[PR #1689] [CLOSED] [WIP] Add regexManager for detecting pip install pins in workflows #3047

New issue

Closed

opened 2026-03-01 18:42:31 +03:00 by kerem · 0 comments

kerem commented 2026-03-01 18:42:31 +03:00

Owner

Copy link

📋 Pull Request Information

Original PR: https://github.com/netbootxyz/netboot.xyz/pull/1689
Author: @Copilot
Created: 11/1/2025
Status: ❌ Closed

Base: development ← Head: copilot/add-regex-manager-for-workflow-files

---

📝 Commits (1)

• 9fb4553 Initial plan

📄 Description

• Understand the current renovate.json configuration and workflow files
• Update renovate.json to add regexManagers for detecting pip install patterns in workflow files
• Validate the regex patterns match the pip install commands in pull-requests.yml
• Test the renovate.json syntax is valid JSON
• Complete implementation

Original prompt

Problem: Renovate is not picking up ansible and ansible-lint pinned versions in the PR test job because those pins are inside workflow run steps (pip install ...) and not in a standard dependency file. We want Renovate to automatically detect and update these inline pip install pins inside .github/workflows/*.yml files.

Goal: Add a regexManager to renovate.json that scans workflow YAML files for pip install package==version patterns and configures Renovate to treat those as PyPI dependencies so it can open PRs updating the pinned versions.

Files to change:

• renovate.json (update to include regexManagers for workflow files)

Proposed change (new renovate.json content):

{
  "extends": [
    "config:recommended"
  ],
  "regexManagers": [
    {
      "fileMatch": ["^\\.github\\/workflows\\/.*\\.ya?ml$"],
      "matchStrings": [
        "(?:pip(?:3)? install)\\s+([^=\\s]+)==(?<currentValue>\\d+(?:\\.\\d+){0,})"
      ],
      "datasourceTemplate": "pypi",
      "depNameTemplate": "$1"
    },
    {
      "fileMatch": ["^\\.github\\/workflows\\/.*\\.ya?ml$"],
      "matchStrings": [
        "(?:pip(?:3)? install)\\s+-r\\s+([^\\s]+)"
      ],
      "datasourceTemplate": "file",
      "depNameTemplate": "$1"
    }
  ]
}

Notes and rationale:

• The first regexManager scans workflow YAML files for pip install == and maps the captured package name to a PyPI datasource so Renovate can lookup new versions and create PRs.
• fileMatch restricts scanning to .github/workflows YAML files to avoid false positives elsewhere.
• The second regexManager is a helper to detect pip install -r requirements.txt style calls; it uses the file datasource so Renovate will then parse that requirements file with the built-in pip manager if present.
• This keeps dependencies inline while enabling Renovate to update them. Alternatively moving deps to requirements.txt remains an option for future cleanup.

Acceptance criteria:

• renovate.json is updated on a new branch and a pull request is opened.
• Renovate runs subsequently and creates PRs to update pinned PyPI packages found in workflows (e.g. ansible and ansible-lint). If Renovate does not auto-run immediately, maintainers can trigger a run or wait for the next scheduled run.

Please create a branch and open a pull request implementing the change above in repository netbootxyz/netboot.xyz. Do not change other files.

This pull request was created as a result of the following prompt from Copilot chat.

Problem: Renovate is not picking up ansible and ansible-lint pinned versions in the PR test job because those pins are inside workflow run steps (pip install ...) and not in a standard dependency file. We want Renovate to automatically detect and update these inline pip install pins inside .github/workflows/*.yml files.

Goal: Add a regexManager to renovate.json that scans workflow YAML files for pip install package==version patterns and configures Renovate to treat those as PyPI dependencies so it can open PRs updating the pinned versions.

Files to change:

• renovate.json (update to include regexManagers for workflow files)

Proposed change (new renovate.json content):

{
  "extends": [
    "config:recommended"
  ],
  "regexManagers": [
    {
      "fileMatch": ["^\\.github\\/workflows\\/.*\\.ya?ml$"],
      "matchStrings": [
        "(?:pip(?:3)? install)\\s+([^=\\s]+)==(?<currentValue>\\d+(?:\\.\\d+){0,})"
      ],
      "datasourceTemplate": "pypi",
      "depNameTemplate": "$1"
    },
    {
      "fileMatch": ["^\\.github\\/workflows\\/.*\\.ya?ml$"],
      "matchStrings": [
        "(?:pip(?:3)? install)\\s+-r\\s+([^\\s]+)"
      ],
      "datasourceTemplate": "file",
      "depNameTemplate": "$1"
    }
  ]
}

Notes and rationale:

• The first regexManager scans workflow YAML files for pip install == and maps the captured package name to a PyPI datasource so Renovate can lookup new versions and create PRs.
• fileMatch restricts scanning to .github/workflows YAML files to avoid false positives elsewhere.
• The second regexManager is a helper to detect pip install -r requirements.txt style calls; it uses the file datasource so Renovate will then parse that requirements file with the built-in pip manager if present.
• This keeps dependencies inline while enabling Renovate to update them. Alternatively moving deps to requirements.txt remains an option for future cleanup.

Acceptance criteria:

• renovate.json is updated on a new branch and a pull request is opened.
• Renovate runs subsequently and creates PRs to update pinned PyPI packages found in workflows (e.g. ansible and ansible-lint). If Renovate does not auto-run immediately, maintainers can trigger a run or wait for the next scheduled run.

Please create a branch and open a pull request implementing the change above in repository netbootxyz/netboot.xyz. Do not change other files.

---

✨ Let Copilot coding agent set things up for you — coding agent works faster and does higher quality work when set up for your repo.

---

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/netbootxyz/netboot.xyz/pull/1689 **Author:** [@Copilot](https://github.com/apps/copilot-swe-agent) **Created:** 11/1/2025 **Status:** ❌ Closed **Base:** `development` ← **Head:** `copilot/add-regex-manager-for-workflow-files` --- ### 📝 Commits (1) - [`9fb4553`](https://github.com/netbootxyz/netboot.xyz/commit/9fb4553185b9c76ce6488be1bf72099ec0139fbc) Initial plan ### 📄 Description - [ ] Understand the current renovate.json configuration and workflow files - [ ] Update renovate.json to add regexManagers for detecting pip install patterns in workflow files - [ ] Validate the regex patterns match the pip install commands in pull-requests.yml - [ ] Test the renovate.json syntax is valid JSON - [ ] Complete implementation <!-- START COPILOT CODING AGENT SUFFIX --> <details> <summary>Original prompt</summary> > Problem: Renovate is not picking up ansible and ansible-lint pinned versions in the PR test job because those pins are inside workflow run steps (pip install ...) and not in a standard dependency file. We want Renovate to automatically detect and update these inline pip install pins inside .github/workflows/*.yml files. > > Goal: Add a regexManager to renovate.json that scans workflow YAML files for pip install package==version patterns and configures Renovate to treat those as PyPI dependencies so it can open PRs updating the pinned versions. > > Files to change: > - renovate.json (update to include regexManagers for workflow files) > > Proposed change (new renovate.json content): > ```json name=renovate.json url=https://github.com/netbootxyz/netboot.xyz/blob/cc9587dd38e229bee7bcbfb81f0a468f12bf3095/renovate.json > { > "extends": [ > "config:recommended" > ], > "regexManagers": [ > { > "fileMatch": ["^\\.github\\/workflows\\/.*\\.ya?ml$"], > "matchStrings": [ > "(?:pip(?:3)? install)\\s+([^=\\s]+)==(?<currentValue>\\d+(?:\\.\\d+){0,})" > ], > "datasourceTemplate": "pypi", > "depNameTemplate": "$1" > }, > { > "fileMatch": ["^\\.github\\/workflows\\/.*\\.ya?ml$"], > "matchStrings": [ > "(?:pip(?:3)? install)\\s+-r\\s+([^\\s]+)" > ], > "datasourceTemplate": "file", > "depNameTemplate": "$1" > } > ] > } > ``` > > Notes and rationale: > - The first regexManager scans workflow YAML files for pip install <package>==<version> and maps the captured package name to a PyPI datasource so Renovate can lookup new versions and create PRs. > - fileMatch restricts scanning to .github/workflows YAML files to avoid false positives elsewhere. > - The second regexManager is a helper to detect pip install -r requirements.txt style calls; it uses the file datasource so Renovate will then parse that requirements file with the built-in pip manager if present. > - This keeps dependencies inline while enabling Renovate to update them. Alternatively moving deps to requirements.txt remains an option for future cleanup. > > Acceptance criteria: > - renovate.json is updated on a new branch and a pull request is opened. > - Renovate runs subsequently and creates PRs to update pinned PyPI packages found in workflows (e.g. ansible and ansible-lint). If Renovate does not auto-run immediately, maintainers can trigger a run or wait for the next scheduled run. > > Please create a branch and open a pull request implementing the change above in repository netbootxyz/netboot.xyz. Do not change other files. > </details> *This pull request was created as a result of the following prompt from Copilot chat.* > Problem: Renovate is not picking up ansible and ansible-lint pinned versions in the PR test job because those pins are inside workflow run steps (pip install ...) and not in a standard dependency file. We want Renovate to automatically detect and update these inline pip install pins inside .github/workflows/*.yml files. > > Goal: Add a regexManager to renovate.json that scans workflow YAML files for pip install package==version patterns and configures Renovate to treat those as PyPI dependencies so it can open PRs updating the pinned versions. > > Files to change: > - renovate.json (update to include regexManagers for workflow files) > > Proposed change (new renovate.json content): > ```json name=renovate.json url=https://github.com/netbootxyz/netboot.xyz/blob/cc9587dd38e229bee7bcbfb81f0a468f12bf3095/renovate.json > { > "extends": [ > "config:recommended" > ], > "regexManagers": [ > { > "fileMatch": ["^\\.github\\/workflows\\/.*\\.ya?ml$"], > "matchStrings": [ > "(?:pip(?:3)? install)\\s+([^=\\s]+)==(?<currentValue>\\d+(?:\\.\\d+){0,})" > ], > "datasourceTemplate": "pypi", > "depNameTemplate": "$1" > }, > { > "fileMatch": ["^\\.github\\/workflows\\/.*\\.ya?ml$"], > "matchStrings": [ > "(?:pip(?:3)? install)\\s+-r\\s+([^\\s]+)" > ], > "datasourceTemplate": "file", > "depNameTemplate": "$1" > } > ] > } > ``` > > Notes and rationale: > - The first regexManager scans workflow YAML files for pip install <package>==<version> and maps the captured package name to a PyPI datasource so Renovate can lookup new versions and create PRs. > - fileMatch restricts scanning to .github/workflows YAML files to avoid false positives elsewhere. > - The second regexManager is a helper to detect pip install -r requirements.txt style calls; it uses the file datasource so Renovate will then parse that requirements file with the built-in pip manager if present. > - This keeps dependencies inline while enabling Renovate to update them. Alternatively moving deps to requirements.txt remains an option for future cleanup. > > Acceptance criteria: > - renovate.json is updated on a new branch and a pull request is opened. > - Renovate runs subsequently and creates PRs to update pinned PyPI packages found in workflows (e.g. ansible and ansible-lint). If Renovate does not auto-run immediately, maintainers can trigger a run or wait for the next scheduled run. > > Please create a branch and open a pull request implementing the change above in repository netbootxyz/netboot.xyz. Do not change other files. > <!-- START COPILOT CODING AGENT TIPS --> --- ✨ Let Copilot coding agent [set things up for you](https://github.com/netbootxyz/netboot.xyz/issues/new?title=✨+Set+up+Copilot+instructions&body=Configure%20instructions%20for%20this%20repository%20as%20documented%20in%20%5BBest%20practices%20for%20Copilot%20coding%20agent%20in%20your%20repository%5D%28https://gh.io/copilot-coding-agent-tips%29%2E%0A%0A%3COnboard%20this%20repo%3E&assignees=copilot) — coding agent works faster and does higher quality work when set up for your repo. --- _{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

