Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: enable Dockerfile check for dependabot #2233

Closed
wants to merge 1 commit into from
Closed

feat: enable Dockerfile check for dependabot #2233

wants to merge 1 commit into from

Conversation

kruskall
Copy link
Member

What does this pull request do?

keep docker image up to date

Related issues

Closes #ISSUE

@kruskall kruskall requested a review from a team March 13, 2025 12:55
trentm
trentm approved these changes Mar 13, 2025
View reviewed changes
Copy link
Member

@trentm trentm left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We have the same for apm-agent-nodejs.git FWIW.

@kruskall
Copy link
Member Author

(note: I don't have permission to merge this)

@trentm
Copy link
Member

trentm commented Mar 14, 2025

ping @xrmx

@xrmx
Copy link
Member

xrmx commented Mar 17, 2025

Don't we have already renovate for that?

@xrmx
Copy link
Member

xrmx commented Mar 18, 2025
edited
Loading

Closing this since we already have renovate. I don't merge renovate PRs often because they bump the major python version image that I don't want to.

@xrmx xrmx closed this Mar 18, 2025
@kruskall kruskall reopened this Mar 18, 2025
@kruskall
Copy link
Member Author

Sorry for reopening and for the late reply 😓

Don't we have already renovate for that?

I think renovate config is only enabled for chainguard images:

apm-agent-python/renovate.json

Line 4 in a15ec54

"github>elastic/renovate-config:only-chainguard"

I'll leave it up to you and the python agent team to decide whether you want to extend the config to other docker images or want to use renovate but the image should be kept up to date.

I don't merge renovate PRs often because they bump the major python version image that I don't want to.

I don't think this is ok :(
I see #2206 is open for example. Maybe the config can be updated to not bump major versions ? cc @jamietanna

@xrmx
Copy link
Member

xrmx commented Mar 20, 2025

Sorry for reopening and for the late reply 😓

Don't we have already renovate for that?

I think renovate config is only enabled for chainguard images:

apm-agent-python/renovate.json

Line 4 in a15ec54

"github>elastic/renovate-config:only-chainguard"

I'll leave it up to you and the python agent team to decide whether you want to extend the config to other docker images or want to use renovate but the image should be kept up to date.

I would like to use just one tool for the same purpose

I don't merge renovate PRs often because they bump the major python version image that I don't want to.

I don't think this is ok :( I see #2206 is open for example. Maybe the config can be updated to not bump major versions ? cc @jamietanna

That would be great of course

@jamietanna
Copy link
Member

I see #2206 is open for example. Maybe the config can be updated to not bump major versions ? cc @jamietanna

Do we mean "major" version here? (I'm reading this in terms of Semantic Versioning)

#2206 seems to be bumping minor version of Python

I think yes, if we don't want to have Python minor bumps happening automagically, but only when a human triggers them via the Dependency Dashboard, then that's very achievable - wanna drop into the #renovate channel and discuss, if you need a hand?

@xrmx
Copy link
Member

xrmx commented Mar 24, 2025

I think yes, if we don't want to have Python minor bumps happening automagically, but only when a human triggers them via the Dependency Dashboard, then that's very achievable - wanna drop into the #renovate channel and discuss, if you need a hand?

Will do thanks

@xrmx
Copy link
Member

xrmx commented Mar 27, 2025

Handing the update to dependabot has been merged in #2246 . Now I just need to configure it 😓

@xrmx xrmx closed this Mar 27, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@trentm trentm trentm approved these changes

Assignees
No one assigned
Labels
agent-python
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@kruskall @trentm @xrmx @jamietanna