Renovate: GitHub, and Helm Charts versions management

By | 05/30/2024
 

Dependabot (see Dependabot: GitHub, and Terraform versions management) is interesting because it’s fairly quick and easy to configure, but the fact that it still can’t work with Helm charts (although a feature request was opened in 2018) makes it a bit useless for us.

So, instead, let’s take a look at Renovate, which is a highly valued tool by everyone who deals with version control.

What can Renovate do?

  • like Dependabot, can be run with almost any hosting service – GitHub, GitLab, Bitbucket, etc.
  • we can run as self-hosted on our own GitHub Actions Runner
  • can run in Kubernetes

It can check many systems directly – Terraform, Helm, Kubernetes manifest – check images and their updates, Dockerfiles, and so on. See Supported Managers.

It displays very detailed information on the changes it offers and has its own dashboard.

For GitHub, the easiest way to integrate is through the Renovate GitHub App.

Although I mentioned “Helm Charts” in the title of this post, out of the box and with the default settings, Renovate will check just about anything in the repository that has any versions and dependencies.

And when I wrote that Dependabot is “quick and easy to configure“, in the case of Renovate, it’s actually can be done in a few clicks and works right out of the box.

Connecting Renovate to GitHub

Go to the page Renovate GitHub App, click Install, choose which repositories to connect it to.

For now, I will add only one repository with our monitoring where we have Terraform and Helm:

Allow access:

Register at the https://developer.mend.io – here you will have dashboards with details of the checks:

Go to the repository, and you already have a Pull Request opened here to initialize Renovate:

And… That’s basically it 🙂

Configuring Renovate

In this PR, we have a new file renovate.json with a minimal configuration:

Also, Renovate immediately identified which packages are available in this repository:

It immediately determines what needs to be updated:

And on the repository page on https://developer.mend.io, you will see all the details of the check:

Now we can add a few options of our own, and there are a lot of them as Renovate allows you to customize your checks very flexibly – see all of them at Configuration Options.

For example, add a launch schedule, labels, and assign PRs to me:

{
  "$schema": "https://docs.renovatebot.com/renovate-schema.json",
  "extends": [
    "config:recommended"
  ],
  "labels": ["dependencies"],
  "assignees": ["arseny-zinchenko"]
}

By default, Renovate has a limit of 2 PRs per hour. To increase this limit, add prHourlyLimit in the file renovate.json:

{
  "$schema": "https://docs.renovatebot.com/renovate-schema.json",
  "extends": [
    "config:recommended"
  ],
  "labels": ["dependencies"],
  "assignees": ["arseny-zinchenko"],
  "prHourlyLimit": 10
}

Save the changes, push, and merge that PR:

And now we have new PRs opened:

Details on a particular PR:

Renovate Dependency Dashboard and GitHub Issues

Additionally, we can enable the creation of Issues for all PRs that Renovate will create.

Go to the Repository Settings and enable the Issues:

Now, when Renovate opens a PR with an update, it will create a GitHub Issue with details about the update:

 

And actually that’s all you need to start working with Renovate on GitHub.

“It (just) works!” (c)

Maybe I’ll add some more configuration details later when I’ll set up other repositories.

Useful links