-
Notifications
You must be signed in to change notification settings - Fork 220
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
add dependabot config #319
Conversation
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: DavidSpek The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
/assign @terrytangyuan |
I am holding the PR to have some control over when it gets merged so that the optional test infra doesn't get overloaded if all the repo's were to merge this at the same time. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Should we close this?
@terrytangyuan I think it is up to the repo owners. If you do not require the advanced features of Renovate, dependabot is also a fine solution. If you would like to have Renovate enabled for this repo, I believe you will need to ask @Bobgy to do so. Either way, I suggest one of the two gets implemented. |
Looking at the PRs created by the bot, I am uncertain they would be helpful and it's better to upgrade dependencies when necessary. I am closing this for now. Feel free to reopen when needed. |
Inspired by kubeflow/pipelines#4682 I created a script that will create a config file for depandabot so that it knows what directories to scan. It will scan the repository for files named
*ockerfile*
,package*.json
,*requirements.txt
andgo.*
. It is setup for dockerfiles, npm packages, pip dependencies and gomod at the moment. It is trivial to further customize what folders are selected if further customization is needed. It also parses the closestOWNERS
file for a given dependency listing file, and assigns the relevant approvers and adds the relevant reviewers to the PRs it creates.This is a sibling PR to kubeflow/pipelines#5015, kubeflow/kubeflow#5542, kserve/kserve#1309, kubeflow/arena#403, kubeflow/testing#855, kubeflow/fairing#550, kubeflow/kfp-tekton#432, kubeflow/katib#1420, kubeflow/training-operator#1224 and kubeflow/kfp-tekton-backend#28.
As it stands now, thare are about 5 PRs that will be created with this configuration.
For reference, the PRs that will be created can be found here: https://github.com/DavidSpek/mpi-operator/pulls