--- apiVersion: batch/v1 kind: CronJob metadata: name: renovate-infrastructure namespace: gitops spec: schedule: "@hourly" concurrencyPolicy: Forbid jobTemplate: spec: template: spec: volumes: - name: config-volume configMap: name: renovate-config - name: work-volume emptyDir: {} containers: - name: renovate image: renovate/renovate:32.64 volumeMounts: - name: config-volume mountPath: /opt/renovate/ - name: work-volume mountPath: /tmp/renovate/ env: - name: LOG_LEVEL value: debug - name: RENOVATE_ENDPOINT value: "https://git.0x76.dev/api/v1/" - name: RENOVATE_PLATFORM value: gitea - name: RENOVATE_AUTODISCOVER value: "false" - name: RENOVATE_GIT_AUTHOR value: "Renovate Bot " - name: RENOVATE_CONFIG_FILE value: "/opt/renovate/config.json" - name: RENOVATE_BASE_DIR value: "/tmp/renovate" envFrom: - secretRef: name: renovate restartPolicy: Never --- apiVersion: v1 kind: ConfigMap metadata: name: renovate-config namespace: gitops data: config.json: |- { "extends": ["github>whitesource/merge-confidence:beta"], "repositories": ["v/infrastructure"], "flux": { "fileMatch": ["flux/.+\\.yaml$"] }, "helm-values": { "fileMatch": ["flux/.+\\.yaml$"] }, "kubernetes": { "fileMatch": ["flux/.+\\.yaml$"] }, "hostRules": [ { "hostType": "docker", "matchHost": "ghcr.io", "username": "NULLx76", "password": process.env.GITHUB_COM_TOKEN } ], "packageRules": [ { "automerge": true, "automergeType": "branch", "matchPackageNames": [ "renovate/renovate" ] } ] }