From 52a9d53a2af1ee7d0ea4f126de9d62f492ee6919 Mon Sep 17 00:00:00 2001 From: JJGadgets Date: Wed, 7 Feb 2024 22:49:07 +0800 Subject: [PATCH] chore: cleanup authentik renovate test --- .renovate/groups.json5 | 4 +++- .../kube/authentik-renovate-cve-test.yaml | 0 kube/deploy/apps/authentik/app/hr.yaml | 2 +- 3 files changed, 4 insertions(+), 2 deletions(-) rename kube/templates/authentik-test.yaml => archive/kube/authentik-renovate-cve-test.yaml (100%) diff --git a/.renovate/groups.json5 b/.renovate/groups.json5 index 3d3c0be0..86d6e241 100644 --- a/.renovate/groups.json5 +++ b/.renovate/groups.json5 @@ -39,7 +39,9 @@ "commitMessageTopic": "{{{groupName}}} group" }, "separateMultipleMajor": true, - "separateMinorPatch": true + "separateMinorPatch": true, + // TODO: Helm chart uses separate key for digests, which Renovate seems to not recognize? maybe patching the image would be better? + "pinDigests": false }, { "description": "Auto merge Github Actions", diff --git a/kube/templates/authentik-test.yaml b/archive/kube/authentik-renovate-cve-test.yaml similarity index 100% rename from kube/templates/authentik-test.yaml rename to archive/kube/authentik-renovate-cve-test.yaml diff --git a/kube/deploy/apps/authentik/app/hr.yaml b/kube/deploy/apps/authentik/app/hr.yaml index 65294ed2..8ee456fc 100644 --- a/kube/deploy/apps/authentik/app/hr.yaml +++ b/kube/deploy/apps/authentik/app/hr.yaml @@ -17,7 +17,7 @@ spec: image: repository: "ghcr.io/goauthentik/server" tag: "2023.10.7" # specify image tag for Renovate to pull changelogs & security info, and for security releases without a chart release - digest: "sha256:8ebdd51a95d3efdcb0cf3b26ed849cc0f9a8c032adb8cd595cabb59a1f321161" # TODO: apparently Renovate doesn't see this as a digest? + #digest: "sha256:8ebdd51a95d3efdcb0cf3b26ed849cc0f9a8c032adb8cd595cabb59a1f321161" # TODO: apparently Renovate doesn't see this as a digest? pullPolicy: IfNotPresent # server is in active-active, 3 replicas seems to confuse authentik replicas: 2