Updatecli Policy Manifest
Updatecli Policy Manifest
| Type | object |
|---|---|
| File match |
**/updatecli.d/**/*.yaml
**/updatecli.d/**/*.yml
**/updatecli.d/**/*.json
updatecli.yml
updatecli.yaml
|
| Schema URL | https://catalog.lintel.tools/schemas/schemastore/updatecli-policy-manifest/latest.json |
| Source | https://www.updatecli.io/schema/latest/policy/manifest/config.json |
Validate with Lintel
npx @lintel/lintel checkSpec contains pipeline configuration
Properties
"name" defines a pipeline name
example: * "name: 'deps: update nodejs version to latest stable'"
remark: * using a short sentence describing the pipeline is a good way to name your pipeline. * using conventional commits convention is a good way to name your pipeline. * "name" is often used a default values for other configuration such as pullrequest title. * "name" shouldn't contain any dynamic information such as source output.
"pipelineid" allows to identify a full pipeline run.
example: * "pipelineid: nodejs/dependencies" * "pipelineid: gomod/github.com/updatecli/updatecli" * "pipelineid: autodiscovery/gomodules/minor"
remark: * "pipelineid" is used to generate uniq branch name for target update relying on scm configuration. * The same "pipelineid" may be used by different Updatecli manifest" to ensure they are updated in the same workflow including pullrequest.
"autodiscovery" defines the configuration to automatically discover new versions update.
example:
autodiscovery: scmid: default actionid: default groupby: all crawlers: golang/gomod: versionfilter: kind: semver pattern: patch
5 nested properties
Crawlers defines a map of crawler configuration where the key represent the crawler type
24 nested properties
Spec defines the parameters which can be provided to the argocd builder.
5 nested properties
RootDir defines the root directory used to recursively search for ArgoCD manifest
Ignore allows to specify rule to ignore autodiscovery a specific Argocd manifest based on a rule
Only allows to specify rule to only autodiscover manifest for a specific ArgoCD manifest based on a rule
versionfilter provides parameters to specify the version pattern used when generating manifest.
kind - semver
versionfilter of kind semver uses semantic versioning as version filtering
pattern accepts one of:
prerelease - Updatecli tries to identify the latest "prerelease" whatever it means
patch - Updatecli only handles patch version update
minor - Updatecli handles patch AND minor version update
minoronly - Updatecli handles minor version only
major - Updatecli handles patch, minor, AND major version update
majoronly - Updatecli only handles major version update
a version constraint such as >= 1.0.0
kind - regex
versionfilter of kind regex uses regular expression as version filtering
pattern accepts a valid regular expression
example:
versionfilter:
kind: semver
pattern: minor
and its type like regex, semver, or just latest.Auths holds a map of string to string where the key is the registry URL and the value the token used for authentication
Please be aware that only the host part of the URL is used to lookup for authentication token.
Example:
auths:
"my-helm-repo.com": "my-secret-token"
Spec defines the Bazel autodiscovery parameters.
4 nested properties
rootdir defines the root directory used to recursively search for MODULE.bazel files
ignore specifies rule to ignore Bazel module updates.
only specify required rule to restrict Bazel module updates.
versionfilter provides parameters to specify the version pattern to use when generating manifest.
kind - semver
versionfilter of kind semver uses semantic versioning as version filtering
pattern accepts one of:
patch - patch only update patch version
minor - minor only update minor version
major - major only update major versions
a version constraint such as >= 1.0.0
kind - regex
versionfilter of kind regex uses regular expression as version filtering
pattern accepts a valid regular expression
example:
versionfilter:
kind: semver
pattern: minor
Spec defines the Cargo parameters.
5 nested properties
RootDir defines the root directory used to recursively search for Cargo.toml
Ignore specifies rule to ignore Cargo.toml update.
Only specify required rule to restrict Cargo.toml update.
Auths provides a map of registry credentials where the key is the registry URL without scheme
versionfilter provides parameters to specify the version pattern to use when generating manifest.
kind - semver
versionfilter of kind `semver` uses semantic versioning as version filtering
pattern accepts one of:
`patch` - patch only update patch version
`minor` - minor only update minor version
`major` - major only update major versions
`a version constraint` such as `>= 1.0.0`
kind - regex
versionfilter of kind `regex` uses regular expression as version filtering
pattern accepts a valid regular expression
example:
```
versionfilter:
kind: semver
pattern: minor
```
and its type like regex, semver, or just latest.Spec is a struct fill from Updatecli manifest data and shouldn't be modified at runtime unless For Fields that requires it, we can use the struct DockerCompose Spec defines the parameters which can be provided to the Helm builder.
7 nested properties
digest provides parameters to specify if the generated manifest should use a digest on top of the tag.
rootDir defines the root directory used to recursively search for Helm Chart If rootDir is not provided, the current working directory will be used. If rootDir is provided as an absolute path, scmID will be ignored. If rootDir is not provided but a scmid is, then rootDir will be set to the git repository root directory.
ignore allows to specify rule to ignore autodiscovery a specific Helm based on a rule
only allows to specify rule to only autodiscover manifest for a specific Helm based on a rule
auths provides a map of registry credentials where the key is the registry URL without scheme if empty, updatecli relies on OCI credentials such as the one used by Docker.
example:
auths: "ghcr.io": token: "xxx" "index.docker.io": username: "admin" password: "password"
FileMatch allows to override default docker-compose.yaml file matching. Default ["compose.yaml", "compose.yml", "compose..yaml", "compose..yml", "docker-compose.yaml","docker-compose.yml","docker-compose..yaml","docker-compose..yml"]
versionfilter provides parameters to specify the version pattern used when generating manifest.
More information available at https://www.updatecli.io/docs/core/versionfilter/
kind - semver
versionfilter of kind semver uses semantic versioning as version filtering
pattern accepts one of:
patch - patch only update patch version
minor - minor only update minor version
major - major only update major versions
a version constraint such as >= 1.0.0
kind - regex
versionfilter of kind regex uses regular expression as version filtering
pattern accepts a valid regular expression
example:
versionfilter:
kind: semver
pattern: minor
More version filter available at https://www.updatecli.io/docs/core/versionfilter/
Spec is a struct fill from Updatecli manifest data and shouldn't be modified at runtime unless For Fields that requires it, we can use the struct Dockerfile Spec defines the parameters which can be provided to the Dockerfile crawler.
7 nested properties
digest provides parameters to specify if the generated manifest should use a digest on top of the tag.
RootDir defines the root directory used to recursively search for Helm Chart
Ignore allows to specify rule to ignore autodiscovery a specific Helm based on a rule
Only allows to specify rule to only autodiscover manifest for a specific Helm based on a rule
Auths provides a map of registry credentials where the key is the registry URL without scheme if empty, updatecli relies on OCI credentials such as the one used by Docker.
example:
auths: "ghcr.io": token: "xxx" "index.docker.io": username: "admin" password: "password"
FileMatch allows to override default Dockerfile file matching. Default ["Dockerfile"]
versionfilter provides parameters to specify the version pattern used when generating manifest.
kind - semver
versionfilter of kind semver uses semantic versioning as version filtering
pattern accepts one of:
patch - patch only update patch version
minor - minor only update minor version
major - major only update major versions
a version constraint such as >= 1.0.0
kind - regex
versionfilter of kind regex uses regular expression as version filtering
pattern accepts a valid regular expression
example:
versionfilter:
kind: semver
pattern: minor
More version filter available at https://www.updatecli.io/docs/core/versionfilter/
Spec defines the parameters which can be provided to the Flux crawler.
9 nested properties
auths provides a map of registry credentials where the key is the registry URL without scheme
digest allows to specify if the generated manifest should use OCI digest on top of the tag
default: true
helmRelease define if helmrelease file should be updated or not
default: true
files allows to override default flux files
default: [".yaml", ".yml"]
ignore allows to specify rule to ignore autodiscovery a specific Flux helmrelease based on a rule
default: empty
only allows to specify rule to only autodiscover manifest for a specific Flux helm release based on a rule
default: empty
OCIRepository allows to specify if OCI repository files should be updated
default: true
rootDir defines the root directory used to recursively search for Flux files
default: . (current working directory) or scm root directory
versionfilter provides parameters to specify the version pattern used when generating manifest.
More information available at https://www.updatecli.io/docs/core/versionfilter/
kind - semver
versionfilter of kind semver uses semantic versioning as version filtering
pattern accepts one of:
patch - patch only update patch version
minor - minor only update minor version
major - major only update major versions
a version constraint such as >= 1.0.0
kind - regex
versionfilter of kind regex uses regular expression as version filtering
pattern accepts a valid regular expression
example:
versionfilter:
kind: semver
pattern: minor
More version filter available at https://www.updatecli.io/docs/core/versionfilter/
Spec defines the parameters which can be provided to the Action crawler.
