- Auto-Update Service
- OpenRewrite
- Renovate
Seamless Quarkus Dependency Updates with Renovate, OpenRewrite & Red Hat DevSpaces
How We Achieved Fully Automated Dependency Updates With Renovate, OpenRewrite & Red Hat DevSpaces.
Why Quarkus Dependency Updates Need Automation
Keeping dependencies up to date in a Quarkus application can be challenging, especially in a rapidly evolving ecosystem. Without automation, tracking version changes and ensuring compatibility requires significant manual effort.
One of the great things about Quarkus is that it has been providing OpenRewrite scripts for a long time, making dependency upgrades much easier. We build on this powerful feature and integrate it with other tools like Renovate Bot and Red Hat DevSpaces to further streamline the update process.
By combining these technologies, we take automation to the next level—ensuring seamless upgrades while reducing developer workload. In this article, we present our automated approach that leverages Renovate, OpenRewrite, and Red Hat DevSpaces to keep Quarkus dependencies up to date with minimal disruption. This workflow allows us to automatically test and merge updates with confidence, reducing technical debt and improving security.
👉 Related reading: Auto-Update Service
Automated Quarkus Dependency Updates – Solution Overview
Our strategy is built around a convention-driven Git branch naming scheme and an automated upgrade pipeline. Renovate detects outdated dependencies and creates well-structured update branches, following this pattern:
renovate/<dependency_name>_<current_version>_<new_version>
These branch names provide key metadata:
-
Dependency Name
-
Current Version
-
New Version
Instead of modifying Renovate’s branch directly (which could cause conflicts), we create a separate branch for processing updates. This approach ensures a smooth and validated upgrade path, without breaking existing workflows.
Step 1: Configuring Renovate for Quarkus Dependency Tracking
To automate Quarkus dependency tracking, we configure Renovate with a structured branch naming pattern. Our renovate-config.js file looks like this:
module.exports = {
gitAuthor: 'Renovate Bot <bot@renovateapp.com>',
platform: 'github',
repositories: [
"Gepardec/renovate-playground" // our quarkus service
],
separateMajorMinor: false, // Group minor and major updates together
packageRules: [
{
matchPackagePrefixes: ["io.quarkus"], // Target only Quarkus dependencies
groupName: "quarkus",
groupSlug: "quarkus_{{currentVersion}}_{{newVersion}}" // Use a custom naming pattern for the branch name
},
]
}
This ensures that Renovate monitors Quarkus dependencies and generates well-structured branches for each upgrade.
Step 2: Automating Quarkus Upgrades with GitHub Actions & OpenRewrite
Once Renovate creates an update branch, we trigger a GitHub Action that:
-
Parses the branch name to extract metadata.
-
Runs OpenRewrite via
mvn quarkus:updatefor automated code transformations. -
Executes builds and tests to validate the upgrade.
-
Creates a conflict-free pull request with all necessary changes.
Parsing the Branch Name
To extract the dependency name, current version, and new version from the branch name:
- name: Parse branch name
id: parse
env:
BRANCH: ${{ github.head_ref }}
run: |
echo "DEPNAME=$(echo $BRANCH | cut -d'/' -f2 | cut -d'_' -f1)"
echo "CURR_VERSION=$(echo $BRANCH | cut -d'/' -f2 | cut -d'_' -f2)"
echo "NEW_VERSION=$(echo $BRANCH | cut -d'/' -f2 | cut -d'_' -f3)"
Checking Out the Main Branch
Since Renovate already updated the version in its branch, we need to check out the main branch to retrieve the old version:
- uses: actions/checkout@v3 name: checkout with: ref: main
We need to do this because mvn quarkus:update uses the defined version in pom.xml and would otherwise do nothing, as Renovate already set it to the newest version.
Executing the Quarkus Upgrade Command
- name: Upgrade Quarkus Version
env:
NEW_VERSION: ${{ steps.parse.outputs.NEW_VERSION }}
run: |
./mvnw io.quarkus.platform:quarkus-maven-plugin:${NEW_VERSION}:update
Creating a New Pull Request
To ensure a smooth integration, we create a separate branch and generate a pull request:
- name: Create Pull Request
uses: peter-evans/create-pull-request@v6
with:
token: ${{ secrets.RENOVATE_TOKEN }}
title: Upgrade quarkus from ${{ steps.parse.outputs.CURR_VERSION }} to ${{ steps.parse.outputs.NEW_VERSION }}
branch: postupgradetask/${{ steps.parse.outputs.DEPNAME }}_${{ steps.parse.outputs.CURR_VERSION }}_${{ steps.parse.outputs.NEW_VERSION }}
base: main
committer: github-actions[bot]
author: ${{ github.actor }} <${{ github.actor_id }}+${{ github.actor }}@users.noreply.github.com>
body: |
Upgrade quarkus version
Once this PR is created, our CI/CD pipeline ensures everything works as expected.
Step 3: Debugging Failed Quarkus Upgrades with Red Hat DevSpaces
If the build validation fails, we automatically add a Red Hat DevSpaces link to the pull request, allowing developers to debug in an isolated environment:
- name: Add DevSpaces Link on Failure
if: failure()
run: |
echo "Build failed. Debug the issue using DevSpace: [DevSpace Link](https://devspace.example.com)" >> pr_comment.md
gh pr comment ${{ github.event.pull_request.number }} --body-file pr_comment.md
This Red Hat DevSpace is fully set up with everything the developer needs to debug, fix and test the service. The whole environment is defined in a devfile.yaml, including predefined commands to be executed.
It includes every LTS version of Java and multiple Maven versions. Also Podman is available. Further features of Red Hat DevSpaces are:
-
mounting environment variables from OpenShift into Red Hat DevSpaces
-
executing predefined commands
-
changing, committing and pushing code
-
starting up the service and accessing endpoints
Red Hat DevSpaces really helps in quickly fixing an update where there are huge amounts of microservices and not every developer has every service locally set up. Within a click of a button the environment is fully ready, and the developer can fix and test the service.
Conclusion: Future-Proof Your Quarkus Application with Automated Dependency Updates
By fully automating Quarkus dependency updates, we have transformed a once tedious and error-prone process into an efficient, conflict-free workflow. Renovate keeps our dependencies in check, OpenRewrite seamlessly applies code transformations, and Red Hat DevSpaces ensures developers can quickly resolve any issues.
The result? Minimal disruption, maximum security, and a future-proof Quarkus application. 🚀
Want to try it out? 🚀 Fork our Renovate and Renovate Playground and start automating your dependency updates today!
👉 If you’re interested in modernization approaches, check also our Secure Java Code Upgrade.
Bereit für automatisierte Upgrades?
Möchtest du erfahren, wie automatisierte Quarkus-Updates auch in deinem Projekt funktionieren können? Buche jetzt einen Termin - wir zeigen dir, wie du deine Anwendungen sicher und zukunftsfähig hältst.
