From 52adfd8a4aaf160d2f6f10f614a1942cfc3dfd14 Mon Sep 17 00:00:00 2001 From: Craig Perkins Date: Mon, 21 Aug 2023 17:49:35 -0400 Subject: [PATCH] [1.x] Add dependabot.yml (#3216) ### Description Adds dependabot.yml to 1.x branch. This PR adds dependabot.yml directly to 1.x branch. With all of the dependabot PRs against main, labels like `backport 2.x`, `backport 1.x` and `backport 1.3` must be added to the PR in order to trigger backport bot to backport the PR to the respective branches. This process is manual and causes drifts between release branches if the labels are not added to the PR. I am creating a PR to add dependabot.yml directly in 2.x and 1.x to keep all of the release branches up to date. The PR against 1.x includes an automatic label of `backport 1.3` so that 1.x and 1.3 can stay synchronized. * Category (Enhancement, New feature, Bug fix, Test fix, Refactoring, Maintenance, Documentation) Maintenance ### Check List - [ ] New functionality includes testing - [ ] New functionality has been documented - [ ] Commits are signed per the DCO using --signoff By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license. For more information on following Developer Certificate of Origin and signing off your commits, please check [here](https://github.com/opensearch-project/OpenSearch/blob/main/CONTRIBUTING.md#developer-certificate-of-origin). --------- Signed-off-by: Craig Perkins Signed-off-by: Peter Nied Co-authored-by: Peter Nied --- .github/dependabot.yml | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) create mode 100644 .github/dependabot.yml diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 0000000000..19d6e34d00 --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,22 @@ +version: 2 +updates: + - package-ecosystem: "gradle" + directory: "/" + schedule: + interval: "weekly" + commit-message: + prefix: "[1.x] dependabot:" + ignore: + # For all packages, ignore all major versions to minimize breaking issues + - dependency-name: "*" + update-types: ["version-update:semver-major"] + labels: + - "backport 1.3" + - package-ecosystem: "github-actions" + directory: "/" + schedule: + interval: "weekly" + commit-message: + prefix: "[1.x] dependabot:" + labels: + - "backport 1.3"