9 nested properties
files allows to specify the accepted Action workflow file name
default:
- ".github/workflows/*.yaml",
- ".github/workflows/*.yml",
- ".gitea/workflows/*.yaml",
- ".gitea/workflows/*.yml",
- ".forgejo/workflows/*.yaml",
- ".forgejo/workflows/*.yml",
actions allows to specify the accepted Composite Action names
default:
- "*",
ignore allows to specify rule to ignore autodiscovery a specific GitHub action based on a rule
default: empty
only allows to specify rule to only autodiscover manifest for a specific GitHub action based on a rule
default: empty
rootDir allows to specify the root directory from where looking for GitHub Action
default: empty
versionfilter provides parameters to specify the version pattern used when generating manifest.
kind - semver
versionfilter of kind semver uses semantic versioning as version filtering
pattern accepts one of:
patch - patch only update patch version
minor - minor only update minor version
major - major only update major versions
a version constraint such as >= 1.0.0
kind - regex
versionfilter of kind `regex` uses regular expression as version filtering
pattern accepts a valid regular expression
example:
```
versionfilter:
kind: semver
pattern: minor
```
and its type like regex, semver, or just latest.Credentials allows to specify the credentials to use to authenticate to the git provider The ID of the credential must be the domain of the git provider to configure
default: empty
examples:
autodiscovery:
crawlers:
github/action:
credentials:
"code.forgejo.com":
kind: gitea
token: xxx
"github.com":
kind: github
token: '{{ requiredEnv "GITHUB_TOKEN" }}'
CredentialsDocker provides a map of registry credentials where the key is the registry URL without scheme
Digest provides parameters to specify if the generated manifest should use a digest instead of the branch or tag.
Remark: - The digest is only supported for GitHub Action and docker image tag update. Feel free to open an issue for the Gitea and Forgejo integration.
Spec defines the parameters which can be provided to the Action crawler.
9 nested properties
files allows to specify the accepted Action workflow file name
default:
- ".github/workflows/*.yaml",
- ".github/workflows/*.yml",
- ".gitea/workflows/*.yaml",
- ".gitea/workflows/*.yml",
- ".forgejo/workflows/*.yaml",
- ".forgejo/workflows/*.yml",
actions allows to specify the accepted Composite Action names
default:
- "*",
ignore allows to specify rule to ignore autodiscovery a specific GitHub action based on a rule
default: empty
only allows to specify rule to only autodiscover manifest for a specific GitHub action based on a rule
default: empty
rootDir allows to specify the root directory from where looking for GitHub Action
default: empty
versionfilter provides parameters to specify the version pattern used when generating manifest.
kind - semver
versionfilter of kind semver uses semantic versioning as version filtering
pattern accepts one of:
patch - patch only update patch version
minor - minor only update minor version
major - major only update major versions
a version constraint such as >= 1.0.0
kind - regex
versionfilter of kind `regex` uses regular expression as version filtering
pattern accepts a valid regular expression
example:
```
versionfilter:
kind: semver
pattern: minor
```
and its type like regex, semver, or just latest.Credentials allows to specify the credentials to use to authenticate to the git provider The ID of the credential must be the domain of the git provider to configure
default: empty
examples:
autodiscovery:
crawlers:
github/action:
credentials:
"code.forgejo.com":
kind: gitea
token: xxx
"github.com":
kind: github
token: '{{ requiredEnv "GITHUB_TOKEN" }}'
CredentialsDocker provides a map of registry credentials where the key is the registry URL without scheme
Digest provides parameters to specify if the generated manifest should use a digest instead of the branch or tag.
Remark: - The digest is only supported for GitHub Action and docker image tag update. Feel free to open an issue for the Gitea and Forgejo integration.
Spec defines the parameters which can be provided to the Golang autodiscovery builder.
6 nested properties
rootDir defines the root directory used to recursively search for golang go.mod
OnlyGoVersion allows to specify if the autodiscovery should only handle Go version specified in go.mod
OnlyGoModule allows to specify if the autodiscovery should only handle Go module specified in go.mod
ignore allows to specify "rule" to ignore autodiscovery a specific go.mod rule
only allows to specify rule to "only" autodiscover manifest for a specific golang rule
versionfilter provides parameters to specify the version pattern to use when generating manifest.
kind - semver
versionfilter of kind `semver` uses semantic versioning as version filtering
pattern accepts one of:
`patch` - patch only update patch version
`minor` - minor only update minor version
`major` - major only update major versions
`a version constraint` such as `>= 1.0.0`
kind - regex
versionfilter of kind `regex` uses regular expression as version filtering
pattern accepts a valid regular expression
example:
```
versionfilter:
kind: semver
pattern: minor
```
and its type like regex, semver, or just latest.Spec defines the Helm parameters.
