It is nice to see more work on renovate but your comparison, especially the points on filtering, license keys and discovery, seems misleading for at least GitLab.
Both work with mend's renovate WITHOUT a license key, see also https://gitlab.com/renovate-bot/renovate-runner. As it is just a scheduled pipeline then you can also adjust frequency, timeouts and more.
I'm struggling to see how this operator helps-- is there some scenario that I cannot imagine that others are dealing with where this operator is useful? Specifically, what problems does this solve?
There's several benefits we had in mind when building this (after using self-hosted Renovate ourselves):
k8s-native approach: It uses CRDs, so that Renovate configs are Kubernetes resources. You can manage them more easily/granular with Argo/Flux/kubectl as part of existing workflows instead of a Cronjob.
Job isolation: The operator spawns individual jobs per repo instead of one run. If a repo is stuck it doesn't block everything else.
Webhook support: repos get updated immediately, not just on the next cron cycle.
Visibility: There's a light-weight, built-in UI showing repos, job status, and progress.
There's more on the Github repo, we added a full list of features and benefits to the readme.
Of course, in the end it comes down to individual preferences :) Not saying one way is better than the other. We just felt that for us, the operator-based approach would work better and we're happy if the project is benefitial for others as well!
Mend is not a competitor, renovate is the software, mend is the company.
They are tools that automatically check your repo for dependencies and create PRs when there are updates. It supports a wide range of package managers and other places dependencies may be specified.
Dependabot is another solution which is more „GitHub-native“ maybe.
In short, Renovate (by Mend) is a dependency manager for software projects. It watches your repository for outdated libraries, packages, and frameworks and opens Pull Requests to update them.
It is nice to see more work on renovate but your comparison, especially the points on filtering, license keys and discovery, seems misleading for at least GitLab.
Both work with mend's renovate WITHOUT a license key, see also https://gitlab.com/renovate-bot/renovate-runner. As it is just a scheduled pipeline then you can also adjust frequency, timeouts and more.
I'm struggling to see how this operator helps-- is there some scenario that I cannot imagine that others are dealing with where this operator is useful? Specifically, what problems does this solve?
Renovate lets you configure most things in each repos individual config file.
I can only imagine a set of intersecting edge cases where operator pattern is the most logical solution…
Edit: good answers here. https://old.reddit.com/r/kubernetes/comments/1r1u7um/renovat...
So... helm without helm?
There's several benefits we had in mind when building this (after using self-hosted Renovate ourselves): k8s-native approach: It uses CRDs, so that Renovate configs are Kubernetes resources. You can manage them more easily/granular with Argo/Flux/kubectl as part of existing workflows instead of a Cronjob. Job isolation: The operator spawns individual jobs per repo instead of one run. If a repo is stuck it doesn't block everything else. Webhook support: repos get updated immediately, not just on the next cron cycle. Visibility: There's a light-weight, built-in UI showing repos, job status, and progress.
There's more on the Github repo, we added a full list of features and benefits to the readme.
Of course, in the end it comes down to individual preferences :) Not saying one way is better than the other. We just felt that for us, the operator-based approach would work better and we're happy if the project is benefitial for others as well!
Can you step back further and explain what Renovate and its competitors like Mend actually do, and what kind of tasks people use them for?
To help you automate dependency updates, similar to dependabot.
https://www.mend.io/renovate/
https://github.blog/news-insights/product-news/keep-all-your...
Mend is not a competitor, renovate is the software, mend is the company.
They are tools that automatically check your repo for dependencies and create PRs when there are updates. It supports a wide range of package managers and other places dependencies may be specified.
Dependabot is another solution which is more „GitHub-native“ maybe.
In short, Renovate (by Mend) is a dependency manager for software projects. It watches your repository for outdated libraries, packages, and frameworks and opens Pull Requests to update them.
So that's an in-cluster supply chain attack enabler? :)
news.ycombinator.com/item?id=43677067