Renovate: Pin and Maintian Circle CI Orb References

What would you like Renovate to be able to do?

To _pin_, and then maintain, Circle CI Orb references in .circleci/config.yml configuration files.

Describe the solution you'd like

My orbital-mechanics package currently references my hutson/library-release-workflows Orb.

It references version 4.1.0, though the latest version of my Orb is 4.1.6.

I would like to see a pull request from Renovate that upgrades the version from 4.1.0 to 4.1.6, such as this example pull request - https://github.com/hyper-expanse/orbital-mechanics/pull/3/files

Describe alternatives you've considered

The goal is to automatically upgrade the Orb version, without resorting to manual intervention. Other than implementing a cron script, I don't know of another way to automate version upgrading of Orb references.

An alternative is to use the volatile label to instruct Circle CI to always use the latest version of the Orb. However, my build would then be non-deterministic.

Additional context

Circle CI does not have an API to fetch version metadata for Orbs.

Support has been requested - https://circleci.ideas.aha.io/ideas/CCI-I-719

However, you can use the Circle CLI (once logged in) to fetch Orb version metadata:

echo '{orb(name:"hutson/library-release-workflows"){name, homeUrl, versions {version, createdAt}}}' | circleci query -

Thanks to Eddie from Circle CI for the solution.

Proof of concept:

'use strict';

const shell = require(`shelljs`);
const semver = require(`semver`);
const yaml = require(`js-yaml`);

shell.config.silent = true;

const circleCIConfig = `
version: 2.1

orbs:
  orb-tools: circleci/orb-tools@volatile
  release-workflows: hutson/[email protected]
`;

const parsedOrbContent = yaml.safeLoad(circleCIConfig);

for (const prop in (parsedOrbContent.orbs || {})) {
  const [orbName, existingVersion] = parsedOrbContent.orbs[prop].split(`@`);

  if (semver.valid(existingVersion) === null) {
    /** Supported labels:
     *
     * circleci/python@volatile
     * circleci/python@2
     * circleci/[email protected]
     * circleci/[email protected]
     * circleci/python@dev:branch
     *
     * Pulled from https://circleci.com/docs/2.0/creating-orbs/#semantic-versioning-in-orbs
     */
    continue;
  }

  const orbVersionMetadata = JSON.parse(shell.exec(`echo '{orb(name:"${orbName}"){name, homeUrl, versions {version, createdAt}}}' | circleci query -`).stdout);

  const latestVersion = orbVersionMetadata.orb.versions.map(versionMetadata => versionMetadata.version).sort(semver.rcompare).shift();

  parsedOrbContent.orbs[prop] = `${orbName}@${latestVersion}`;
}

console.log(yaml.safeDump(parsedOrbContent));

/*
version: 2.1
orbs:
  orb-tools: circleci/orb-tools@volatile
  release-workflows: hutson/[email protected]
*/