10 nested properties
auths provides a map of registry credentials where the key is the registry URL without scheme if empty, updatecli relies on OCI credentials such as the one used by Docker.
example:
auths: "ghcr.io": token: "xxx" "index.docker.io": username: "admin" password: "password"
digest provides a parameter to specify if the generated manifest should use a digest on top of the tag when updating container.
ignorecontainer disables OCI container tag update when set to true
ignorechartdependency disables Helm chart dependencies update when set to true
Ignore specifies rule to ignore Helm chart update.
rootdir defines the root directory used to recursively search for Helm Chart
only specify required rule(s) to restrict Helm chart update.
versionfilter provides parameters to specify the version pattern used when generating manifest.
More information available at https://www.updatecli.io/docs/core/versionfilter/
kind - semver
versionfilter of kind semver uses semantic versioning as version filtering
pattern accepts one of:
patch - patch only update patch version
minor - minor only update minor version
major - major only update major versions
a version constraint such as >= 1.0.0
kind - regex
versionfilter of kind regex uses regular expression as version filtering
pattern accepts a valid regular expression
example:
versionfilter:
kind: semver
pattern: minor
More version filter available at https://www.updatecli.io/docs/core/versionfilter/
[target] Defines if a Chart should be packaged or not.
[target] Defines if a Chart changes, triggers, or not, a Chart version update, accepted values is a comma separated list of "none,major,minor,patch"
Spec defines the Helmfile parameters.
5 nested properties
rootdir defines the root directory used to recursively search for Helmfile manifest
Ignore allows to specify rule to ignore "autodiscovery" a specific Helmfile based on a rule
Only allows to specify rule to only "autodiscovery" manifest for a specific Helmfile based on a rule
Auths provides a map of registry credentials where the key is the registry URL without scheme
versionfilter provides parameters to specify the version pattern used when generating manifest.
kind - semver
versionfilter of kind `semver` uses semantic versioning as version filtering
pattern accepts one of:
`patch` - patch only update patch version
`minor` - minor only update minor version
`major` - major only update major versions
`a version constraint` such as `>= 1.0.0`
kind - regex
versionfilter of kind `regex` uses regular expression as version filtering
pattern accepts a valid regular expression
example:
```
versionfilter:
kind: semver
pattern: minor
```
and its type like regex, semver, or just latest.Spec defines the parameters which can be provided to the Kubernetes builder.
7 nested properties
Auths provides a map of registry credentials where the key is the registry URL without scheme
digest provides parameters to specify if the generated manifest should use a digest on top of the tag.
Files allows to specify a list of Files to analyze.
The pattern syntax is:
pattern:
{ term }
term:
'*' matches any sequence of non-Separator characters
'?' matches any single non-Separator character
'[' [ '^' ] { character-range } ']' character class (must be non-empty)
c matches character c (c != '*', '?', '\\', '[')
'\\' c matches character c
character-range:
c matches character c (c != '\\', '-', ']')
'\\' c matches character c
lo '-' hi matches character c for lo <= c <= hi
Match requires pattern to match all of name, not just a substring.
The only possible returned error is ErrBadPattern, when pattern
is malformed.
On Windows, escaping is disabled. Instead, '\\' is treated as
path separator.RootDir defines the root directory used to recursively search for Kubernetes files
Ignore allows to specify rule to ignore autodiscovery a specific Kubernetes manifest based on a rule
Only allows to specify rule to only autodiscover manifest for a specific Kubernetes manifest based on a rule
versionfilter provides parameters to specify the version pattern used when generating manifest.
kind - semver
versionfilter of kind `semver` uses semantic versioning as version filtering
pattern accepts one of:
`patch` - patch only update patch version
`minor` - minor only update minor version
`major` - major only update major versions
`a version constraint` such as `>= 1.0.0`
kind - regex
versionfilter of kind `regex` uses regular expression as version filtering
pattern accepts a valid regular expression
example:
```
versionfilter:
kind: semver
pattern: minor
```
and its type like regex, semver, or just latest.Spec defines the parameters which can be provided to the Kubernetes builder.
7 nested properties
auths provides a map of registry credentials where the key is the registry URL without scheme if empty, updatecli relies on OCI credentials such as the one used by Docker.
example:
auths: "ghcr.io": token: "xxx" "index.docker.io": username: "admin" password: "password"
digest provides parameters to specify if the generated manifest should use a digest on top of the tag.
Files allows to specify a list of Files to analyze.
The pattern syntax is: pattern: { term } term: '' matches any sequence of non-Separator characters '?' matches any single non-Separator character '[' [ '^' ] { character-range } ']' character class (must be non-empty) c matches character c (c != '', '?', '\', '[') '\' c matches character c
character-range: c matches character c (c != '\', '-', ']') '\' c matches character c lo '-' hi matches character c for lo <= c <= hi
Match requires pattern to match all of name, not just a substring. The only possible returned error is ErrBadPattern, when pattern is malformed.
On Windows, escaping is disabled. Instead, '\' is treated as path separator.
RootDir defines the root directory used to recursively search for Kubernetes files
Ignore allows to specify rule to ignore autodiscovery a specific Kubernetes manifest based on a rule
Only allows to specify rule to only autodiscover manifest for a specific Kubernetes manifest based on a rule
versionfilter provides parameters to specify the version pattern used when generating manifest.
More information available at https://www.updatecli.io/docs/core/versionfilter/
kind - semver
versionfilter of kind semver uses semantic versioning as version filtering
pattern accepts one of:
patch - patch only update patch version
minor - minor only update minor version
major - major only update major versions
a version constraint such as >= 1.0.0
kind - regex
versionfilter of kind regex uses regular expression as version filtering
pattern accepts a valid regular expression
example:
versionfilter:
kind: semver
pattern: minor
More version filter available at https://www.updatecli.io/docs/core/versionfilter/
Spec defines the parameters which can be provided to the Helm builder.
4 nested properties
RootDir defines the root directory used to recursively search for Helm Chart
Ignore allows to specify rule to ignore autodiscovery a specific Helm based on a rule
Only allows to specify rule to only autodiscover manifest for a specific Helm based on a rule
versionfilter provides parameters to specify the version pattern used when generating manifest.
kind - semver
versionfilter of kind `semver` uses semantic versioning as version filtering
pattern accepts one of:
`patch` - patch only update patch version
`minor` - minor only update minor version
`major` - major only update major versions
`a version constraint` such as `>= 1.0.0`
kind - regex
versionfilter of kind `regex` uses regular expression as version filtering
pattern accepts a valid regular expression
example:
```
versionfilter:
kind: semver
pattern: minor
```
and its type like regex, semver, or just latest.Spec is a struct fill from Updatecli manifest data and shouldn't be modified at runtime unless For Fields that requires it, we can use the struct DockerCompose Spec defines the parameters which can be provided to the Helm builder.
7 nested properties
digest provides parameters to specify if the generated manifest should use a digest on top of the tag.
rootDir defines the root directory used to recursively search for Nomad files If rootDir is not provided, the current working directory will be used. If rootDir is provided as an absolute path, scmID will be ignored. If rootDir is not provided but a scmid is, then rootDir will be set to the git repository root directory.
ignore allows to specify rule to ignore autodiscovery a specific Helm based on a rule
only allows to specify rule to only autodiscover manifest for a specific Helm based on a rule
auths provides a map of registry credentials where the key is the registry URL without scheme if empty, updatecli relies on OCI credentials such as the one used by Docker.
example:
auths: "ghcr.io": token: "xxx" "index.docker.io": username: "admin" password: "password"
FileMatch allows to override default docker-compose.yaml file matching. Default ["docker-compose.yaml","docker-compose.yml","docker-compose..yaml","docker-compose..yml"]
versionfilter provides parameters to specify the version pattern used when generating manifest.
More information available at https://www.updatecli.io/docs/core/versionfilter/
kind - semver
versionfilter of kind semver uses semantic versioning as version filtering
pattern accepts one of:
patch - patch only update patch version
minor - minor only update minor version
major - major only update major versions
a version constraint such as >= 1.0.0
kind - regex
versionfilter of kind regex uses regular expression as version filtering
pattern accepts a valid regular expression
example:
versionfilter:
kind: semver
pattern: minor
More version filter available at https://www.updatecli.io/docs/core/versionfilter/
Spec defines the parameters which can be provided to the NPM builder.
8 nested properties
RootDir defines the root directory used to recursively search for npm packages.json
Ignore allows to specify rule to ignore autodiscovery a specific NPM based on a rule
Only allows to specify rule to only autodiscover manifest for a specific NPM based on a rule
versionfilter provides parameters to specify the version pattern used when generating manifest.
kind - semver
versionfilter of kind `semver` uses semantic versioning as version filtering
pattern accepts one of:
`patch` - patch only update patch version
`minor` - minor only update minor version
`major` - major only update major versions
`a version constraint` such as `>= 1.0.0`
kind - regex
versionfilter of kind `regex` uses regular expression as version filtering
pattern accepts a valid regular expression
example:
```
versionfilter:
kind: semver
pattern: minor
```
and its type like regex, semver, or just latest.IgnoreVersionConstraints indicates whether to respect version constraints defined in package.json or not. When set to true, Updatecli will ignore version constraints and update to the latest version available in the registry according to the specified version filter. Default is false.
