Update dependabot.yaml for security updates

Testing if dependabot can create security pull request for release-2.6, 2.7 and 2.8 branches. I am trying to cheat with a separate `updates` entry per branch. Most likely dependabot cannot bump only security-relevan dependencies in older branches, see dependabot/dependabot-core#2767 (comment)
kubernetes-csi · Jun 14, 2023 · 7d199b7 · 7d199b7
1 parent c9200e1
commit 7d199b7
Showing 1 changed file with 35 additions and 0 deletions.
diff --git a/.github/dependabot.yaml b/.github/dependabot.yaml
@@ -9,6 +9,40 @@ updates:
     - "release-note-none"
     - "ok-to-test"
   open-pull-requests-limit: 10
+
+- package-ecosystem: gomod
+  directory: "/"
+  schedule:
+    interval: daily
+  labels:
+    - "area/dependency"
+    - "release-note-none"
+    - "ok-to-test"
+  open-pull-requests-limit: 0
+  target-branch: "release-2.6"
+
+- package-ecosystem: gomod
+  directory: "/"
+  schedule:
+    interval: daily
+  labels:
+    - "area/dependency"
+    - "release-note-none"
+    - "ok-to-test"
+  open-pull-requests-limit: 0
+  target-branch: "release-2.7"
+
+- package-ecosystem: gomod
+  directory: "/"
+  schedule:
+    interval: daily
+  labels:
+    - "area/dependency"
+    - "release-note-none"
+    - "ok-to-test"
+  open-pull-requests-limit: 0
+  target-branch: "release-2.8"
+
 - package-ecosystem: "github-actions"
   directory: "/"
   schedule:
@@ -18,3 +52,4 @@ updates:
     - "release-note-none"
     - "ok-to-test"
   open-pull-requests-limit: 10
+