Show HN: Renovate – The Kubernetes-Native Way

(github.com)

32 points by JanLepsky4 hours ago

6 comments

c0balt2 hours ago
It is nice to see more work on renovate but your comparison, especially the points on filtering, license keys and discovery, seems misleading for at least GitLab.Both work with mend's renovate WITHOUT a license key, see also <a href="https://gitlab.com/renovate-bot/renovate-runner" rel="nofollow">https://gitlab.com/renovate-bot/renovate-runner</a>. As it is just a scheduled pipeline then you can also adjust frequency, timeouts and more.
- jamietanna1 hour ago
 I think the confusion is also because it's a comparison of Community Self-Hosted (CE) vs the pure Open Source CLI - the latter is what works without license keyI'll see if I can help with clarifying this in the table!(I'm a Renovate maintainer and employee at Mend)
rirze4 hours ago
I'm struggling to see how this operator helps-- is there some scenario that I cannot imagine that others are dealing with where this operator is useful? Specifically, what problems does this solve?
- baby_souffle3 hours ago
 Renovate lets you configure most things in each repos individual config file.I can only imagine a set of intersecting edge cases where operator pattern is the most logical solution…Edit: good answers here. <a href="https://old.reddit.com/r/kubernetes/comments/1r1u7um/renovate_the_kubernetesnative_way/o4sa061/" rel="nofollow">https://old.reddit.com/r/kubernetes/comments/1r1u7um/renovat...</a>
 - rirze3 hours ago
 So... helm without helm?
- JanLepsky3 hours ago
 There's several benefits we had in mind when building this (after using self-hosted Renovate ourselves): k8s-native approach: It uses CRDs, so that Renovate configs are Kubernetes resources. You can manage them more easily/granular with Argo/Flux/kubectl as part of existing workflows instead of a Cronjob. Job isolation: The operator spawns individual jobs per repo instead of one run. If a repo is stuck it doesn't block everything else. Webhook support: repos get updated immediately, not just on the next cron cycle. Visibility: There's a light-weight, built-in UI showing repos, job status, and progress.There's more on the Github repo, we added a full list of features and benefits to the readme.Of course, in the end it comes down to individual preferences :) Not saying one way is better than the other. We just felt that for us, the operator-based approach would work better and we're happy if the project is benefitial for others as well!
 - bryanlarsen3 hours ago
 Can you step back further and explain what Renovate and its competitors like Mend actually do, and what kind of tasks people use them for?
 - esafak3 hours ago
 To help you automate dependency updates, similar to dependabot.<a href="https://www.mend.io/renovate/" rel="nofollow">https://www.mend.io/renovate/</a><a href="https://github.blog/news-insights/product-news/keep-all-your-packages-up-to-date-with-dependabot/" rel="nofollow">https://github.blog/news-insights/product-news/keep-all-your...</a>
 - maverwa3 hours ago
 Mend is not a competitor, renovate is the software, mend is the company.They are tools that automatically check your repo for dependencies and create PRs when there are updates. It supports a wide range of package managers and other places dependencies may be specified.Dependabot is another solution which is more „GitHub-native“ maybe.
 - JanLepsky3 hours ago
 In short, Renovate (by Mend) is a dependency manager for software projects. It watches your repository for outdated libraries, packages, and frameworks and opens Pull Requests to update them.
 - jamietanna1 hour ago
 See also: <a href="https://news.ycombinator.com/item?id=40011111">https://news.ycombinator.com/item?id=40011111</a>(a blog post I wrote, prior to joining Mend and working as a Renovate maintainer)
Amol-9173 hours ago
news.ycombinator.com/item?id=43677067
genie3io4 hours ago
[dead]
Amol-9173 hours ago
[flagged]
andix4 hours ago
So that's an in-cluster supply chain attack enabler? :)