ci(renovate): self-host Renovate via GitHub App to escape Mend Cloud OOM#2350
Merged
Conversation
Mend Cloud の無料 Community 枠は 1 job = 3GB cap で、本モノレポ(pnpm@11 / lockfile 17,620行)の install / lockFileMaintenance が kernel-out-of-memory で 落ちていた。toolSettings.nodeMaxMemory / ignoreScripts では頭打ちのため、 GitHub Actions の self-host (runner 16GB) へ移行する。 過去の PAT ベース self-host 版(全 Dependabot 化で削除済み)の知見を踏襲しつつ、 より安全な専用 GitHub App + 短命トークンで再構築: - .github/workflows/renovate.yaml を新規追加 - actions/create-github-app-token で短命トークン発行 (App PR は ci.yaml を発火) - RENOVATE_PLATFORM_COMMIT: enabled で Verified コミット (gitAuthor 固定不要) - RENOVATE_FORCE で workflow_dispatch 時は schedule(月曜朝) を自動バイパス - issues/pull_request トリガーは自走ループ回避のため意図的に除外 - cron "0 16 * * *" (01:00 JST) で週次/四半期の両 schedule 窓を自動カバー - NODE_OPTIONS=6144 (Renovate本体) + nodeMaxMemory=4096 (pnpm) で二重 OOM 防止 - .github/renovate.json5: nodeMaxMemory 2048 -> 4096、コメントを self-host 前提に更新 - renovate-todo.md: GitHub App 作成 / Secrets 登録 / Mend 撤去 / 検証の手動手順 Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
|
Warning Review limit reached
More reviews will be available in 55 minutes and 49 seconds. Learn how PR review limits work. Your organization has run out of usage credits. Purchase more in the billing tab. ⌛ How to resolve this issue?After more reviews become available, a review can be triggered using the We recommend that you space out your commits to avoid hitting the rate limit. 🚦 How do rate limits work?CodeRabbit enforces hourly rate limits for each developer per organization. Our paid plans include higher PR review limits than trial, open-source, and free plans. In all cases, reviews become available again over time. During sustained high-volume PR review activity, CodeRabbit may temporarily slow when the next review becomes available. Please see our Fair Usage Limits Policy for further information. ℹ️ Review info⚙️ Run configurationConfiguration used: Repository UI Review profile: CHILL Plan: Pro Run ID: 📒 Files selected for processing (1)
WalkthroughRenovateを Mend Cloud から GitHub Actions self-hosted へ移行するため、設定ファイルの更新、スケジュール実行とApp トークン発行を行うワークフローの新規作成、詳細な移行手順ドキュメントを追加。 ChangesRenovate self-hosted GitHub Actions 移行
Estimated Code Review Effort🎯 2 (Simple) | ⏱️ ~12 minutes Possibly Related PRs
Poem
🚥 Pre-merge checks | ✅ 5✅ Passed checks (5 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
✅ Code Duplication ReportSummary
✅ Code duplication rate is within the acceptable threshold. 📊 Detailed ReportConsole OutputDuplicate Code BlocksDuplicate 1
Duplicate 2
Duplicate 3
Duplicate 4
Duplicate 5
Duplicate 6
Duplicate 7
Duplicate 8
Duplicate 9
Duplicate 10
... and 35 more duplicate blocks. Run 📦 Full Report: Download the complete jscpd report from GitHub Actions Artifacts |
Deploying s-private with
|
| Latest commit: |
9d4fd00
|
| Status: | ✅ Deploy successful! |
| Preview URL: | https://a835df56.s-private.pages.dev |
| Branch Preview URL: | https://ci-self-host-renovate-app.s-private.pages.dev |
ghalint の github_app_should_limit_permissions に従い、create-github-app-token の生成トークンを permission-contents/pull-requests/issues: write に限定する。
Coverage Report
File CoverageNo changed files found. |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 1
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In @.github/renovate.json5:
- Around line 24-28: Update the comment that currently reads "ubuntu-24.04, 7GB
RAM" to reflect the correct 16GB RAM value and ensure the RAM mention is
consistent with the settings referenced (NODE_OPTIONS and nodeMaxMemory); i.e.,
replace the 7GB text with 16GB so the comment aligns with the other references
to 16GB and the OOM-avoidance rationale for NODE_OPTIONS=6144 and
nodeMaxMemory=4096 remains coherent.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Repository UI
Review profile: CHILL
Plan: Pro
Run ID: bbae0665-3d14-4648-9f71-e52626fcbbf0
📒 Files selected for processing (3)
.github/renovate.json5.github/workflows/renovate.yamlrenovate-todo.md
Comment on lines
+24
to
+28
| // self-host runner (GitHub Actions / ubuntu-24.04, 7GB RAM) での pnpm メモリ上限。 | ||
| // pnpm の Node プロセスに --max-old-space-size=4096(MB) を渡し、V8 ヒープを runner の | ||
| // 物理メモリより十分下で頭打ちにして OOM を回避する (.github/workflows/renovate.yaml)。 | ||
| // Mend Cloud 無料枠の 3GB コンテナでは OOM Killer に殺されていたため self-host へ移行済み。 | ||
| // モノレポ規模が増えて落ちるようなら branchConcurrentLimit を下げるか値を調整する。 |
There was a problem hiding this comment.
コメントの RAM 表記が他ファイルと矛盾しています。
ここでは ubuntu-24.04, 7GB RAM と記載していますが、.github/workflows/renovate.yaml(Line 63)と renovate-todo.md(Line 4)はいずれも 16GB と記載しています。GitHub ホストの標準 Linux runner は 16GB です。NODE_OPTIONS=6144 と nodeMaxMemory=4096 を同時に与える OOM 回避の根拠に直結する数値なので、正しい値(16GB)に統一してください。
📝 修正案
- // self-host runner (GitHub Actions / ubuntu-24.04, 7GB RAM) での pnpm メモリ上限。
+ // self-host runner (GitHub Actions / ubuntu-24.04, 16GB RAM) での pnpm メモリ上限。📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
Suggested change
| // self-host runner (GitHub Actions / ubuntu-24.04, 7GB RAM) での pnpm メモリ上限。 | |
| // pnpm の Node プロセスに --max-old-space-size=4096(MB) を渡し、V8 ヒープを runner の | |
| // 物理メモリより十分下で頭打ちにして OOM を回避する (.github/workflows/renovate.yaml)。 | |
| // Mend Cloud 無料枠の 3GB コンテナでは OOM Killer に殺されていたため self-host へ移行済み。 | |
| // モノレポ規模が増えて落ちるようなら branchConcurrentLimit を下げるか値を調整する。 | |
| // self-host runner (GitHub Actions / ubuntu-24.04, 16GB RAM) での pnpm メモリ上限。 | |
| // pnpm の Node プロセスに --max-old-space-size=4096(MB) を渡し、V8 ヒープを runner の | |
| // 物理メモリより十分下で頭打ちにして OOM を回避する (.github/workflows/renovate.yaml)。 | |
| // Mend Cloud 無料枠の 3GB コンテナでは OOM Killer に殺されていたため self-host へ移行済み。 | |
| // モノレポ規模が増えて落ちるようなら branchConcurrentLimit を下げるか値を調整する。 |
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
In @.github/renovate.json5 around lines 24 - 28, Update the comment that
currently reads "ubuntu-24.04, 7GB RAM" to reflect the correct 16GB RAM value
and ensure the RAM mention is consistent with the settings referenced
(NODE_OPTIONS and nodeMaxMemory); i.e., replace the 7GB text with 16GB so the
comment aligns with the other references to 16GB and the OOM-avoidance rationale
for NODE_OPTIONS=6144 and nodeMaxMemory=4096 remains coherent.
s-hirano-ist
added a commit
that referenced
this pull request
Jun 3, 2026
self-host 移行の手動セットアップ手順は PR #2350 の説明と git 履歴に残っており、 リポジトリへ恒久的に置く必要がないため削除する。
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
なぜ
Mend Cloud 無料枠(1 job = 3GB cap)の Renovate が
kernel-out-of-memoryで落ちる。本モノレポ(pnpm@11 / lockfile 17,620行・600KB)のpnpm install/lockFileMaintenanceが 3GB を超えるため。toolSettings.nodeMaxMemory/ignoreScriptsを入れても頭打ち。このリポジトリは PUBLIC + AGPL-3.0 なので、GitHub Actions(無料・無制限、runner 16GB RAM)の self-host に切り替えれば Mend のメモリ上限から完全に解放される。
過去に PAT ベースの self-host 版が存在したが、全 Dependabot 化で削除 → 「Dependabot が pnpm 11 非対応」で npm を Renovate へ差し戻した際に self-host を復活させず Mend Cloud に戻ったため OOM が再発していた。今回はより安全な 専用 GitHub App + 短命トークンで再構築する。
変更内容
.github/workflows/renovate.yamlactions/create-github-app-tokenで短命トークン発行(App PR はci.yamlを発火できる)RENOVATE_PLATFORM_COMMIT: enabledで Verified コミット(PAT 運用で必要だった gitAuthor 固定が不要)RENOVATE_FORCEでworkflow_dispatch時は schedule(月曜朝)を自動バイパスして即時実行issues/pull_requestトリガーは Dashboard 更新による自走ループ回避のため意図的に除外0 16 * * *(01:00 JST)で週次「月曜11時前」と四半期「1日5時前」の両 schedule 窓を自動カバーNODE_OPTIONS=6144(Renovate本体)+nodeMaxMemory=4096(pnpm 子プロセス)で二重に OOM 防止.github/renovate.json5:nodeMaxMemory2048 → 4096、コメントを self-host 前提に更新(依存管理ポリシーは不変)renovate-todo.md: GitHub App 作成 / Secrets 登録 / Mend 撤去 / 検証の手動セットアップ手順マージ後に必要な手動ステップ(
renovate-todo.md参照)RENOVATE_APP_ID/RENOVATE_APP_PRIVATE_KEY)RENOVATE_TOKENsecret 削除検証済み(ローカル)
actionlint: OK(renovate.yaml)oxfmt --check: OK(renovate.json5)renovate-config-validator: Config validated successfully🤖 Generated with Claude Code
Summary by CodeRabbit
リリースノート