What is Renovate?
It is a tool that helps developers keep their software projects up to date. It automatically updates dependencies, such as libraries and packages, for security vulnerabilities and outdated versions.
How do I set up Renovate on Bitbucket Cloud?
Step 1 - Create an access token on your Bitbucket repo.
This will ensure Renovate has permission to create PRs on your behalf.
Step 2 - Create a pipeline variable using the Access Token as your value.
Creating a pipeline variable will make sure the pipeline that we will create to run Renovate will have access to the Access Token we created.
Step 3 - Create a JS file named renovate.js with the following code:
./renovate.js
module.exports = {
/**
* Tells which platform Renovate is on.
* See full platform support here
* https://docs.renovatebot.com/modules/platform/
*/
platform: 'bitbucket',
/**
* This is the Bitbucket variable we create on Step 2
*/
token: process.env.RENOVATE_TOKEN,
/**
* https://docs.renovatebot.com/self-hosted-configuration/#basedir
*/
baseDir: `${process.env.BITBUCKET_CLONE_DIR}/renovate`,
/**
* https://docs.renovatebot.com/self-hosted-configuration/#autodiscover
*/
autodiscover: true,
};
Step 4 - Create a JS file named renovate.json with the following code:
./renovate.json
{
"$schema": "https://docs.renovatebot.com/renovate-schema.json",
"enabledManagers": ["npm"],
"prHourlyLimit": 4,
"patch": { "enabled": true },
"minor": { "enabled": true },
"major": { "enabled": true },
"npmrc": "save-exact=true",
"labels": ["dependencies"]
}
This is a basic example of a configuration file that tells Renovate your preferences.
You can see the full list of configurations here:
https://docs.renovatebot.com/self-hosted-configuration
Step 5 - Create a custom bitbucket-pipelines.yml step that will run Renovate on a schedule.
./bitbucket-pipelines.yml
image: node:18.15-slim
pipelines:
custom:
'renovate':
- step:
name: Check for package updates
image: renovate/renovate:36.91-slim
caches:
- node
- docker
services:
- docker
script:
- export LOG_LEVEL=debug RENOVATE_CONFIG_FILE="$BITBUCKET_CLONE_DIR/renovate.js"
- renovate
2 things to note:
- Even if you are not using
bitbucket-pipelines.ymlthis step should be similar. - I am using the Renovate image version renovate/renovate:36.91-slim which might not be the latest for you. you can check the latest versions of Renovate here https://hub.docker.com/r/renovate/renovate/tags
Step 6 - Getting the changelog in each Renovate PR bot to appear.
In order to get a changelog for each PR we need to add a variable to our pipeline variables on Bitbucket with the key GITHUB_COM_TOKEN and the value should be generated from GitHub.
This is a weird one 😅
How to generate the token on Github?
- Go to https://github.com/settings/tokens
- Generate a classic token
Final Step
🎉🎉 Make sure all the code is pushed on your main Git branch (for some reason it doesn't work if renovate is not on the main branch 🤷)
Final Note
I hope this guide will save you some time to set it up 💪
Top comments (3)
Should Renovate Bot be registered somewhere?
I want a tool that will automatically check python dependencies updates across repos in Bitbucket workspace and create PRs.
Hi 👋
Apologies, I only saw your question now.
As far as I know, you don't need to register.
Hey! Hello! Welcome to the DEV Community, thanks for sharing your knowledge, I know these are the kind of stuff that take time to go around.