Remark:
- If set to false, Updatecli will try to convert version constrains to valid semantic version so we can use versionFilter to retrieve the last Major/Minor/Patch version but in case of complex version constraints, such as ">=1.0.0 <2.0.0", Updatecli will convert it to the first version it detects such as 1.0.0 in our example
NpmrcPath defines the path to the .npmrc file to use for all discovered packages. This will be propagated to all generated npm resource specs.
URL defines the registry url (defaults to <https://registry.npmjs.org/>).
This will be propagated to all generated npm resource specs.
RegistryToken defines the token to use when connecting to the registry. This will be propagated to all generated npm resource specs.
4 nested properties
Spec contains the plugin parameters. cfr the plugin documentation.
AllowedPaths is a list of paths to be accessed from inside the plugin sandbox, a path can be either a plain path or a map from HOST_PATH:GUEST_PATH
Example:
- .:/mnt
- /var/lib/updatecli:/data
Default: [".:/mnt"]
Remark:
- Relative paths are considered relative to the Updatecli working directory. If a scm root directory is set, relative paths are considered relative to the scm root directory.
- By default, the plugin runs from "/mnt"
AllowedHosts hold a list of allowed hosts for HTTP requests from the plugin sandbox
Timeout defines a maximum execution time for the plugin in seconds
Default: 300 seconds
Spec defines the parameters uses to generate the precomit manifests
5 nested properties
RootDir defines the root directory used to recursively search for npm packages.json
Ignore allows to specify rule to ignore autodiscovery a specific NPM based on a rule
Only allows to specify rule to only autodiscover manifest for a specific NPM based on a rule
versionfilter provides parameters to specify the version pattern used when generating manifest.
kind - semver
versionfilter of kind `semver` uses semantic versioning as version filtering
pattern accepts one of:
`patch` - patch only update patch version
`minor` - minor only update minor version
`major` - major only update major versions
`a version constraint` such as `>= 1.0.0`
kind - regex
versionfilter of kind `regex` uses regular expression as version filtering
pattern accepts a valid regular expression
example:
```
versionfilter:
kind: semver
pattern: minor
```
and its type like regex, semver, or just latest.Digest provides parameters to specify if the generated manifest should use a digest instead of the branch or tag.
This is equivalent to using the --freeze option of precommit
Spec defines the parameters which can be provided to the Kubernetes builder.
7 nested properties
auths provides a map of registry credentials where the key is the registry URL without scheme if empty, updatecli relies on OCI credentials such as the one used by Docker.
example:
auths: "ghcr.io": token: "xxx" "index.docker.io": username: "admin" password: "password"
digest provides parameters to specify if the generated manifest should use a digest on top of the tag.
Files allows to specify a list of Files to analyze.
The pattern syntax is: pattern: { term } term: '' matches any sequence of non-Separator characters '?' matches any single non-Separator character '[' [ '^' ] { character-range } ']' character class (must be non-empty) c matches character c (c != '', '?', '\', '[') '\' c matches character c
character-range: c matches character c (c != '\', '-', ']') '\' c matches character c lo '-' hi matches character c for lo <= c <= hi
Match requires pattern to match all of name, not just a substring. The only possible returned error is ErrBadPattern, when pattern is malformed.
On Windows, escaping is disabled. Instead, '\' is treated as path separator.
RootDir defines the root directory used to recursively search for Kubernetes files
Ignore allows to specify rule to ignore autodiscovery a specific Kubernetes manifest based on a rule
Only allows to specify rule to only autodiscover manifest for a specific Kubernetes manifest based on a rule
versionfilter provides parameters to specify the version pattern used when generating manifest.
More information available at https://www.updatecli.io/docs/core/versionfilter/
kind - semver
versionfilter of kind semver uses semantic versioning as version filtering
pattern accepts one of:
patch - patch only update patch version
minor - minor only update minor version
major - major only update major versions
a version constraint such as >= 1.0.0
kind - regex
versionfilter of kind regex uses regular expression as version filtering
pattern accepts a valid regular expression
example:
versionfilter:
kind: semver
pattern: minor
More version filter available at https://www.updatecli.io/docs/core/versionfilter/
Spec defines the parameters which can be provided to the fleet builder.
