Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix: separate extractVersion and update readme-renovate.md #5655

Merged
merged 2 commits into from
Jan 23, 2025
+25 −6
Merged

fix: separate extractVersion and update readme-renovate.md #5655

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
791204d
fix: separate extractVersion and update readme-renovate.md
Devinwong Jan 23, 2025
fa1021e
update readme
Devinwong Jan 23, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
26 changes: 21 additions & 5 deletions .github/README-RENOVATE.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -73,7 +73,21 @@ In summary, this package rule is saying it will apply auto-update without `autom

Combining these 2 package rules together is actually asking Renovate not to update `major` and `minor`, but just `patch`, `pin` and `digest`.

We configured auto-merge patch version for components `moby-runc` and `moby-containerd`. Please search `"matchPackageNames": ["moby-runc", "moby-containerd"]` in `renovate.json` for an example.

As of 01/23/2025, the PR merging policy is as follows.
| Components | Major | Minor | Patch |
| -------- | ------ | ------ | ------ |
| Runc, Containerd | Manual | Manual | Auto |
| Others | Manual | Manual | Manual |

The update of `Runc` and `Containerd` is owned by Node SIG and we have sufficient confidence to auto-merge it with our tests and PR gates. Thus it's set to `auto-merge`.
For other components, we are still relying on the owner teams to approve and merge. If there is a need to auto-merge a component, it's always configurable.

---

For more context to anyone who is interested, let's walk through a real example. Feel free to skip reading this if it has nothing to do with your task.

### (Optional context) Why not updating minor?
Using azure-cni as an example, if we enable auto updating `minor`, we will see the following PRs created by Renovate automatically at of Sep 12, 2024.
- PR1: containernetworking/azure-cni minor v1.5.32 -> v1.6.6
Expand Down Expand Up @@ -101,9 +115,10 @@ For example,
{
"matchPackageNames": ["moby-runc", "moby-containerd"],
"assignees": ["devinwong", "anujmaheshwari1", "cameronmeissner", "AlisonB319", "lilypan26", "djsly", "jason1028kr", "UtheMan", "zachary-bailey", "ganeshkumarashok"]
"reviewers": ["devinwong", "anujmaheshwari1", "cameronmeissner", "AlisonB319", "lilypan26", "djsly", "jason1028kr", "UtheMan", "zachary-bailey", "ganeshkumarashok"]
},
```
In this block, it is saying that if the package name, that a PR is updating, is one of the defined values, then assign this PR to these Github IDs.
In this block, it is saying that if the package name, that a PR is updating, is one of the defined values, then assign this PR to these Github IDs. The values in `reviewers` are the same group of people to allow them to self-approve the PR. Unfortunately JSON doesn't support variable in value so we have to provide the value strings twice for both `assignees` and `reviewers`

### Additional string operation to specific component
```
Expand Down Expand Up @@ -293,7 +308,7 @@ Depending on what kind of component you are going to onboard.
]
}
```
Please make sure you set the `renovateTag` correctly, where `registry` is always `https://mcr.microsoft.com` now, and the `name` doesn't have a leading slash `/`. As of Sept 2024, The container Images in `components.json` are all hosted in MCR and MCR is the only registry enabled in the current Renovate configuration file `renovate.json`. If there is demand for other container images registry, it will be necessary to double check if it will just work.
Please make sure you set the `renovateTag` correctly, where `registry` is always `https://mcr.microsoft.com` now, and the `name` doesn't have a leading slash `/`. As of Jan 2025, The container Images in `components.json` are all hosted in MCR and MCR is the only registry enabled in the current Renovate configuration file `renovate.json`. If there is demand for other container images registry, it will be necessary to double check if it will just work.

Fore more details, you can refer to Readme-components linked at the beginning of this document.

Expand Down Expand Up @@ -324,9 +339,10 @@ There is an example for packages `moby-runc` and `moby-containred`
{
"matchPackageNames": ["moby-runc", "moby-containerd"],
"assignees": ["devinwong"]
"reviewers": ["devinwong"]
},
```
You can follow this example to create a block and fill in the matchPackageNames with your **GitHub ID** to assign to yourself, assuming you are the owner. Note that the packageName here must be the exact name that you can find in your datasource. For example, in the datasource PMC which hosts `moby-runc` and `moby-containerd`, we are running `apt-get install moby-runc moby-containerd`. So this is the correct package name.
You can follow this example to create a block and fill in the matchPackageNames with your **GitHub ID** to assign and set reviewer to yourself, assuming you are the owner. Note that the packageName here must be the exact name that you can find in your datasource. For example, in the datasource PMC which hosts `moby-runc` and `moby-containerd`, we are running `apt-get install moby-runc moby-containerd`. So this is the correct package name.

Another example is for a container image `mcr.microsoft.com/oss/kubernetes/kube-proxy`. In this case you should fill in the matchPackageNames with packageName `oss/kubernetes/kube-proxy`. Note there is no leading slash `/`.

Expand All @@ -343,9 +359,9 @@ If your GitHub ID is placed in the `assignees` array, you are responsible for th
## What components are onboarded to Renovate for auto-update and what are not yet?
In general, if a component has the `"renovateTag": "<DO_NOT_UPDATE>"`, it means it's not monitored by Renovate and won't be updated automatically.

As of 11/12/2024,
As of 01/23/2025,
- All the container images are onboarded to Renovate for auto-update.
- PMC hosted packages, namely `runc` and `containerd`, are onboarded for auto-update.
- PMC hosted packages, namely `runc` and `containerd`, are configured as auto-merge patch version.
- OCI artifacts hosted on MAR(aka MCR) such as `kubernetes-binaries`, `azure-acr-credential-provider` and `containerd-wasm-shims` are onboarded for auto-update.
- Acs-mirror hosted packages/binaries, namely `cni-plugins`, `azure-cni`, `cri-tools`, etc., are NOT onboarded for auto-update yet. There are plans to move the acs-mirror hosted packages to MCR OCI which will be downloaded by Oras. We will wait for this transition to be completed to understand the details how to manage them.

Expand Down
5 changes: 4 additions & 1 deletion .github/renovate.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -70,7 +70,6 @@
},
{
"matchPackageNames": ["moby-runc", "moby-containerd"],
"extractVersion": "^v?(?<version>.+)$",
"matchUpdateTypes": [
"patch"
],
Expand Down Expand Up @@ -104,6 +103,10 @@
"matchPackageNames": ["oss/binaries/kubernetes/kubernetes-node", "oss/binaries/kubernetes/azure-acr-credential-provider", "oss/binaries/deislabs/containerd-wasm-shims"],
"extractVersion": "^(?P<version>.*?)-[^-]*-[^-]*$"
},
{
"matchPackageNames": ["moby-runc", "moby-containerd"],
Devinwong marked this conversation as resolved.
Show resolved Hide resolved
"extractVersion": "^v?(?<version>.+)$"
},
{
"matchPackageNames": ["aks/aks-gpu-cuda", "aks/aks-gpu-grid"],
"versioning": "regex:^(?<major>\\d+)\\.(?<minor>\\d+)\\.(?<patch>\\d+)-(?<prerelease>\\d{14})$",
Expand Down
Loading