Add support for Renovate to detect and update Docker image versions
defined in Terraform files using annotation comments.
Changes:
- Add 3 regex managers to config.js.tpl for different annotation patterns:
- Basic: # renovate: datasource=docker
- With versioning: # renovate: datasource=docker versioning=semver
- Separate variable: # renovate: datasource=docker depName=redis
- Update README.md with comprehensive Docker container annotation docs
- Update QUICKSTART.md with Terraform Docker container examples
- Add example-annotated-containers.tf with usage patterns
This enables Renovate to automatically create PRs when Docker images
used in Terraform container definitions have updates available.
Comprehensive documentation cleanup to align with current implementation
and remove outdated/confusing content.
DELETED:
- SUMMARY.md - Historical migration document from Ansible EDA to Renovate
(migration is complete, document no longer needed)
UPDATED README.md Variables Section:
- Split into "Terraform Variables" and "Vault-Stored Configuration" sections
- Removed 5 incorrectly documented variables that are actually stored in Vault:
* renovate_platform, renovate_endpoint, renovate_token
* renovate_git_author, renovate_username
- Added missing variable documentation:
* dns_servers (list of DNS servers for hostname resolution)
* vault_skip_tls_verify (skip TLS verification for Vault)
- Fixed log_level default value: "info" → "debug" (matches variables.tf)
- Added clear explanation that Vault keys are NOT Terraform variables
- Added reference to "Store Credentials in Vault" section
UPDATED QUICKSTART.md Troubleshooting:
- Added DNS resolution error troubleshooting section
- Documents ENOTFOUND errors and how to resolve them
- Provides diagnostic commands (dig @DNS_SERVER hostname)
- Shows how to configure dns_servers variable
- Explains hostname verification (git.bsdserver.nl vs gitea.bsdserver.nl)
- Provides alternative solution (use IP address instead of hostname)
These changes ensure documentation accurately reflects:
- Current implementation (Vault-based credential storage)
- All available configuration options (including dns_servers)
- Correct default values
- Clear separation between TF vars and Vault-stored config
- Complete troubleshooting guidance for common issues
Updated comprehensive documentation across README, QUICKSTART, and
MIGRATION_GUIDE to clarify that Renovate credentials are stored in
HashiCorp Vault, not passed as Terraform variables.
Changes to README.md:
- Added detailed Vault setup section in Gitea Bot Setup
- Documented all 5 required keys in secret/renovate path
- Added vault kv put example with all required fields
- Added token regeneration instructions
- Clarified prerequisites to include Vault secret requirements
- Emphasized CRITICAL nature of Vault storage
Changes to QUICKSTART.md:
- Added comprehensive Step 3: Store Credentials in Vault
- Included complete vault kv put command with all keys
- Added verification steps with expected output
- Listed common mistakes to avoid (missing username, wrong endpoint, etc.)
- Updated Step 4 to clarify tfvars only needs Vault auth
- Renumbered subsequent steps (5-9)
- Added environment variable verification in Step 6
- Added troubleshooting steps for authentication errors
Changes to MIGRATION_GUIDE.md:
- Clearly separated Vault-stored config from Terraform variables
- Added vault kv put example in New Required Configuration section
- Updated migration steps to include Vault credential storage
- Clarified that renovate_endpoint and renovate_token are NOT tfvars
- Listed all 5 required Vault keys with descriptions
These changes address the authentication failures caused by:
- Missing renovate_username in environment variables
- Confusion about where credentials should be stored
- Token regeneration without updating Vault
All documentation now consistently emphasizes the Vault-first approach
and provides clear, copy-paste-ready commands for proper setup.
Complete rewrite of the module to deploy a Renovate bot for automated
dependency management with Gitea integration.
Breaking Changes:
- Module purpose changed from Ansible EDA to Renovate bot
- All variables restructured for Renovate configuration
- State file path updated to home/docker/renovate/renovate.tfstate
- Volumes changed from EDA rulebooks/logs to config/cache
- Container image now uses renovate/renovate:latest
Added:
- Gitea platform integration with token authentication
- Renovate configuration template (config.js.tpl)
- Repository configuration examples
- Gitea Actions workflow examples
- SonarQube integration examples
- Comprehensive documentation (README, QUICKSTART, MIGRATION_GUIDE)
- CHANGELOG.md for version tracking
- Security best practices
Removed:
- All Ansible EDA-specific configuration
- Traefik labels (not needed for Renovate)
- Old EDA documentation files
- example-rulebook.yml
Updated:
- Complete README with Gitea setup instructions
- terraform.tfvars with Renovate configuration
- All resource names from ansible_eda to renovate
- Backend state path
This is version 2.0.0 - not backward compatible with previous EDA version.
See MIGRATION_GUIDE.md for detailed migration instructions.
