Every engineering organization struggles to stay up to date with the latest versions of applications they run.
When an organization deploys an open source project, their versions start to drift from day one.
The longer a project runs without an update, the more likely it is to contain a vulnerability.
To help applications stay on top of library versions, the project Renovate was developed.
Renovate works by parsing manifest files (like
go.mod) and checking for newer versions of libraries.
When Renovate discovers an update, it submits a pull request with the newer version to the project.
Recently, I noticed Renovate submit pull requests for dependencies in my Helm v3 charts. This gave me an idea. What if Renovate could automatically manage something like a GitOps repository? This means organizations would no longer need to tediously query for newer versions of applications. Instead, they’d automatically receive a pull request when an update becomes available. In this blog post, I demonstrate how to set this up for an ArgoCD GitOps repository.