chore(ci): migrate to GitTea actions

2025-06-06 08:01:11 +02:00 · 2025-06-06 08:01:11 +02:00 · 848f9c9fd8
commit 848f9c9fd8
parent 2889a5390c
20 changed files with 3119 additions and 157 deletions
--- a/.drone.yml
+++ b/.drone.yml
@ -1,106 +0,0 @@
 ---
 kind: pipeline
 type: kubernetes
 name: linter
 clone:
  disable: true
 platform:
  os: linux
  arch: amd64
 steps:
 - name: clone
  image: git.cryptic.systems/volker.raschek/git:1.4.0
 - name: helm lint
  commands:
  - helm lint
  image: git.cryptic.systems/volker.raschek/helm:3.17.1
  resources:
    limits:
      cpu: 150
      memory: 150M
 - name: markdown lint
  commands:
  - markdownlint *.md
  image: git.cryptic.systems/volker.raschek/markdownlint:0.44.0
  resources:
    limits:
      cpu: 150
      memory: 150M
 - name: helm template
  commands:
  - helm template .
  image: git.cryptic.systems/volker.raschek/helm:3.17.1
  resources:
    limits:
      cpu: 150
      memory: 150M
 - name: email-notification
  environment:
    SMTP_FROM_ADDRESS:
      from_secret: smtp_from_address
    SMTP_FROM_NAME:
      from_secret: smtp_from_name
    SMTP_HOST:
      from_secret: smtp_host
    SMTP_USERNAME:
      from_secret: smtp_username
    SMTP_PASSWORD:
      from_secret: smtp_password
  image: git.cryptic.systems/volker.raschek/drone-email:0.1.5
  resources:
    limits:
      cpu: 150
      memory: 150M
  when:
    status:
    - changed
    - failure
 trigger:
  event:
    exclude:
    - tag
 ---
 kind: pipeline
 type: kubernetes
 name: release
 clone:
  disable: true
 platform:
  os: linux
 steps:
 - name: clone
  image: git.cryptic.systems/volker.raschek/git:1.4.0
 - name: release-helm-chart
  commands:
  - helm repo add volker.raschek https://charts.cryptic.systems/volker.raschek
  - helm package --version ${DRONE_TAG} .
  - helm cm-push ${DRONE_REPO_NAME%-charts}-${DRONE_TAG}.tgz volker.raschek
  environment:
    HELM_REPO_PASSWORD:
      from_secret: helm_repo_password
    HELM_REPO_USERNAME:
      from_secret: helm_repo_username
  image: git.cryptic.systems/volker.raschek/helm:3.17.1
  resources:
    limits:
      cpu: 150
      memory: 150M
 trigger:
  event:
  - tag
  repo:
  - volker.raschek/athens-proxy-charts
--- a/.editorconfig
+++ b/.editorconfig
@ -1,6 +1,3 @@
 # EditorConfig is awesome: https://EditorConfig.org
 # top-most EditorConfig file
 root = true
 [*]
@ -10,3 +7,6 @@ end_of_line = lf
 charset = utf-8
 trim_trailing_whitespace = true
 insert_final_newline = false
 [Makefile]
 indent_style = tab
--- a/.gitea/workflows/generate-readme.yaml
+++ b/.gitea/workflows/generate-readme.yaml
@ -0,0 +1,32 @@
 name: Generate README
 on:
  pull_request:
    paths: [ "README.md", "values.yaml" ]
    types: [ "opened", "reopened", "synchronize" ]
  push:
    branches:
    - '**'
    paths: [ "README.md", "values.yaml" ]
    tags-ignore:
    - '**'
  workflow_dispatch: {}
 jobs:
  generate-parameters:
    container:
      image: docker.io/library/node:24.1.0-alpine
    runs-on:
    - ubuntu-latest
    steps:
    - name: Install tooling
      run: |
        apk update
        apk add git npm
    - uses: actions/checkout@v4.2.2
    - name: Generate parameter section in README
      run: |
        npm install
        npm run readme:parameters
    - name: Compare diff
      run: git diff --exit-code --name-only README.md
--- a/.gitea/workflows/helm.yaml
+++ b/.gitea/workflows/helm.yaml
@ -0,0 +1,42 @@
 name: Helm
 on:
  pull_request:
    types: [ "opened", "reopened", "synchronize" ]
  push:
    branches:
    - '**'
    tags-ignore:
    - '**'
  workflow_dispatch: {}
 jobs:
  helm-lint:
    container:
      image: docker.io/volkerraschek/helm:3.18.2
    runs-on:
    - ubuntu-latest
    steps:
    - name: Install tooling
      run: |
        apk update
        apk add git npm
    - uses: actions/checkout@v4.2.2
    - name: Lint helm files
      run: |
        helm lint --values values.yaml .
  helm-unittest:
    container:
      image: docker.io/volkerraschek/helm:3.18.2
    runs-on:
    - ubuntu-latest
    steps:
    - name: Install tooling
      run: |
        apk update
        apk add git npm
    - uses: actions/checkout@v4.2.2
    - name: Unittest
      run: |
        helm unittest --strict --file 'unittests/**/*.yaml' ./
--- a/.gitea/workflows/markdown-linters.yaml
+++ b/.gitea/workflows/markdown-linters.yaml
@ -0,0 +1,46 @@
 name: Markdown linter
 on:
  pull_request:
    paths: [ "**/*.md" ]
    types: [ "opened", "reopened", "synchronize" ]
  push:
    branches:
    - '**'
    paths: [ "**/*.md" ]
    tags-ignore:
    - '**'
  workflow_dispatch: {}
 jobs:
  markdown-link-checker:
    container:
      image: docker.io/library/node:24.1.0-alpine
    runs-on:
    - ubuntu-latest
    steps:
    - name: Install tooling
      run: |
        apk update
        apk add git npm
    - uses: actions/checkout@v4.2.2
    - name: Verify links in markdown files
      run: |
        npm install
        npm run readme:link
  markdown-lint:
    container:
      image: docker.io/library/node:24.1.0-alpine
    runs-on:
    - ubuntu-latest
    steps:
    - name: Install tooling
      run: |
        apk update
        apk add git
    - uses: actions/checkout@v4.2.2
    - name: Lint markdown files
      run: |
        npm install
        npm run readme:lint
--- a/.gitea/workflows/release.yaml
+++ b/.gitea/workflows/release.yaml
@ -0,0 +1,54 @@
 name: Release
 on:
  push:
    tags:
    - "**"
 jobs:
  publish-chart:
    container:
      image: docker.io/volkerraschek/helm:3.18.2
    runs-on: ubuntu-latest
    steps:
      - name: Install tooling
        run: |
          apk update
          apk add git npm yq
      - uses: actions/checkout@v4
        with:
          fetch-depth: 0
      - name: Add Artifacthub.io annotations
        run: |
          NEW_TAG="$(git tag --sort=-version:refname | head -n 1)"
          OLD_TAG="$(git tag --sort=-version:refname | head -n 2 | tail -n 1)"
          .gitea/scripts/add-annotations.sh "${OLD_TAG}" "${NEW_TAG}"
      - name: Package chart
        env:
          CHARTMUSEUM_PASSWORD: ${{ secrets.CHARTMUSEUM_PASSWORD }}
          CHARTMUSEUM_REPOSITORY: ${{ vars.CHARTMUSEUM_REPOSITORY }}
          CHARTMUSEUM_USERNAME: ${{ secrets.CHARTMUSEUM_USERNAME }}
          CHARTMUSEUM_HOSTNAME: ${{ vars.CHARTMUSEUM_HOSTNAME }}
          GITEA_PACKAGE_REGISTRY_TOKEN: ${{ secrets.GIT_CRYPTIC_SYSTEMS_PACKAGE_REGISTRY_TOKEN }}
          GITEA_SERVER_URL: ${{ github.server_url }}
        run: |
          PACKAGE_VERSION=${GITHUB_REF#refs/tags/}
          REPOSITORY_NAME=$(echo ${GITHUB_REPOSITORY} | cut -d '/' -f 2)
          REPOSITORY_OWNER=$(echo ${GITHUB_REPOSITORY} | cut -d '/' -f 1)
          helm dependency build
          helm package --version "${PACKAGE_VERSION}" ./
          # chart-museum
          helm repo add --username ${CHARTMUSEUM_USERNAME} --password ${CHARTMUSEUM_PASSWORD} chartmuseum https://${CHARTMUSEUM_HOSTNAME}/${CHARTMUSEUM_REPOSITORY}
          helm cm-push ${REPOSITORY_NAME}-${PACKAGE_VERSION}.tgz chartmuseum
          helm repo remove chartmuseum
          # gitea
          helm repo add --username ${REPOSITORY_OWNER} --password ${GITEA_PACKAGE_REGISTRY_TOKEN} gitea ${GITEA_SERVER_URL}/api/packages/${REPOSITORY_OWNER}/helm
