From 8f18b2ea3f8c4ea897fa471128ffa5ea4bb59b9a Mon Sep 17 00:00:00 2001 From: Armel Soro Date: Tue, 14 Jun 2022 16:45:04 +0200 Subject: [PATCH 1/4] Configure Dependabot for watching and maintaining our Go dependencies --- .github/dependabot.yml | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) create mode 100644 .github/dependabot.yml diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 00000000000..f96829e3517 --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,22 @@ +# To get started with Dependabot version updates, you'll need to specify which +# package ecosystems to update and where the package manifests are located. +# Please see the documentation for all configuration options: +# https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates + +version: 2 +updates: + +# Maintain dependencies for Go +- package-ecosystem: "gomod" + directory: "/" + # Set this to 0 to disable version updates + open-pull-requests-limit: 5 + commit-message: + prefix: "Go" + schedule: + interval: "weekly" + reviewers: + - "odo-mantainers" + labels: + - "area/dependency" + - "kind/task" From 6c05c067c4e2815fa6dd169fc2fcb3d155f255fa Mon Sep 17 00:00:00 2001 From: Armel Soro Date: Tue, 14 Jun 2022 16:53:51 +0200 Subject: [PATCH 2/4] Configure Dependabot for watching and maintaining our NPM dependencies (website) --- .github/dependabot.yml | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index f96829e3517..edd7382179e 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -20,3 +20,18 @@ updates: labels: - "area/dependency" - "kind/task" + +# Maintain dependencies for Website builds +- package-ecosystem: "npm" + directory: "/docs/website" + # Set this to 0 to disable version updates + open-pull-requests-limit: 3 + commit-message: + prefix: "Website" + schedule: + interval: "weekly" + reviewers: + - "odo-mantainers" + labels: + - "area/dependency" + - "kind/task" From 04cef72138b26b260680b0ab12bd9c22f48d9016 Mon Sep 17 00:00:00 2001 From: Armel Soro Date: Tue, 14 Jun 2022 17:07:35 +0200 Subject: [PATCH 3/4] Add more comments --- .github/dependabot.yml | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index edd7382179e..d0a4a6d947e 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -1,5 +1,5 @@ -# To get started with Dependabot version updates, you'll need to specify which -# package ecosystems to update and where the package manifests are located. +# This is a configuration file for Dependabot, a GitHub tool that tries to keep dependencies updated on a regular basis +# by raising pull requests to update those dependencies. # Please see the documentation for all configuration options: # https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates @@ -35,3 +35,7 @@ updates: labels: - "area/dependency" - "kind/task" + +## Feel free to add other package managers here if needed. +## See https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#package-ecosystem +## for the full list of supported ecosystems. \ No newline at end of file From 7d7594fe6773f5479d1cd20ad07cfc2a4149153b Mon Sep 17 00:00:00 2001 From: Armel Soro Date: Tue, 14 Jun 2022 17:07:43 +0200 Subject: [PATCH 4/4] Add "ok-to-test" label to Dependabot PRs --- .github/dependabot.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index d0a4a6d947e..e0327c94139 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -20,6 +20,7 @@ updates: labels: - "area/dependency" - "kind/task" + - "ok-to-test" # Maintain dependencies for Website builds - package-ecosystem: "npm"