Open robscott opened 7 months ago
Can I work on this issue? I think adding few settings to the dependabot.yml
might fix it.
Currently, the dependabot.yml
is only tracking for the directory /
. I think adding few settings for the directories(where go.mod
is located) gwctl/
and conformance/echo-basic/
might fix this. Ref: https://github.com/stackrox/stackrox/blob/master/.github/dependabot.yaml#L40-L156
/assign @jongwooo
Sounds great, feel free to make a PR!
Still same problem in #2789
Still same problem in #2789
😢 reopening this for now, though #2786 was still very helpful for other reasons. Open to other potential fixes for this particular problem.
the issue looks like it is due to there being multiple modules in the repo and the update order in the case of #2789 between the different modules, the gwctl
module on the PR branch has an older version of the k8s.io deps than the PR is updating the main module to
I don't have the right permissions but looks like a dependabot rebase should fix the issue at hand in https://github.com/kubernetes-sigs/gateway-api/pull/2789
I wonder if dropping the replace
block in gwctl's go.mod would help. That replace block also prevents people from installing it with go install
.
I wonder if this is those niche scenarios were commiting a go.work
file makes sense
Unfortunately still failing in #2882
/help
@robscott: This request has been marked as needing help from a contributor.
Please ensure that the issue body includes answers to the following questions:
For more details on the requirements of such an issue, please see here and ensure that they are met.
If this request no longer meets these requirements, the label can be removed
by commenting with the /remove-help
command.
What happened: PRs opened by dependabot do not appear to be running
go mod tidy
and are failing our presubmits.What you expected to happen: PR opened by dependabot to pass our presubmits.
Anything else we need to know?: Not sure what the solution is here, maybe it's just better dependabot config, or maybe we should look into an alternative like renovate that appears to have a few more configuration options here. With that said, I can't find any prior art for running renovate with k8s projects, so it's probably safest to stick with dependabot if we can get it to work.