From 1d64a107ed55bfdadbe041e11f03e4b4ba51ed23 Mon Sep 17 00:00:00 2001
From: Michael Kriese <michael.kriese@visualon.de>
Date: Fri, 17 Jan 2025 15:50:52 +0100
Subject: [PATCH] feat(flux): update docker images of helm release values
(#33671)
---
.../manager/flux/__fixtures__/multidoc.yaml | 4 +++
lib/modules/manager/flux/extract.spec.ts | 10 ++++++
lib/modules/manager/flux/extract.ts | 5 +++
lib/modules/manager/flux/readme.md | 2 ++
lib/modules/manager/flux/schema.ts | 1 +
lib/modules/manager/helm-values/extract.ts | 34 +++++++++++--------
6 files changed, 41 insertions(+), 15 deletions(-)
diff --git a/lib/modules/manager/flux/__fixtures__/multidoc.yaml b/lib/modules/manager/flux/__fixtures__/multidoc.yaml
index 675feac3fc..9fdea37242 100644
--- a/lib/modules/manager/flux/__fixtures__/multidoc.yaml
+++ b/lib/modules/manager/flux/__fixtures__/multidoc.yaml
@@ -13,6 +13,10 @@ spec:
name: external-dns
version: "1.7.0"
interval: 1h0m0s
+ values:
+ image:
+ repository: k8s.gcr.io/external-dns/external-dns
+ tag: v0.13.4
---
apiVersion: source.toolkit.fluxcd.io/v1beta1
kind: HelmRepository
diff --git a/lib/modules/manager/flux/extract.spec.ts b/lib/modules/manager/flux/extract.spec.ts
index 134fc4dd6e..70e97ac274 100644
--- a/lib/modules/manager/flux/extract.spec.ts
+++ b/lib/modules/manager/flux/extract.spec.ts
@@ -34,6 +34,16 @@ describe('modules/manager/flux/extract', () => {
depName: 'external-dns',
registryUrls: ['https://kubernetes-sigs.github.io/external-dns/'],
},
+ {
+ autoReplaceStringTemplate:
+ '{{newValue}}{{#if newDigest}}@{{newDigest}}{{/if}}',
+ currentDigest: undefined,
+ currentValue: 'v0.13.4',
+ datasource: DockerDatasource.id,
+ depName: 'k8s.gcr.io/external-dns/external-dns',
+ replaceString: 'v0.13.4',
+ versioning: DockerDatasource.id,
+ },
{
currentValue: 'v11.35.4',
datasource: GithubTagsDatasource.id,
diff --git a/lib/modules/manager/flux/extract.ts b/lib/modules/manager/flux/extract.ts
index 98e10778b0..3178c28e98 100644
--- a/lib/modules/manager/flux/extract.ts
+++ b/lib/modules/manager/flux/extract.ts
@@ -13,6 +13,7 @@ import { GithubTagsDatasource } from '../../datasource/github-tags';
import { GitlabTagsDatasource } from '../../datasource/gitlab-tags';
import { HelmDatasource } from '../../datasource/helm';
import { getDep } from '../dockerfile/extract';
+import { findDependencies } from '../helm-values/extract';
import { isOCIRegistry, removeOCIPrefix } from '../helmv3/oci';
import { extractImage } from '../kustomize/extract';
import type {
@@ -187,6 +188,10 @@ function resolveResourceManifest(
);
resolveHelmRepository(dep, matchingRepositories, registryAliases);
deps.push(dep);
+
+ if (resource.spec.values) {
+ deps.push(...findDependencies(resource.spec.values, registryAliases));
+ }
break;
}
case 'GitRepository': {
diff --git a/lib/modules/manager/flux/readme.md b/lib/modules/manager/flux/readme.md
index bb1777f3bd..5083319621 100644
--- a/lib/modules/manager/flux/readme.md
+++ b/lib/modules/manager/flux/readme.md
@@ -22,6 +22,8 @@ Namespaces will not be inferred from the context (e.g. from the parent `Kustomiz
Renovate updates `HelmRelease` resources coming from `GitRepository` by updating the `GitRepository` resource.
+Renovate updates Docker dependencies inside `HelmRelease` `values` like the [`helm-values`](../helm-values/index.md) manager.
+
### GitRepository support
Renovate can update `git` references from `GitRepository` resources.
diff --git a/lib/modules/manager/flux/schema.ts b/lib/modules/manager/flux/schema.ts
index 8e4870b224..d76ff8fb5b 100644
--- a/lib/modules/manager/flux/schema.ts
+++ b/lib/modules/manager/flux/schema.ts
@@ -29,6 +29,7 @@ export const HelmRelease = KubernetesResource.extend({
.optional(),
}),
}),
+ values: z.record(z.unknown()).optional(),
}),
});
diff --git a/lib/modules/manager/helm-values/extract.ts b/lib/modules/manager/helm-values/extract.ts
index 59e465c0f0..2987b3ca12 100644
--- a/lib/modules/manager/helm-values/extract.ts
+++ b/lib/modules/manager/helm-values/extract.ts
@@ -17,13 +17,9 @@ function getHelmDep(
registry: string,
repository: string,
tag: string,
- config: ExtractConfig,
+ registryAliases: Record<string, string> | undefined,
): PackageDependency {
- const dep = getDep(
- `${registry}${repository}:${tag}`,
- false,
- config.registryAliases,
- );
+ const dep = getDep(`${registry}${repository}:${tag}`, false, registryAliases);
dep.replaceString = tag;
dep.versioning = dockerVersioning;
dep.autoReplaceStringTemplate =
@@ -36,11 +32,17 @@ function getHelmDep(
*
* @param parsedContent
*/
-function findDependencies(
+export function findDependencies(
parsedContent: Record<string, unknown> | HelmDockerImageDependency,
- packageDependencies: Array<PackageDependency>,
- config: ExtractConfig,
-): Array<PackageDependency> {
+ registryAliases: Record<string, string> | undefined,
+): PackageDependency[] {
+ return findDependenciesInternal(parsedContent, [], registryAliases);
+}
+export function findDependenciesInternal(
+ parsedContent: Record<string, unknown> | HelmDockerImageDependency,
+ packageDependencies: PackageDependency[],
+ registryAliases: Record<string, string> | undefined,
+): PackageDependency[] {
if (!parsedContent || typeof parsedContent !== 'object') {
return packageDependencies;
}
@@ -53,14 +55,16 @@ function findDependencies(
registry = registry ? `${registry}/` : '';
const repository = String(currentItem.repository);
const tag = `${currentItem.tag ?? currentItem.version}`;
- packageDependencies.push(getHelmDep(registry, repository, tag, config));
+ packageDependencies.push(
+ getHelmDep(registry, repository, tag, registryAliases),
+ );
} else if (matchesHelmValuesInlineImage(key, value)) {
- packageDependencies.push(getDep(value, true, config.registryAliases));
+ packageDependencies.push(getDep(value, true, registryAliases));
} else {
- findDependencies(
+ findDependenciesInternal(
value as Record<string, unknown>,
packageDependencies,
- config,
+ registryAliases,
);
}
});
@@ -86,7 +90,7 @@ export function extractPackageFile(
const deps: PackageDependency<Record<string, any>>[] = [];
for (const con of parsedContent) {
- deps.push(...findDependencies(con, [], config));
+ deps.push(...findDependencies(con, config.registryAliases));
}
if (deps.length) {
--
GitLab