GitLab CI template for Renovate¶
Automate your dependency updates with Renovate.
Usage¶
This template can be used both as a CI/CD component
or using the legacy include:project syntax.
Use as a CI/CD component¶
Add the following to your .gitlab-ci.yml:
include:
# include the component
- component: $CI_SERVER_FQDN/to-be-continuous/renovate/gitlab-ci-renovate@1.4.0
Use as a CI/CD template (legacy)¶
Add the following to your .gitlab-ci.yml:
include:
# include the template
- project: "to-be-continuous/renovate"
ref: "1.4.0"
file: "/templates/gitlab-ci-renovate.yml"
Configuration¶
The Renovate template uses some global configuration used throughout all jobs.
| Input / Variable | Description | Default value |
|---|---|---|
image / RENOVATE_IMAGE |
The Docker image used to run Renovate | registry.hub.docker.com/renovate/renovate:latest |
 RENOVATE_TOKEN |
A GitLab access token to allow Renovate crawl your projects. See doc | none |
GITHUB_COM_TOKEN |
A GitHub access token to allow Renovate fetch changelogs. See doc | none |
This template will help you using Renovate from a GitLab project to automate your dependency updates within your groups or projects. On the contrary to other to-be-continuous templates, this one should be used in a separate project that will be in charge of crawling all your other projects.
Upon including the template, carefuly follow Renovate's documentation to configure the bot accordingly. Pay attention to the following:
- ~~Remember to set the platform parameter
to
gitlabin your configuration.~~ - GitLab platform integration requires that you
declare a
RENOVATE_TOKENvariable with an access token. - You'll also probaly need to declare a
GITHUB_COM_TOKENvariable, holding a GitHub access token (for fetching changelogs)
Default Renovate configuration¶
This template is designed to be run on GitLab.
Defaults values are set to manage GitLab features :
| Renovate variable | Value |
|---|---|
RENOVATE_PLATFORM |
gitlab |
RENOVATE_ENDPOINT |
$CI_API_V4_URL |
RENOVATE_AUTODISCOVER_FILTER |
${CI_PROJECT_ROOT_NAMESPACE}/** |
RENOVATE_REGISTRY_ALIASES |
{"$$CI_SERVER_FQDN": "$CI_SERVER_FQDN"} |
RENOVATE_BINARY_SOURCE |
install |
RENOVATE_LOG_FILE |
renovate-log.ndjson |
RENOVATE_LOG_FILE_LEVEL |
debug |
Dry-run implementation details¶
Depending on the source of a pipeline, the template will either perform your dependency updates (create/update/delete branches and MRs) or perform a dry run (to preview the behavior of Renovate with logs, without making any changes to your repositories).
The real dependency updates is triggered only when:
- the pipeline is started from the web interface (menu Build > Pipelines, click Run pipeline),
- or the pipeline is started from a scheduled run (menu Build > Pipeline schedules).
In any other case (regular Git commit or else) the template will perform a dry run.
Dry-run behavior is enabled/disabled with the RENOVATE_DRY_RUN environment variable.
Please don't try to override it or you might break the default template implementation.