From 88975916a42530b6071b93dd9335c37d4781b096 Mon Sep 17 00:00:00 2001 From: Christophe Fergeau Date: Wed, 8 Nov 2023 12:51:02 +0100 Subject: [PATCH] github: Allow dependabot to file PRs It will automatically open PRs to update go.mod, tools/go.mod and .github/workflows when there are version changes. github.com/openshift/* and k8s.io/* are ignored as these updates can be tricky, and we want to stick to the versions corresponding to the openshift bundle we are releasing crc with. Signed-off-by: Christophe Fergeau --- .github/dependabot.yml | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) create mode 100644 .github/dependabot.yml diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 0000000000..3e5ea4e937 --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,19 @@ +version: 2 +updates: +- package-ecosystem: gomod + directory: "/" + schedule: + interval: daily + open-pull-requests-limit: 10 + ignore: + - dependency-name: "github.com/openshift/*" + - dependency-name: "k8s.io/*" +- package-ecosystem: gomod + directory: "/tools" + schedule: + interval: weekly + open-pull-requests-limit: 10 +- package-ecosystem: "github-actions" + directory: "/" + schedule: + interval: "weekly"