Enable GitHub actions scanning for updates with dependabot

gr-oss-devops · Mar 13, 2024 · e5a4487 · e5a4487
1 parent 172c677
commit e5a4487
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 2 deletions.
diff --git a/.github/actions/setup-go-cache/action.yml b/.github/actions/setup-go-cache/action.yml
@@ -30,7 +30,7 @@ runs:
       shell: bash
       run: echo path=$(go env GOCACHE) >> $GITHUB_OUTPUT
 
-    - uses: actions/cache@v3
+    - uses: actions/cache@v4
       with:
         path: ${{ steps.cache-info.outputs.path }}
         key: ${{ inputs.cache-prefix }}-go-${{ steps.setup-go.outputs.go-version }}-mod-${{ hashFiles('go.sum') }}
@@ -43,7 +43,7 @@ runs:
 
     - name: Setup tools cache
       if: ${{ inputs.cache-tools == 'true' }}
-      uses: actions/cache@v3
+      uses: actions/cache@v4
       id: tools-cache
       with:
         path: ${{ steps.tools-cache-info.outputs.path }}

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -3,6 +3,14 @@
 
 version: 2
 updates:
+
+  # Enable version updated for GitHub actions used in workflows 
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      # Check for updates to GitHub Actions every week
+      interval: "weekly"
+
   # Enable version updates for npm
   - package-ecosystem: "npm"
     # Look for `package.json` and `lock` files in the `internal/lookout` directory