Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore: disables renovate and cron-job workflows #1202

Merged
merged 3 commits into from
Oct 8, 2024
Merged

chore: disables renovate and cron-job workflows #1202

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
a4d2e95
disable all crons
justinthelaw Oct 7, 2024
a32acfe
disable all crons, pt.2
justinthelaw Oct 7, 2024
d2ea475
disable renovate completely
justinthelaw Oct 7, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
259 changes: 1 addition & 258 deletions .github/renovate.json5
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,260 +1,3 @@
{
"enabled": true,
"forkProcessing": "enabled",
"$schema": "https://docs.renovatebot.com/renovate-schema.json",
"extends": [
"config:best-practices",
":semanticCommits",
":semanticCommitTypeAll(chore)"
],
// Disable reviewers getting added by renovate to limit notification noise
"reviewersFromCodeOwners": false,
"timezone": "America/New_York",
"rebaseStalePrs": true,
"dependencyDashboard": true,
"dependencyDashboardTitle": "Renovate Dashboard 🤖",
"rebaseWhen": "conflicted",
"commitBodyTable": true,
"suppressNotifications": ["prIgnoreNotification"],
"pre-commit": {
"enabled": true
},
"helm-values": {
"fileMatch": [".*\\.ya?ml$"]
},
"kubernetes": {
"fileMatch": [".*\\.ya?ml$"],
"ignorePaths": [
".github"
]
},
"labels": ["dependencies", "tech-debt"],
"hostRules": [
{
"matchHost": "registry1.dso.mil",
"hostType": "docker",
"description": "Encrypted creds for registry1, scoped to this Github org using: https://docs.renovatebot.com/getting-started/migrating-secrets/#migrate-your-secrets-in-encrypted-form",
"username": "{{ secrets.IRONBANK_USERNAME }}",
"password": "{{ secrets.IRONBANK_PASSWORD }}"
},
{
"matchHost": "cgr.dev",
"description": "Encrypted creds for cgr.dev, scoped to this Github org using: https://docs.renovatebot.com/getting-started/migrating-secrets/#migrate-your-secrets-in-encrypted-form",
"username": "{{ secrets.CHAINGUARD_USERNAME }}",
"password": "{{ secrets.CHAINGUARD_PASSWORD }}"
},
{
"matchHost": "ghcr.io",
"hostType": "docker",
"description": "Encrypted creds for ghcr.io, scoped to this Github org using: https://docs.renovatebot.com/getting-started/migrating-secrets/#migrate-your-secrets-in-encrypted-form",
"username": "renovate",
"password": "{{ secrets.DEFENSEUNICORNS_PACKAGE_READ_PAT }}"
}
],
"regexManagers": [
// Matches github-tags pointing to items in githubusercontent (i.e. https://github.com/defenseunicorns/uds-core/blob/e45de0e5917a2ca6c3e30e593e2d9a8d393849a9/.vscode/settings.json#L12)
{
"fileMatch": [".*(\\.ya?ml|\\.json)$"],
"matchStrings": [
// Test: https://regex101.com/r/r1nWoZ/1
"https:\\/\\/raw\\.githubusercontent\\.com\\/(?<depName>[^\\/]+\\/[^\\/]+)\\/(?<currentValue>[^\\/]+)"
],
"versioningTemplate": "semver-coerced",
"datasourceTemplate": "github-tags"
},
// Matches github-tags pointing to items in github.com/<org>/<repo>/raw/<tag> (i.e. https://github.com/defenseunicorns/uds-package-postgres-operator/blob/c88f9fd47c2fbc85e86c86c26b2d6948f6220898/zarf.yaml#L17)
{
"fileMatch": [".*(\\.ya?ml|\\.json)$"],
"matchStrings": [
// Test: https://regex101.com/r/huQrD4/1
"https:\\/\\/github\\.com\\/(?<depName>[^\\/]+\\/[^\\/]+)\\/raw\\/(?<currentValue>[^\\/]+)"
],
"versioningTemplate": "semver-coerced",
"datasourceTemplate": "github-tags"
},
// Matches github-tags pointing to items in github.com/<org>/<repo>/releases/download/<tag> (i.e. https://github.com/defenseunicorns/zarf/blob/c8abe31a5c4bbed933d692fcdeeefdc4b31701a5/packages/distros/k3s/zarf.yaml#L17)
{
"fileMatch": [".*(\\.ya?ml|\\.json)$"],
"matchStrings": [
// Test: https://regex101.com/r/oGP4dI/1
"https:\\/\\/github\\.com\\/(?<depName>[^\\/]+\\/[^\\/]+)\\/releases\\/download\\/(?<currentValue>[^\\/]+)"
],
"versioningTemplate": "semver-coerced",
"datasourceTemplate": "github-tags"
},
// Matches npm modules in npm install commands (i.e. https://github.com/defenseunicorns/uds-core/blob/f8e65159873f87be5912b73cc6f0a5ff26b7bed0/.github/workflows/commitlint.yaml#L26)
{
"fileMatch": [".*(\\.ya?ml|\\.json)$"],
"matchStrings": [
// Test: https://regex101.com/r/321nL5/1
"npm install ([\\w\\- ]+ )?(?<depName>@?[^\\s]*?)@(?<currentValue>[^\\s]+)"
],
"datasourceTemplate": "npm"
},
// Matches specified datasources where a colon separates the version on the following line (i.e. https://github.com/defenseunicorns/zarf/blob/7e91d3b9823b52fe6d0f563d692c8af57faa6005/examples/big-bang/zarf.yaml#L5)
{
"fileMatch": [".*\\.ya?ml$"],
"matchStrings": [
// Test: https://regex101.com/r/d9t0lt/1
"# renovate: datasource=(?<datasource>.*?) depName=(?<depName>.*?)( versioning=(?<versioning>.*?))?( extractVersion=(?<extractVersion>.*?))?( registryUrl=(?<registryUrl>.*?))?\\s.*:\\s*['\"]?(?<currentValue>[v0-9].*?)['\"]?(\\s|$)"
],
"versioningTemplate": "{{#if versioning}}{{{versioning}}}{{else}}semver-coerced{{/if}}",
"extractVersionTemplate": "{{#if extractVersion}}{{{extractVersion}}}{{else}}^(?<version>.*)${{/if}}"
},
// Matches specified datasources where an environment variable separates the version on the following line (i.e. https://github.com/defenseunicorns/uds-common/blob/ce3ba974ef3ff88058809f4b9a78da281a65ffa0/.github/actions/setup/action.yaml#L9)
{
"fileMatch": [".*\\.ya?ml$", ".*\\.sh$", ".*\\.?Dockerfile$"],
"matchStrings": [
// Test: https://regex101.com/r/b53bEF/2
"# renovate: datasource=(?<datasource>.*?) depName=(?<depName>.*?)( versioning=(?<versioning>.*?))?( extractVersion=(?<extractVersion>.*?))?( registryUrl=(?<registryUrl>.*?))?\\s.*[A-Z]+=['\"]?(?<currentValue>[v0-9].*?)['\"]?(\\s|$)"
],
"versioningTemplate": "{{#if versioning}}{{{versioning}}}{{else}}semver-coerced{{/if}}",
"extractVersionTemplate": "{{#if extractVersion}}{{{extractVersion}}}{{else}}^(?<version>.*)${{/if}}"
},
// Matches specified datasources for brew where an @ separates the version on the following line (i.e. https://github.com/defenseunicorns/uds-core/blob/5a2666f6a5ba89686c6dc1fecb0db98512b1b9f8/.github/actions/setup/action.yaml#L32)
{
"fileMatch": [".*\\.ya?ml$"],
"matchStrings": [
// Test: https://regex101.com/r/p3Cpjx/1
"# renovate: datasource=(?<datasource>.*?) depName=(?<depName>.*?)( versioning=(?<versioning>.*?))?\\s.*brew.*@\\s*['\"]?(?<currentValue>[v0-9].*?)['\"]?(\\s|$)"
],
"versioningTemplate": "{{#if versioning}}{{{versioning}}}{{else}}semver-coerced{{/if}}",
"extractVersionTemplate": "^v(?<version>.*)$"
},
// Matches images where you need to override the image reference in a Helm Value (i.e. https://github.com/defenseunicorns/uds-capability-rook-ceph/blob/f190c32688e80ad72df6389bcb150b35d779d0f0/values/cluster-values.yaml#L3-L4)
{
"fileMatch": ["\\.*\\.ya?ml$"],
"matchStrings": [
// Test: https://regex101.com/r/k5ebjz/1
"# renovate: image=(?<depName>.*?)\\s*image:\\s.*:(?<currentValue>[^\\s\"]*)",
],
"datasourceTemplate": "docker"
},
// Matches individual images in a `zarf.yaml`'s `images:` section that are tagged with a version (allowing for # renovate overrides)
{
"fileMatch": [ "(^|/)zarf\\.ya?ml$" ],
"matchStrings": [
// Test: https://regex101.com/r/Bd8IBp/1
"- ['\"]?(?<depName>[^\"'\\s]+):(?<currentValue>[^\"'\\s]+)['\"]?( # renovate:( versioning=(?<versioning>.*?))?( extractVersion=(?<extractVersion>.*?))?)?(\\s|$)"
],
"versioningTemplate": "{{#if versioning}}{{{versioning}}}{{else}}docker{{/if}}",
"extractVersionTemplate": "{{#if extractVersion}}{{{extractVersion}}}{{else}}^(?<version>.*)${{/if}}",
"datasourceTemplate": "docker"
},
// Matches individual helm repo charts in a `zarf.yaml`'s `charts:` section that specify `version` then `url`
{
"fileMatch": [ "(^|/)zarf\\.ya?ml$" ],
"matchStringsStrategy": "recursive",
"matchStrings": [
// Match the chart section. Test: https://regex101.com/r/1DL0tI/3
"(?m)charts:(.|\\n)*?(^\\s{4}[\\w:]+|\\n$|^\\s{2}-)",
// Match a chart entry. Test: https://regex101.com/r/ibpxYd/1
"(?m)name:(.|\\n)+?(^\\s{4}[\\w\\-:]+|\\n$|^\\s{2}-|^\\s{6}-)",
// Match the parts of a chart entry. Test: https://regex101.com/r/tVVHYS/1
"(?m)name: [\"']?(?<depName>.+?)[\"']?$(.|\\n)*?version: [\"']?(?<currentValue>.+?)[\"']?$(.|\\n)*?url: [\"']?(?<registryUrl>(https|http|file):\\/\\/.+?)[\"']?$"
],
"datasourceTemplate": "helm"
},
// Matches individual helm repo charts in a `zarf.yaml`'s `charts:` section that specify `url` then `version`
{
"fileMatch": [ "(^|/)zarf.yaml$" ],
"matchStringsStrategy": "recursive",
"matchStrings": [
// Match the chart section. Test: https://regex101.com/r/1DL0tI/3
"(?m)charts:(.|\\n)*?(^\\s{4}[\\w:]+|\\n$|^\\s{2}-)",
// Match a chart entry. Test: https://regex101.com/r/ibpxYd/1
"(?m)name:(.|\\n)+?(^\\s{4}[\\w\\-:]+|\\n$|^\\s{2}-|^\\s{6}-)",
// Match the parts of a chart entry. Test: https://regex101.com/r/ehfBW6/1
"(?m)name: [\"']?(?<depName>.+?)[\"']?$(.|\\n)*?url: [\"']?(?<registryUrl>(https|http|file):\\/\\/.+?)[\"']?$(.|\\n)*?version: [\"']?(?<currentValue>.+?)[\"']?$"
],
"datasourceTemplate": "helm"
},
// Matches individual helm git charts in a `zarf.yaml`'s `charts:` section that specify `version` then `url`
{
"fileMatch": [ "(^|/)zarf\\.ya?ml$" ],
"matchStringsStrategy": "recursive",
"matchStrings": [
// Match the chart section. Test: https://regex101.com/r/1DL0tI/3
"(?m)charts:(.|\\n)*?(^\\s{4}[\\w:]+|\\n$|^\\s{2}-)",
// Match a chart entry. Test: https://regex101.com/r/ibpxYd/1
"(?m)name:(.|\\n)+?(^\\s{4}[\\w\\-:]+|\\n$|^\\s{2}-|^\\s{6}-)",
// Match the parts of a chart entry. Test: https://regex101.com/r/PIIH1p/1
"(?m)name:(.|\\n)*?version: [\"']?(?<currentValue>.+?)[\"']?$(.|\\n)*?url: [\"']?(?<depName>.+?\\.git)[\"']?$"
],
"datasourceTemplate": "git-tags",
// Match the version from the tag. Test: https://regex101.com/r/dzQZiE/1
"versioningTemplate": "regex:^v?(?<major>\\d+)\\.(?<minor>\\d+)\\.(?<patch>\\d+)(-[\\w\\.]+\\.(?<build>\\d+))?"
},
// Matches individual helm git charts in a `zarf.yaml`'s `charts:` section that specify `url` then `version`
{
"fileMatch": [ "(^|/)zarf.yaml$" ],
"matchStringsStrategy": "recursive",
"matchStrings": [
// Match the chart section. Test: https://regex101.com/r/1DL0tI/3
"(?m)charts:(.|\\n)*?(^\\s{4}[\\w:]+|\\n$|^\\s{2}-)",
// Match a chart entry. Test: https://regex101.com/r/ibpxYd/1
