66 lines
1.6 KiB
YAML
66 lines
1.6 KiB
YAML
---
|
|
apiVersion: source.toolkit.fluxcd.io/v1
|
|
kind: HelmRepository
|
|
metadata:
|
|
name: renovate
|
|
namespace: renovate
|
|
spec:
|
|
interval: 5m0s
|
|
url: https://docs.renovatebot.com/helm-charts
|
|
---
|
|
apiVersion: helm.toolkit.fluxcd.io/v2
|
|
kind: HelmRelease
|
|
metadata:
|
|
name: renovate
|
|
namespace: renovate
|
|
spec:
|
|
interval: 5m
|
|
chart:
|
|
spec:
|
|
chart: renovate
|
|
version: ">=37.0.0 <38.0.0"
|
|
sourceRef:
|
|
kind: HelmRepository
|
|
name: renovate
|
|
namespace: renovate
|
|
interval: 1m
|
|
values:
|
|
cronjob:
|
|
schedule: "0 2 * * *"
|
|
concurrencyPolicy: Forbid
|
|
startingDeadlineSeconds: 300
|
|
activeDeadlineSeconds: 600
|
|
backoffLimit: 0
|
|
successfulJobsHistoryLimit: 1
|
|
failedJobsHistoryLimit: 1
|
|
renovate:
|
|
config: |-
|
|
{
|
|
"extends": ["config:recommended"],
|
|
"labels": ["renovate", "dependencies"],
|
|
"platform": "gitea",
|
|
"endpoint": "https://<GITEA_INSTANCE>/",
|
|
"repositories": ["<USERNAME>/keyboard-vagabond"],
|
|
"gitAuthor": "Renovate Bot <renovate@<DOMAIN>>",
|
|
"kubernetes": {
|
|
"fileMatch": ["^manifests/.+\\.yaml$"]
|
|
},
|
|
"flux": {
|
|
"fileMatch": ["^manifests/.+\\.yaml$"]
|
|
}
|
|
}
|
|
securityContext:
|
|
runAsNonRoot: true
|
|
allowPrivilegeEscalation: false
|
|
seccompProfile:
|
|
type: RuntimeDefault
|
|
capabilities:
|
|
drop:
|
|
- ALL
|
|
envFrom:
|
|
- secretRef:
|
|
name: renovate-env
|
|
securityContext:
|
|
runAsUser: 12021
|
|
runAsGroup: 12021
|
|
fsGroup: 12021 |