diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 95e243e81..9c59ce466 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -1,10 +1,12 @@ version: 2 updates: -- package-ecosystem: gomod +- package-ecosystem: "gomod" directory: "/" schedule: - interval: daily - open-pull-requests-limit: 10 + interval: "daily" + ignore: + - dependency-name: "github.com/aws/aws-sdk-go" + update-types: ["version-update:semver-patch"] labels: - "dependencies" - package-ecosystem: "docker" @@ -31,3 +33,9 @@ updates: interval: "weekly" labels: - "dependencies" +- package-ecosystem: "github-actions" + directory: "/" + schedule: + interval: "weekly" + labels: + - "dependencies" diff --git a/.github/workflows/approve-dependabot-pr.yml b/.github/workflows/approve-dependabot-pr.yml new file mode 100644 index 000000000..a93e6cfd3 --- /dev/null +++ b/.github/workflows/approve-dependabot-pr.yml @@ -0,0 +1,9 @@ +name: Approve dependabot PR + +on: pull_request + +jobs: + approve: + uses: adevinta/vulcan-cicd/.github/workflows/reusable-approve-dependabot-pr.yml@v1 + secrets: + PAT: ${{ secrets.DEPENDABOT_AUTOMERGE_TOKEN }}