"(?m)name:(.|\\n)+?(^\\s{4}[\\w\\-:]+|\\n$|^\\s{2}-|^\\s{6}-)",
// Match the parts of a chart entry. Test: https://regex101.com/r/m71Sn5/1
"(?m)name:(.|\\n)*?url: [\"']?(?<depName>.+?\\.git)[\"']?$(.|\\n)*?version: [\"']?(?<currentValue>.+?)[\"']?$"
],
"datasourceTemplate": "git-tags",
// Match the version from the tag. Test: https://regex101.com/r/dzQZiE/1
"versioningTemplate": "regex:^v?(?<major>\\d+)\\.(?<minor>\\d+)\\.(?<patch>\\d+)(-[\\w\\.]+\\.(?<build>\\d+))?"
},
// Matches individual helm oci charts in a `zarf.yaml`'s `charts:` section that specify `version` then `url`
{
"fileMatch": [ "(^|/)zarf\\.ya?ml$" ],
"matchStringsStrategy": "recursive",
"matchStrings": [
// Match the chart section. Test: https://regex101.com/r/1DL0tI/3
"(?m)charts:(.|\\n)*?(^\\s{4}[\\w:]+|\\n$|^\\s{2}-)",
// Match a chart entry. Test: https://regex101.com/r/ibpxYd/1
"(?m)name:(.|\\n)+?(^\\s{4}[\\w\\-:]+|\\n$|^\\s{2}-|^\\s{6}-)",
// Match the parts of a chart entry. Test: https://regex101.com/r/gYGkgq/1
"(?m)name:(.|\\n)*?version: [\"']?(?<currentValue>.+?)[\"']?$(.|\\n)*?url: [\"']?oci:\\/\\/(?<depName>.+?)[\"']?$"
],
"datasourceTemplate": "docker"
},
// Matches individual helm oci charts in a `zarf.yaml`'s `charts:` section that specify `url` then `version`
{
"fileMatch": [ "(^|/)zarf.yaml$" ],
"matchStringsStrategy": "recursive",
"matchStrings": [
// Match the chart section. Test: https://regex101.com/r/1DL0tI/3
"(?m)charts:(.|\\n)*?(^\\s{4}[\\w:]+|\\n$|^\\s{2}-)",
// Match a chart entry. Test: https://regex101.com/r/ibpxYd/1
"(?m)name:(.|\\n)+?(^\\s{4}[\\w\\-:]+|\\n$|^\\s{2}-|^\\s{6}-)",
// Match the parts of a chart entry. Test: https://regex101.com/r/VDMzhy/1
"(?m)name:(.|\\n)*?url: [\"']?oci:\\/\\/(?<depName>.+?)[\"']?$(.|\\n)*?version: [\"']?(?<currentValue>.+?)[\"']?$"
],
"datasourceTemplate": "docker"
},
// Matches individual kustomizations in a `zarf.yaml`'s `manifests:` section using a github url with a ref
{
"fileMatch": [ "(^|/)zarf\\.ya?ml$" ],
"matchStringsStrategy": "recursive",
"matchStrings": [
// Match the manifests section. Test: https://regex101.com/r/BCfsGu/1
"(?m)manifests:(.|\\n)*?(^\\s{4}[\\w:]+|\\n$|^\\s{2}-)",
// Match a manifests entry. Test: https://regex101.com/r/UjQa51/1
"(?m)name:(.|\\n)+?(^\\s{4}[\\w\\-:]+|\\n$|^\\s{2}-|^\\s{6}-)",
// Match the parts of a chart entry. Test: https://regex101.com/r/cumJ2Y/1
"(?m)name:(.|\\n)*?kustomizations:(.|\n)*?- [\"']?github.com\\/(?<depName>.+?)\\/\\/.*\\?ref=(?<currentValue>.+?)[\"']?$"
],
"versioningTemplate": "semver-coerced",
"datasourceTemplate": "github-tags"
},
// Matches oci packages in a `uds-bundle.yaml`'s `zarf-packages:` section that specify `repository` then `ref`
{
"fileMatch": [ "(^|/)uds-bundle.yaml$" ],
"matchStringsStrategy": "recursive",
"matchStrings": [
// Match the parts of a chart entry. Test: https://regex101.com/r/IFgEw0/1
"(?m)repository: [\"']?(?<depName>.+?)[\"']?$(.)*(\n.*){0,2}ref: [\"']?(?<currentValue>.+?)[\"']?$"
],
"datasourceTemplate": "docker",
// Match versioning used on UDS packages. Test: https://regex101.com/r/BGkYHX/4
"versioningTemplate": "regex:^v?(?<major>\\d+)(\\.(?<minor>\\d+))?(\\.(?<patch>\\d+))?(-uds\\.(?<build>\\d))?(-(?<compatibility>\\w+)?)?(.*?)?$"
}
]
enabled: false,
}
22 changes: 11 additions & 11 deletions .github/workflows/nightly-snapshot-release.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,18 +1,18 @@
name: nightly-snapshot-release

on:
schedule:
- cron: "0 8 * * *" # Runs daily at 12 AM PST
# schedule:
# - cron: "0 8 * * *" # Runs daily at 12 AM PST
workflow_dispatch: # trigger manually as needed
pull_request:
types:
- opened # default trigger
- reopened # default trigger
- synchronize # default trigger
- ready_for_review # don't run on draft PRs
- milestoned # allows us to trigger on bot PRs
paths:
- .github/workflows/nightly-snapshot-release.yaml
# pull_request:
# types:
# - opened # default trigger
# - reopened # default trigger
# - synchronize # default trigger
# - ready_for_review # don't run on draft PRs
# - milestoned # allows us to trigger on bot PRs
# paths:
# - .github/workflows/nightly-snapshot-release.yaml

concurrency:
group: nightly-snapshot-release-${{ github.ref }}
Expand Down
12 changes: 6 additions & 6 deletions .github/workflows/nightly-uds-badge-verification.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,13 +1,13 @@
name: nightly-uds-badge-verification

on:
schedule:
- cron: "0 11 * * *" # Runs daily at 3 AM PST
# schedule:
# - cron: "0 11 * * *" # Runs daily at 3 AM PST
workflow_dispatch: # trigger manually as needed
pull_request:
paths:
- .github/workflows/nightly-uds-badge-verification.yaml
- tasks.yaml
# pull_request:
# paths:
# - .github/workflows/nightly-uds-badge-verification.yaml
# - tasks.yaml

concurrency:
group: nightly-uds-badge-verification-${{ github.ref }}
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/scorecard.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,8 @@ name: OpenSSF Scorecared
on:
# Only the default branch is supported.
branch_protection_rule:
schedule:
- cron: '20 3 * * 0' # Every Sunday at 03:20 UTC
# schedule:
# - cron: '20 3 * * 0' # Every Sunday at 03:20 UTC

push:
branches: [ "main" ]
Expand Down
24 changes: 12 additions & 12 deletions .github/workflows/weekly-registry1-flavor-test.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,19 +1,19 @@
name: weekly-registry1-flavor-test

on:
schedule:
- cron: "0 8 * * 0" # Run every Sunday at 12 AM PST
# schedule:
# - cron: "0 8 * * 0" # Run every Sunday at 12 AM PST
workflow_dispatch: # trigger manually as needed
pull_request:
types:
- opened # default trigger
- reopened # default trigger
- synchronize # default trigger
- ready_for_review # don't run on draft PRs
- milestoned # allows us to trigger on bot PRs
paths:
- .github/workflows/weekly-registry1-flavor-test.yaml
- bundles/latest/**
# pull_request:
# types:
# - opened # default trigger
# - reopened # default trigger
# - synchronize # default trigger
# - ready_for_review # don't run on draft PRs
# - milestoned # allows us to trigger on bot PRs
# paths:
# - .github/workflows/weekly-registry1-flavor-test.yaml
# - bundles/latest/**

concurrency:
group: weekly-registry1-flavor-test-${{ github.ref }}
Expand Down