Google Git
Sign in
gdch-oss/third_party/hashicorp/terraform-json/4a9d1e78cc5db19f77bdb36161c3fdd6b0cfa089^!/.
commit
4a9d1e78cc5db19f77bdb36161c3fdd6b0cfa089
[log]
author
Nara Kasbergen Kwon <855115+xiehan@users.noreply.github.com>
Mon May 13 14:47:35 2024 +0200
committer
GitHub <noreply@github.com>
Mon May 13 14:47:35 2024 +0200
tree
11145327be75a656caace2cc368aeb86bd6f712b
parent
11f603ef1c8eb2a559347e031e79515f06165630 [diff]
github: Set up Dependabot to manage HashiCorp-owned Actions versions (#128)


diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index eed0ba6..083d5d9 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml

@@ -5,3 +5,20 @@
     schedule:
       interval: "daily"
     labels: ["dependencies"]
+  - package-ecosystem: github-actions
+    directory: /
+    schedule:
+      interval: weekly
+    labels:
+      - dependencies
+    # only update HashiCorp actions, external actions managed by TSCCR
+    allow:
+      - dependency-name: hashicorp/*
+    groups:
+      github-actions-breaking:
+        update-types:
+          - major
+      github-actions-backward-compatible:
+        update-types:
+          - minor
+          - patch

diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
index 3ac2de3..f72e7b7 100644
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml

@@ -22,7 +22,7 @@
       - name: Checkout Repo
         uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
       - name: Install copywrite
-        uses: hashicorp/setup-copywrite@v1.1.2
+        uses: hashicorp/setup-copywrite@867a1a2a064a0626db322392806428f7dc59cb3e # v1.1.2
       - name: Validate Header Compliance
         run: copywrite headers --plan
 
@@ -51,4 +51,4 @@
       - name: Go mod verify
         run: go mod verify
       - name: Run tests
-        run: go test -v ./...
\ No newline at end of file
+        run: go test -v ./...