          helm cm-push ${REPOSITORY_NAME}-${PACKAGE_VERSION}.tgz gitea
          helm repo remove gitea
--- a/.gitignore
+++ b/.gitignore
@ -1,3 +1,6 @@
-*.tgz
+charts
 node_modules
 target
 values2.yml
 values2.yaml
 *.tgz
--- a/.helmignore
+++ b/.helmignore
@ -2,6 +2,7 @@
 # This supports shell glob matching, relative path matching, and
 # negation (prefixed with !). Only one pattern per line.
 .DS_Store
 # Common VCS dirs
 .git/
 .gitignore
@ -10,23 +11,50 @@
 .hg/
 .hgignore
 .svn/
 # Common backup files
 *.swp
 *.bak
 *.tmp
 *.orig
 *~
 # Various IDEs
 .project
 .idea/
 *.tmproj
 .vscode/
 # drone
 .drone.yml
-# markdownlint
+
-.markdownlint.yaml
+# editorconfig
 .editorconfig
 # customized values
 values2.yml
 values2.yaml
 # helm packages
 *.tgz
 .helmignore
 unittests
 # markdownlint
 .markdownlint.yml
 .markdownlint.yaml
 .markdownlintignore
 # npm
 .prettierignore
 .npmrc
 package*
 # yamllint
 .yamllint.yaml
 # Others
 CONTRIBUTING.md
 CODEOWNERS
 Makefile
 renovate.json
--- a/.markdownlint.yaml
+++ b/.markdownlint.yaml
@ -45,9 +45,9 @@ MD012:
 # MD013/line-length - Line length
 MD013:
  # Number of characters
-  line_length: 80
+  line_length: 120
  # Number of characters for headings
-  heading_line_length: 80
+  heading_line_length: 120
  # Number of characters for code blocks
  code_block_line_length: 80
  # Include code blocks
@ -56,8 +56,6 @@ MD013:
  tables: false
  # Include headings
  headings: true
  # Include headings
  headers: true
  # Strict length checking
  strict: false
  # Stern length checking
@ -73,7 +71,7 @@ MD022:
 # MD024/no-duplicate-heading/no-duplicate-header - Multiple headings with the same content
 MD024:
  # Only check sibling headings
-  allow_different_nesting: true
+  siblings_only: true
 # MD025/single-title/single-h1 - Multiple top-level headings in the same document
 MD025:
@ -129,7 +127,20 @@ MD041:
 MD044:
  # List of proper names
  names:
-  - gitea
+    - Git
    - GitDevOps
    - Gitea
    - GitHub
    - GitLab
    - GitOps
    - kube-prometheus-stack
    - Memcached
    - Oracle
    - PostgreSQL
    - Prometheus
    - prometheus-exporter
    - SSL
    - TLS
  # Include code blocks
  code_blocks: false
--- a/.markdownlintignore
+++ b/.markdownlintignore
@ -0,0 +1,4 @@
 .github/
 Chart.lock
 charts/
 node_modules/
--- a/.npmrc
+++ b/.npmrc
@ -0,0 +1 @@
 engine-strict=true
--- a/.prettierignore
+++ b/.prettierignore
@ -0,0 +1 @@
 Chart.lock
--- a/1
+++ b/1
@ -0,0 +1 @@
 * @volker.raschek
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@ -0,0 +1,82 @@
 # Contributing
 I am very happy if you would like to provide a pull request 👍
 The content of this file describes which requirements contributors should fulfill before submitting a pull request (PR).
 1. [Valid Git commits](#valid-git-commits)
 ## Valid Git commits
 ### Commit message
 The repository is subject to a strict commit message template. This states that there are several types of commits. For
 example, `fix`, `chore`, `refac`, `test` or `doc`. All types are described in more detail below.
 | type                | description                                                       |
 | ------------------- | ----------------------------------------------------------------- |
 | `feat`              | New feature.                                                      |
 | `fix`               | Fixes a bug.                                                      |
 | `refac`             | Refactoring production code.                                      |
 | `style`             | Fixes formatting issues. No production code change.               |
 | `docs`              | Adapt documentation. No production code change.                   |
 | `test`              | Adds new or modifies existing tests. No production code change.   |
 | `chore`             | Updating grunt tasks. Is everything which the user does not see.  |
 Based on these types, commit messaged can then be created. Here are a few examples:
 ```text
 style(README): Wrong indentation
 feat(deployment): support restartPolicy
 fix(my-app): Add missing volume
 docs(CONTRIBUTING): Describe how to commit correctly
 ```
 This type of commit message makes it easier for me as maintainer to keep an overview and does not cause the commits of a
 pull request PR to be combined into one commit (squashing).
