This is a turnkey solution that shows your Renovate bot Pull Requests. Now you can see the "technical debt" of your git repositories. For now, only GitHub and GitLab are supported.
Provide a few configuration values and run docker compose up
to get a dashboard that looks like this:
The above screenshot shows the state of the Cypress repository as of 2023-12-19 (note: the dashboard comes with filters for the start and end date, and for choosing a specific repository, the filters are not shown in the screenshot):
major
, minor
, patch
, digest
, security
)renovate.json[5]
file in the root of the repo's default branchRenovate creates Pull Requests for outdated dependencies, which are a form of technical debt. Knowing how much technical debt you have helps you when setting your priorities.
When you use this tool you'll better understand:
This tool comes with a pre-configured Docker Compose setup that uses Metabase to draw a dashboard that visualizes your Renovate Pull Requests. But you may use another "business intelligence" tool, or replace the PostgreSQL database with another relational database. The most complex SQL query is the one that computes how many PRs are open at a given point in time:
The database model looks as follows:
[!IMPORTANT] Using the tool only makes sense if Renovate has been running in your repositories for a while (e.g. several weeks, better months). Otherwise, the dashboard won't show much data.
Your Renovate configuration should contain the following settings:
- The tool needs a clear way to identify the PRs created by Renovate
- The PRs could be created by a specific functional user (on GitHub .com this is
renovate[bot]
)- You could assign a label to the PRs (in your
renovate.json
file, setlabels
e.g. to["dependencies"]
)- The tool needs a clear way to identify security PRs, you could do this by putting this snippet in your
renovate.json
file:"vulnerabilityAlerts": { "labels": ["security", "dependencies"], }
Follow these steps to run the tool:
.env.example
file (name it .env
), and change the configuration values, which are documented in the filedocker compose up -d
, wait for the datascraper
service/container to finish with exit code 0 (if exit code is 1, check the container logs for errors)admin@site.org
and password admin1!
, then navigate to the Renovate dashboard. This dashboard shows the data of all Git repositories, but the Repository filter at the top of the dashboard allows you to filter the entries down to a specific repositorydocker compose up datascraper
again[!TIP]
If you run Docker Desktop on macOS with an Apple Silicon (ARM64) chip, the publicmetabase/metabase:vXXX
image may perform poorly or even crash, because it is only built for AMD/Intel CPU architectures (and the QEMU-based emulation of such images can be slow). You can easily build and use your own ARM-based image as follows:
- Build the Metabase ARM64-based image locally:
docker build -t metabase:local --build-arg metabase_version=v0.48.0 -f Dockerfile-metabase .
- Edit the
docker-compose.yaml
, updating theimage:
reference for themetabase
service tometabase:local