Renovate: auto-update container image when it is updated. (!9) · Merge requests · The Tor Project / TPA / base-images

micah requested to merge renovate_autotrack_digests into main Oct 30, 2023

Configure renovate to track the container digest and update it automatically, when the digest changes.

Whenever the Debian bookworm gets a security update, then we want to update the container that is being used.

In order to do that:

set the current digest of the current container image in the registry
configure renovate to track docker digests
configure renovate to auto-merge docker digest changes if they are from our registry
configure renovate to not auto-merge docker digest changes otherwise

Renovate: auto-update container image when it is updated.