open-pull-requests-limit: 10
#    reviewers:
#      - "andryyy"
# solr
  - package-ecosystem: docker
    directory: "/data/Dockerfiles/solr"
    schedule:
      interval: daily
      time: "04:00"
      timezone: "Europe/Berlin"
    target-branch: "staging"
    pull-request-branch-name:
      separator: "-"
    open-pull-requests-limit: 10
#    reviewers:
#      - "andryyy"
# unbound 
  - package-ecosystem: docker
    directory: "/data/Dockerfiles/unbound"
    schedule:
      interval: daily
      time: "04:00"
      timezone: "Europe/Berlin"
    target-branch: "staging"
    pull-request-branch-name:
      separator: "-"
    open-pull-requests-limit: 10
#    reviewers:
#      - "andryyy"
# watchdog
  - package-ecosystem: docker
    directory: "/data/Dockerfiles/watchdog"
    schedule:
      interval: daily
      time: "04:00"
      timezone: "Europe/Berlin"
    target-branch: "staging"
    pull-request-branch-name:
      separator: "-"
    open-pull-requests-limit: 10
#    reviewers:
#      - "andryyy"

Also we can also add something like this

commit-message:
# Prefix all commit messages with "[Dockerfile]"
prefix: "[Dockerfile]"

See my test here which I did in some mins:
https://github.com/MAGICCC/mailcow-dockerized/pulls/app%2Fdependabot

I wonder if it can also upgrade to a newer major release for e.g. debian? buster -> bullseye

@waja
Copy link
Contributor Author

waja commented Nov 26, 2021

I wonder if it can also upgrade to a newer major release for e.g. debian? buster -> bullseye

nope, https://docs.github.com/en/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/about-dependabot-version-updates#about-dependabot-version-updates states that it uses semver, which does not support this.

@waja
Copy link
Contributor Author

waja commented Nov 26, 2021

@MAGICCC you are totally true ... I forgot about that dependabot doesn't work recursive. Do you wonna start a new PR or should I fix up mine?

@MAGICCC
Copy link
Member

MAGICCC commented Nov 26, 2021

I would like to wait for @andryyy answer. I like the idea, but we need to implent tests (maybe github actions?) if everything is building right etc.

@DerLinkman DerLinkman deleted the branch mailcow:staging January 21, 2022 13:54
@DerLinkman DerLinkman closed this Jan 21, 2022
@DerLinkman DerLinkman reopened this Jan 21, 2022
@DerLinkman
Copy link
Member

Branch not deleted, sorry for that.

@feldsam feldsam force-pushed the staging branch 2 times, most recently from 2aead31 to 880a68d Compare March 22, 2022 13:50
@DerLinkman DerLinkman deleted the branch mailcow:staging May 5, 2022 15:30
@DerLinkman DerLinkman closed this May 5, 2022
@DerLinkman DerLinkman reopened this May 5, 2022
@DerLinkman
Copy link
Member

DerLinkman commented Jan 17, 2023
edited
Loading

Closed, as we've introduced Renovate for that Job recently.

Sorry :(

@DerLinkman DerLinkman closed this Jan 17, 2023
@waja waja deleted the dependabot branch January 18, 2023 06:27
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
enhancement incomplete
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@waja @MAGICCC @DerLinkman