diff options
-rw-r--r-- | .github/dependabot.yml | 92 | ||||
-rw-r--r-- | .github/workflows/dependabot-approve-merge.yml | 19 |
2 files changed, 111 insertions, 0 deletions
diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 00000000000..ab959ecac6e --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,92 @@ +version: 2 +updates: +# Linting and coding style +- package-ecosystem: composer + directory: "/" + schedule: + interval: weekly + day: saturday + time: "03:00" + timezone: Europe/Paris + open-pull-requests-limit: 10 + labels: + - 3. to review + - "feature: dependencies" + +# Main master npm +- package-ecosystem: npm + directory: "/" + schedule: + interval: weekly + day: saturday + time: "03:00" + timezone: Europe/Paris + open-pull-requests-limit: 10 + labels: + - 3. to review + - "feature: dependencies" + +# Testing master npm +- package-ecosystem: npm + directory: "/build" + schedule: + interval: weekly + day: saturday + time: "03:00" + timezone: Europe/Paris + open-pull-requests-limit: 10 + labels: + - 3. to review + - "feature: dependencies" + +# Testing master composer +- package-ecosystem: composer + directory: "/build/integration" + schedule: + interval: weekly + day: saturday + time: "03:00" + timezone: Europe/Paris + open-pull-requests-limit: 10 + labels: + - 3. to review + - "feature: dependencies" + + +# Main stableXX npm +- package-ecosystem: npm + directory: "/" + schedule: + interval: weekly + day: saturday + time: "03:00" + timezone: Europe/Paris + open-pull-requests-limit: 10 + # Only allow updates to the lockfile + versioning-strategy: lockfile-only + target-branch: + - stable19 + - stable18 + - stable17 + labels: + - 3. to review + - "feature: dependencies" + +# Testing StableXX composer +- package-ecosystem: composer + directory: "/build/integration" + schedule: + interval: weekly + day: saturday + time: "03:00" + timezone: Europe/Paris + open-pull-requests-limit: 10 + # Only allow updates to the lockfile + versioning-strategy: lockfile-only + target-branch: + - stable19 + - stable18 + - stable17 + labels: + - 3. to review + - "feature: dependencies" diff --git a/.github/workflows/dependabot-approve-merge.yml b/.github/workflows/dependabot-approve-merge.yml new file mode 100644 index 00000000000..201d7f5ebf2 --- /dev/null +++ b/.github/workflows/dependabot-approve-merge.yml @@ -0,0 +1,19 @@ +name: Dependabot +on: pull_request + +jobs: + auto-merge: + runs-on: ubuntu-latest + steps: + # Default github action approve + - uses: hmarr/auto-approve-action@v2.0.0 + if: github.actor == 'dependabot[bot]' || github.actor == 'dependabot-preview[bot]' + with: + github-token: ${{ secrets.GITHUB_TOKEN }} + + # Nextcloud bot approve and merge request + - uses: ahmadnassri/action-dependabot-auto-merge@v1 + if: github.actor == 'dependabot[bot]' || github.actor == 'dependabot-preview[bot]' + with: + target: patch + github-token: ${{ secrets.DEPENDABOT_AUTOMERGE_TOKEN }} |