Integrate Renovate Bot Across All GitHub Repositories #30
Description
🎯 Goal
Automate dependency updates across all company repositories — including JavaScript/TypeScript, Python, Terraform, Docker, and any other language we use — by integrating Renovate Bot. This will help maintain security, stability, and up-to-date dependencies with minimal manual intervention.
📋 Deliverables
1. Renovate integration
- Configure Renovate for all repositories.
- Ensure compatibility with multiple ecosystems:
- JavaScript / TypeScript: npm, pnpm, yarn
- Python: pip, poetry
- Terraform: registry and module dependencies
- Docker: base image updates
- GitHub Actions: workflow version updates
- Provide a base Renovate configuration shared across repos (central
renovate.json) and allow repo-level overrides. - Run Renovate via GitHub Actions from the public repository as a reusable workflow.
2. Reusable GitHub Action
- Create a public GitHub Action that can:
- Run Renovate (using the renovate CLI container).
- Accept inputs:
token,config_path,schedule_override,automerge, etc. - Be used with
workflow_dispatchor a schedule trigger.
- Provide example workflows, usage docs, and a
renovate.jsontemplate.
3. Documentation & Blog Post
- Publish a blog post titled: "Automating Dependency Updates with Renovate Bot (for Any Language)"
- Include:
- Why this matters (security, reduced toil, faster upgrades).
- How Renovate works.
- Step-by-step integration guide (app install vs action).
- Real examples:
- Node.js monorepo
- Terraform infra repo
- Python service
- Sample
renovate.jsonentries and explanation of the most useful settings. - Screenshots and sample PRs (before/after).
- Links to the public GitHub Action repo and README.
- Share the blog post and include a README link in the repo.
✅ Acceptance Criteria
Renovate configuration
- Renovate successfully runs (PRs are opened) across target repositories (left to be promoted to all repos).
- Shared configuration file is centralized and reusable for:
- JS/TS (npm, yarn, pnpm)
- Python (pip, poetry)
- Terraform (registry and module dependencies)
- Docker (base img updates)
- Github Actions (workflow version updates)
- Renovate shows message on discord when creating a PR
### Blog related tasks
- Public GitHub Action works for any external repository.
- Blog post published with real examples and links.
- Public repo and blog post shared on social channels.
### Repos where Renovate is fully configured:
-
blog -
dash-ui -
dash-api -
dash-admin -
dash-coding-agent -
dash-entitlements-api -
dash-billing-api -
platform-eks-production -
platform-terraform-aws -
platform-terraform-github -
platform-user-management -
platform-prompt-api -
platform-tools-api -
platform-terraform-module-github-oidc-aws-role -
platform-reddit-inteligence -
platform-wordpress -
platform-demo-ui -
platform-leafcloud -
platform-gigas -
platform-agent
Repos im unsure Renovate should be added to:
-
Because are from clients:
zerintia-aws-testzerintia-eks-testplatform-arcelor-devspacezerintia-helm-testshockoe-workshope-nodejssotysolar-infra
-
Because are dash templates:
dash-templateshtml-templatemetabase-helm-chartnodejs-templategolang-templatereact-templateastro-templatejava-templatevue-templatejava-maven-templateplatform-eks-cncfbackstagecustomers
-
Because are public:
roadmapgithub-actionsplatform-github-actions
-
Because are charts:
platform-chartsdash-custom-helm-charts
-
Because I have no idea what this is:
medusa-starter-default.githubfinancesatlantis-apprunner-moduleidp-awskubeastronaut
Repos that won't have Renovate added to:
-
Because have no code:
docsinternal-technical-docsrenovate-config
-
Because are exercises:
exercise-templateexercise-lucia-lopezexercise-gonzalo-suarezexercise-dario-gutierrezexercise-maria-garcia
Edit October 29
Changed Acceptance Criteria so it now is a checked list instead of bullet points
Metadata
Metadata
Assignees
Labels
No labels