github: enable dependabot for github-actions

Turns out the dependabot tool can also indicate what github actions we are using can be updated. This can be handy in avoiding the warnings that github throws up all over an action that relies on a deprecated feature. Use a monthly update just like go modules to avoid being pestered all the time. Signed-off-by: John Mulligan <jmulligan@redhat.com>
2022-11-14 15:50:26 -05:00 · 2022-11-14 15:50:26 -05:00 · fc2e89fc34
parent 1e38f58833
commit fc2e89fc34
1 changed files with 9 additions and 0 deletions
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@ -10,3 +10,12 @@ updates:
      - "no-API"
    commit-message:
      prefix: "go-ceph"
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "monthly"
+    rebase-strategy: disabled
+    labels:
+      - "no-API"
+    commit-message:
+      prefix: "go-ceph"