Helm Chart dependencies from OCI registries are not looked up #23499
-
How are you running Renovate?Mend Renovate hosted app on github.com If you're self-hosting Renovate, tell us what version of Renovate you run.No response If you're self-hosting Renovate, select which platform you are using.None Was this something which used to work for you, and then stopped?I am trying to get this working for the first time Describe the problemWe have Helm charts which contain references to other Helm charts in an OCI registry, for example: apiVersion: v2
name: name-of-chart
dependencies:
- name: configure-alertmanager-operator
repository: oci:https://ghcr.io/<organization>/charts
version: 0.0.1 Renovate is configured to authenticate via {
"$schema": "https://docs.renovatebot.com/renovate-schema.json",
"extends": [
"config:base"
],
"hostRules": [
{
"hostType": "docker",
"matchHost": "ghcr.io/<organization>",
"encrypted": {
"username": "...",
"password": "..."
}
},
{
"hostType": "docker",
"matchHost": "https://ghcr.io/<organization>/charts",
"encrypted": {
"username": "...",
"password": "..."
}
}
] When Renovate runs it responds with When Renovate detects this Helm chart and extracts its dependencies, it labels the Helm chart as a docker datasource: {
"currentValue": "0.0.1",
"datasource": "docker",
"depName": "configure-alertmanager-operator",
"packageName": "ghcr.io/<organization>/charts/configure-alertmanager-operator",
"versioning": "docker",
"warnings": [
{
"topic": "ghcr.io/<organization>/charts/configure-alertmanager-operator",
"message": "Failed to look up docker package ghcr.io/<organization>/charts/configure-alertmanager-operator"
}
],
"updates": []
}, When it finds chart repositories, it seems to exclude OCI registries and seem to treat OCI charts purely as docker datasources: https://github.com/renovatebot/renovate/blob/main/lib/modules/manager/helmv3/artifacts.ts#L58 Is support for Helm charts dependencies in OCI registries not supported? Since the dependencies are not docker images, I'm not clear on how treating them as docker datasources will work? $ docker login ghcr.io/<organization>
Authenticating with existing credentials...
Login Succeeded
$ docker pull ghcr.io/<organization>/charts/configure-alertmanager-operator:0.0.1
0.0.1: Pulling from <organization>/charts/configure-alertmanager-operator
unsupported media type application/vnd.cncf.helm.config.v1+json
$ docker images
REPOSITORY TAG IMAGE ID CREATED SIZE versus $ helm registry login ghcr.io
Username: <organization>-user
Password:
Login Succeeded
$ helm pull oci:https://ghcr.io/<organization>/charts/configure-alertmanager-operator
Pulled: ghcr.io/<organization>/charts/configure-alertmanager-operator:0.0.1
Digest: sha256:... What are we doing wrong? Is the regex manager to be used and the dependencies to be treated as helm datasources? Relevant debug logsNo response Have you created a minimal reproduction repository?I have linked to a minimal reproduction in the description above |
Beta Was this translation helpful? Give feedback.
Replies: 2 comments 9 replies
-
@rarkins would appreciate some hints how to deal with this 🙇♂️ |
Beta Was this translation helpful? Give feedback.
-
Finally got it working, pasting my config here for reference: {
"$schema": "https://docs.renovatebot.com/renovate-schema.json",
"extends": [
"config:base"
],
"labels": [
"dependencies"
],
"prConcurrentLimit": 0,
"hostRules": [
{
"hostType": "docker",
"matchHost": "ghcr.io",
"username": "<user>",
"encrypted": {
"password": "<encrypted for org where github app is running and for org where charts reside>"
}
}
],
"regexManagers": [
{
"fileMatch": [
"tasks\/.*\\.y[a]?ml$"
],
"matchStrings": [
"chart_ref:\\s*oci:\/\/(?<registryUrl>.*)[\/](?<depName>.*)\\s*chart_version:\\s*(?<currentValue>.*)"
],
"datasourceTemplate": "docker"
}
]
} The issue seemed to be that the multiple |
Beta Was this translation helpful? Give feedback.
Finally got it working, pasting my config here for reference: