mirrors/ceph-csi
1
0
Fork 0
mirror of https://github.com/ceph/ceph-csi.git synced 2025-01-18 02:39:30 +00:00
Code Issues Packages Projects Releases Wiki Activity

ci: disable dependabot PR creation for Actions

Browse Source 
Dependabot does not need to report available updates for vendored
dependencies in the downstream repository. Updates to dependencies are
synced from the upstream repository when needed. There is also the
"Upstream First" requirement, which we follow closely.

See-also: https://docs.github.com/en/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/configuration-options-for-dependency-updates#open-pull-requests-limit
Signed-off-by: Niels de Vos <ndevos@redhat.com>
This commit is contained in:
Niels de Vos 2022-06-21 08:40:03 +02:00
parent f219445b67
commit 7aba15aa13
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
.github/dependabot.yml vendored
View File

@ -40,6 +40,8 @@ updates:
- dependency-name: "k8s.io/pod-security-admission"
- dependency-name: "k8s.io/sample-apiserver"
- package-ecosystem: "gomod"
# ODF only: disable PR creation, synced from upstream
open-pull-requests-limit: 0
directory: "/actions/retest"
schedule:
interval: "weekly"
@ -50,6 +52,8 @@ updates:
commit-message:
prefix: "rebase"
- package-ecosystem: "github-actions"
# ODF only: disable PR creation, synced from upstream
open-pull-requests-limit: 0
directory: "/"
schedule:
interval: weekly