Skip to content

Configure Renovate #18364

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Configure Renovate #18364

wants to merge 1 commit into from
+6 −0

Conversation

@elastic-renovate-prod
Copy link

@elastic-renovate-prod elastic-renovate-prod bot commented Oct 25, 2025
edited
Loading

Welcome to Renovate! This is an onboarding PR to help you understand and configure settings before regular Pull Requests begin.

🚦 To activate Renovate, merge this Pull Request. To disable Renovate, simply close this Pull Request unmerged.

Detected Package Files

  • .buildkite/pull_request_pipeline.yml (buildkite)
  • qa/Gemfile (bundler)
  • qa/integration/Gemfile (bundler)
  • qa/integration/fixtures/logstash-dummy-pack/Gemfile (bundler)
  • tools/logstash-docgen/Gemfile (bundler)
  • tools/paquet/Gemfile (bundler)
  • tools/paquet/spec/support/Gemfile (bundler)
  • x-pack/distributions/internal/observabilitySRE/qa/acceptance/docker/docker-compose.yml (docker-compose)
  • x-pack/distributions/internal/observabilitySRE/qa/smoke/docker/docker-compose.yml (docker-compose)
  • docker/templates/Dockerfile.erb (dockerfile)
  • x-pack/distributions/internal/observabilitySRE/docker/Dockerfile (dockerfile)
  • .github/workflows/backport-active.yml (github-actions)
  • .github/workflows/bump-java-version.yml (github-actions)
  • .github/workflows/bump-logstash.yml (github-actions)
  • .github/workflows/catalog-info.yml (github-actions)
  • .github/workflows/critical_vulnerability_scan.yml (github-actions)
  • .github/workflows/docs-build.yml (github-actions)
  • .github/workflows/docs-cleanup.yml (github-actions)
  • .github/workflows/gen_release_notes.yml (github-actions)
  • .github/workflows/github-commands-comment.yml (github-actions)
  • .github/workflows/lint_docs.yml (github-actions)
  • .github/workflows/logstash_project_board.yml (github-actions)
  • .github/workflows/mergify-labels-copier.yml (github-actions)
  • .github/workflows/platform_ingest_docs_project_board.yml (github-actions)
  • .github/workflows/platform_logstash_project_board.yml (github-actions)
  • .github/workflows/pre-commit.yml (github-actions)
  • .github/workflows/project-board-assigner.yml (github-actions)
  • .github/workflows/version_bumps.yml (github-actions)
  • docker/data/logstash/env2yaml/go.mod (gomod)
  • docker/ironbank/go/src/env2yaml/go.mod (gomod)
  • gradle.properties (gradle)
  • rubyUtils.gradle (gradle)
  • settings.gradle (gradle)
  • build.gradle (gradle)
  • buildSrc/build.gradle (gradle)
  • logstash-core/gradle.properties (gradle)
  • logstash-core/settings.gradle (gradle)
  • logstash-core/build.gradle (gradle)
  • logstash-core/benchmarks/gradle.properties (gradle)
  • logstash-core/benchmarks/build.gradle (gradle)
  • qa/integration/gradle.properties (gradle)
  • qa/integration/settings.gradle (gradle)
  • qa/integration/build.gradle (gradle)
  • tools/benchmark-cli/gradle.properties (gradle)
  • tools/benchmark-cli/build.gradle (gradle)
  • tools/dependencies-report/gradle.properties (gradle)
  • tools/dependencies-report/build.gradle (gradle)
  • tools/jvm-options-parser/gradle.properties (gradle)
  • tools/jvm-options-parser/build.gradle (gradle)
  • x-pack/gradle.properties (gradle)
  • x-pack/settings.gradle (gradle)
  • x-pack/build.gradle (gradle)
  • x-pack/distributions/internal/observabilitySRE/build-ext.gradle (gradle)
  • gradle/wrapper/gradle-wrapper.properties (gradle-wrapper)
  • .buildkite/scripts/health-report-tests/requirements.txt (pip_requirements)
  • .ruby-version (ruby-version)
  • docker/templates/Dockerfile.erb (regex)
  • x-pack/distributions/internal/observabilitySRE/docker/Dockerfile (regex)
  • x-pack/distributions/internal/observabilitySRE/docker/Dockerfile (regex)
  • .buildkite/benchmark_marathon_pipeline.yml (regex)
  • .buildkite/benchmark_pipeline.yml (regex)
  • .buildkite/health_report_tests_pipeline.yml (regex)
  • .buildkite/pull_request_pipeline.yml (regex)
  • .buildkite/serverless_integration_pipeline.yml (regex)
  • .buildkite/snyk_report_pipeline.yml (regex)
  • .buildkite/supported_plugins_test_pipeline.yml (regex)
  • docs/reference/docker-config.md (regex)
  • docker/templates/Dockerfile.erb (regex)
  • x-pack/distributions/internal/observabilitySRE/docker/Dockerfile (regex)
  • x-pack/distributions/internal/observabilitySRE/docker/Dockerfile (regex)
  • .buildkite/benchmark_marathon_pipeline.yml (regex)
  • .buildkite/benchmark_pipeline.yml (regex)
  • .buildkite/health_report_tests_pipeline.yml (regex)
  • .buildkite/pull_request_pipeline.yml (regex)
  • .buildkite/serverless_integration_pipeline.yml (regex)
  • .buildkite/snyk_report_pipeline.yml (regex)
  • .buildkite/supported_plugins_test_pipeline.yml (regex)
  • docs/reference/docker-config.md (regex)

Configuration Summary

Based on the default config's presets, Renovate will:

  • Start dependency updates only once this onboarding PR is merged
  • Chainguard Renovate configuration (https://ela.st/wolfi)
  • Renovate configuration to manage containers in docker.elastic.co/ci-agent-images/*. This is included by default and doesn't need to be explicitly pulled in
  • Chainguard Renovate configuration (https://ela.st/wolfi)
  • Renovate configuration to manage containers in docker.elastic.co/ci-agent-images/*. This is included by default and doesn't need to be explicitly pulled in
  • Enable Renovate Dependency Dashboard creation.
  • Use semantic commit type fix for dependencies and chore for all others if semantic commits are in use.
  • Ignore node_modules, bower_components, vendor and various test/tests (except for nuget) directories.
  • Group known monorepo packages together.
  • Use curated list of recommended non-monorepo package groupings.
  • Apply crowd-sourced package replacement rules.
  • Apply crowd-sourced workarounds for known problems with packages.
  • Pin Docker digests.
  • Pin github-action digests.
  • Enable Renovate configuration migration PRs when needed.
  • Pin dependency versions for devDependencies.
  • Shared Renovate configuration for an out-of-the-box set of defaults for Renovate at Elastic

🔡 Do you want to change how Renovate upgrades your dependencies? Add your custom config to renovate.json in this branch. Renovate will update the Pull Request description the next time it runs.

What to Expect

With your current configuration, Renovate will create 46 Pull Requests:

Pin dependencies
  • Schedule: ["at any time"]
  • Branch name: renovate/pin-dependencies
  • Merge into: main
  • Upgrade actions/checkout to 08c6903cd8c0fde910a37f88322edcfb5dd907a8
  • Upgrade actions/github-script to ed597411d8f924073f98dfc5c65a23a2325f34cd
  • Upgrade actions/setup-node to 2028fbc5c25fe9cf00d9f06a71cc4710d4507903
  • Upgrade docker.elastic.co/ci-agent-images/buildkite-junit-annotate to sha256:d8e103cb729cdb4192db977e56610e9ff8e7b76fd6e61363d1354a67d6fb59a0
  • Upgrade docker.elastic.co/ci-agent-images/platform-ingest/buildkite-agent-logstash-ci to sha256:3494bd811ca84bef263ad1823cc89b4fa3b6ff06e6bc560ca50cc0a0ece65a17
  • Upgrade docker.elastic.co/ci-agent-images/platform-ingest/buildkite-agent-logstash-ci-no-root to sha256:3965156f49ece5d6d2a6655f3d7dafb965e529e3c002e5153aa53d91b338f2d2
  • Upgrade docker.elastic.co/logstash/logstash to sha256:1f4a0478d687c87ec18fd75620e30bcd7cbfa34014753c4c78a5defa11ff3ca6
  • Upgrade elastic/oblt-actions to 902cf57b569c29ab1c421e4ef65dbf589d685303
Pin docker.elastic.co/wolfi/chainguard-base-fips Docker tag to 3265e43
  • Schedule: ["at any time"]
  • Branch name: renovate/wolfi-versioned
  • Merge into: main
  • Upgrade docker.elastic.co/wolfi/chainguard-base-fips to sha256:3265e43843c2c8ad842dacd792a44a518e7e73a7d3eec2112bd9b55a19ade88d
Update dependency com.github.luben:zstd-jni to v1.5.7-6
  • Schedule: ["at any time"]
  • Branch name: renovate/com.github.luben-zstd-jni-1.x
  • Merge into: main
  • Upgrade com.github.luben:zstd-jni to 1.5.7-6
Update dependency commons-logging:commons-logging to v1.3.5
Update dependency jacoco to v0.8.14
  • Schedule: ["at any time"]
  • Branch name: renovate/jacoco-0.x
  • Merge into: main
  • Upgrade jacoco to 0.8.14
Update dependency org.codehaus.janino:janino to v3.1.12
  • Schedule: ["at any time"]
  • Branch name: renovate/org.codehaus.janino-janino-3.x
  • Merge into: main
  • Upgrade org.codehaus.janino:janino to 3.1.12
Update dependency org.slf4j:slf4j-api to v1.7.36
  • Schedule: ["at any time"]
  • Branch name: renovate/slf4j-monorepo
  • Merge into: main
  • Upgrade org.slf4j:slf4j-api to 1.7.36
Update dependency pyyaml to v6.0.3
  • Schedule: ["at any time"]
  • Branch name: renovate/pyyaml-6.x
  • Merge into: main
  • Upgrade pyyaml to ==6.0.3
Update dependency requests to v2.32.5
  • Schedule: ["at any time"]
  • Branch name: renovate/requests-2.x
  • Merge into: main
  • Upgrade requests to ==2.32.5
Update plugin com.dorongold.task-tree to v2.1.1
  • Schedule: ["at any time"]
  • Branch name: renovate/com.dorongold.task-tree-2.x
  • Merge into: main
  • Upgrade com.dorongold.task-tree to 2.1.1
Update dependency com.google.googlejavaformat:google-java-format to v1.31.0
Update dependency com.google.guava:guava to v33.5.0-jre
  • Schedule: ["at any time"]
  • Branch name: renovate/guava-monorepo
  • Merge into: main
  • Upgrade com.google.guava:guava to 33.5.0-jre
Update dependency commons-codec:commons-codec to v1.19.0
  • Schedule: ["at any time"]
  • Branch name: renovate/commons-codec-commons-codec-1.x
  • Merge into: main
  • Upgrade commons-codec:commons-codec to 1.19.0
Update dependency commons-io:commons-io to v2.20.0
  • Schedule: ["at any time"]
  • Branch name: renovate/commons-io-commons-io-2.x
  • Merge into: main
  • Upgrade commons-io:commons-io to 2.20.0
Update dependency de.undercouch:gradle-download-task to v4.1.2
Update dependency gradle to v8.14.3
  • Schedule: ["at any time"]
  • Branch name: renovate/gradle-8.x
  • Merge into: main
  • Upgrade gradle to 8.14.3
Update dependency joda-time:joda-time to v2.14.0
  • Schedule: ["at any time"]
  • Branch name: renovate/joda-time-joda-time-2.x
  • Merge into: main
  • Upgrade joda-time:joda-time to 2.14.0
Update dependency net.javacrumbs.json-unit:json-unit to v2.40.1
Update dependency org.apache.commons:commons-compress to v1.28.0
Update dependency org.apache.commons:commons-csv to v1.14.1
  • Schedule: ["at any time"]
  • Branch name: renovate/org.apache.commons-commons-csv-1.x
  • Merge into: main
  • Upgrade org.apache.commons:commons-csv to 1.14.1
Update dependency org.apache.commons:commons-lang3 to v3.19.0
Update dependency org.assertj:assertj-core to v3.27.6
  • Schedule: ["at any time"]
  • Branch name: renovate/org.assertj-assertj-core-3.x
  • Merge into: main
  • Upgrade org.assertj:assertj-core to 3.27.6
Update dependency org.awaitility:awaitility to v4.3.0
  • Schedule: ["at any time"]
  • Branch name: renovate/org.awaitility-awaitility-4.x
  • Merge into: main
  • Upgrade org.awaitility:awaitility to 4.3.0
Update dependency org.bouncycastle:bc-fips to v2.1.2
  • Schedule: ["at any time"]
  • Branch name: renovate/org.bouncycastle-bc-fips-2.x
  • Merge into: main
  • Upgrade org.bouncycastle:bc-fips to 2.1.2
Update dependency org.bouncycastle:bcpkix-fips to v2.1.10
  • Schedule: ["at any time"]
  • Branch name: renovate/org.bouncycastle-bcpkix-fips-2.x
  • Merge into: main
  • Upgrade org.bouncycastle:bcpkix-fips to 2.1.10
Update dependency org.bouncycastle:bctls-fips to v2.1.22
  • Schedule: ["at any time"]
  • Branch name: renovate/org.bouncycastle-bctls-fips-2.x
  • Merge into: main
  • Upgrade org.bouncycastle:bctls-fips to 2.1.22
Update dependency org.bouncycastle:bcutil-fips to v2.1.5
  • Schedule: ["at any time"]
  • Branch name: renovate/org.bouncycastle-bcutil-fips-2.x
  • Merge into: main
  • Upgrade org.bouncycastle:bcutil-fips to 2.1.5
Update dependency org.junit.jupiter:junit-jupiter-api to v5.14.0
Update dependency org.junit.jupiter:junit-jupiter-engine to v5.14.0
Update dependency org.wiremock:wiremock-standalone to v3.13.1
Update dependency org.yaml:snakeyaml to v2.5
  • Schedule: ["at any time"]
  • Branch name: renovate/org.yaml-snakeyaml-2.x
  • Merge into: main
  • Upgrade org.yaml:snakeyaml to 2.5
Update docker.elastic.co/logstash/logstash Docker tag to v9.2.0
  • Schedule: ["at any time"]
  • Branch name: renovate/docker.elastic.co-logstash-logstash-9.x
  • Merge into: main
  • Upgrade docker.elastic.co/logstash/logstash to sha256:9f2fdd02a00d9c14188840f3189229bb3d3bb61873de88563e49a6891e710490
Update log4j2 monorepo to v2.25.2
Update module gopkg.in/yaml.v2 to v2.4.0
  • Schedule: ["at any time"]
  • Branch name: renovate/gopkg.in-yaml.v2-2.x
  • Merge into: main
  • Upgrade gopkg.in/yaml.v2 to v2.4.0
Update plugin de.undercouch.download to v4.1.2
  • Schedule: ["at any time"]
  • Branch name: renovate/de.undercouch.download-4.x
  • Merge into: main
  • Upgrade de.undercouch.download to 4.1.2
Update dependency de.undercouch:gradle-download-task to v5
Update dependency gradle to v9
  • Schedule: ["at any time"]
  • Branch name: renovate/gradle-9.x
  • Merge into: main
  • Upgrade gradle to 9.1.0
Update dependency net.javacrumbs.json-unit:json-unit to v5
Update dependency org.elasticsearch.client:elasticsearch-rest-client to v9
Update dependency org.junit.jupiter:junit-jupiter-api to v6
Update dependency org.junit.jupiter:junit-jupiter-engine to v6
Update dependency org.slf4j:slf4j-api to v2
  • Schedule: ["at any time"]
  • Branch name: renovate/major-slf4j-monorepo
  • Merge into: main
  • Upgrade org.slf4j:slf4j-api to 2.0.17
Update javahamcrest monorepo to v3 (major)
Update module gopkg.in/yaml.v2 to v3
  • Schedule: ["at any time"]
  • Branch name: renovate/gopkg.in-yaml.v2-3.x
  • Merge into: main
  • Upgrade gopkg.in/yaml.v2 to v3.0.1
Update plugin com.dorongold.task-tree to v4
  • Schedule: ["at any time"]
  • Branch name: renovate/com.dorongold.task-tree-4.x
  • Merge into: main
  • Upgrade com.dorongold.task-tree to 4.0.1
Update plugin de.undercouch.download to v5
  • Schedule: ["at any time"]
  • Branch name: renovate/de.undercouch.download-5.x
  • Merge into: main
  • Upgrade de.undercouch.download to 5.6.0

🚸 Branch creation will be limited to maximum 2 per hour, so it doesn't swamp any CI resources or overwhelm the project. See docs for prhourlylimit for details.

❓ Got questions? Check out Renovate's Docs, particularly the Getting Started section.
If you need any further assistance then you can also request help here.

This PR has been generated by Renovate Bot.

@github-actions
Copy link
Contributor

🤖 GitHub comments

Expand to view the GitHub comments

Just comment with:

  • run docs-build : Re-trigger the docs validation. (use unformatted text in the comment!)

@mergify
Copy link
Contributor

mergify bot commented Oct 25, 2025

This pull request does not have a backport label. Could you fix it @elastic-renovate-prod[bot]? 🙏
To fixup this pull request, you need to add the backport labels for the needed
branches, such as:

  • backport-8./d is the label to automatically backport to the 8./d branch. /d is the digit.
  • If no backport is necessary, please add the backport-skip label

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant