diff --git a/.github/renovate.json5 b/.github/renovate.json5 index e372c10598b59b..06a70bbdafed80 100644 --- a/.github/renovate.json5 +++ b/.github/renovate.json5 @@ -48,9 +48,12 @@ ], "pinDigests": true, "ignorePresets": [":prHourlyLimit2"], - "separateMajorMinor": true, - "separateMultipleMajor": true, - "separateMinorPatch": true, + // We don't want to separate major and minor upgrades in separate PRs since + // we can upgrade them together in a single PR. + "separateMajorMinor": false, + // We don't want to separate minor patch upgrades in separate PRs since + // we can upgrade them together in a single PR. + "separateMinorPatch": false, "pruneStaleBranches": true, "baseBranches": [ "main", @@ -69,6 +72,23 @@ ], "stopUpdatingLabel": "renovate/stop-updating", "packageRules": [ + { + // Try to group all updates for all dependencies in a single PR. More + // specific packageRules are followed by this one. + "matchUpdateTypes": [ + "major", + "minor", + "patch", + "pin", + "pinDigest", + "digest", + "lockFileMaintenance", + "rollback", + "bump", + "replacement", + ], + "groupName": "all-dependencies" + }, { "groupName": "all github action dependencies", "groupSlug": "all-github-action", @@ -81,17 +101,6 @@ "quay.io/lvh-images/kind", "quay.io/cilium/kindest-node" ], - "matchUpdateTypes": [ - "major", - "minor", - "digest", - "patch", - "pin", - "pinDigest" - ], - "schedule": [ - "on monday" - ] }, { "matchPaths": [ @@ -113,14 +122,6 @@ // update source import paths on major updates "gomodUpdateImportPaths" ], - "matchUpdateTypes": [ - "major", - "minor", - "digest", - "patch", - "pin", - "pinDigest" - ], matchBaseBranches: [ "main" ] @@ -198,6 +199,8 @@ ] }, { + // Grouped these together because they require a re-creation of the base + // image. "groupName": "base-images", "matchFiles": [ "images/builder/Dockerfile", @@ -207,44 +210,6 @@ "docker.io/library/golang" ], }, - { - // Images that directly use docker.io/library/golang for building. - "groupName": "golang-images", - "matchFiles": [ - "contrib/backporting/Dockerfile", - "images/cilium-docker-plugin/Dockerfile", - "images/clustermesh-apiserver/Dockerfile", - "images/hubble-relay/Dockerfile", - "images/operator/Dockerfile", - "images/kvstoremesh/Dockerfile" - ], - }, - { - // Images that directly use docker.io/library/alpine for building. - "groupName": "alpine-images", - "matchFiles": [ - "contrib/coccinelle/Dockerfile", - "images/cache/Dockerfile", - "images/clustermesh-apiserver/Dockerfile", - "images/hubble-relay/Dockerfile", - "images/operator/Dockerfile", - "images/kvstoremesh/Dockerfile" - ], - }, - { - "groupName": "spire-images", - "matchFiles": [ - "install/kubernetes/cilium/values.yaml.tmpl" - ], - "matchPackageNames": [ - "ghcr.io/spiffe/spire-agent", - "ghcr.io/spiffe/spire-server" - ], - "matchBaseBranches": [ - "main" - ], - "allowedVersions": ">1.6" - }, { "groupName": "spire-images", "matchFiles": [ @@ -280,15 +245,6 @@ "v1.12" ], }, - { - "matchPackageNames": [ - "docker.io/library/busybox" - ], - "allowedVersions": ">=1.35", - "matchPaths": [ - "install/kubernetes/cilium/templates/spire/**" - ] - }, { "matchPackageNames": [ "docker.io/library/golang", @@ -347,6 +303,15 @@ "v1.12" ] }, + { + "matchPackageNames": [ + "gcr.io/etcd-development/etcd" + ], + "allowedVersions": "<3.16", + "matchBaseBranches": [ + "v1.15" + ] + }, { "matchDepNames": [ "golang.zx2c4.com/wireguard" @@ -462,12 +427,6 @@ "kindest/node", "quay.io/cilium/kindest-node" ], - "matchUpdateTypes": [ - "digest", - "patch", - "pin", - "pinDigest" - ], }, { // Do not allow any updates for major.minor, they will be done by maintainers