This action runs dependabot for Clojure (lein) projects using a fork of
dependabot/dependabot-core that has support for lein.
The action executes the update.rb script using a trimmed down version of the
Dockerfile from dependabot-core which contains only what is required to run
updates on lein projects. The image is pushed to
ghcr.io/cga1123/dependabot-lein-runner.
It uses the following variables:
token the github access token to use to both check the private repositories and create pull requests (may be the GitHub Actions token or a personal access token)registries any github packages maven repository urls for private packages (comma separated, default '')directory the directory to look for project.clj within (default '/')repository the repo to update in owner/repo formatExample daily workflow within for a single repo:
name: Daily Scheduled Bump
on:
workflow_dispatch:
schedule:
- cron: '30 9 * * *'
jobs:
update:
runs-on: ubuntu-latest
steps:
- uses: CGA1123/dependabot-lein-runner@main
with:
token: ${{ github.token }}
repository: ${{ github.repository }}
directory: '/' # can be ommited
registries: '' # can be ommitedExample workflow for multiple repos (must use a Personal Access Token in order to open PRs in repositories which are not the repository the action is running in):
name: Daily Scheduled Bump
on:
workflow_dispatch:
schedule:
- cron: '30 9 * * *'
jobs:
update:
name: Update
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
projects:
- repository: CGA1123/dependabot-lein-runner
directory: '/dummy'
steps:
- uses: CGA1123/dependabot-lein-runner@main
with:
token: ${{ secrets.PERSONAL_TOKEN }}
repository: ${{ matrix.projects.repository }}
directory: ${{ matrix.projects.directory }}