kpt icon indicating copy to clipboard operation
kpt copied to clipboard

Published 20 hours ago verified publisher icon kptdev

Automated dependency updates

Open bgrant0607 opened this issue 4 years ago • 3 comments

Package consumers and producers will need to automate the updates of cloned packages. For consumers, perhaps we could using an exist tool to do kpt pkg update, such as https://github.com/dependabot/dependabot-core or https://github.com/renovatebot/renovate. I don't know that I've seen a producer-oriented tool (e.g., to get all consumers off a known-to-be-buggy package version), but I haven't looked very hard.

bgrant0607 avatar Apr 01 '20 21:04 bgrant0607

I wonder if we need a recursive kpt pkg update command that folks can run in their CI tool every X hours/days to pull new versions in via any Kptfile files found in a path with some kind of includes / excludes list?

kpt pkg update —recurse —dir=Kubernetes —version=master --strategy=resource-merge

jstrachan avatar May 21 '20 17:05 jstrachan

it doesn't seem like recursive will work, since the "direct" dependency update will pull in its own recursive nested packages anyway. what does seem useful to me is a single command to update all packages within a directory e.g. kpt pkg update --all vs kpt pkg update pkg1; kpt pkg update pkg2 .... is this what this issue is about?

seaneagan avatar Jul 15 '21 20:07 seaneagan

We are addressing this with the package orchestrator: https://kpt.dev/book/08-package-orchestration/

bgrant0607 avatar Jul 01 '22 23:07 bgrant0607