From fc2e89fc3407ea4c3afacc1776ea09df717355e6 Mon Sep 17 00:00:00 2001
From: John Mulligan <jmulligan@redhat.com>
Date: Mon, 14 Nov 2022 15:50:26 -0500
Subject: [PATCH] github: enable dependabot for github-actions

Turns out the dependabot tool can also indicate what github actions we
are using can be updated. This can be handy in avoiding the warnings
that github throws up all over an action that relies on a deprecated
feature. Use a monthly update just like go modules to avoid being
pestered all the time.

Signed-off-by: John Mulligan <jmulligan@redhat.com>
---
 .github/dependabot.yml | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index b7fdfae..b9d0af3 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -10,3 +10,12 @@ updates:
       - "no-API"
     commit-message:
       prefix: "go-ceph"
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "monthly"
+    rebase-strategy: disabled
+    labels:
+      - "no-API"
+    commit-message:
+      prefix: "go-ceph"