From 0c4bb7abbaa24d0d89d0a4447f3f379e495de1c3 Mon Sep 17 00:00:00 2001 From: Andreas Klos Date: Wed, 30 Jul 2025 13:20:58 +0200 Subject: [PATCH 1/5] feat: update image repository paths and simplify image name formatting in templates --- .github/renovate.json | 161 ++++++++++++++++++ .github/workflows/renovate.yml | 40 +++++ .../_admin_backend_and_extractor_helpers.tpl | 4 +- .../rag/templates/_admin_frontend_helpers.tpl | 2 +- .../rag/templates/_backend_helpers.tpl | 4 +- .../rag/templates/_frontend_helpers.tpl | 2 +- infrastructure/rag/values.yaml | 18 +- 7 files changed, 213 insertions(+), 18 deletions(-) create mode 100644 .github/renovate.json create mode 100644 .github/workflows/renovate.yml diff --git a/.github/renovate.json b/.github/renovate.json new file mode 100644 index 00000000..f32656b7 --- /dev/null +++ b/.github/renovate.json @@ -0,0 +1,161 @@ +{ + "$schema": "https://docs.renovatebot.com/renovate-schema.json", + "extends": ["config:recommended"], + "timezone": "UTC", + "schedule": ["before 4am"], + "labels": ["renovate"], + "semanticCommits": "enabled", + "semanticCommitType": "chore", + "semanticCommitScope": "deps", + "prConcurrentLimit": 5, + "prHourlyLimit": 50, + "stabilityDays": 7, + "repositories": ["stackitcloud/rag-template"], + "hostRules": [ + { + "hostType": "docker", + "matchHost": "ghcr.io" + }, + { + "hostType": "helm", + "matchHost": "charts.bitnami.com" + }, + { + "hostType": "helm", + "matchHost": "langfuse.github.io" + }, + { + "hostType": "helm", + "matchHost": "qdrant.github.io" + }, + { + "hostType": "helm", + "matchHost": "enapter.github.io" + }, + { + "hostType": "helm", + "matchHost": "otwld.github.io" + } + ], + + "packageRules": [ + { + "description": "Group all non-major updates together", + "matchUpdateTypes": ["minor", "patch", "pin", "digest"], + "groupName": "all non-major dependencies", + "groupSlug": "all-minor-patch" + }, + { + "description": "Automerge non-major updates", + "matchUpdateTypes": ["minor", "patch", "pin", "digest"], + "automerge": true + }, + { + "description": "Require manual review for major updates", + "matchUpdateTypes": ["major"], + "labels": ["major-update"], + "automerge": false + }, + { + "description": "Label Python dependencies", + "matchManagers": ["poetry", "pip_requirements"], + "addLabels": ["python"] + }, + { + "description": "Label Node.js dependencies", + "matchManagers": ["npm"], + "addLabels": ["nodejs"] + }, + { + "description": "Label Docker images", + "matchManagers": ["dockerfile", "docker-compose"], + "addLabels": ["docker"] + }, + { + "description": "Label Helm charts", + "matchManagers": ["helm-requirements", "helm-values", "helmv3"], + "addLabels": ["helm"] + }, + { + "description": "Label Kubernetes manifests", + "matchManagers": ["kubernetes"], + "addLabels": ["kubernetes"] + }, + { + "description": "Automerge GitHub Actions updates", + "matchManagers": ["github-actions"], + "addLabels": ["github-actions"], + "automerge": true + }, + { + "description": "Ignore malformed platform flags", + "matchPackageNames": [ + "--platform=linux/amd64 python", + "--platform=linux/amd64 node" + ], + "enabled": false + }, + { + "description": "Bitnami Helm charts", + "matchManagers": ["helm-requirements", "helm-values", "helmv3"], + "matchPackageNames": ["minio", "bitnami/nginx-ingress-controller"], + "registryUrls": ["https://charts.bitnami.com/bitnami"] + }, + { + "description": "Langfuse Helm chart", + "matchManagers": ["helm-requirements", "helm-values", "helmv3"], + "matchPackageNames": ["langfuse"], + "registryUrls": ["https://langfuse.github.io/langfuse-k8s"] + }, + { + "description": "Qdrant Helm chart", + "matchManagers": ["helm-requirements", "helm-values", "helmv3"], + "matchPackageNames": ["qdrant"], + "registryUrls": ["https://qdrant.github.io/qdrant-helm"] + }, + { + "description": "KeyDB Helm chart", + "matchManagers": ["helm-requirements", "helm-values", "helmv3"], + "matchPackageNames": ["keydb"], + "registryUrls": ["https://enapter.github.io/charts/"] + }, + { + "description": "Ollama Helm chart", + "matchManagers": ["helm-requirements", "helm-values", "helmv3"], + "matchPackageNames": ["ollama"], + "registryUrls": ["https://otwld.github.io/ollama-helm/"] + } + ], + "customManagers": [ + { + "description": "Update Helm chart versions in scripts", + "customType": "regex", + "fileMatch": ["\\.sh$"], + "matchStrings": [ + "helm install .* --version \"(?.*?)\"", + "helm upgrade .* --version \"(?.*?)\"" + ], + "datasourceTemplate": "helm", + "depNameTemplate": "bitnami/nginx-ingress-controller" + }, + { + "description": "Update Docker image tags in Dockerfiles/scripts", + "customType": "regex", + "fileMatch": ["(^|/)Dockerfile$", "\\.sh$"], + "matchStrings": [ + "FROM (?[^ :]+):(?[^@\\s]+)@sha256:", + "FROM (?[^ :]+):(?[^@\\s]+)\\s", + "docker.*(?[a-z0-9._-]+/[a-z0-9._-]+):(?[a-z0-9._-]+)" + ], + "datasourceTemplate": "docker" + } + ], + "ignoreDeps": [], + "ignorePaths": [ + "**/node_modules/**", + "**/vendor/**", + "**/__pycache__/**", + "**/venv/**", + "**/.venv/**" + ] +} diff --git a/.github/workflows/renovate.yml b/.github/workflows/renovate.yml new file mode 100644 index 00000000..3780f2ca --- /dev/null +++ b/.github/workflows/renovate.yml @@ -0,0 +1,40 @@ +name: Renovate + +on: + # Run monthly on the first day at 2 AM UTC + schedule: + - cron: '0 2 1 * *' + # Allow manual triggering + workflow_dispatch: + inputs: + logLevel: + description: 'Log level' + required: false + default: 'info' + type: choice + options: + - info + - debug + dryRun: + description: 'Dry run' + required: false + default: false + type: boolean + +jobs: + renovate: + name: Renovate + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v4 + - name: Self-hosted Renovate + uses: renovatebot/github-action@v43.0.5 + with: + configurationFile: .github/renovate.json + token: ${{ secrets.RENOVATE_TOKEN }} + env: + LOG_LEVEL: ${{ inputs.logLevel || 'info' }} + RENOVATE_DRY_RUN: ${{ inputs.dryRun || false }} + RENOVATE_BASE_BRANCH_PATTERNS: deps-main + TZ: Europe/Berlin diff --git a/infrastructure/rag/templates/_admin_backend_and_extractor_helpers.tpl b/infrastructure/rag/templates/_admin_backend_and_extractor_helpers.tpl index 7516791d..be4c54b1 100644 --- a/infrastructure/rag/templates/_admin_backend_and_extractor_helpers.tpl +++ b/infrastructure/rag/templates/_admin_backend_and_extractor_helpers.tpl @@ -74,11 +74,11 @@ # image {{- define "adminBackend.fullImageName" -}} -{{- printf "%s/%s:%s" .Values.adminBackend.image.repository .Values.adminBackend.image.name .Values.adminBackend.image.tag | trimSuffix ":" }} +{{- printf "%s:%s" .Values.adminBackend.image.repository .Values.adminBackend.image.tag | trimSuffix ":" }} {{- end -}} {{- define "extractor.fullImageName" -}} -{{- printf "%s/%s:%s" .Values.extractor.image.repository .Values.extractor.image.name .Values.extractor.image.tag | trimSuffix ":" }} +{{- printf "%s:%s" .Values.extractor.image.repository .Values.extractor.image.tag | trimSuffix ":" }} {{- end -}} # ingress diff --git