renovate - Notes - Sheldon Hull

Run Locally Via Docker

For Azure DevOps

Set the environment variables: export AZURE_DEVOPS_ORG=foo, AZURE_DEVOPS_EXT_PAT, and replace PROJECTNAME/REPO as required.

docker run --rm -it \
    -e RENOVATE_PLATFORM="azure" \
    -e RENOVATE_ENDPOINT="https://dev.azure.com/$&#123;AZURE_DEVOPS_ORG&#125;/" \
    -e GITHUB_COM_TOKEN=$(gh auth token) \
    -e SYSTEM_ACCESSTOKEN=$AZURE_DEVOPS_EXT_PAT \
    -e RENOVATE_TOKEN=$AZURE_DEVOPS_EXT_PAT \
    -e RENOVATE_DRY_RUN=full \
    -e LOG_LEVEL=debug \
    -v $&#123;PWD&#125;/config.js:/usr/src/app/config.js \
    -v /var/run/docker.sock:/var/run/docker.sock \
    renovate/renovate:latest --include-forks=false --dry-run=full PROJECTNAME/REPO

Centralizing Config

Create a config.js in the renovate-config repo you created. According to the Renovate documentation, this type of config supports NuGet, npm, and GitHub authentication.

Change various options by reviewing the Renovate documentation. Options like the creation of closed pull requests can be configured by flags or environment variables.

For Azure DevOps Pipelines, see the example below. For GitHub, consider using the Renovatebot GitHub app for a smoother integration, which also checks the status by default every 3 hours.

local debugging

# Change recreation if you are testing and need to abandon, then recreate
docker run --rm \
    -it \
    -e RENOVATE_RECREATE_CLOSED=false \
    -e LOG_LEVEL=debug \
    -e RENOVATE_DRY_RUN=true \
    -e GITHUB_COM_TOKEN=$GITHUB_TOKEN \
    -e RENOVATE_TOKEN=$AZURE_DEVOPS_EXT_PAT \
    -v "$&#123;PWD&#125;/config.js:/usr/src/app/config.js" \
    renovate/renovate --include-forks=false

config.js

const pipelineToken = process.env.RENOVATE_TOKEN;
const patTokenForFeed = process.env.RENOVATE_TOKEN;

module.exports = &#123;
  platform: 'azure',
  endpoint: 'https://dev.azure.com/&#123;myorg&#125;/',
  token: pipelineToken,
  hostRules: [
    &#123;
      hostType: 'npm',
      matchHost: 'pkgs.dev.azure.com',
      username: 'apikey',
      password: patTokenForFeed,
    &#125;,
    &#123;
      hostType: 'npm',
      matchHost: '&#123;myorg&#125;.pkgs.visualstudio.com',
      username: 'apikey',
      password: patTokenForFeed,
    &#125;,
    &#123;
      matchHost: 'https://pkgs.dev.azure.com/&#123;myorg&#125;/',
      hostType: 'nuget',
      username: 'renovate', // username doesn't matter for azure
      password: patTokenForFeed,
    &#125;,
    &#123;
      matchHost: 'github.com',
      token: process.env.GITHUB_COM_TOKEN,
    &#125;,
  ],
  repositories: [
    // specify format as 'Project/reponame'
    'Project/reponame',
  ],
&#125;;

renovate.azure-pipelines.yml

---
name: renovate.$(Build.Reason)-$(Date:yyyyMMdd)-$(Rev:.r)
pr: none
trigger:
  batch: true
  branches:
    include:
      - main
schedules:
  - cron: 0 07 * * Mon
    displayName: Mon7am
    branches:
      include: [main]
    always: true
jobs:
  - job: renovate
    displayName: renovate-repos
    timeoutInMinutes: 15
    pool:
      name: Azure Pipelines
      vmImage: ubuntu-latest
    steps:
      - checkout: self
      - bash: |
          git config --global user.email '[email protected]'
          git config --global user.name 'Renovate Bot'
          npx --userconfig .npmrc renovate
        displayName: npx-renovate
        env:
          RENOVATE_TOKEN: $(System.AccessToken)
          GITHUB_COM_TOKEN: $(GITHUB_COM_TOKEN)