mirror of
https://github.com/renovatebot/renovate.git
synced 2025-05-12 23:51:55 +00:00
bc7d0595d0
Co-authored-by: Sebastian Poxhofer <secustor@users.noreply.github.com> Co-authored-by: HonkingGoose <34918129+HonkingGoose@users.noreply.github.com> Co-authored-by: Michael Kriese <michael.kriese@visualon.de> Co-authored-by: Rhys Arkins <rhys@arkins.net> |
||
|---|---|---|
| .. | ||
| __fixtures__ | ||
| __snapshots__ | ||
| artifacts.spec.ts | ||
| artifacts.ts | ||
| common.spec.ts | ||
| common.ts | ||
| extract.spec.ts | ||
| extract.ts | ||
| index.ts | ||
| readme.md | ||
| types.ts | ||
Renovate can manage these parts of the kustomization.yaml file:
- remote resources
- image tags
- components
- helm charts
- remote bases (deprecated since Kustomize
v2.1.0)
How It Works
- Renovate searches in each repository for any
kustomization.yamlfiles - Dependencies are extracted from remote bases, image tags and Helm charts
- Renovate resolves the dependency's source repository and checks if there are SemVer tags
- If Renovate finds an update, then it updates the
kustomization.yamlfile
This manager uses three depTypes to allow fine-grained control of which dependencies are upgraded:
- Component
- Kustomization
- HelmChart
- OCIChart
Helm charts inflation
Renovate will inflate helm charts referenced in a kustomization if any of the following is true:
- The version Renovate is upgrading from was inflated, OR
- The
kustomizeInflateHelmChartsoption inpostUpdateOptionsis enabled
Note: To prevent Renovate from updating dependencies in the expanded charts, you'll need to manually exclude the folders from Helm managers. For example:
{
"packageRules": [
{
"matchFileNames": ["**/charts/**"],
"matchManagers": ["helmv3", "helm-values"],
"enabled": false
}
]
}
Limitations
- Using HTTPS to fetch the repositories is not tested
- The keys for the image tags can be in any order
- name: image/name
newTag: v0.0.1
# or
- newTag: v0.0.1
name: image/name
- Digests can be pinned in
newTagordigest:
- name: image/name
newTag: v0.0.1@sha256:3eeba3e2caa30d2aba0fd78a34c1bbeebaa1b96c7aa3c95ec9bac44163c5ca4f
# without a version, digests are tracked as :latest
- name: image/name
digest: sha256:3eeba3e2caa30d2aba0fd78a34c1bbeebaa1b96c7aa3c95ec9bac44163c5ca4f
- The image's repository can be changed with
newName:
- name: image/name
newName: custom-image/name:v0.0.1
- name: image/name
newName: custom-image/name:v0.0.1@sha256:3eeba3e2caa30d2aba0fd78a34c1bbeebaa1b96c7aa3c95ec9bac44163c5ca4f
- name: image/name
newName: custom-image/name@sha256:3eeba3e2caa30d2aba0fd78a34c1bbeebaa1b96c7aa3c95ec9bac44163c5ca4f
- name: image/name
newName: custom-image/name
newTag: v0.0.1@sha256:3eeba3e2caa30d2aba0fd78a34c1bbeebaa1b96c7aa3c95ec9bac44163c5ca4f
- name: image/name
newName: custom-image/name
digest: sha256:3eeba3e2caa30d2aba0fd78a34c1bbeebaa1b96c7aa3c95ec9bac44163c5ca4f
- Images with values ignored by Kustomize will be skipped to avoid ambiguity:
# bad: skipped because newTag: is ignored when digest: is set
- name: image/name
newTag: v0.0.1
digest: sha256:3eeba3e2caa30d2aba0fd78a34c1bbeebaa1b96c7aa3c95ec9bac44163c5ca4f
# good:
- name: image/name
newTag: v0.0.1@sha256:3eeba3e2caa30d2aba0fd78a34c1bbeebaa1b96c7aa3c95ec9bac44163c5ca4f