Allow tinybird-local Docker updates to automerge

[ErisDS]

Summary

• add a narrow Renovate package rule for the tinybirdco/tinybird-local Docker image
• allow those Docker digest PRs to use PR automerge once CI has passed
• keep the rule scoped to this single image rather than enabling Docker automerge broadly

Why this change

The tinybirdco/tinybird-local digest PR in #27228 updates Ghost's local analytics service image in CI and compose files. Like ghost/traffic-analytics, it is an internal operational image update that can safely use PR automerge once CI has passed.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: b7e98f9d-cb07-47e7-9ad8-d41c6a994039

📥 Commits

Reviewing files that changed from the base of the PR and between 2ced688 and b594ac3.

📒 Files selected for processing (2)

• .github/renovate.json5
• .github/workflows/ci.yml

🚧 Files skipped from review as they are similar to previous changes (1)

• .github/renovate.json5

---

Walkthrough

Updated .github/renovate.json5: the package rule comment/target was clarified, matchPackageNames was expanded to include tinybirdco/tinybird-local, matchUpdateTypes: ["digest"] was added, and a rule-level description was introduced; automerge: true and automergeType: "pr" remain. Updated .github/workflows/ci.yml: the job_setup changed-paths detection gained a new tinybird/tinybird-datafiles filter group targeting workflow/compose config and Tinybird server data files (excluding .md), exposing job_setup.outputs.changed_tinybird_datafiles; deploy_tinybird jobs now gate on needs.job_setup.outputs.changed_tinybird_datafiles == 'true' instead of the previous changed_tinybird check.

Possibly related PRs

• TryGhost/Ghost PR 27196: Modifies the same .github/renovate.json5 packageRule affecting automerge behavior for ghost/traffic-analytics.

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title 'Allow tinybird-local Docker updates to automerge' directly describes the main objective of enabling automerge for tinybirdco/tinybird-local Docker digest updates.
Description check	✅ Passed	The description clearly explains the purpose of adding a Renovate package rule for tinybirdco/tinybird-local, enabling automerge for digest PRs, and scoping it narrowly.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch fix/renovate-automerge-tinybird-local

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 2

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In @.github/renovate.json5:
- Around line 132-141: The Renovate automerge rule for "matchPackageNames":
"tinybirdco/tinybird-local" currently allows digest bumps to auto-merge without
running Tinybird tests because the `changed_tinybird` condition only watches
ghost/core/core/server/data/tinybird/**; update the rule so it either (A)
expands the `changed_tinybird` filter to also include compose.dev.analytics.yaml
and .github/workflows/ci.yml (or a broader pattern that covers repo root
compose/workflow changes) so job_tinybird-tests will run, or (B) remove
`"automerge": true`/`"automergeType"` from this tinybird rule so Renovate PRs
require CI validation before merging.
- Around line 132-141: The renovate rule that matches tinybirdco/tinybird-local
currently allows automerge for all update types (fields: "matchDatasources",
"matchPackageNames", "automerge", "automergeType"), so restrict it by adding
"matchUpdateTypes": ["digest"] to that rule to ensure only digest updates are
auto-merged; then verify the CI gating (workflow check referenced as
changed_tinybird) will run for digest updates to the workflow/image and adjust
the workflow trigger or gating logic if needed so digest-only Renovate PRs run
the tinybird tests before automerge.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: f9b0bcf2-10b8-491c-855b-22cca93f4e7e

📥 Commits

Reviewing files that changed from the base of the PR and between b0a1d51 and 7a5107d.

📒 Files selected for processing (1)

• .github/renovate.json5

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In @.github/workflows/ci.yml:
- Around line 147-148: The CI workflow currently uses the same changed_tinybird
output for both tests and deploy gates which causes
deploy_tinybird_staging/production to be triggered by unrelated CI or
compose-local changes; create a new output/filter named changed_tinybird_deploy
that only matches files relevant to Tinybird deployments, leave changed_tinybird
for test-related file patterns, then update wiring so job_tinybird-tests uses
changed_tinybird while deploy_tinybird_staging and deploy_tinybird_production
use changed_tinybird_deploy.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: c368d132-7020-41ad-918b-cddf987350bd

📥 Commits

Reviewing files that changed from the base of the PR and between 7a5107d and 21ec110.

📒 Files selected for processing (2)

• .github/renovate.json5
• .github/workflows/ci.yml

🚧 Files skipped from review as they are similar to previous changes (1)

• .github/renovate.json5

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 73.49%. Comparing base (191095a) to head (b594ac3).
⚠️ Report is 13 commits behind head on main.

Additional details and impacted files

@@            Coverage Diff             @@
##             main   #27244      +/-   ##
==========================================
+ Coverage   73.46%   73.49%   +0.02%     
==========================================
  Files        1545     1545              
  Lines      123686   123720      +34     
  Branches    14961    14973      +12     
==========================================
+ Hits        90870    90922      +52     
+ Misses      31819    31777      -42     
- Partials      997     1021      +24     

Flag	Coverage Δ
admin-tests	54.40% <ø> (+<0.01%)	⬆️
e2e-tests	73.49% <ø> (+0.02%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[cmraible]

Pushed a small tweak to the naming so it's a little more intuitive, otherwise LGTM!