From eb113d8dd21f31d907804ab4e89cd862a74dd797 Mon Sep 17 00:00:00 2001 From: Claude Date: Tue, 17 Mar 2026 21:45:29 +0000 Subject: [PATCH 01/10] feat: add caching to self-hosted Renovate workflow Add actions/cache restore/save steps to persist /tmp/renovate/cache between runs. The cache key includes the Renovate version so it busts on upgrades, and uses run_id to ensure each run saves fresh data. Also enable repositoryCache in the self-hosted config so Renovate maintains per-repo JSON caches that speed up extraction. https://claude.ai/code/session_0188Gs8tZPdjYXk24NdU1D6m --- .github/self-hosted-renovate.js | 1 + .github/workflows/renovate.yml | 18 +++++++++++++++++- 2 files changed, 18 insertions(+), 1 deletion(-) diff --git a/.github/self-hosted-renovate.js b/.github/self-hosted-renovate.js index 6a1dcae..920dbb5 100644 --- a/.github/self-hosted-renovate.js +++ b/.github/self-hosted-renovate.js @@ -1,6 +1,7 @@ module.exports = { autodiscover: true, onboarding: false, + repositoryCache: "enabled", hostRules: [ { matchHost: "maven.pkg.github.com", diff --git a/.github/workflows/renovate.yml b/.github/workflows/renovate.yml index f0af210..2d5ef47 100644 --- a/.github/workflows/renovate.yml +++ b/.github/workflows/renovate.yml @@ -11,6 +11,9 @@ concurrency: permissions: contents: read +env: + RENOVATE_VERSION: "43.46.6" + jobs: renovate: runs-on: ubicloud-standard-4 @@ -18,13 +21,26 @@ jobs: steps: - name: Checkout uses: actions/checkout@v6 + - name: Restore Renovate cache + uses: actions/cache/restore@v4 + with: + path: /tmp/renovate/cache + key: renovate-cache-${{ env.RENOVATE_VERSION }}-${{ github.run_id }} + restore-keys: | + renovate-cache-${{ env.RENOVATE_VERSION }}- - name: Self-hosted Renovate uses: renovatebot/github-action@v46.1.2 with: - renovate-version: "43.46.6" + renovate-version: ${{ env.RENOVATE_VERSION }} configurationFile: .github/self-hosted-renovate.js token: ${{ secrets.GH_CQ_BOT }} env: RENOVATE_GITHUB_ACTOR: ${{ github.actor }} RENOVATE_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} LOG_LEVEL: 'debug' + - name: Save Renovate cache + if: always() + uses: actions/cache/save@v4 + with: + path: /tmp/renovate/cache + key: renovate-cache-${{ env.RENOVATE_VERSION }}-${{ github.run_id }} From 4d85d968fe748e17cbe729b63035c6183525871a Mon Sep 17 00:00:00 2001 From: Claude Date: Tue, 17 Mar 2026 21:51:42 +0000 Subject: [PATCH 02/10] fix: use stable cache key and delete before save GitHub Actions caches are immutable, so delete the existing cache via gh CLI before saving the updated one. Removes run_id from the key since we now explicitly delete and re-create each run. https://claude.ai/code/session_0188Gs8tZPdjYXk24NdU1D6m --- .github/workflows/renovate.yml | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/.github/workflows/renovate.yml b/.github/workflows/renovate.yml index 2d5ef47..69b0e97 100644 --- a/.github/workflows/renovate.yml +++ b/.github/workflows/renovate.yml @@ -25,9 +25,7 @@ jobs: uses: actions/cache/restore@v4 with: path: /tmp/renovate/cache - key: renovate-cache-${{ env.RENOVATE_VERSION }}-${{ github.run_id }} - restore-keys: | - renovate-cache-${{ env.RENOVATE_VERSION }}- + key: renovate-cache-${{ env.RENOVATE_VERSION }} - name: Self-hosted Renovate uses: renovatebot/github-action@v46.1.2 with: @@ -38,9 +36,15 @@ jobs: RENOVATE_GITHUB_ACTOR: ${{ github.actor }} RENOVATE_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} LOG_LEVEL: 'debug' + - name: Delete previous Renovate cache + if: always() + run: | + gh cache delete "renovate-cache-${{ env.RENOVATE_VERSION }}" --repo "${{ github.repository }}" || true + env: + GH_TOKEN: ${{ secrets.GH_CQ_BOT }} - name: Save Renovate cache if: always() uses: actions/cache/save@v4 with: path: /tmp/renovate/cache - key: renovate-cache-${{ env.RENOVATE_VERSION }}-${{ github.run_id }} + key: renovate-cache-${{ env.RENOVATE_VERSION }} From 650dfe524ade087940f8866ceaad76def2e1a042 Mon Sep 17 00:00:00 2001 From: Claude Date: Tue, 17 Mar 2026 21:53:30 +0000 Subject: [PATCH 03/10] fix: only save Renovate cache on success Skip cache delete/save if Renovate failed to avoid persisting a potentially bad cache state. https://claude.ai/code/session_0188Gs8tZPdjYXk24NdU1D6m --- .github/workflows/renovate.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.github/workflows/renovate.yml b/.github/workflows/renovate.yml index 69b0e97..5b6b4db 100644 --- a/.github/workflows/renovate.yml +++ b/.github/workflows/renovate.yml @@ -37,13 +37,11 @@ jobs: RENOVATE_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} LOG_LEVEL: 'debug' - name: Delete previous Renovate cache - if: always() run: | gh cache delete "renovate-cache-${{ env.RENOVATE_VERSION }}" --repo "${{ github.repository }}" || true env: GH_TOKEN: ${{ secrets.GH_CQ_BOT }} - name: Save Renovate cache - if: always() uses: actions/cache/save@v4 with: path: /tmp/renovate/cache From db6bc386936f6c20a5e4dec4363f1e0f2499939e Mon Sep 17 00:00:00 2001 From: Claude Date: Tue, 17 Mar 2026 21:54:18 +0000 Subject: [PATCH 04/10] fix: skip cache delete on cache miss Add id to restore step and condition the delete step on cache-hit, avoiding a needless gh cache delete call on first run or after version bumps. https://claude.ai/code/session_0188Gs8tZPdjYXk24NdU1D6m --- .github/workflows/renovate.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/renovate.yml b/.github/workflows/renovate.yml index 5b6b4db..c4bef15 100644 --- a/.github/workflows/renovate.yml +++ b/.github/workflows/renovate.yml @@ -22,6 +22,7 @@ jobs: - name: Checkout uses: actions/checkout@v6 - name: Restore Renovate cache + id: cache-restore uses: actions/cache/restore@v4 with: path: /tmp/renovate/cache @@ -37,6 +38,7 @@ jobs: RENOVATE_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} LOG_LEVEL: 'debug' - name: Delete previous Renovate cache + if: steps.cache-restore.outputs.cache-hit == 'true' run: | gh cache delete "renovate-cache-${{ env.RENOVATE_VERSION }}" --repo "${{ github.repository }}" || true env: From 30f61274f26b44bd5f0f1524e1afcb7ba642cc65 Mon Sep 17 00:00:00 2001 From: Claude Date: Tue, 17 Mar 2026 21:58:55 +0000 Subject: [PATCH 05/10] fix: add custom manager for RENOVATE_VERSION env var Add a regex custom manager so Renovate can detect and update its own version defined as the RENOVATE_VERSION env var in workflow files. https://claude.ai/code/session_0188Gs8tZPdjYXk24NdU1D6m --- .github/renovate-default.json5 | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/.github/renovate-default.json5 b/.github/renovate-default.json5 index dc17302..4002542 100644 --- a/.github/renovate-default.json5 +++ b/.github/renovate-default.json5 @@ -25,6 +25,15 @@ depNameTemplate: "golangci/golangci-lint", datasourceTemplate: "github-releases", }, + { + customType: "regex", + fileMatch: ["^.github/workflows/.+.ya?ml$"], + matchStrings: [ + "RENOVATE_VERSION\\: [\"'](?.*)[\"']", + ], + depNameTemplate: "renovatebot/renovate", + datasourceTemplate: "github-releases", + }, { customType: "regex", fileMatch: ["^.github/workflows/.+.ya?ml$"], From f97dc2238fda2d24be020a24f11eb55d37dbc35c Mon Sep 17 00:00:00 2001 From: Claude Date: Tue, 17 Mar 2026 22:02:09 +0000 Subject: [PATCH 06/10] fix: move RENOVATE_VERSION custom manager to renovate.json5 This manager is only needed in this repo, not in the shared default config. https://claude.ai/code/session_0188Gs8tZPdjYXk24NdU1D6m --- .github/renovate-default.json5 | 9 --------- .github/renovate.json5 | 11 +++++++++++ 2 files changed, 11 insertions(+), 9 deletions(-) diff --git a/.github/renovate-default.json5 b/.github/renovate-default.json5 index 4002542..dc17302 100644 --- a/.github/renovate-default.json5 +++ b/.github/renovate-default.json5 @@ -25,15 +25,6 @@ depNameTemplate: "golangci/golangci-lint", datasourceTemplate: "github-releases", }, - { - customType: "regex", - fileMatch: ["^.github/workflows/.+.ya?ml$"], - matchStrings: [ - "RENOVATE_VERSION\\: [\"'](?.*)[\"']", - ], - depNameTemplate: "renovatebot/renovate", - datasourceTemplate: "github-releases", - }, { customType: "regex", fileMatch: ["^.github/workflows/.+.ya?ml$"], diff --git a/.github/renovate.json5 b/.github/renovate.json5 index 90ab200..bfe3f5f 100644 --- a/.github/renovate.json5 +++ b/.github/renovate.json5 @@ -1,3 +1,14 @@ { extends: ["github>cloudquery/.github//.github/renovate-default.json5"], + customManagers: [ + { + customType: "regex", + fileMatch: ["^.github/workflows/.+.ya?ml$"], + matchStrings: [ + "RENOVATE_VERSION\\: [\"'](?.*)[\"']", + ], + depNameTemplate: "renovatebot/renovate", + datasourceTemplate: "github-releases", + }, + ], } From c8e0301498fb0465e69e9833842ec22ceb5bdc36 Mon Sep 17 00:00:00 2001 From: Claude Date: Tue, 17 Mar 2026 22:03:14 +0000 Subject: [PATCH 07/10] fix: narrow RENOVATE_VERSION fileMatch to renovate.yml only https://claude.ai/code/session_0188Gs8tZPdjYXk24NdU1D6m --- .github/renovate.json5 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/renovate.json5 b/.github/renovate.json5 index bfe3f5f..efcf2d6 100644 --- a/.github/renovate.json5 +++ b/.github/renovate.json5 @@ -3,7 +3,7 @@ customManagers: [ { customType: "regex", - fileMatch: ["^.github/workflows/.+.ya?ml$"], + fileMatch: ["^.github/workflows/renovate\\.yml$"], matchStrings: [ "RENOVATE_VERSION\\: [\"'](?.*)[\"']", ], From 411f0aff46d4e367754850a3697580308254329c Mon Sep 17 00:00:00 2001 From: Claude Date: Tue, 17 Mar 2026 22:09:32 +0000 Subject: [PATCH 08/10] fix: use run_id in cache key instead of delete-and-recreate Append github.run_id to the cache key so each run saves a unique cache entry, and use restore-keys prefix matching to pick up the latest one. This removes the need to delete the previous cache. https://claude.ai/code/session_0188Gs8tZPdjYXk24NdU1D6m --- .github/workflows/renovate.yml | 12 ++++-------- 1 file changed, 4 insertions(+), 8 deletions(-) diff --git a/.github/workflows/renovate.yml b/.github/workflows/renovate.yml index c4bef15..0716750 100644 --- a/.github/workflows/renovate.yml +++ b/.github/workflows/renovate.yml @@ -26,7 +26,9 @@ jobs: uses: actions/cache/restore@v4 with: path: /tmp/renovate/cache - key: renovate-cache-${{ env.RENOVATE_VERSION }} + key: renovate-cache-${{ env.RENOVATE_VERSION }}-${{ github.run_id }} + restore-keys: | + renovate-cache-${{ env.RENOVATE_VERSION }}- - name: Self-hosted Renovate uses: renovatebot/github-action@v46.1.2 with: @@ -37,14 +39,8 @@ jobs: RENOVATE_GITHUB_ACTOR: ${{ github.actor }} RENOVATE_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} LOG_LEVEL: 'debug' - - name: Delete previous Renovate cache - if: steps.cache-restore.outputs.cache-hit == 'true' - run: | - gh cache delete "renovate-cache-${{ env.RENOVATE_VERSION }}" --repo "${{ github.repository }}" || true - env: - GH_TOKEN: ${{ secrets.GH_CQ_BOT }} - name: Save Renovate cache uses: actions/cache/save@v4 with: path: /tmp/renovate/cache - key: renovate-cache-${{ env.RENOVATE_VERSION }} + key: renovate-cache-${{ env.RENOVATE_VERSION }}-${{ github.run_id }} From 8cbe905126840fac340d907707612749921abc15 Mon Sep 17 00:00:00 2001 From: Claude Date: Tue, 17 Mar 2026 22:10:33 +0000 Subject: [PATCH 09/10] refactor: use unified actions/cache instead of separate restore/save https://claude.ai/code/session_0188Gs8tZPdjYXk24NdU1D6m --- .github/workflows/renovate.yml | 10 ++-------- 1 file changed, 2 insertions(+), 8 deletions(-) diff --git a/.github/workflows/renovate.yml b/.github/workflows/renovate.yml index 0716750..6b15683 100644 --- a/.github/workflows/renovate.yml +++ b/.github/workflows/renovate.yml @@ -21,9 +21,8 @@ jobs: steps: - name: Checkout uses: actions/checkout@v6 - - name: Restore Renovate cache - id: cache-restore - uses: actions/cache/restore@v4 + - name: Renovate cache + uses: actions/cache@v4 with: path: /tmp/renovate/cache key: renovate-cache-${{ env.RENOVATE_VERSION }}-${{ github.run_id }} @@ -39,8 +38,3 @@ jobs: RENOVATE_GITHUB_ACTOR: ${{ github.actor }} RENOVATE_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} LOG_LEVEL: 'debug' - - name: Save Renovate cache - uses: actions/cache/save@v4 - with: - path: /tmp/renovate/cache - key: renovate-cache-${{ env.RENOVATE_VERSION }}-${{ github.run_id }} From 27d902ce808485a75900531a1667bf690b6fac89 Mon Sep 17 00:00:00 2001 From: Erez Rokah Date: Tue, 17 Mar 2026 22:21:32 +0000 Subject: [PATCH 10/10] Apply suggestions from code review Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com> --- .github/renovate.json5 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/renovate.json5 b/.github/renovate.json5 index efcf2d6..d19edbc 100644 --- a/.github/renovate.json5 +++ b/.github/renovate.json5 @@ -3,9 +3,9 @@ customManagers: [ { customType: "regex", - fileMatch: ["^.github/workflows/renovate\\.yml$"], + fileMatch: ["^\\.github/workflows/renovate\\.yml$"], matchStrings: [ - "RENOVATE_VERSION\\: [\"'](?.*)[\"']", + "RENOVATE_VERSION\\: [\"'](?[^\"']+)[\"']", ], depNameTemplate: "renovatebot/renovate", datasourceTemplate: "github-releases",