diff --git a/lib/modules/manager/flux/__fixtures__/kustomize.yaml b/lib/modules/manager/flux/__fixtures__/kustomize.yaml new file mode 100644 index 00000000000000..1beb796c8d40d7 --- /dev/null +++ b/lib/modules/manager/flux/__fixtures__/kustomize.yaml @@ -0,0 +1,16 @@ +apiVersion: kustomize.toolkit.fluxcd.io/v1 +kind: Kustomization +metadata: + name: podinfo + namespace: flux-system +spec: + images: + - name: podinfo + newName: my-registry/podinfo + newTag: v1 + - name: podinfo + newTag: 1.8.0 + - name: podinfo + newName: my-podinfo + - name: podinfo + digest: sha256:24a0c4b4a4c0eb97a1aabb8e29f18e917d05abfe1b7a7c07857230879ce7d3d3 diff --git a/lib/modules/manager/flux/extract.spec.ts b/lib/modules/manager/flux/extract.spec.ts index f754ec6dc5981d..f8706f114625a4 100644 --- a/lib/modules/manager/flux/extract.spec.ts +++ b/lib/modules/manager/flux/extract.spec.ts @@ -634,6 +634,68 @@ describe('modules/manager/flux/extract', () => { }); }); + it('extracts Kustomization', () => { + const result = extractPackageFile( + codeBlock` + apiVersion: kustomize.toolkit.fluxcd.io/v1 + kind: Kustomization + metadata: + name: podinfo + namespace: flux-system + spec: + images: + - name: podinfo + newName: my-registry/podinfo + newTag: v1 + - name: podinfo + newTag: 1.8.0 + - name: podinfo + newName: my-podinfo + - name: podinfo + digest: sha256:24a0c4b4a4c0eb97a1aabb8e29f18e917d05abfe1b7a7c07857230879ce7d3d3 + `, + 'test.yaml', + ); + expect(result).toEqual({ + deps: [ + { + autoReplaceStringTemplate: + '{{newValue}}{{#if newDigest}}@{{newDigest}}{{/if}}', + currentDigest: undefined, + currentValue: 'v1', + datasource: 'docker', + depName: 'my-registry/podinfo', + replaceString: 'v1', + }, + { + autoReplaceStringTemplate: + '{{newValue}}{{#if newDigest}}@{{newDigest}}{{/if}}', + currentDigest: undefined, + currentValue: '1.8.0', + datasource: 'docker', + depName: 'podinfo', + replaceString: '1.8.0', + }, + { + currentDigest: undefined, + currentValue: undefined, + datasource: 'docker', + depName: 'my-podinfo', + replaceString: 'my-podinfo', + }, + { + currentDigest: + 'sha256:24a0c4b4a4c0eb97a1aabb8e29f18e917d05abfe1b7a7c07857230879ce7d3d3', + currentValue: undefined, + datasource: 'docker', + depName: 'podinfo', + replaceString: + 'sha256:24a0c4b4a4c0eb97a1aabb8e29f18e917d05abfe1b7a7c07857230879ce7d3d3', + }, + ], + }); + }); + it('ignores resources of an unknown kind', () => { const result = extractPackageFile( codeBlock` diff --git a/lib/modules/manager/flux/extract.ts b/lib/modules/manager/flux/extract.ts index 1bf9258c57036e..9e509b3d71ad5a 100644 --- a/lib/modules/manager/flux/extract.ts +++ b/lib/modules/manager/flux/extract.ts @@ -1,5 +1,6 @@ import is from '@sindresorhus/is'; import { logger } from '../../../logger'; +import { coerceArray } from '../../../util/array'; import { readLocalFile } from '../../../util/fs'; import { regEx } from '../../../util/regex'; import { parseYaml } from '../../../util/yaml'; @@ -13,6 +14,7 @@ import { GitlabTagsDatasource } from '../../datasource/gitlab-tags'; import { HelmDatasource } from '../../datasource/helm'; import { getDep } from '../dockerfile/extract'; import { isOCIRegistry, removeOCIPrefix } from '../helmv3/oci'; +import { extractImage } from '../kustomize/extract'; import type { ExtractConfig, PackageDependency, @@ -226,6 +228,15 @@ function resolveResourceManifest( deps.push(dep); break; } + + case 'Kustomization': { + for (const image of coerceArray(resource.spec.images)) { + const dep = extractImage(image, registryAliases); + if (dep) { + deps.push(dep); + } + } + } } } return deps; diff --git a/lib/modules/manager/flux/readme.md b/lib/modules/manager/flux/readme.md index 5e5e5f6b3b7da8..f13c99c7ebf4af 100644 --- a/lib/modules/manager/flux/readme.md +++ b/lib/modules/manager/flux/readme.md @@ -28,6 +28,10 @@ Renovate can update `git` references from `GitRepository` resources. The `flux` manager only updates `GitRepository` fields that have a `tag` or `commit` key. +### Kustomization support + +Renovate can update `image`[^1] references from `Kustomization` resources. + ### OCIRepository support Renovate can update `oci` references from `OCIRepository` resources. @@ -81,3 +85,5 @@ If instead you have all your Flux manifests inside a `flux/` directory, you woul ### Versioning If you need to change the versioning format, read the [versioning](../../versioning/index.md) documentation to learn more. + +[^1]: diff --git a/lib/modules/manager/flux/schema.ts b/lib/modules/manager/flux/schema.ts index 5030ab16ef5aed..8e4870b2245bf3 100644 --- a/lib/modules/manager/flux/schema.ts +++ b/lib/modules/manager/flux/schema.ts @@ -70,7 +70,25 @@ export const OCIRepository = KubernetesResource.extend({ }), }); +export const Kustomization = KubernetesResource.extend({ + apiVersion: z.string().startsWith('kustomize.toolkit.fluxcd.io/'), + kind: z.literal('Kustomization'), + spec: z.object({ + images: z + .array( + z.object({ + name: z.string(), + newName: z.string().optional(), + newTag: z.string().optional(), + digest: z.string().optional(), + }), + ) + .optional(), + }), +}); + export const FluxResource = HelmRelease.or(HelmRepository) .or(GitRepository) - .or(OCIRepository); + .or(OCIRepository) + .or(Kustomization); export type FluxResource = z.infer; diff --git a/lib/modules/manager/kustomize/types.ts b/lib/modules/manager/kustomize/types.ts index c42207daf51c8b..c122e79dd4f5aa 100644 --- a/lib/modules/manager/kustomize/types.ts +++ b/lib/modules/manager/kustomize/types.ts @@ -1,6 +1,6 @@ export interface Image { name: string; - newTag: string; + newTag?: string; newName?: string; digest?: string; }