From 501ee4702e06815ca1fec2969bba59d1676b6eb1 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Wed, 13 Aug 2025 09:46:21 +0200 Subject: [PATCH 1/3] Let kind pick the newest kubernetes image version They are built speicically for the kind releases, hardcoding this makes it harder to auto-update. We've already stopped using it for the scanner and hook clusters Signed-off-by: Jannik Hollenbach --- .github/workflows/ci.yaml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 16dc853df1..2334d75cc1 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -17,7 +17,6 @@ env: # ---- Language Versions ---- PYTHON_VERSION: "3.13.5" - KIND_NODE_IMAGE: "kindest/node:v1.33.1@sha256:050072256b9a903bd914c0b2866828150cb229cea0efe5892e2b644d5dd3b34f" KUBECTL_VERSION: "v1.33.2" KIND_BINARY_VERSION: "v0.29.0" HELM_VERSION: "v3.18.4" @@ -321,7 +320,7 @@ jobs: - name: "Start kind cluster" run: | kind version - kind create cluster --wait 3m --image "$KIND_NODE_IMAGE" + kind create cluster --wait 3m - name: "Inspect kind cluster" run: | From 1b2d0f5c2291c7f5dbb8427a8ae62fa8eb99f633 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Wed, 13 Aug 2025 09:53:27 +0200 Subject: [PATCH 2/3] Try configuring a custom manager for ci dependencies Signed-off-by: Jannik Hollenbach --- .github/workflows/ci.yaml | 6 ++++++ renovate.json | 12 +++++++++--- 2 files changed, 15 insertions(+), 3 deletions(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 2334d75cc1..767e628d23 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -16,11 +16,17 @@ on: env: # ---- Language Versions ---- + # renovate: datasource=github-releases depName=python/cpython PYTHON_VERSION: "3.13.5" + # renovate: datasource=github-releases depName=kubernetes/kubernetes KUBECTL_VERSION: "v1.33.2" + # renovate: datasource=github-releases depName=kubernetes-sigs/kind KIND_BINARY_VERSION: "v0.29.0" + # renovate: datasource=github-releases depName=helm/helm HELM_VERSION: "v3.18.4" + # renovate: datasource=github-releases depName=helm-unittest/helm-unittest HELM_PLUGIN_UNITTEST: "1.0.0" + # renovate: datasource=github-releases depName=go-task/task TASK_VERSION: "v3.44.0" jobs: diff --git a/renovate.json b/renovate.json index 27fdc16513..a001ee15e1 100644 --- a/renovate.json +++ b/renovate.json @@ -31,9 +31,15 @@ "matchStrings": [ "#\\s?renovate: image=(?.*?)\\s?tag:\\s?[\"']?(?.*?)[\"']?" ] + }, + { + "customType": "regex", + "description": "Update GitHub releases dependencies in CI workflow", + "fileMatch": ["^\\.github/workflows/.*\\.ya?ml$"], + "matchStrings": [ + "# renovate: datasource=github-releases depName=(?.*?)\\s*\\w+_VERSION:\\s*[\"']?(?[^\"'\\s]+)[\"']?" + ], + "datasourceTemplate": "github-releases" } ] } - - - From 6885c16b99af1fbf3305d87dc3351ad621e61078 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Wed, 13 Aug 2025 09:56:19 +0200 Subject: [PATCH 3/3] Add a _VERSION postfix to the helm plugin unittest to ensure the regex works consistently Signed-off-by: Jannik Hollenbach --- .github/workflows/ci.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 767e628d23..03e7daf150 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -25,7 +25,7 @@ env: # renovate: datasource=github-releases depName=helm/helm HELM_VERSION: "v3.18.4" # renovate: datasource=github-releases depName=helm-unittest/helm-unittest - HELM_PLUGIN_UNITTEST: "1.0.0" + HELM_PLUGIN_UNITTEST_VERSION: "1.0.0" # renovate: datasource=github-releases depName=go-task/task TASK_VERSION: "v3.44.0" @@ -125,7 +125,7 @@ jobs: - name: Install Helm Unit Test Plugin run: | - helm plugin install https://github.com/helm-unittest/helm-unittest.git --version ${{ env.HELM_PLUGIN_UNITTEST }} + helm plugin install https://github.com/helm-unittest/helm-unittest.git --version ${{ env.HELM_PLUGIN_UNITTEST_VERSION }} - name: Download Task uses: actions/download-artifact@v5