a/infrastructure/rag/templates/_admin_frontend_helpers.tpl b/infrastructure/rag/templates/_admin_frontend_helpers.tpl index 4ebc4a65..346fd5e8 100644 --- a/infrastructure/rag/templates/_admin_frontend_helpers.tpl +++ b/infrastructure/rag/templates/_admin_frontend_helpers.tpl @@ -1,7 +1,7 @@ {{- define "adminFrontend.fullImageName" -}} {{- if .Values.adminFrontend.image -}} {{- if .Values.adminFrontend.image.repository -}} - {{- printf "%s/%s:%s" .Values.adminFrontend.image.repository .Values.adminFrontend.image.name .Values.adminFrontend.image.tag | trimSuffix ":" }} + {{- printf "%s:%s" .Values.adminFrontend.image.repository .Values.adminFrontend.image.tag | trimSuffix ":" }} {{- else -}} {{ required "A valid .Values.adminFrontend.image.repository entry required!" . }} {{- end -}} diff --git a/infrastructure/rag/templates/_backend_helpers.tpl b/infrastructure/rag/templates/_backend_helpers.tpl index 04502fa6..34bcdc5e 100644 --- a/infrastructure/rag/templates/_backend_helpers.tpl +++ b/infrastructure/rag/templates/_backend_helpers.tpl @@ -95,11 +95,11 @@ {{- end -}} {{- define "backend.fullImageName" -}} -{{- printf "%s/%s:%s" .Values.backend.image.repository .Values.backend.image.name .Values.backend.image.tag | trimSuffix ":" | trimSuffix "-" }} +{{- printf "%s:%s" .Values.backend.image.repository .Values.backend.image.tag | trimSuffix ":" | trimSuffix "-" }} {{- end -}} {{- define "mcp.fullImageName" -}} -{{- printf "%s/%s:%s" .Values.backend.mcp.image.repository .Values.backend.mcp.image.name .Values.backend.mcp.image.tag | trimSuffix ":" | trimSuffix "-" }} +{{- printf "%s:%s" .Values.backend.mcp.image.repository .Values.backend.mcp.image.tag | trimSuffix ":" | trimSuffix "-" }} {{- end -}} diff --git a/infrastructure/rag/templates/_frontend_helpers.tpl b/infrastructure/rag/templates/_frontend_helpers.tpl index 10c83f94..874d4a2d 100644 --- a/infrastructure/rag/templates/_frontend_helpers.tpl +++ b/infrastructure/rag/templates/_frontend_helpers.tpl @@ -3,7 +3,7 @@ {{- end -}} {{- define "frontend.fullImageName" -}} -{{- printf "%s/%s:%s" .Values.frontend.image.repository .Values.frontend.image.name .Values.frontend.image.tag | trimSuffix ":" -}} +{{- printf "%s:%s" .Values.frontend.image.repository .Values.frontend.image.tag | trimSuffix ":" -}} {{- end -}} {{- define "ingress.frontendFullname" -}} diff --git a/infrastructure/rag/values.yaml b/infrastructure/rag/values.yaml index 09938e00..cfc0a3ae 100644 --- a/infrastructure/rag/values.yaml +++ b/infrastructure/rag/values.yaml @@ -68,8 +68,7 @@ backend: chatWithHistoryExamples: "" image: - repository: ghcr.io/stackitcloud/rag-template - name: rag-mcp + repository: ghcr.io/stackitcloud/rag-template/mcp-server pullPolicy: Always tag: "v2.0.0" @@ -77,8 +76,7 @@ backend: replicaCount: 1 image: - repository: ghcr.io/stackitcloud/rag-template - name: rag-backend + repository: ghcr.io/stackitcloud/rag-template/rag-backend pullPolicy: Always tag: "v2.0.0" @@ -216,8 +214,7 @@ frontend: name: frontend replicaCount: 1 image: - repository: ghcr.io/stackitcloud/rag-template - name: frontend + repository: ghcr.io/stackitcloud/rag-template/frontend pullPolicy: Always tag: "v2.0.0" @@ -252,8 +249,7 @@ adminBackend: name: admin-backend image: - repository: ghcr.io/stackitcloud/rag-template - name: admin-backend + repository: ghcr.io/stackitcloud/rag-template/admin-backend pullPolicy: Always tag: "v2.0.0" @@ -333,8 +329,7 @@ extractor: replicaCount: 1 name: extractor image: - repository: ghcr.io/stackitcloud/rag-template - name: document-extractor + repository: ghcr.io/stackitcloud/rag-template/document-extractor pullPolicy: Always tag: "v2.0.0" @@ -382,8 +377,7 @@ adminFrontend: name: admin-frontend replicaCount: 1 image: - repository: ghcr.io/stackitcloud/rag-template - name: admin-frontend + repository: ghcr.io/stackitcloud/rag-template/admin-frontend pullPolicy: Always tag: "v2.0.0" From 7b5a4f09c06eaecac1ba6ab9deea3eefef0a1798 Mon Sep 17 00:00:00 2001 From: Andreas Klos Date: Wed, 30 Jul 2025 13:22:47 +0200 Subject: [PATCH 2/5] fix: update MCP server image repository path in README --- infrastructure/README.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/infrastructure/README.md b/infrastructure/README.md index 5d1d8891..41107bd7 100644 --- a/infrastructure/README.md +++ b/infrastructure/README.md @@ -311,8 +311,7 @@ backend: port: "8000" # Port on which the MCP server listens (default: 8000) host: "0.0.0.0" # Host address for the MCP server image: - repository: ghcr.io/stackitcloud/rag-template - name: rag-mcp + repository: ghcr.io/stackitcloud/rag-template/mcp-server pullPolicy: Always tag: "v1.0.0" ``` From ad34ba90805b96118ac5f49998e4c59514de98dd Mon Sep 17 00:00:00 2001 From: Andreas Klos Date: Wed, 30 Jul 2025 13:26:03 +0200 Subject: [PATCH 3/5] fix: remove comment about monthly schedule in Renovate workflow --- .github/workflows/renovate.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/renovate.yml b/.github/workflows/renovate.yml index 3780f2ca..0016a541 100644 --- a/.github/workflows/renovate.yml +++ b/.github/workflows/renovate.yml @@ -1,7 +1,6 @@ name: Renovate on: - # Run monthly on the first day at 2 AM UTC schedule: - cron: '0 2 1 * *' # Allow manual triggering From 728acd7292b2a3a7e28c3dde4a21cd9d0f9f9470 Mon Sep 17 00:00:00 2001 From: Andreas Klos Date: Wed, 30 Jul 2025 13:38:40 +0200 Subject: [PATCH 4/5] fix: remove custom managers for Helm chart and Docker image updates --- .github/renovate.json | 24 ------------------------ 1 file changed, 24 deletions(-) diff --git a/.github/renovate.json b/.github/renovate.json index f32656b7..e2fdd514 100644 --- a/.github/renovate.json +++ b/.github/renovate.json @@ -126,30 +126,6 @@ "registryUrls": ["https://otwld.github.io/ollama-helm/"] } ], - "customManagers": [ - { - "description": "Update Helm chart versions in scripts", - "customType": "regex", - "fileMatch": ["\\.sh$"], - "matchStrings": [ - "helm install .* --version \"(?.*?)\"", - "helm upgrade .* --version \"(?.*?)\"" - ], - "datasourceTemplate": "helm", - "depNameTemplate": "bitnami/nginx-ingress-controller" - }, - { - "description": "Update Docker image tags in Dockerfiles/scripts", - "customType": "regex", - "fileMatch": ["(^|/)Dockerfile$", "\\.sh$"], - "matchStrings": [ - "FROM (?[^ :]+):(?[^@\\s]+)@sha256:", - "FROM (?[^ :]+):(?[^@\\s]+)\\s", - "docker.*(?[a-z0-9._-]+/[a-z0-9._-]+):(?[a-z0-9._-]+)" - ], - "datasourceTemplate": "docker" - } - ], "ignoreDeps": [], "ignorePaths": [ "**/node_modules/**", From cfe5722df8f8790917291c38dff49d74ee4075d4 Mon Sep 17 00:00:00 2001 From: Andreas Klos Date: Thu, 31 Jul 2025 09:19:37 +0200 Subject: [PATCH 5/5] Update renovate.yml --- .github/workflows/renovate.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/renovate.yml b/.github/workflows/renovate.yml index 0016a541..e441e54b 100644 --- a/.github/workflows/renovate.yml +++ b/.github/workflows/renovate.yml @@ -2,7 +2,7 @@ name: Renovate on: schedule: - - cron: '0 2 1 * *' + - cron: '0 0 * * 0' # Allow manual triggering workflow_dispatch: inputs: