Compare commits
1 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
 Renovate Bot
|
deb7ae890f |
@@ -52,7 +52,7 @@ data:
|
||||
},
|
||||
"customManagers": [
|
||||
{
|
||||
"description": "termix: docker image tag is `release-X.Y.Z` but the upstream GitHub release tag_name is `release-X.Y.Z-tag` (different from the release name). regex versioning parses currentValue (no -tag); extractVersion strips the -tag suffix from candidate tag_names so they normalize to the same shape Renovate writes back to the manifest.",
|
||||
"description": "termix uses a release-X.Y.Z prefixed tag that the kubernetes manager's docker-versioning pre-check rejects (so no PRs are ever created). This customManager extracts the image directly, redirects the version lookup to GitHub Releases at Termix-SSH/Termix (which exposes timestamps the 3-day stability gate needs), and uses extractVersion to strip the `release-` prefix so loose semver can parse it.",
|
||||
"customType": "regex",
|
||||
"managerFilePatterns": ["/termix-system/.+\\.ya?ml$/"],
|
||||
"matchStrings": [
|
||||
@@ -60,8 +60,8 @@ data:
|
||||
],
|
||||
"datasourceTemplate": "github-releases",
|
||||
"packageNameTemplate": "Termix-SSH/Termix",
|
||||
"versioningTemplate": "regex:^release-(?<major>\\d+)\\.(?<minor>\\d+)\\.(?<patch>\\d+)$",
|
||||
"extractVersionTemplate": "^(?<version>release-\\d+\\.\\d+\\.\\d+)"
|
||||
"versioningTemplate": "loose",
|
||||
"extractVersionTemplate": "^release-(?<version>.+)$"
|
||||
}
|
||||
],
|
||||
"packageRules": [
|
||||
@@ -109,20 +109,6 @@ data:
|
||||
"matchPackageNames": ["flomp/wanderer-db", "flomp/wanderer-web"],
|
||||
"groupName": "wanderer"
|
||||
},
|
||||
{
|
||||
"description": "meilisearch: every version bump can require an index format migration via dump/restore (see https://www.meilisearch.com/docs/learn/update_and_migration/updating). PR #32 (v1.11.3 -> v1.45.2) on 2026-06-06 broke wanderer with `Your database version (1.11.3) is incompatible with your current engine version (1.45.2)`. Hold ALL meilisearch updates behind dashboard approval so the migration is planned before the PR even opens.",
|
||||
"matchPackageNames": ["getmeili/meilisearch"],
|
||||
"dependencyDashboardApproval": true
|
||||
},
|
||||
{
|
||||
"description": "Postgres-family images: a major bump (e.g. 16 -> 17) requires pg_upgrade or dump/restore — the new server binary refuses to open the old data directory (`database files are incompatible with server`). PR #76 (immich-app/postgres 16 -> 17) on 2026-06-06 crashlooped immich-postgres and immich-server. Renovate's docker versioning treats these custom tag formats inconsistently, so don't trust the major/minor classification: hold ALL updates for these images behind explicit dashboard approval. Includes vanilla postgres, postgis/postgis (where the tag prefix IS the pg major), and ghcr.io/immich-app/postgres (custom `N-vectorchordX.Y.Z` form).",
|
||||
"matchPackageNames": [
|
||||
"postgres",
|
||||
"postgis/postgis",
|
||||
"ghcr.io/immich-app/postgres"
|
||||
],
|
||||
"dependencyDashboardApproval": true
|
||||
},
|
||||
{
|
||||
"description": "termix: kubernetes manager would extract the image with versioning=docker and silently skip it (release-1.11.0 fails the docker pre-check). Disable that extraction; customManagers above does the real work via github-releases.",
|
||||
"matchManagers": ["kubernetes"],
|
||||
@@ -172,7 +158,7 @@ spec:
|
||||
restartPolicy: OnFailure
|
||||
containers:
|
||||
- name: renovate
|
||||
image: renovate/renovate:43.209.3
|
||||
image: renovate/renovate:43.197.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
envFrom:
|
||||
- secretRef:
|
||||
|
||||
@@ -90,7 +90,7 @@ spec:
|
||||
dnsPolicy: ClusterFirstWithHostNet
|
||||
containers:
|
||||
- name: tailscale
|
||||
image: tailscale/tailscale:v1.98.4
|
||||
image: tailscale/tailscale:v1.94.1
|
||||
imagePullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: TZ
|
||||
|
||||
@@ -56,7 +56,7 @@ spec:
|
||||
spec:
|
||||
containers:
|
||||
- name: redis
|
||||
image: redis:8.8-alpine
|
||||
image: redis:7.4-alpine
|
||||
ports:
|
||||
- containerPort: 6379
|
||||
name: redis
|
||||
@@ -388,7 +388,7 @@ spec:
|
||||
spec:
|
||||
containers:
|
||||
- name: mariadb
|
||||
image: mariadb:11
|
||||
image: mariadb:12
|
||||
env:
|
||||
- name: MARIADB_ROOT_PASSWORD
|
||||
valueFrom:
|
||||
|
||||
@@ -77,7 +77,7 @@ spec:
|
||||
spec:
|
||||
containers:
|
||||
- name: redis
|
||||
image: redis:8-alpine
|
||||
image: redis:7-alpine
|
||||
imagePullPolicy: IfNotPresent
|
||||
args:
|
||||
- redis-server
|
||||
|
||||
@@ -71,7 +71,7 @@ spec:
|
||||
spec:
|
||||
containers:
|
||||
- name: mariadb
|
||||
image: mariadb:11
|
||||
image: mariadb:12
|
||||
imagePullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: MYSQL_ROOT_PASSWORD
|
||||
@@ -175,7 +175,7 @@ spec:
|
||||
spec:
|
||||
containers:
|
||||
- name: bookstack
|
||||
image: linuxserver/bookstack:26.05.20260601
|
||||
image: linuxserver/bookstack:25.12.20251224
|
||||
imagePullPolicy: IfNotPresent
|
||||
env:
|
||||
# LinuxServer.io specific
|
||||
|
||||
@@ -50,7 +50,7 @@ spec:
|
||||
fsGroup: 1000
|
||||
containers:
|
||||
- name: code-server
|
||||
image: codercom/code-server:4.123.0
|
||||
image: codercom/code-server:4.122.1
|
||||
args:
|
||||
- --bind-addr=0.0.0.0:8080
|
||||
- --auth=none
|
||||
|
||||
@@ -169,7 +169,7 @@ spec:
|
||||
type: RuntimeDefault
|
||||
containers:
|
||||
- name: reloader
|
||||
image: ghcr.io/stakater/reloader:v1.4.17
|
||||
image: ghcr.io/stakater/reloader:v1.4.12
|
||||
imagePullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: GOMAXPROCS
|
||||
|
||||
@@ -57,7 +57,7 @@ replicaCount: 1
|
||||
# Image configuration (optional - use defaults)
|
||||
image:
|
||||
repository: ghcr.io/cloudnative-pg/cloudnative-pg
|
||||
tag: 1.29.1
|
||||
tag: 1.28.1
|
||||
|
||||
# Service configuration
|
||||
service:
|
||||
|
||||
@@ -44,7 +44,7 @@ spec:
|
||||
mountPath: /data
|
||||
containers:
|
||||
- name: gitea
|
||||
image: gitea/gitea:1.26.2
|
||||
image: gitea/gitea:1.25.4
|
||||
imagePullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: USER_UID
|
||||
|
||||
@@ -1384,7 +1384,7 @@ spec:
|
||||
# Calendar iCal URLs (JSON object: {"name": "url", ...})
|
||||
- name: CALENDAR_ICAL_URLS
|
||||
value: '{"Órák": "https://calendar.google.com/calendar/ical/b2884faf3db792ac082a6206057552c79080716efd5f966e169a41fc500e1c1c%40group.calendar.google.com/private-0998d8053909ba4449c2f0a6409ce3de/basic.ics", "Családi": "https://calendar.google.com/calendar/ical/nitq3l0if4gn54k438obat5ia0%40group.calendar.google.com/private-59afcf70fee1a798ec369b86d9883b46/basic.ics"}'
|
||||
image: python:3.14-bookworm
|
||||
image: python:3.12-bookworm
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: glance-helper
|
||||
ports:
|
||||
|
||||
@@ -258,7 +258,7 @@ spec:
|
||||
automountServiceAccountToken: true
|
||||
containers:
|
||||
- name: headlamp
|
||||
image: ghcr.io/headlamp-k8s/headlamp:v0.42.0
|
||||
image: ghcr.io/headlamp-k8s/headlamp:v0.40.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
args:
|
||||
- "-in-cluster"
|
||||
|
||||
@@ -42,5 +42,5 @@ rbac:
|
||||
# Image configuration
|
||||
image:
|
||||
repository: registry.k8s.io/external-dns/external-dns
|
||||
tag: v0.21.0
|
||||
tag: v0.19.0
|
||||
pullPolicy: IfNotPresent
|
||||
|
||||
@@ -181,7 +181,7 @@ rclone:
|
||||
registry: index.docker.io
|
||||
repository: rclone/rclone
|
||||
# -- If unset use latest
|
||||
tag: 1.74.3
|
||||
tag: 1.74.2
|
||||
sha: ""
|
||||
pullPolicy: IfNotPresent
|
||||
|
||||
|
||||
@@ -372,7 +372,7 @@ spec:
|
||||
enableServiceLinks: true
|
||||
containers:
|
||||
- name: homepage
|
||||
image: ghcr.io/gethomepage/homepage:v1.13.1
|
||||
image: ghcr.io/gethomepage/homepage:v1.10.1
|
||||
imagePullPolicy: IfNotPresent
|
||||
env:
|
||||
# Required for external access
|
||||
|
||||
@@ -535,7 +535,7 @@ spec:
|
||||
enableServiceLinks: true
|
||||
containers:
|
||||
- name: homepage
|
||||
image: ghcr.io/gethomepage/homepage:v1.13.1
|
||||
image: ghcr.io/gethomepage/homepage:v1.10.1
|
||||
imagePullPolicy: IfNotPresent
|
||||
env:
|
||||
# Required for external access
|
||||
|
||||
@@ -241,7 +241,7 @@ spec:
|
||||
value: immich-valkey
|
||||
- name: TRANSFORMERS_CACHE
|
||||
value: /cache
|
||||
image: ghcr.io/immich-app/immich-machine-learning:v2.7.5
|
||||
image: ghcr.io/immich-app/immich-machine-learning:v2.5.5
|
||||
imagePullPolicy: IfNotPresent
|
||||
livenessProbe:
|
||||
failureThreshold: 3
|
||||
@@ -336,7 +336,7 @@ spec:
|
||||
value: http://immich-machine-learning:3003
|
||||
- name: REDIS_HOSTNAME
|
||||
value: immich-valkey
|
||||
image: ghcr.io/immich-app/immich-server:v2.7.5
|
||||
image: ghcr.io/immich-app/immich-server:v2.5.5
|
||||
imagePullPolicy: IfNotPresent
|
||||
livenessProbe:
|
||||
failureThreshold: 3
|
||||
|
||||
@@ -185,7 +185,7 @@ spec:
|
||||
spec:
|
||||
containers:
|
||||
- name: redis
|
||||
image: redis:8-alpine
|
||||
image: redis:7-alpine
|
||||
imagePullPolicy: IfNotPresent
|
||||
args:
|
||||
- redis-server
|
||||
|
||||
@@ -136,7 +136,7 @@ spec:
|
||||
fsGroup: 1000
|
||||
containers:
|
||||
- name: filebrowser
|
||||
image: gtstef/filebrowser:1.3.3-stable
|
||||
image: gtstef/filebrowser:1.1.2-stable
|
||||
env:
|
||||
- name: TZ
|
||||
value: "Europe/Budapest"
|
||||
|
||||
@@ -529,7 +529,7 @@ spec:
|
||||
runAsGroup: 472
|
||||
containers:
|
||||
- name: grafana
|
||||
image: grafana/grafana:13.0.2
|
||||
image: grafana/grafana:12.4.4
|
||||
ports:
|
||||
- containerPort: 3000
|
||||
name: http
|
||||
|
||||
@@ -395,7 +395,7 @@ spec:
|
||||
spec:
|
||||
containers:
|
||||
- name: nextcloud
|
||||
image: docker.io/library/nextcloud:33.0.5-apache
|
||||
image: docker.io/library/nextcloud:32.0.10-apache
|
||||
imagePullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: SMTP_HOST
|
||||
|
||||
@@ -89,7 +89,7 @@ spec:
|
||||
initContainers:
|
||||
# Configure proxy auth in database before starting
|
||||
- name: configure-auth
|
||||
image: filebrowser/filebrowser:v2.63.13
|
||||
image: filebrowser/filebrowser:v2.63.5
|
||||
command:
|
||||
- sh
|
||||
- -c
|
||||
@@ -109,7 +109,7 @@ spec:
|
||||
runAsGroup: 1001
|
||||
containers:
|
||||
- name: filebrowser
|
||||
image: filebrowser/filebrowser:v2.63.13
|
||||
image: filebrowser/filebrowser:v2.63.5
|
||||
command:
|
||||
- filebrowser
|
||||
- --database=/config/filebrowser.db
|
||||
|
||||
@@ -198,7 +198,7 @@ spec:
|
||||
spec:
|
||||
containers:
|
||||
- name: redis
|
||||
image: redis:8-alpine
|
||||
image: redis:7-alpine
|
||||
imagePullPolicy: IfNotPresent
|
||||
command:
|
||||
- redis-server
|
||||
|
||||
@@ -71,7 +71,7 @@ spec:
|
||||
spec:
|
||||
containers:
|
||||
- name: redis
|
||||
image: redis:8-alpine
|
||||
image: redis:7-alpine
|
||||
imagePullPolicy: IfNotPresent
|
||||
ports:
|
||||
- name: redis
|
||||
@@ -158,7 +158,7 @@ spec:
|
||||
enableServiceLinks: false
|
||||
containers:
|
||||
- name: paperless
|
||||
image: ghcr.io/paperless-ngx/paperless-ngx:2.20.15
|
||||
image: ghcr.io/paperless-ngx/paperless-ngx:2.20.6
|
||||
imagePullPolicy: IfNotPresent
|
||||
env:
|
||||
# Database - using shared PostgreSQL in database-system namespace
|
||||
|
||||
@@ -43,7 +43,7 @@ spec:
|
||||
spec:
|
||||
containers:
|
||||
- name: mysql
|
||||
image: mysql:8.4
|
||||
image: mysql:8.0
|
||||
env:
|
||||
- name: MYSQL_ROOT_PASSWORD
|
||||
valueFrom:
|
||||
@@ -121,7 +121,7 @@ spec:
|
||||
spec:
|
||||
containers:
|
||||
- name: redis
|
||||
image: redis:8.8.0
|
||||
image: redis:7.4.9
|
||||
ports:
|
||||
- containerPort: 6379
|
||||
name: redis
|
||||
|
||||
@@ -30,7 +30,7 @@ spec:
|
||||
spec:
|
||||
initContainers:
|
||||
- name: create-superuser
|
||||
image: vabene1111/recipes:2.6
|
||||
image: vabene1111/recipes:2.5
|
||||
workingDir: /opt/recipes
|
||||
command:
|
||||
- /bin/sh
|
||||
@@ -106,7 +106,7 @@ spec:
|
||||
key: email
|
||||
containers:
|
||||
- name: tandoor
|
||||
image: vabene1111/recipes:2.6
|
||||
image: vabene1111/recipes:2.5
|
||||
imagePullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: TZ
|
||||
|
||||
@@ -45,7 +45,7 @@ spec:
|
||||
# Renovate handles it via a customManagers regex defined in
|
||||
# admin-system/renovate.yaml (the kubernetes manager doesn't
|
||||
# process inline `# renovate:` comments).
|
||||
image: ghcr.io/lukegus/termix:release-2.3.2
|
||||
image: ghcr.io/lukegus/termix:release-1.11.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
ports:
|
||||
- name: http
|
||||
|
||||
@@ -28,7 +28,7 @@ spec:
|
||||
spec:
|
||||
containers:
|
||||
- name: vaultwarden
|
||||
image: vaultwarden/server:1.36.0
|
||||
image: vaultwarden/server:1.35.2
|
||||
imagePullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: TZ
|
||||
|
||||
@@ -57,7 +57,7 @@ spec:
|
||||
spec:
|
||||
containers:
|
||||
- name: meilisearch
|
||||
image: getmeili/meilisearch:v1.11.3
|
||||
image: getmeili/meilisearch:v1.45.2
|
||||
env:
|
||||
- name: MEILI_MASTER_KEY
|
||||
valueFrom:
|
||||
|
||||
+2
-2
@@ -130,7 +130,7 @@ spec:
|
||||
initContainers:
|
||||
# Configure proxy auth in database before starting
|
||||
- name: configure-auth
|
||||
image: filebrowser/filebrowser:v2.63.13
|
||||
image: filebrowser/filebrowser:v2.63.5
|
||||
command:
|
||||
- sh
|
||||
- -c
|
||||
@@ -151,7 +151,7 @@ spec:
|
||||
runAsGroup: 1000
|
||||
containers:
|
||||
- name: filebrowser
|
||||
image: filebrowser/filebrowser:v2.63.13
|
||||
image: filebrowser/filebrowser:v2.63.5
|
||||
command:
|
||||
- filebrowser
|
||||
- --database=/config/filebrowser.db
|
||||
|
||||
Reference in New Issue
Block a user