Open sudosubin opened 1 year ago
cc @isubasinghe
I was thinking of writing a program to do this, but I estimate it to take about 24 hours of work in the best case scenario. As a result I think the best solution is to move to renovate, even without the support for Nix, it seems to be a better tool in general.
@tico24 could help us here, I think he's done a dependabot to renovate transition before.
@terrytangyuan what are your opinions on installing renovate?
Is there a way to only use renovate to update Nix and keep dependabot for everything else?
Yes. You control exactly what renovate does and doesn't monitor.
I've installed renovate app in this repo. Would anyone like to help setting this up for Nix update only?
Someone at Pipekit will take this on. You can put me down if you need to assign to someone.
This was not completed. See discussions in https://github.com/argoproj/argo-workflows/pull/11887#issuecomment-1741644512
Technically it was. I automated the nix dependencies.
This just isn't what @isubasinghe wants.
Summary
Dependabot automatically updates Go module dependencies, but does not update the hash values of Nix configurations it derives from. This causes Nix build to be broken, and then a developer who find this have to manually update the hash value each time.
To prevent this, either find a way to automatically update the Nix hash, or prevent CI or lint from updating only the Go module dependencies without updating the Nix hash.
There seems to be a way to automate it using Renovate (using flake.nix). https://docs.renovatebot.com/modules/manager/nix/
Any better ideas, or plans, etc.? I want to hear from all contributors.
Cases
Message from the maintainers:
Love this enhancement proposal? Give it a 👍. We prioritise the proposals with the most 👍.