blog

12021-08-24

SEAN K.H. LIAO

renovate

We run renovate to watch upstream sources and file PRs that automatically bump dependency versions for us. A lot of standard things will work out of the box (more or less). But sometimes just have custom stuff.

dockerfile

Our most common example is in Dockerfiles:

FROM xxx/yyy:zzz

ARG FOO_VERSION=1.2.3
ARG BAR_VERSION=v2.0.1

RUN curl -fsL -O https://example.com/${FOO_VERSION}/foo.tar.gz
RUN curl -fsL -O https://bar.example/${BAR_VERSION}/bar_v${BAR_VERSION}.tar.gz

...

custom manager

ref: regex manager

Instead of defining a new rule for every dependency centrally in your renovate.json config, you could instead define a custom / meta manager:

{
  "regexManagers": [
    {
      "fileMatch": ["^Dockerfile$"],
      "matchStrings": [
        "datasource=(?<datasource>.*?) depName=(?<depName>.*?)( versioning=(?<versioning>.*?))?\\sARG .*?_VERSION=(?<currentValue>.*)\\s"
      ],
      "versioningTemplate": "{{#if versioning}}{{{versioning}}}{{else}}semver{{/if}}"
    }
  ]
}

What's happening is you're declaring a regex that captures all the information needed to update a dependency from comments as well as the value to update.

fields

ref: regexManagers

Using lookupName (defaults to depName), renovate searches datasource for version strings. This is passed through extractVersion to pull out the actual versions and compared to currentValue with the versioning strategy to determine if an update is needed.

Ex:

# renovate: datasource=github-tags depName=jenkinsci/remoting extractVersion=^remoting-(?<version>.*)$ versioning=regex:^(?<major>\d+)\.(?<minor>\d+)$
ARG JENKINS_AGENT_VERSION=4.10

renovate searches github tags (which are remoting-4.1, remoting-4.2 ...), extracts the version number out (4.1, 4.2) and compares them with major.minor