Renovate has problems updating dependencies in app-operator #2801
Comments
|
After spending some time on investigating this I think the easiest thing we could do to fix this is to either pin problematic dependencies to specific versions, range of versions or disable upgrades for them altogether. This is because some of dependencies come indirectly from other packages we use in the App Operator project, and hence we cannot upgrade them just like that here without breaking the code that gets executed somewhere in the stack. I think we would need to go bottom-to-top, making sure all App Operator's dependencies that we directly rely on are up-to-date, before we update anything in the App Operator. Otherwise we are susceptible to these go-build errors or are forced to disable upgrades, to some extend at least, what also begs a question of why to have automated upgrades at all then. On the other hand, I am also not sure updating all dependencies is possible and if so of how much work it would require. These days we are rather in a maintenance mode rather than active development for most of the components we own, so I personally don't even know the codebase that well. Hence the easiest option seem to override some dependencies' upgrade procedure for the time being. As for the Dependency Dashboard warnings, they seem to come from the {
"currentDigest": "a8371794149d",
"currentValue": "v0.0.0-20191216044856-a8371794149d",
"currentVersion": "v0.0.0-20191216044856-a8371794149d",
"datasource": "go",
"depName": "github.com/docker/distribution",
"depType": "replace",
"digestOneAndOnly": true,
"fixedVersion": "v0.0.0-20191216044856-a8371794149d",
"isSingleVersion": true,
"managerData": {
"lineNumber": 184,
"multiLine": true
},
"packageName": "github.com/docker/distribution",
"sourceUrl": "https://github.com/docker/distribution",
"versioning": "semver",
"warnings": [
{
"message": "Could not determine new digest for update (datasource: go)",
"topic": "github.com/docker/distribution"
}
],
"updates": []
},Checking the logs you may find this: The problem is, the log says nothing more of the reason. So I am not sure what does the Renovate really mean by saying it can't get a digest. Fortunately we have the same problem in another project, the helmclient, see this. Surprisingly, the Renovate's log says something more in there: This is interesting because the {
"currentValue": "v20.10.22+incompatible",
"currentVersion": "v20.10.22+incompatible",
"datasource": "go",
"depName": "github.com/moby/moby",
"depType": "replace",
"fixedVersion": "v20.10.22+incompatible",
"isSingleVersion": true,
"managerData": {
"lineNumber": 158,
"multiLine": true
},
"packageName": "github.com/moby/moby",
"sourceUrl": "https://github.com/moby/moby",
"versioning": "semver",
"warnings": [],
"updates": [
{
"bucket": "non-major",
"newVersion": "v20.10.25+incompatible",
"newValue": "v20.10.25+incompatible",
"releaseTimestamp": "2023-05-04T13:33:05.000Z",
"newMajor": 20,
"newMinor": 10,
"updateType": "patch",
"branchName": "renovate/misc-modules"
},
{
"bucket": "major",
"newVersion": "v24.0.6+incompatible",
"newValue": "v24.0.6+incompatible",
"releaseTimestamp": "2023-08-29T19:14:17.000Z",
"newMajor": 24,
"newMinor": 0,
"updateType": "major",
"branchName": "renovate/major-misc-modules"
}
]
},In the above example the suffix is there, yet the Renovate has been able to find updated for this package without any complaints. Hence I am not sure of how this really works, nor couldn't I find anything in the source code. For these reasons I decided to disable upgrades for this particular package. |
|
The problems have been solved with this PR https://github.com/giantswarm/github/pull/1098. |
See giantswarm/app-operator#848
The text was updated successfully, but these errors were encountered: