terraform-docker-renovate

wbyc/terraform-docker-renovate

Fork 0

Commit Graph

Author	SHA1	Message	Date
Patrick de Ruiter	906d000e8e	docs: Update all documentation with Vault credential requirements All checks were successful Code Quality & Security Scan / Tfsec Security Scan (push) Successful in 36s Details Code Quality & Security Scan / Checkov Security Scan (push) Successful in 31s Details Code Quality & Security Scan / TFLint (push) Successful in 21s Details Code Quality & Security Scan / Terraform Destroy (push) Has been skipped Details Code Quality & Security Scan / Terraform Validate (push) Successful in 32s Details Code Quality & Security Scan / SonarQube Scan (push) Successful in 42s Details Code Quality & Security Scan / Terraform Plan (push) Successful in 1m22s Details Code Quality & Security Scan / Terraform Apply (push) Successful in 1m57s Details Updated comprehensive documentation across README, QUICKSTART, and MIGRATION_GUIDE to clarify that Renovate credentials are stored in HashiCorp Vault, not passed as Terraform variables. Changes to README.md: - Added detailed Vault setup section in Gitea Bot Setup - Documented all 5 required keys in secret/renovate path - Added vault kv put example with all required fields - Added token regeneration instructions - Clarified prerequisites to include Vault secret requirements - Emphasized CRITICAL nature of Vault storage Changes to QUICKSTART.md: - Added comprehensive Step 3: Store Credentials in Vault - Included complete vault kv put command with all keys - Added verification steps with expected output - Listed common mistakes to avoid (missing username, wrong endpoint, etc.) - Updated Step 4 to clarify tfvars only needs Vault auth - Renumbered subsequent steps (5-9) - Added environment variable verification in Step 6 - Added troubleshooting steps for authentication errors Changes to MIGRATION_GUIDE.md: - Clearly separated Vault-stored config from Terraform variables - Added vault kv put example in New Required Configuration section - Updated migration steps to include Vault credential storage - Clarified that renovate_endpoint and renovate_token are NOT tfvars - Listed all 5 required Vault keys with descriptions These changes address the authentication failures caused by: - Missing renovate_username in environment variables - Confusion about where credentials should be stored - Token regeneration without updating Vault All documentation now consistently emphasizes the Vault-first approach and provides clear, copy-paste-ready commands for proper setup.	2025-11-19 13:59:25 +01:00
Patrick de Ruiter	d417281ee0	feat: Repurpose module from Ansible EDA to Renovate bot deployment Complete rewrite of the module to deploy a Renovate bot for automated dependency management with Gitea integration. Breaking Changes: - Module purpose changed from Ansible EDA to Renovate bot - All variables restructured for Renovate configuration - State file path updated to home/docker/renovate/renovate.tfstate - Volumes changed from EDA rulebooks/logs to config/cache - Container image now uses renovate/renovate:latest Added: - Gitea platform integration with token authentication - Renovate configuration template (config.js.tpl) - Repository configuration examples - Gitea Actions workflow examples - SonarQube integration examples - Comprehensive documentation (README, QUICKSTART, MIGRATION_GUIDE) - CHANGELOG.md for version tracking - Security best practices Removed: - All Ansible EDA-specific configuration - Traefik labels (not needed for Renovate) - Old EDA documentation files - example-rulebook.yml Updated: - Complete README with Gitea setup instructions - terraform.tfvars with Renovate configuration - All resource names from ansible_eda to renovate - Backend state path This is version 2.0.0 - not backward compatible with previous EDA version. See MIGRATION_GUIDE.md for detailed migration instructions.	2025-11-17 00:32:51 +01:00

Author

SHA1

Message

Date

Patrick de Ruiter

906d000e8e

docs: Update all documentation with Vault credential requirements

Code Quality & Security Scan / Tfsec Security Scan (push) Successful in 36s

Details

Code Quality & Security Scan / Checkov Security Scan (push) Successful in 31s

Details

Code Quality & Security Scan / TFLint (push) Successful in 21s

Details

Code Quality & Security Scan / Terraform Destroy (push) Has been skipped

Details

Code Quality & Security Scan / Terraform Validate (push) Successful in 32s

Details

Code Quality & Security Scan / SonarQube Scan (push) Successful in 42s

Details

Code Quality & Security Scan / Terraform Plan (push) Successful in 1m22s

Details

Code Quality & Security Scan / Terraform Apply (push) Successful in 1m57s

Details

Updated comprehensive documentation across README, QUICKSTART, and
MIGRATION_GUIDE to clarify that Renovate credentials are stored in
HashiCorp Vault, not passed as Terraform variables.

Changes to README.md:
- Added detailed Vault setup section in Gitea Bot Setup
- Documented all 5 required keys in secret/renovate path
- Added vault kv put example with all required fields
- Added token regeneration instructions
- Clarified prerequisites to include Vault secret requirements
- Emphasized CRITICAL nature of Vault storage

Changes to QUICKSTART.md:
- Added comprehensive Step 3: Store Credentials in Vault
- Included complete vault kv put command with all keys
- Added verification steps with expected output
- Listed common mistakes to avoid (missing username, wrong endpoint, etc.)
- Updated Step 4 to clarify tfvars only needs Vault auth
- Renumbered subsequent steps (5-9)
- Added environment variable verification in Step 6
- Added troubleshooting steps for authentication errors

Changes to MIGRATION_GUIDE.md:
- Clearly separated Vault-stored config from Terraform variables
- Added vault kv put example in New Required Configuration section
- Updated migration steps to include Vault credential storage
- Clarified that renovate_endpoint and renovate_token are NOT tfvars
- Listed all 5 required Vault keys with descriptions

These changes address the authentication failures caused by:
- Missing renovate_username in environment variables
- Confusion about where credentials should be stored
- Token regeneration without updating Vault

All documentation now consistently emphasizes the Vault-first approach
and provides clear, copy-paste-ready commands for proper setup.

2025-11-19 13:59:25 +01:00

Patrick de Ruiter

d417281ee0

feat: Repurpose module from Ansible EDA to Renovate bot deployment

Complete rewrite of the module to deploy a Renovate bot for automated
dependency management with Gitea integration.

Breaking Changes:
- Module purpose changed from Ansible EDA to Renovate bot
- All variables restructured for Renovate configuration
- State file path updated to home/docker/renovate/renovate.tfstate
- Volumes changed from EDA rulebooks/logs to config/cache
- Container image now uses renovate/renovate:latest

Added:
- Gitea platform integration with token authentication
- Renovate configuration template (config.js.tpl)
- Repository configuration examples
- Gitea Actions workflow examples
- SonarQube integration examples
- Comprehensive documentation (README, QUICKSTART, MIGRATION_GUIDE)
- CHANGELOG.md for version tracking
- Security best practices

Removed:
- All Ansible EDA-specific configuration
- Traefik labels (not needed for Renovate)
- Old EDA documentation files
- example-rulebook.yml

Updated:
- Complete README with Gitea setup instructions
- terraform.tfvars with Renovate configuration
- All resource names from ansible_eda to renovate
- Backend state path

This is version 2.0.0 - not backward compatible with previous EDA version.
See MIGRATION_GUIDE.md for detailed migration instructions.

2025-11-17 00:32:51 +01:00

2 Commits