 ### Smart commits
 Smart commits are excellent when it comes to tracking bugs or issues. In this repository, however, the rebasing of
 commits is prohibited, which means that only merge commits are possible. This means that a smart commit message only
 needs to be added to the merge commit.
 This has the advantage that the maintainer can use the smart commit to find the merge commit and undo the entire history
 of a merge without having to select individual commits. The following history illustrates the correct use of smart commits.
 ```text
 * 823edbc7 Volker Raschek (G) | [Close #2] feat(deployment): support additional containers
 |\
 | * 321aebc3 Volker Raschek (G) | doc(README): generate README with new deployment attributes
 | * 8d101dd3 Volker Raschek (G) | test(deployment): Extend unittest of additional containers
 | * 6f2abd93 Volker Raschek (G) | fix(deployment): Extend deployment of additional containers
 |/
 * aa5ebda bob (N) | [Close #1] feat(deployment): support initContainers
 ```
 ### Commit signing
 Another problem with Git is the chain of trust. Git allows the configuration of any name and e-mail address. An attacker
 can impersonate any person and submit pull requests under a false identity. For as Linux Torvalds, the maintainer of the
 Linux kernel.
 ```bash
 git config --global user.name 'Linux Torvalds'
 git config --global user.email 'torvalds@linux-foundation.org'
 ```
 To avoid this, some Git repositories expect signed commits. In particular, repositories that are subject to direct
 delivery to customers. For this reason, the repository is subject to a branch protection rule that only allows signed
 commits. *Until* there is *no verified* and *no signed* commit, the pull request is blocked.
 The following articles describes how Git can be configured to sign commits. Please keep in mind, that the e-mail
 address, which is used as UID of the GPG keyring must also be defined in the profile settings of your GitHub account.
 Otherwise will be marked the Git commit as *Unverified*.
 1. [Signing Commits](https://docs.github.com/en/authentication/managing-commit-signature-verification/signing-commits)
 2. [Tell Git about your signing key](https://docs.github.com/en/authentication/managing-commit-signature-verification/telling-git-about-your-signing-key)
 Inspect your Git commit via `git log`. There should be mentioned, that your commit is signed.
 Furthermore, the GPG key is unique. **Don't loose your private GPG key**. Backup your private key on a safe device. For
 example an external USB drive.
--- a/28
+++ b/28
@ -1,13 +1,21 @@
-Copyright 2022 Markus Pesch
+MIT License
-Licensed under the Apache License, Version 2.0 (the "License");
+Copyright (c) 2025 Markus Pesch
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
-    http://www.apache.org/licenses/LICENSE-2.0
+Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal
 in the Software without restriction, including without limitation the rights
 to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 copies of the Software, and to permit persons to whom the Software is
 furnished to do so, subject to the following conditions:
-Unless required by applicable law or agreed to in writing, software
+The above copyright notice and this permission notice shall be included in all
-distributed under the License is distributed on an "AS IS" BASIS,
+copies or substantial portions of the Software.
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+
-See the License for the specific language governing permissions and
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-limitations under the License.
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
 AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
 OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
 SOFTWARE.
