search

kubeflow / training-operator

Distributed ML Training and Fine-Tuning on Kubernetes
https://www.kubeflow.org/docs/components/training
Apache License 2.0
1.57k stars 682 forks source link

Add Dependabot or Renovate #2225

Open kannon92 opened 3 weeks ago

kannon92 commented 3 weeks ago

What you would like to be added?

There should be a dependabot or renovate to help keep dependencies up to date.

Why is this needed?

This helps keep dependencies update and does not require manually upkeep to update them.

Love this feature?

Give it a 👍 We prioritize the features with most 👍

tenzen-y commented 3 weeks ago

This is a good point. TBH, I want to introduce the dependabot, but our CI testing is too flaky in building images and unit/integration/e2e testing.

So, I would like to postpone the dependabot until the v1 API is removed.

andreyvelich commented 3 weeks ago

I think, we already have it, isn't ? Here is the PR example: https://github.com/kubeflow/training-operator/pull/2056

tenzen-y commented 3 weeks ago

I think, we already have it, isn't ? Here is the PR example: #2056

That is created by the critical security issue. Kevin indicates to add a depandabot script so that we can always use the latest library version.

andreyvelich commented 3 weeks ago

Oh, I see, thanks for the clarification! /remove-label lifecycle/needs-triage /area engprod