· Nicholas Dille

Renovate

Automated updates of dependencies

Container image available

Not tightly integrated into GitLab

Options

Pipeline-integrated optionally with official template

Cron job running separate from GitLab instance

Self-hosted Renovate (formerly paid product)

Hands-On: Pipeline-integrated

Create personal access token with scopes api, read_user, write_repository
Add unprotected CI variable called RENOVATE_TOKEN
Add renovate.json to root of project
Add new job called renovate
Create schedule with non-empty variable RENOVATE
Check job logs
Check merge requests
Check pipelines
Merge at least one change

See new .gitlab-ci.yml:

git checkout origin/160_gitlab_ci/270_renovate -- '*'

(With proper configuration Renovate will automerge tested merge requests.)

Pro tip: Use renovate:slim image

Image is smaller and loads faster

Tools are installed on-demand

Natively or using container sidecars

renovate:
  image: renovate/renovate:32.236.0-slim
  script: |
    renovate --platform gitlab \
        --endpoint https://gitlab.seat${SEAT_INDEX}.inmylab.de/api/v4 \
        --token ${RENOVATE_TOKEN} \
        --autodiscover true
  #...

Request tools version using constraints

Or use tool specific directives like engine for npm