5 nested properties
Auths holds a map of string to string where the key is the registry URL and the value the token used for authentication
Please be aware that only the host part of the URL is used to lookup for authentication token.
Example:
auths:
"my-helm-repo.com": "my-secret-token"
RootDir defines the root directory used to recursively search for Fleet bundle
Ignore allows to specify rule to ignore autodiscovery a specific Fleet bundle based on a rule
Only allows to specify rule to only autodiscover manifest for a specific Fleet bundle based on a rule
versionfilter provides parameters to specify the version pattern used when generating manifest.
kind - semver
versionfilter of kind `semver` uses semantic versioning as version filtering
pattern accepts one of:
`patch` - patch only update patch version
`minor` - minor only update minor version
`major` - major only update major versions
`a version constraint` such as `>= 1.0.0`
kind - regex
versionfilter of kind `regex` uses regular expression as version filtering
pattern accepts a valid regular expression
example:
```
versionfilter:
kind: semver
pattern: minor
```
and its type like regex, semver, or just latest.Spec defines the Terraform parameters.
5 nested properties
rootdir defines the root directory used to recursively search for .terraform.lock.hcl
ignore specifies rule to ignore .terraform.lock.hcl update.
only specify required rule to restrict .terraform.lock.hcl update.
versionfilter provides parameters to specify the version pattern to use when generating manifest.
kind - semver
versionfilter of kind `semver` uses semantic versioning as version filtering
pattern accepts one of:
`patch` - patch only update patch version
`minor` - minor only update minor version
`major` - major only update major versions
`a version constraint` such as `>= 1.0.0`
kind - regex
versionfilter of kind `regex` uses regular expression as version filtering
pattern accepts a valid regular expression
example:
```
versionfilter:
kind: semver
pattern: minor
```
and its type like regex, semver, or just latest.platforms is the target platforms to request package checksums for.
remarks:
* Fallback is linux_amd64, linux_arm64, darwin_amd64, darwin_arm64Spec defines the Terraform parameters.
6 nested properties
rootdir defines the root directory from where looking for terragrunt configuration
ignore specifies rule to ignore .terraform.lock.hcl update.
only specify required rule to restrict .terraform.lock.hcl update.
token specifies the token to use for Git authentication when accessing private repositories.
Works with any Git provider (GitHub, GitLab, Bitbucket, Gitea, etc.)
compatible:
- autodiscovery
default: When not specified: No authentication (suitable for public repositories)
remark: Must be explicitly set for private repositories. Use template functions to read from environment: token: "{{ requiredEnv "GITLAB_TOKEN" }}"
example: token: "ghp_xxxxxxxxxxxx" token: "glpat-xxxxxxxxxxxx" token: "{{ requiredEnv "GITLAB_TOKEN" }}"
username specifies the username to use for Git authentication when accessing private repositories.
Works with any Git provider (GitHub, GitLab, Bitbucket, Gitea, etc.)
compatible:
- autodiscovery
default: When not specified: "oauth2" (matches GitHub SCM plugin, required for go-git HTTP BasicAuth)
remark: For token-based auth, the username is typically a placeholder (token identifies the user). Common values: "oauth2" (default), "x-access-token", "git", or actual username. Use template functions to read from environment: username: "{{ requiredEnv "GIT_USERNAME" }}"
example: username: "git" username: "oauth2" username: "{{ requiredEnv "GIT_USERNAME" }}"
versionfilter provides parameters to specify the version pattern to use when generating manifest.
kind - semver
versionfilter of kind `semver` uses semantic versioning as version filtering
pattern accepts one of:
`patch` - patch only update patch version
`minor` - minor only update minor version
`major` - major only update major versions
`a version constraint` such as `>= 1.0.0`
kind - regex
versionfilter of kind `regex` uses regular expression as version filtering
pattern accepts a valid regular expression
example:
```
versionfilter:
kind: semver
pattern: minor
```
and its type like regex, semver, or just latest.Spec defines the Updatecli parameters.
6 nested properties
rootdir defines the root directory used to recursively search for Updatecli manifest
Ignore allows to specify rule to ignore "autodiscovery" a specific Updatecli based on a rule
Only allows to specify rule to only "autodiscovery" manifest for a specific Updatecli based on a rule
Files allows to specify a list of Files to analyze.
The pattern syntax is:
pattern:
{ term }
term:
'*' matches any sequence of non-Separator characters
'?' matches any single non-Separator character
'[' [ '^' ] { character-range } ']' character class (must be non-empty)
c matches character c (c != '*', '?', '\\', '[')
'\\' c matches character c
character-range:
c matches character c (c != '\\', '-', ']')
'\\' c matches character c
lo '-' hi matches character c for lo <= c <= hi
Match requires pattern to match all of name, not just a substring.
