This action runs dependabot for Clojure (lein) projects using a fork of
dependabot/dependabot-core
that has support for lein.
The action executes the update.rb
script using a trimmed down version of the
Dockerfile
from dependabot-core
which contains only what is required to run
updates on lein
projects. The image is pushed to
ghcr.io/cga1123/dependabot-lein-runner
.
It uses the following variables:
token
the github access token to use to both check the private repositories and create pull requests (may be the GitHub Actions token or a personal access token)registries
any github packages maven repository urls for private packages (comma separated, default''
)directory
the directory to look forproject.clj
within (default'/'
)repository
the repo to update inowner/repo
format
Example daily workflow within for a single repo:
name: Daily Scheduled Bump
on:
workflow_dispatch:
schedule:
- cron: '30 9 * * *'
jobs:
update:
runs-on: ubuntu-latest
steps:
- uses: CGA1123/dependabot-lein-runner@main
with:
token: ${{ github.token }}
repository: ${{ github.repository }}
directory: '/' # can be ommited
registries: '' # can be ommited
Example workflow for multiple repos (must use a Personal Access Token in order to open PRs in repositories which are not the repository the action is running in):
name: Daily Scheduled Bump
on:
workflow_dispatch:
schedule:
- cron: '30 9 * * *'
jobs:
update:
name: Update
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
projects:
- repository: CGA1123/dependabot-lein-runner
directory: '/dummy'
steps:
- uses: CGA1123/dependabot-lein-runner@main
with:
token: ${{ secrets.PERSONAL_TOKEN }}
repository: ${{ matrix.projects.repository }}
directory: ${{ matrix.projects.directory }}