Renovate On the Pipeline

Open-source Renovate is a free tool that is maintained by a community of developers who are not all associated with Mend. Mend does not provide support for issues that occur when using or implementing the open-source version Renovate. Any issues found when using the open-source version of Renovate should be reported to the open source repository.

An Enterprise version of Renovate is available with full Mend Support. If you would like to understand more about the Enterprise version of Renovate, please contact your Mend Sales Representative.

Introduction

Renovate may be run through the command line as it is a Javascript utility. This allows for easy configuration and execution using pipelines as a simple script can implement Renovate. Below are links to documentation on setup for some common pipeline systems:

• GitHub.com and GitHub Enterprise Server

• Azure Devops and Azure Devops Server

• Bitbucket Server and Datacenter

• GitLab

  • GitLab Runner

Personal Access Tokens

For pretty much any Source Control Management system, a Personal Access Token will be required to create Pull Requests as renovate will not automatically have access to create them. As a note, it is a good idea to carefully consider this Personal Access Token including the scope of its access, the permissions it will have, and how it will be used. Information about PATs are included in every platforms documentation.

Private Registry Support

Renovate supports the ability to pull changelogs and upgrade information from private registries for dependency upgrade purposes. When implementing private registry support in your Renovate configuration, hostRules will typically allow customers to provide encrypted credentials in the repository, that let Renovate access those private registries. These credentials can be encrypted using either with: https://app.renovatebot.com/encrypt or with: https://github.com/mend-toolkit/mend-examples/tree/main/Repo-Integration/Encryption. For more information on configuring hostRules, please see the Renovate Documentation.

NOTE: The encryption page for the Renovate on the Pipeline will be different from the Renovate Github/Repository Integration page as the public key used to encrypt the credentials will be different. Mixing these two pages will result in the inability to decrypt credentials.