renovate: try to group dependency updates on single PR

Since we have tried to group all dependencies on a single PR we can remove the more specific ones such as "golang-images" and "alpine-images". For the "spire-images", we don't need to defined an minimum "allowedVersion" for the main branch since renovate will not downgrade versions. Same logic was applied for the "docker.io/library/busybox". Signed-off-by: André Martins <andre@cilium.io>
aanm · Feb 20, 2024 · b946f13 · b946f13
1 parent 6964ac0
commit b946f13
Showing 1 changed file with 34 additions and 75 deletions.
diff --git a/.github/renovate.json5 b/.github/renovate.json5
@@ -48,9 +48,12 @@
   ],
   "pinDigests": true,
   "ignorePresets": [":prHourlyLimit2"],
-  "separateMajorMinor": true,
-  "separateMultipleMajor": true,
-  "separateMinorPatch": true,
+  // We don't want to separate major and minor upgrades in separate PRs since
+  // we can upgrade them together in a single PR.
+  "separateMajorMinor": false,
+  // We don't want to separate minor patch upgrades in separate PRs since
+  // we can upgrade them together in a single PR.
+  "separateMinorPatch": false,
   "pruneStaleBranches": true,
   "baseBranches": [
     "main",
@@ -69,6 +72,23 @@
   ],
   "stopUpdatingLabel": "renovate/stop-updating",
   "packageRules": [
+    {
+      // Try to group all updates for all dependencies in a single PR. More
+      // specific packageRules are followed by this one.
+      "matchUpdateTypes": [
+        "major",
+        "minor",
+        "patch",
+        "pin",
+        "pinDigest",
+        "digest",
+        "lockFileMaintenance",
+        "rollback",
+        "bump",
+        "replacement",
+      ],
+      "groupName": "all-dependencies"
+    },
     {
       "groupName": "all github action dependencies",
       "groupSlug": "all-github-action",
@@ -81,17 +101,6 @@
         "quay.io/lvh-images/kind",
         "quay.io/cilium/kindest-node"
       ],
-      "matchUpdateTypes": [
-        "major",
-        "minor",
-        "digest",
-        "patch",
-        "pin",
-        "pinDigest"
-      ],
-      "schedule": [
-        "on monday"
-      ]
     },
     {
       "matchPaths": [
@@ -113,14 +122,6 @@
         // update source import paths on major updates
         "gomodUpdateImportPaths"
       ],
-      "matchUpdateTypes": [
-        "major",
-        "minor",
-        "digest",
-        "patch",
-        "pin",
-        "pinDigest"
-      ],
       matchBaseBranches: [
         "main"
       ]
@@ -198,6 +199,8 @@
       ]
     },
     {
+      // Grouped these together because they require a re-creation of the base
+      // image.
       "groupName": "base-images",
       "matchFiles": [
         "images/builder/Dockerfile",
@@ -207,44 +210,6 @@
         "docker.io/library/golang"
       ],
     },
-    {
-      // Images that directly use docker.io/library/golang for building.
-      "groupName": "golang-images",
-      "matchFiles": [
-        "contrib/backporting/Dockerfile",
-        "images/cilium-docker-plugin/Dockerfile",
-        "images/clustermesh-apiserver/Dockerfile",
-        "images/hubble-relay/Dockerfile",
-        "images/operator/Dockerfile",
-        "images/kvstoremesh/Dockerfile"
-      ],
-    },
-    {
-      // Images that directly use docker.io/library/alpine for building.
-      "groupName": "alpine-images",
-      "matchFiles": [
-        "contrib/coccinelle/Dockerfile",
-        "images/cache/Dockerfile",
-        "images/clustermesh-apiserver/Dockerfile",
-        "images/hubble-relay/Dockerfile",
-        "images/operator/Dockerfile",
-        "images/kvstoremesh/Dockerfile"
-      ],
-    },
-    {
-      "groupName": "spire-images",
-      "matchFiles": [
-        "install/kubernetes/cilium/values.yaml.tmpl"
-      ],
-      "matchPackageNames": [
-        "ghcr.io/spiffe/spire-agent",
-        "ghcr.io/spiffe/spire-server"
-      ],
-      "matchBaseBranches": [
-        "main"
-      ],
-      "allowedVersions": ">1.6"
-    },
     {
       "groupName": "spire-images",
       "matchFiles": [
@@ -280,15 +245,6 @@
         "v1.12"
       ],
     },
-    {
-      "matchPackageNames": [
-        "docker.io/library/busybox"
-      ],
-      "allowedVersions": ">=1.35",
-      "matchPaths": [
-        "install/kubernetes/cilium/templates/spire/**"
-      ]
-    },
     {
       "matchPackageNames": [
         "docker.io/library/golang",
@@ -347,6 +303,15 @@
         "v1.12"
       ]
     },
+    {
+      "matchPackageNames": [
+        "gcr.io/etcd-development/etcd"
+      ],
+      "allowedVersions": "<3.16",
+      "matchBaseBranches": [
+        "v1.15"
+      ]
+    },
     {
       "matchDepNames": [
         "golang.zx2c4.com/wireguard"
@@ -462,12 +427,6 @@
         "kindest/node",
         "quay.io/cilium/kindest-node"
       ],
-      "matchUpdateTypes": [
-        "digest",
-        "patch",
-        "pin",
-        "pinDigest"
-      ],
     },
     {
       // Do not allow any updates for major.minor, they will be done by maintainers