Open abatilo opened 5 years ago
+1, helmfile changed my life for the better. Am not a dependabot maintainer at all, but any thoughts on what the UX might look like? Would it directly create a PR to update the version: ~x.y.z.
for a chart under a helmfile.yaml
's releases:
block?
(no expectation of commentary but /cc @mumoshu just for visibility)
That's exactly how I envisioned it. Additionally, it would be nice if it parsed any possible values.yaml files and bumped things like container tags/versions as well.
Would it directly create a PR to update the version: ~x.y.z. for a chart under a helmfile.yaml's releases: block?
Perhaps it would be even better if dependabot is able to submit an another type of PRs that, basically, run helmfile deps
to update helmfile.lock
so that it include latest chart versions referenced from within releases
block of your helmfile.yaml
😃
Let's say you had a version constraint that looks like version: >= 1.0
or version: >= 1.2, < 1.3
, automated updates of chart version constraints in releases
helps delaying opt-in to receive major or minor version updates, while automated updates of helmfile.lock
(by running helmfile deps
) will help receiving minor or patch versions only.
Duplicate of #2237
@infin8x is this actually a dupe of #2237? helmfile is not a helm itself.
@infin8x it is definitely not a dupe of #2237. Helmfile is a different tool and use different approach to describe dependencies and versions.
_infin8x
is no longer on the Dependabot team. Reopening this for tracking purposes, but please note that we do currently have a stop on adding new ecosystems to Dependabot: https://github.com/dependabot/dependabot-core/blob/0352d543c2ed09ed24e42a72d6b0477b23a55dcf/CONTRIBUTING.md#contributing-new-ecosystems
hello, any updates for this feature?
No updates right now.
If you want it, please upvote using a 👍 on the first post, see: https://github.com/dependabot/dependabot-core#no-1-comments
https://github.com/roboll/helmfile
Helmfile is an improved way to manage all the helm charts that might be deployed to your Kubernetes cluster.
It would be amazing to have dependabot scrape a helm repository, like the official helm charts repository: https://github.com/helm/charts
Or have it scrape the published helm charts repository: https://kubernetes-charts.storage.googleapis.com/
And then update the versions of charts that are being used.