--- a/91
+++ b/91
@ -0,0 +1,91 @@
 # CONTAINER_RUNTIME
 CONTAINER_RUNTIME?=$(shell which podman)
 # HELM_IMAGE
 HELM_IMAGE_REGISTRY_HOST?=docker.io
 HELM_IMAGE_REPOSITORY?=volkerraschek/helm
 HELM_IMAGE_VERSION?=3.18.2 # renovate: datasource=docker registryUrl=https://docker.io depName=volkerraschek/helm
 HELM_IMAGE_FULLY_QUALIFIED=${HELM_IMAGE_REGISTRY_HOST}/${HELM_IMAGE_REPOSITORY}:${HELM_IMAGE_VERSION}
 # NODE_IMAGE
 NODE_IMAGE_REGISTRY_HOST?=docker.io
 NODE_IMAGE_REPOSITORY?=library/node
 NODE_IMAGE_VERSION?=24.1.0-alpine # renovate: datasource=docker registryUrl=https://docker.io depName=docker.io/library/node packageName=library/node
 NODE_IMAGE_FULLY_QUALIFIED=${NODE_IMAGE_REGISTRY_HOST}/${NODE_IMAGE_REPOSITORY}:${NODE_IMAGE_VERSION}
 # MISSING DOT
 # ==============================================================================
 missing-dot:
 	grep --perl-regexp '## @(param|skip).*[^.]$$' values.yaml
 # CONTAINER RUN - README
 # ==============================================================================
 PHONY+=container-run/readme
 container-run/readme: container-run/readme/link container-run/readme/lint container-run/readme/parameters
 container-run/readme/link:
 	${CONTAINER_RUNTIME} run \
 		--rm \
 		--volume $(shell pwd):$(shell pwd) \
 		--workdir $(shell pwd) \
 			${NODE_IMAGE_FULLY_QUALIFIED} \
 				npm install && npm run readme:link
 container-run/readme/lint:
 	${CONTAINER_RUNTIME} run \
 		--rm \
 		--volume $(shell pwd):$(shell pwd) \
 		--workdir $(shell pwd) \
 			${NODE_IMAGE_FULLY_QUALIFIED} \
 				npm install && npm run readme:lint
 container-run/readme/parameters:
 	${CONTAINER_RUNTIME} run \
 		--rm \
 		--volume $(shell pwd):$(shell pwd) \
 		--workdir $(shell pwd) \
 			${NODE_IMAGE_FULLY_QUALIFIED} \
 				npm install && npm run readme:parameters
 # CONTAINER RUN - HELM UNITTESTS
 # ==============================================================================
 PHONY+=container-run/helm-unittests
 container-run/helm-unittests:
 	${CONTAINER_RUNTIME} run \
 		--env HELM_REPO_PASSWORD=${CHART_SERVER_PASSWORD} \
 		--env HELM_REPO_USERNAME=${CHART_SERVER_USERNAME} \
 		--rm \
 		--volume $(shell pwd):$(shell pwd) \
 		--workdir $(shell pwd) \
 			${HELM_IMAGE_FULLY_QUALIFIED} \
 				unittest --strict --file 'unittests/**/*.yaml' ./
 # CONTAINER RUN - HELM UPDATE DEPENDENCIES
 # ==============================================================================
 PHONY+=container-run/helm-update-dependencies
 container-run/helm-update-dependencies:
 	${CONTAINER_RUNTIME} run \
 		--env HELM_REPO_PASSWORD=${CHART_SERVER_PASSWORD} \
 		--env HELM_REPO_USERNAME=${CHART_SERVER_USERNAME} \
 		--rm \
 		--volume $(shell pwd):$(shell pwd) \
 		--workdir $(shell pwd) \
 			${HELM_IMAGE_FULLY_QUALIFIED} \
 				dependency update
 # CONTAINER RUN - MARKDOWN-LINT
 # ==============================================================================
 PHONY+=container-run/helm-lint
 container-run/helm-lint:
 	${CONTAINER_RUNTIME} run \
 		--rm \
 		--volume $(shell pwd):$(shell pwd) \
 		--workdir $(shell pwd) \
 		${HELM_IMAGE_FULLY_QUALIFIED} \
 			lint --values values.yaml .
 # PHONY
 # ==============================================================================
 # Declare the contents of the PHONY variable as phony. We keep that information
 # in a variable so we can use it in if_changed.
 .PHONY: ${PHONY}
--- a/README.md
+++ b/README.md
@ -25,7 +25,7 @@ below or via mounting the config.toml as additional persistent volume to
 Create a `configmap.yaml` with multiple keys. One key describe the content of
 the `.gitconfig` file and another of `config` of the ssh client. All requests
-git clone comands with the prefix `http://github.com/` will be replaced by
+Git clone comands with the prefix `http://github.com/` will be replaced by
 `git@github.com:` to use SSH instead of HTTPS. The SSH keys are stored in a
 separate secret.
@ -103,11 +103,11 @@ extraVolumeMounts:
  mountPath: /root/.config/git
 ```
-## Access private github.com repositories via developer token
+## Access private GitHub.com repositories via developer token
-Another way to access private github repositories is via a github token, which
+Another way to access private GitHub repositories is via a GitHub token, which
 can be set via the environment variable `GITHUB_TOKEN`. Athens automatically
-creates a `.netrc` file to access private github repositories.
+creates a `.netrc` file to access private GitHub repositories.
 ## Access private repositories via .netrc configuration
@ -116,7 +116,7 @@ HTTP. The file can also be defined via a custom secret and mounted into the home
 directory of `root` for general authentication purpose.
 The example below describe the definition and mounting of a custom `.netrc` file
-to access private repositories hosted on github and gitlab.
+to access private repositories hosted on GitHub and GitLab.
 ```yaml
 apiVersion: v1
@ -164,3 +164,5 @@ extraVolumeMounts:
 - name: gomodules
  mountPath: /var/lib/athens
 ```
 ## Parameters
--- a/package-lock.json
+++ b/package-lock.json
--- a/package.json
+++ b/package.json
@ -0,0 +1,21 @@
 {
  "name": "athens-proxy-chart",
  "homepage": "https://git.cryptic.systems/volker.raschek/athens-proxy-chart.git",
  "license": "MIT",
  "private": true,
  "engineStrict": true,
  "engines": {
    "node": ">=16.0.0",
    "npm": ">=8.0.0"
  },
  "scripts": {
    "readme:link": "markdown-link-check *.md",
    "readme:lint": "markdownlint *.md -f",
    "readme:parameters": "readme-generator -v values.yaml -r README.md"
  },
  "devDependencies": {
    "@bitnami/readme-generator-for-helm": "^2.5.0",
    "markdown-link-check": "^3.13.6",
    "markdownlint-cli": "^0.45.0"
  }
 }
--- a/renovate.json
+++ b/renovate.json
@ -1,26 +1,14 @@
 {
  "$schema": "https://docs.renovatebot.com/renovate-schema.json",
-  "assignees": [ "volker.raschek" ],
+  "extends": [
-  "labels": [ "renovate" ],
+    "local>volker.raschek/renovate-config:default#master",
-  "packageRules": [
+    "local>volker.raschek/renovate-config:container#master",
-    {
+    "local>volker.raschek/renovate-config:actions#master",
-      "addLabels": [ "renovate/athens-proxy", "renovate/automerge" ],
+    "local>volker.raschek/renovate-config:npm#master",
-      "automerge": true,
+    "local>volker.raschek/renovate-config:regexp#master"
      "matchManagers": "droneci",
      "matchUpdateTypes": [ "minor", "patch"]
    },
    {
      "addLabels": [ "renovate/athens-proxy", "renovate/automerge" ],
      "automerge": false,
      "matchPackageNames": [ "gomods/athens" ],
      "matchManagers": [ "regex" ]
    }
  ],
-  "rebaseLabel": "renovate/rebase",
+  "customManagers": [
  "rebaseWhen": "behind-base-branch",
  "regexManagers": [
    {
      "description": "Update container image reference",
      "fileMatch": [
        "^Chart\\.yaml$"
      ],
@ -28,7 +16,53 @@
        "appVersion: \"(?<currentValue>.*?)\"\\s+"
      ],
      "datasourceTemplate": "docker",
-      "depNameTemplate": "gomods/athens"
+      "depNameTemplate": "gomods/athens",
      "lookupNameTemplate": "docker.io/gomods/athens",
      "versioningTemplate": "semver"
    },
    {
      "fileMatch": ["^README\\.md$"],
      "matchStrings": [
        "VERSION=(?<currentValue>.*)"
      ],
      "depNameTemplate": "volker.raschek/athens-proxy-chart",
      "packageNameTemplate": "https://git.cryptic.systems/volker.raschek/athens-proxy-chart",
      "datasourceTemplate": "git-tags",
      "versioningTemplate": "semver"
    }
  ],
  "packageRules": [
    {
      "addLabels": [
        "renovate/automerge",
        "renovate/container"
      ],
      "automerge": true,
      "excludePackagePatterns": [
        "gomods/athens"
      ],
      "matchDatasources": [
        "docker"
      ],
      "matchUpdateTypes": [
        "minor",
        "patch"
      ]
    },
    {
      "addLabels": [
        "renovate/automerge",
        "renovate/documentation"
      ],
      "automerge": true,
      "matchDepNames": [
        "volker.raschek/athens-proxy-chart"
      ],
      "matchUpdateTypes": [
        "major",
        "minor",
        "patch"
      ]
    }
  ]
 }