Setup dependabot version update and automerging of dependabot prs (#27)

kaja-nav · web-flow · commit 0d028d51e20f · 2024-01-26T09:33:33.000+01:00
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -0,0 +1,14 @@
+version: 2
+
+updates:
+  - package-ecosystem: github-actions
+    directory: '/'
+    schedule:
+      interval: daily
+
+  - package-ecosystem: gradle
+    directory: '/'
+    schedule:
+      interval: daily
+      time: '14:30'
+    open-pull-requests-limit: 20
diff --git a/.github/workflows/build-and-deploy.yaml b/.github/workflows/build-and-deploy.yaml
@@ -1,5 +1,7 @@
 name: Build & Deploy
-on: push
+on:
+  push:
+  workflow_dispatch:
 
 jobs:
   boot-jar-app:
diff --git a/.github/workflows/label-dependabot-pr.yaml b/.github/workflows/label-dependabot-pr.yaml
@@ -0,0 +1,10 @@
+name: label-dependabot-pr
+on:
+  pull_request:
+    types: [ opened, unlabeled ]
+
+jobs:
+  label-dependabot-pr:
+    uses: navikt/teamesyfo-github-actions-workflows/.github/workflows/label-dependabot-pr.yaml@main
+    permissions:
+      pull-requests: write
diff --git a/.github/workflows/merge-dependabot-pr.yaml b/.github/workflows/merge-dependabot-pr.yaml
@@ -0,0 +1,15 @@
+name: merge-dependabot-pr
+on:
+  workflow_dispatch:
+  schedule:
+    - cron: '0,15,30,45 7-14 * * 1,2,3,4,5'
+
+jobs:
+  merge-dependabot-pr:
+    uses: navikt/teamesyfo-github-actions-workflows/.github/workflows/merge-dependabot-pr.yaml@main
+    permissions:
+      actions: write
+      checks: read
+      contents: write
+      pull-requests: write
+      statuses: read
diff --git a/CODEOWNERS b/CODEOWNERS
@@ -1 +1,4 @@
 * @navikt/team-esyfo
+
+# Set empty owners on package.json and package-lock.json to avoid that github adds team-esyfo as reviewer on all automergeable prs from Dependabot
+build.gradle.kts
