Skip to content

Commit

Permalink
Enable Dependabot for Docker, GH Actions and Go
Browse files Browse the repository at this point in the history
This enables Dependabot using three groups, one for container images,
one for GitHub Actions, and one for Go Modules.

In the future, we may want to split the Go Modules into multiple
groups. For example, one for each key source with a misc catch-all
group for any other dependency.

xref: https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/customizing-dependency-updates#grouping-dependabot-version-updates-into-one-pull-request

Signed-off-by: Hidde Beydals <hidde@hhh.computer>
  • Loading branch information
hiddeco committed Sep 12, 2023
1 parent a60045a commit 0dff2ec
Showing 1 changed file with 41 additions and 0 deletions.
41 changes: 41 additions & 0 deletions .github/dependabot.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,41 @@
version: 2

updates:
- package-ecosystem: "docker"
directory: "/"
labels: ["dependencies"]
schedule:
# By default, this will be on a Monday.
interval: "weekly"
groups:
# Group all updates together, so that they are all applied in a single PR.
# xref: https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#groups
docker:
patterns:
- "*"

- package-ecosystem: "github-actions"
directory: "/"
labels: ["area/CI", "dependencies"]
schedule:
# By default, this will be on a Monday.
interval: "weekly"
groups:
# Group all updates together, so that they are all applied in a single PR.
# xref: https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#groups
ci:
patterns:
- "*"

- package-ecosystem: "gomod"
directory: "/"
labels: ["dependencies"]
schedule:
# By default, this will be on a Monday.
interval: "weekly"
groups:
# Group all updates together, so that they are all applied in a single PR.
# xref: https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#groups
go:
patterns:
- "*"

0 comments on commit 0dff2ec

Please sign in to comment.