Update Action's README

Closes gh-22

.github/actions/auto-merge-forward/README.adoc

@@ -0,0 +1,52 @@
+= Auto Merge Forward
+
+This action is used to automatically merge forward commits between branches.
+
+Consider the following workflow configuration:
+
+[source,yaml]
+----
+name: Auto Merge Forward Dependabot Commits
+
+jobs:
+ auto-merge-forward-dependabot:
+ name: Auto Merge Forward Dependabot Commits
+ runs-on: ubuntu-latest
+ permissions:
+ contents: write
+ steps:
+ - name: Checkout
+ id: checkout
+ uses: actions/checkout@v4
+ - name: Setup GitHub User
+ id: setup-gh-user
+ run: |
+ git config user.name 'github-actions[bot]'
+ git config user.email 'github-actions[bot]@users.noreply.github.com'
+ - name: Run Auto Merge Forward
+ id: run-auto-merge-forward
+ uses: spring-io/spring-security-release-tools/.github/actions/auto-merge-forward@actions-v1
+ with:
+ branches: 5.8.x,6.1.x,6.2.x,main
+ from-author: dependabot[bot]
+----
+
+The action will do the following:
+
+1. Verify if there is any commit in the previous branch that is not present in the current branch by running `git log 5.8.x ^6.1.x --format=%an --no-merges`
+2. If a commit is found, the author of the commit is compared with the `from-author` input, if they don't match, skip to the next branches.
+ 1. If there are multiple commits, all the authors must match the `from-author` input.
+3. A merge is done into the current branch by running `git merge 5.8.x -s ours` and the branch is selected for push.
+4. Push all the branches that had a merge by running `git push --atomic origin 6.1.x 6.2.x main`
+
+== Inputs
+
+- *from-author*: Only merge if all commits match the author. Defaults to `dependabot[bot]`
+- *use-author-email*: Whether to use author email to check if the author matches. Defaults to author name.
+- *branches* (required): The branches to merge, from oldest to newest, separated by a comma.
+- *merge-strategy*: The merge strategy to use. Defaults to `ours`.
+- *dry-run*: Whether to push the changes. Defaults to `false`.
+
+== Development
+
+Run `npm run bundle` to prepare the `dist` folder before pushing the changes.

.github/actions/generate-dependabot-yml/README.adoc

@@ -0,0 +1,75 @@
+= Generate Dependabot YML
+
+This action facilitates the automatic update of a Dependabot configuration template file (dependabot.yml).
+This action reads a template file, resolves updates based on specified package ecosystems and target branches, and then writes the updated template to the `.github` directory within your repository.
+
+== Inputs
+
+The action accepts the following inputs:
+
+- *gradle-branches* (string): Comma-separated list of target branches for Gradle dependencies.
+- *github-actions-branches* (string): Comma-separated list of target branches for GitHub Actions dependencies.
+- *template-file* (string): Path to the Dependabot template file within the repository. Defaults to `.github/dependabot.template.yml`.
+
+== Output
+
+This action doesn't provide any output variables.
+
+== How it Works
+
+The action follows these steps:
+
+. Input Processing:
+.. Reads the specified template file.
+.. Parses the YAML content of the template file to extract update definitions.
+
+. Update Resolution:
+.. For each defined update in the template, it determines the package ecosystem.
+.. If the ecosystem is gradle, it resolves updates for each target branch specified in `gradle-branches`.
+.. If the ecosystem is github-actions, it resolves updates for each target branch specified in `github-actions-branches`.
+
+. Update Template:
+.. Updates the template file with the resolved updates.
+.. Dumps the updated template as YAML.
+.. Writes the updated Dependabot template to `.github/dependabot.yml`.
+
+. Error Handling:
+.. If any errors occur during the process, the action fails and sets an error message.
+
+== Example Usage
+
+[source,yaml]
+----
+name: Update dependabot.yml
+
+on:
+ workflow_dispatch:
+ schedule:
+ - cron: '0 0 * * *' # Once per day at midnight UTC
+
+permissions:
+ contents: read
+
+jobs:
+ main:
+ runs-on: ubuntu-latest
+ permissions:
+ contents: write
+ steps:
+ - uses: actions/checkout@v4
+ with:
+ fetch-depth: 1
+ - uses: spring-io/spring-security-release-tools/.github/actions/generate-dependabot-yml@actions-v1
+ name: Update dependabot.yml
+ with:
+ gradle-branches: 5.8.x,6.1.x,6.2.x,main
+ github-actions-branches: 5.8.x,6.1.x,6.2.x,main,docs-build
+ gh-token: ${{ secrets.GITHUB_TOKEN }}
+ - uses: stefanzweifel/git-auto-commit-action@v5
+ with:
+ commit_message: Update dependabot.yml
+----
+
+== Development
+
+Run `npm run bundle` to prepare the `dist` folder before pushing the changes.