feat(k8s/infrastructure): add self-hosted Renovate CronJob
This commit is contained in:
41
kubernetes/infrastructure/controllers/renovate/cronjob.yaml
Normal file
41
kubernetes/infrastructure/controllers/renovate/cronjob.yaml
Normal file
@@ -0,0 +1,41 @@
|
|||||||
|
apiVersion: batch/v1
|
||||||
|
kind: CronJob
|
||||||
|
metadata:
|
||||||
|
name: renovate
|
||||||
|
namespace: renovate
|
||||||
|
labels:
|
||||||
|
app: renovate
|
||||||
|
spec:
|
||||||
|
schedule: "0 */6 * * *"
|
||||||
|
concurrencyPolicy: Forbid
|
||||||
|
successfulJobsHistoryLimit: 3
|
||||||
|
failedJobsHistoryLimit: 3
|
||||||
|
jobTemplate:
|
||||||
|
spec:
|
||||||
|
template:
|
||||||
|
metadata:
|
||||||
|
labels:
|
||||||
|
app: renovate
|
||||||
|
spec:
|
||||||
|
restartPolicy: Never
|
||||||
|
containers:
|
||||||
|
- name: renovate
|
||||||
|
image: renovate/renovate:39
|
||||||
|
env:
|
||||||
|
- name: RENOVATE_PLATFORM
|
||||||
|
value: github
|
||||||
|
- name: RENOVATE_REPOSITORIES
|
||||||
|
value: '["berezovskyi-oleksandr/homelab"]'
|
||||||
|
- name: RENOVATE_TOKEN
|
||||||
|
valueFrom:
|
||||||
|
secretKeyRef:
|
||||||
|
name: renovate
|
||||||
|
key: github-token
|
||||||
|
- name: LOG_LEVEL
|
||||||
|
value: info
|
||||||
|
resources:
|
||||||
|
requests:
|
||||||
|
memory: 512Mi
|
||||||
|
cpu: 500m
|
||||||
|
limits:
|
||||||
|
memory: 1Gi
|
||||||
@@ -0,0 +1,4 @@
|
|||||||
|
apiVersion: v1
|
||||||
|
kind: Namespace
|
||||||
|
metadata:
|
||||||
|
name: renovate
|
||||||
@@ -0,0 +1,22 @@
|
|||||||
|
apiVersion: v1
|
||||||
|
kind: Secret
|
||||||
|
metadata:
|
||||||
|
name: renovate
|
||||||
|
namespace: renovate
|
||||||
|
stringData:
|
||||||
|
github-token: ENC[AES256_GCM,data:6SjztGjm1T0hNzgj3wpuqa31mdJdZItX0iZUA8l8v/4NhBmxDfMpu2YR8CyikZNcaTMhW4ty/nAYTPIBa8btGClArRV6p+aKrb9E35/LZmy5LIgg5ElZ5gaX+zIY,iv:Jx6Vwn6uaWTPw+fIsYOLJ68WSdZeHfEyq1nNYEidBZo=,tag:KTv6eABellIh9Putw2zSRw==,type:str]
|
||||||
|
sops:
|
||||||
|
age:
|
||||||
|
- recipient: age1zffnskvuezntkk703a0pyxsd5m8vx2hm33dr47wdfy8mn4fdw4sqgw0jgc
|
||||||
|
enc: |
|
||||||
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBXbms0RlovUkZSMXBRbzdQ
|
||||||
|
VHhla0RVbW1jVFBUQjA5Tk9rNkQzSnlCMGhNCi9BbHNGMjdVZHB2T1o5S1J0bXQv
|
||||||
|
R1lQUklQT2UrQWFSS3FUWFg4MXRqeWsKLS0tIHBUaGlUcHNPZzFPRk5mdk1BRGZT
|
||||||
|
WFpEUzFtWkcyZ0ExSno5cTBIaU5ENmsKkGzvTtT0chu+B9XfDI2vRl5FXd46NWoh
|
||||||
|
uADvff8Y3s0zwco7d4KiKQ3RNUnCQdThLBw/kJJSLf2012KgcGtwFA==
|
||||||
|
-----END AGE ENCRYPTED FILE-----
|
||||||
|
lastmodified: "2026-03-19T19:19:10Z"
|
||||||
|
mac: ENC[AES256_GCM,data:obHqpPjipCJXzO+uO6JzaaGyzKaZwsTQx0UcipJmaXHrxveUZSWNkzFlQG11Zebi9owLSZxMigz172EIV2TUiNf03/G39HrajqRDMN/rQXH335ReBLZepzqhQekSJcQ8dT7GONpIYUmfsbm/mG31yg7RYJkmaUPfZyCAnNk1EJ0=,iv:/EDy+trJqPoEuxLgiNJBeoLkP87boxWtGHu7jmo/f8g=,tag:5LkSH5eTviNIS5Q/SU46Iw==,type:str]
|
||||||
|
encrypted_regex: ^(data|stringData|email)$
|
||||||
|
version: 3.12.1
|
||||||
11
renovate.json
Normal file
11
renovate.json
Normal file
@@ -0,0 +1,11 @@
|
|||||||
|
{
|
||||||
|
"$schema": "https://docs.renovatebot.com/renovate-schema.json",
|
||||||
|
"extends": [
|
||||||
|
"config:recommended",
|
||||||
|
":semanticCommits",
|
||||||
|
],
|
||||||
|
"enabledManagers": ["kubernetes"],
|
||||||
|
"automergeType": "branch",
|
||||||
|
"ignoreTests": true,
|
||||||
|
"assignees": ["berezovskyi-oleksandr"]
|
||||||
|
}
|
||||||
Reference in New Issue
Block a user