Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore: enables docker ecosystem for dependabot #1014

Merged
merged 1 commit into from Nov 11, 2022
Merged

chore: enables docker ecosystem for dependabot #1014

merged 1 commit into from Nov 11, 2022

Conversation

nilekhc
Copy link
Contributor

@nilekhc nilekhc commented Nov 4, 2022

Signed-off-by: Nilekh Chaudhari 1626598+nilekhc@users.noreply.github.com

Reason for Change:

Requirements

  • squashed commits
  • included documentation
  • added unit tests and e2e tests (if applicable).

Issue Fixed:

Does this change contain code from or inspired by another project?

  • Yes
  • No

If "Yes," did you notify that project's maintainers and provide attribution?

Special Notes for Reviewers:

@nilekhc nilekhc requested a review from aramase as a code owner November 4, 2022 05:36
@nilekhc nilekhc mentioned this pull request Nov 4, 2022
Merged
@nilekhc nilekhc requested a review from ritazh November 4, 2022 05:37
aramase
aramase requested changes Nov 4, 2022
View reviewed changes
.github/dependabot.yml Outdated Show resolved Hide resolved
@nilekhc nilekhc requested a review from aramase November 4, 2022 06:58
jeffwidman
jeffwidman reviewed Nov 4, 2022
View reviewed changes
.github/dependabot.yml Outdated
@@ -12,3 +12,9 @@ updates:
interval: "weekly"
commit-message:
prefix: "chore"
- package-ecosystem: "docker"
directory: "/manifest_staging"
Copy link

@jeffwidman jeffwidman Nov 4, 2022
edited

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm playing around with this on a local fork to see how it works...

Unfortunately, I realized the check isn't recursive, so you'll need to manually specify the actual directory containing the chart... I filed dependabot/dependabot-core#6047 for us to evaluate changing that behavior.

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

And looks like there's another bug, even when you do get it configured correctly: dependabot/dependabot-core#6048

I'll try to debug ☝️ tomorrow.

@jeffwidman
Copy link

I enabled the kubernetes_updates feature flag on this repo, so Dependabot will be trying to update Docker image tags within Helm/K8s files.

Once I get dependabot/dependabot-core#6048 fixed, hopefully it will start working and opening PR's for you.

@jeffwidman
Copy link

Also, thanks again @nilekhc for offering this repo as a test case, even for using in my own fork it's been great to have much more realistic data for testing than anything I'd put together quickly.

@nilekhc
Copy link
Contributor Author

nilekhc commented Nov 4, 2022

I enabled the kubernetes_updates feature flag on this repo, so Dependabot will be trying to update Docker image tags within Helm/K8s files.

Once I get dependabot/dependabot-core#6048 fixed, hopefully it will start working and opening PR's for you.

@jeffwidman Do you still want me to update the path and point it to the values.yaml directory?

@nilekhc
Copy link
Contributor Author

nilekhc commented Nov 4, 2022

Also, thanks again @nilekhc for offering this repo as a test case, even for using in my own fork it's been great to have much more realistic data for testing than anything I'd put together quickly.

We are happy to help! 🙂

@nilekhc
Copy link
Contributor Author

nilekhc commented Nov 9, 2022

I enabled the kubernetes_updates feature flag on this repo, so Dependabot will be trying to update Docker image tags within Helm/K8s files.
Once I get dependabot/dependabot-core#6048 fixed, hopefully it will start working and opening PR's for you.

@jeffwidman Do you still want me to update the path and point it to the values.yaml directory?

@jeffwidman Any word on this?

@jeffwidman
Copy link

Yes, please do point the path at the values.yaml directories... we won't support recursion out of the gate, and not sure if/when we would do that as there's a lot more product questions/edge cases, so you'll need to manually specify any directories that you want watched.

Beyond that, I figured out why it wasn't working on my fork of your repo, and fixed some other bugs along the way:

Once the last one is merged/deployed, this should all start working... but we have an internal deploy freeze because of GitHub Universe so I won't be able to deploy til late tomorrow or Friday.

@jeffwidman
Copy link

All the PR's have been merged, and this now works correctly on my fork... once you merge, can you confirm it works correctly here as well? You should get a PR opened by Dependabot similar to the ones here: https://github.com/jeffwidman/secrets-store-csi-driver-provider-azure/pulls

@nilekhc
chore: enables docker ecosystem for dependabot
f859283 
Signed-off-by: Nilekh Chaudhari <1626598+nilekhc@users.noreply.github.com>
aramase
aramase approved these changes Nov 11, 2022
View reviewed changes
Copy link
Member

@aramase aramase left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm

@nilekhc nilekhc merged commit f04f74a into Azure:master Nov 11, 2022
@nilekhc nilekhc deleted the enable-docker-dependabot branch November 11, 2022 03:58
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jeffwidman jeffwidman jeffwidman approved these changes

@aramase aramase aramase approved these changes

@ritazh ritazh Awaiting requested review from ritazh

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@nilekhc @jeffwidman @aramase