kerem 2026-03-01 18:42:31 +03:00

• closed this issue
• added the
  pull-request
  label

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

development

copilot/add-doc-for-issue-1780

add-ubuntu-26.04

renovate/ansible-13.x

master

RC

changelog/3.0.1

feat/enable-rolling-builds

feat/secureboot-shim-devuan-kali

feature/secureboot-release-artifacts

copilot/sub-pr-1738

claude/issue-1703-20251117-0231

claude/issue-1703-20251117-0226

claude/issue-1703-20251117-0220

copilot/add-regex-manager-for-workflow-files

copilot/update-install-dependencies-step

copilot/fix-6503c0f7-4459-4828-8fe9-0b7f297ed932

claude/issue-1672-20250912-0331

testing

kairos_support

test

antonym/add-mac-pass

3.0.1

3.0.1-RC

3.0.0

3.0.0-RC

2.0.89

2.0.89-RC

2.0.88-RC

2.0.88

2.0.87-RC

2.0.87

2.0.86

2.0.86-RC

2.0.85

2.0.85-RC

2.0.84

2.0.84-RC

2.0.83

2.0.83-RC

2.0.82-RC

2.0.82

2.0.81-RC

2.0.81

2.0.80

2.0.80-RC

2.0.79

2.0.79-RC

2.0.78

2.0.78-RC

2.0.77-RC

2.0.77

2.0.76

2.0.76-RC

2.0.75

2.0.75-RC

2.0.74

2.0.74-RC

2.0.73

2.0.73-RC

2.0.72

2.0.72-RC

2.0.71

2.0.71-RC

2.0.70

2.0.70-RC

2.0.69

2.0.69-RC

2.0.68

2.0.68-RC

2.0.67

2.0.67-RC

2.0.66

2.0.66-RC

2.0.65

2.0.65-RC

2.0.64

2.0.64-RC

2.0.63

2.0.63-RC

2.0.62

2.0.62-RC

2.0.61

2.0.61-RC

2.0.60

2.0.60-RC

2.0.59

2.0.59-RC

2.0.58

2.0.58-RC

2.0.57

2.0.57-RC

2.0.56

2.0.56-RC

2.0.55

2.0.55-RC

2.0.54

2.0.54-RC

2.0.53

2.0.53-RC

2.0.52

2.0.52-RC

2.0.51

2.0.51-RC

2.0.50

2.0.50-RC

2.0.49

2.0.49-RC

2.0.48

2.0.48-RC

2.0.47

2.0.47-RC

2.0.46

2.0.46-RC

2.0.45

2.0.45-RC

2.0.44

2.0.44-RC

2.0.43

2.0.43-RC

2.0.42

2.0.42-RC

2.0.41

2.0.41-RC

2.0.40

2.0.40-RC

2.0.39

2.0.39-RC

2.0.38

2.0.38-RC

2.0.37

2.0.37-RC

2.0.36

2.0.36-RC

2.0.35

2.0.35-RC

2.0.34

2.0.34-RC

2.0.33

2.0.33-RC

2.0.32

2.0.32-RC

2.0.31

2.0.31-RC

2.0.30

2.0.30-RC

2.0.29

2.0.29-RC

2.0.28

2.0.28-RC

2.0.27

2.0.27-RC

2.0.26

2.0.26-RC

2.0.25

2.0.25-RC5LI

2.0.25-RC

2.0.24

2.0.24-RC

2.0.23

2.0.23-RC

2.0.22

2.0.22-RC

2.0.21

2.0.21-RC

2.0.20

2.0.20-RC

2.0.19

2.0.19-RC

2.0.18

2.0.18-RC

2.0.17

2.0.17-RC

2.0.16

2.0.16-RC

2.0.15

2.0.15-RC

2.0.14

2.0.14-RCZQD

2.0.14-RC

2.0.13

2.0.13-RC17N

2.0.13-RC

2.0.12

2.0.12-RC

2.0.11

2.0.10

2.0.10-RC

2.0.9

2.0.9-RC2N0

2.0.9-RC

2.0.8

2.0.8-RC

2.0.7

2.0.7-RC

2.0.6

2.0.6-R1-RC

2.0.6-RC

2.0.5

2.0.5-RC

2.0.4

2.0.4-RC

2.0.3

2.0.3-RC

2.0.2

2.0.2-RC

2.0.1

2.0.1-RC

2.0.0

2.0.0-RC

1.9.91-RC

1.9.9

1.9.9-RC

1.9.8-RC

1.0.0

1.9.7-RC

Labels

Clear labels   

Hacktoberfest

  

Hacktoberfest

  

bootloader

  

bsd

  

bug

  

confirmed

  

documentation

  

duplicate

  

enhancement

  

enhancement

  

enhancement

  

eol

  

experimental-merged

  

freebsd

  

help wanted

  

invalid

  

investigate

  

ipxe

  

linux

  

live-os

  

memdisk

  

menu

  

no-issue-activity

  

no-issue-activity

  

pull-request

Mirrored from GitHub Pull Request

  

released

  

todo

  

upstream

  

windows

  

windows

  

work-in-progress

No labels

Hacktoberfest

Hacktoberfest

bootloader

bsd

bug

confirmed

documentation

duplicate

enhancement

enhancement

enhancement

eol

experimental-merged

freebsd

help wanted

invalid

investigate

ipxe

linux

live-os

memdisk

menu

no-issue-activity

no-issue-activity

pull-request

released

todo

upstream

windows

windows

work-in-progress

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/netboot.xyz#3047

No description provided.