The only possible returned error is ErrBadPattern, when pattern
is malformed.
On Windows, escaping is disabled. Instead, '\\' is treated as
path separator.Auths provides a map of registry credentials where the key is the registry URL without scheme
versionfilter provides parameters to specify the version pattern used when generating manifest.
kind - semver
versionfilter of kind `semver` uses semantic versioning as version filtering
pattern accepts one of:
`patch` - patch only update patch version
`minor` - minor only update minor version
`major` - major only update major versions
`a version constraint` such as `>= 1.0.0`
kind - regex
versionfilter of kind `regex` uses regular expression as version filtering
pattern accepts a valid regular expression
example:
```
versionfilter:
kind: semver
pattern: minor
```
and its type like regex, semver, or just latest.Spec is a struct filled from Updatecli manifest data and shouldn't be modified at runtime unless For Fields that requires it, we can use the struct Woodpecker Spec defines the parameters which can be provided to the Woodpecker autodiscovery plugin.
7 nested properties
digest provides parameters to specify if the generated manifest should use a digest on top of the tag.
rootDir defines the root directory used to recursively search for Woodpecker workflow files If rootDir is not provided, the current working directory will be used. If rootDir is provided as an absolute path, scmID will be ignored. If rootDir is not provided but a scmid is, then rootDir will be set to the git repository root directory.
ignore allows to specify rule to ignore autodiscovery a specific Woodpecker workflow based on a rule
only allows to specify rule to only autodiscover manifest for a specific Woodpecker workflow based on a rule
auths provides a map of registry credentials where the key is the registry URL without scheme if empty, updatecli relies on OCI credentials such as the one used by Docker.
example:
auths: "ghcr.io": token: "xxx" "index.docker.io": username: "admin" password: "password"
FileMatch allows to override default Woodpecker workflow file matching. Default [".woodpecker.yml", ".woodpecker.yaml", ".woodpecker/.yml", ".woodpecker/.yaml", ".woodpecker//*.yml", ".woodpecker//*.yaml"]
versionfilter provides parameters to specify the version pattern used when generating manifest.
More information available at https://www.updatecli.io/docs/core/versionfilter/
kind - semver
versionfilter of kind semver uses semantic versioning as version filtering
pattern accepts one of:
patch - patch only update patch version
minor - minor only update minor version
major - major only update major versions
a version constraint such as >= 1.0.0
kind - regex
versionfilter of kind regex uses regular expression as version filtering
pattern accepts a valid regular expression
example:
versionfilter:
kind: semver
pattern: minor
More version filter available at https://www.updatecli.io/docs/core/versionfilter/
scmid is a unique identifier used to retrieve the scm configuration from the configuration file.
actionid is a unique identifier used to retrieve the action configuration from the configuration file.
groupby specifies how to group pipeline. The Accepted is one of "all", "individual". Default is "all"
default:
all!Deprecated in favor of actionid
"actions" defines the list of action configurations which need to be managed. They are triggered if any of the depending target is updated.
examples:
actions: default: kind: github/pullrequest scmid: default spec: automerge: true labels: - "dependencies"
"scms" defines the list of repository configuration used to fetch content from.
examples:
scms: default: kind: github spec: owner: "updatecli" repository: "updatecli" token: "${{ env "GITHUB_TOKEN" }}" branch: "main"
"sources" defines the list of Updatecli source definition.
example:
sources: # Source to retrieve the latest version of nodejs nodejs: name: Get latest nodejs version kind: json spec: file: https://nodejs.org/dist/index.json key: .(lts!=false).version
"conditions" defines the list of Updatecli condition definition.
example:
conditions: container: name: Check if Updatecli container image for tag "v0.63.0" exists kind: dockerimage spec: image: "updatecli/updatecli:latest" tag: "v0.63.0"
targets defines the list of Updatecli target definition.
example:
targets: default: name: 'ci: update Golangci-lint version to {{ source "default" }}' kind: yaml spec: file: .github/workflows/go.yaml key: $.jobs.build.steps[2].with.version scmid: default sourceid: default ---
"version" defines the minimum Updatecli version compatible with the manifest
Labels contains user defined labels attached to the pipeline.
Labels are arbitrary key/value pairs that can be used to categorize or select pipelines. They are typically used for filtering pipelines when running Updatecli, for example to only run pipelines matching a given environment, operating system, or team.