Renovate at GitLab: Current Implementation Documentation
Overview
Section titled “Overview”Renovate is a dependency update tool used at GitLab to automate the process of keeping dependencies up-to-date. This document outlines the current implementation, configurations, and workflows of Renovate within the GitLab infrastructure.
Current Implementation Approaches
Section titled “Current Implementation Approaches”GitLab currently uses two different approaches for Renovate:
1. Common CI Tasks Approach
Section titled “1. Common CI Tasks Approach”Repository: https://gitlab.com/gitlab-com/gl-infra/common-ci-tasks
Key Characteristics:
- Per-project CI job implementation
- Requires CI include and
renovate.jsonconfiguration. This can be generated for you using ourcommon-template-copiertemplate. - Uses custom container image with specific tooling installed
Focus Areas:
- Security and isolation by running one job per project
- Custom tooling baked into the image to generate/update templates and non-standard files
Documentation:
2. Global Renovate Runner Approach
Section titled “2. Global Renovate Runner Approach”Repositories:
- https://gitlab.com/gitlab-com/gl-infra/renovate/renovate-ci
- https://ops.gitlab.net/gitlab-com/gl-infra/renovate/renovate-ci
Key Characteristics:
- Global CI job with auto-discovery via renovate-runner
- Sets a
managed-by-soostopic to prevent duplication with thecommon-ci-tasksapproach - Requires
renovate.jsonconfiguration - Language-specific images based on project code/files
Focus Areas:
- Low maintenance and easy onboarding
- Efficiency through running a global CI job that caches dependencies data for all projects
- Uses upstream maintained components
Documentation:
Future Considerations
Section titled “Future Considerations”We will likely be deprecating the Global Renovate Runner approach, so please set up all new projects using common-ci-tasks.
Adding dependencies
Section titled “Adding dependencies”To configure Renovate Bot for a given project, follow the Automated Project Setup documentation in common-ci-tasks.
Related Resources
Section titled “Related Resources”Best Practices
Section titled “Best Practices”Renovate best practices are documented in the common-ci-tasks project.
Troubleshooting
Section titled “Troubleshooting”Dependency not being picked up
Section titled “Dependency not being picked up”If you configured a dependency and it isn’t getting picked up by Renovate check the output of the latest scheduled pipeline job.
Common CI Tasks: Scheduled pipeline on the project in question. Renovate CI:
- Scheduled pipeline for GitLab.com
- ops.gitlab.net.
If you need further debug data, check the renovate-log.ndjson file on the CI
job’s artifacts and grep for the project’s name.
Testing out Renovate changes
Section titled “Testing out Renovate changes”If you suspect your renovate.json may need adjustments, you can try them out
before merging them the following way:
npm install -g renovate- On a local copy of https://gitlab.com/gitlab-com/gl-infra/renovate/renovate-ci, execute
RENOVATE_PLATFORM=gitlab RENOVATE_TOKEN=<your-gitlab-token> RENOVATE_REPOSITORIES=gitlab-com/gl-infra/<path-to-project> RENOVATE_BASE_BRANCHES=<your-branch> renovate --use-base-branch-config=merge --autodiscover=false --dry-run=full