From 7602e9f7b12da13f6bb579e354cb386e37f7db9e Mon Sep 17 00:00:00 2001 From: Sofiya Tepikin Date: Sat, 23 Jul 2022 17:24:47 +0000 Subject: [PATCH] Final touches to setup Dependabot --- .gitlab-ci.yml | 27 ++++++++++++++------------- .gitlab/dependabot.yml | 2 +- 2 files changed, 15 insertions(+), 14 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 7ddb668..7c40084 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -11,27 +11,28 @@ test_async: - npm install - npm test -.dependabot: +variables: + DEPENDABOT_IMAGE: docker.io/andrcuns/dependabot-gitlab:0.23.0 + +.dependabot-gitlab: image: - name: docker.io/andrcuns/dependabot-gitlab:0.22.4 + name: $DEPENDABOT_IMAGE entrypoint: [''] variables: GIT_STRATEGY: none - PACKAGE_MANAGER: $CI_JOB_NAME RAILS_ENV: production SECRET_KEY_BASE: key + PACKAGE_MANAGER: $CI_JOB_NAME SETTINGS__GITLAB_URL: $CI_SERVER_URL SETTINGS__STANDALONE: 'true' SETTINGS__LOG_COLOR: 'true' - before_script: - - cd /home/dependabot/app script: - - bundle exec rake "dependabot:update[$CI_PROJECT_NAMESPACE/$CI_PROJECT_NAME,$PACKAGE_MANAGER,/]" + - cd /home/dependabot/app + - bundle exec rake "dependabot:update[$PROJECT_PATH,$PACKAGE_MANAGER,$DIRECTORY]" + +npm: + extends: .dependabot-gitlab rules: - - if: '$CI_PIPELINE_SOURCE == "schedule" && $SCHEDULE_NAME == "dependabot"' - -gitsubmodule: - extends: .dependabot - -pip: - extends: .dependabot + - if: $DEPENDENCY_UPDATES_DISABLED + when: never + - if: '$CI_PIPELINE_SOURCE == "schedule" && $PACKAGE_MANAGER_SET =~ /(\bnpm|yarn\b)/' diff --git a/.gitlab/dependabot.yml b/.gitlab/dependabot.yml index 64a8441..54be4ce 100644 --- a/.gitlab/dependabot.yml +++ b/.gitlab/dependabot.yml @@ -5,5 +5,5 @@ updates: - package-ecosystem: npm directory: / schedule: - interval: daily + interval: weekly open-pull-requests-limit: 3