Skip to content

chore(ci): Add Docker paths via globs to dependabot and update Dockerfiles to pin sha256 #1960

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Jul 22, 2025
Merged

chore(ci): Add Docker paths via globs to dependabot and update Dockerfiles to pin sha256 #1960

merged 2 commits into from
Jul 22, 2025

Conversation

phipag
Copy link
Contributor

@phipag phipag commented Jul 22, 2025
edited
Loading

Summary

Updates the paths in dependabot.yaml using globs to reference the Dockerfiles in the examples folder. Also adds other Dockerfiles.

According to the dependabot docs globs are supported: https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/controlling-dependencies-updated#defining-multiple-locations-for-manifest-files

Changes

Follow-up of #1948.

Also removes auto-merging workflow of dependabot PRs. It didn't work previously but we also don't want to auto-merge at the moment.

Issue number: #1947

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

Disclaimer: We value your time and bandwidth. As such, any pull requests created on non-triaged issues might not be successful.

@phipag phipag requested a review from leandrodamascena July 22, 2025 08:12
@phipag phipag self-assigned this Jul 22, 2025
@phipag phipag added dependencies Pull requests that update a dependency file maintenance labels Jul 22, 2025
@pull-request-size pull-request-size bot added size/M and removed size/S labels Jul 22, 2025
@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@phipag phipag merged commit f8cc952 into main Jul 22, 2025
15 of 16 checks passed
@phipag phipag deleted the phipag/dependabot-docker branch July 22, 2025 08:48
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@leandrodamascena leandrodamascena leandrodamascena approved these changes

Assignees

@phipag phipag

Labels
dependencies Pull requests that update a dependency file maintenance size/M
Projects
Powertools for AWS Lambda (Java)
Status: Coming soon
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@phipag @leandrodamascena