diff --git a/renovate.json b/renovate.json index 4ef778c4a4..a0bc46dbb5 100644 --- a/renovate.json +++ b/renovate.json @@ -1,6 +1,54 @@ { - "gomod": { - "enabled": false + "$schema": "https://docs.renovatebot.com/renovate-schema.json", + "enabledManagers": ["dockerfile", "gomod"], + "commitMessagePrefix": "UPSTREAM: : ", + "packageRules": [ + { + "description": "Disable all Dockerfile updates by default. Only specific files will get targeted.", + "matchManagers": ["dockerfile"], + "enabled": false + }, + { + "description": "Enable Docker image updates for Red Hat UBI images on major version 9 only in OpenShift files", + "matchManagers": ["dockerfile"], + "matchFileNames": [ + "Containerfile.aws-load-balancer-controller", + "Dockerfile.openshift", + "drift-cache/Dockerfile.openshift" + ], + "matchDatasources": ["docker"], + "matchPackageNames": [ + "registry.access.redhat.com/ubi9/ubi-minimal", + "registry.access.redhat.com/ubi9/ubi" + ], + "enabled": true, + "versioning": "redhat", + "allowedVersions": "/^9(\\.|$)/" + }, + { + "description": "Keep Go toolset on minor version 1.22 only in OpenShift files", + "matchManagers": ["dockerfile"], + "matchFileNames": [ + "Containerfile.aws-load-balancer-controller", + "Dockerfile.openshift", + "drift-cache/Dockerfile.openshift" + ], + "matchDatasources": ["docker"], + "matchPackageNames": [ + "registry.access.redhat.com/ubi9/go-toolset" + ], + "enabled": true, + "versioning": "redhat", + "allowedVersions": "/^1\\.22(\\.|$)/" + }, + { + "description": "Disable regular Go module updates, only allow vulnerability alerts", + "matchManagers": ["gomod"], + "enabled": false + } + ], + "vulnerabilityAlerts": { + "enabled": true }, - "commitMessagePrefix": "UPSTREAM: : " + "osvVulnerabilityAlerts": true }