Skip to content

Add dependabot config for GitHub Actions version updates#9033

Merged
knative-prow[bot] merged 2 commits intoknative:mainfrom
Ankitsinghsisodya:add/dependabot-github-actions
Apr 23, 2026
Merged

Add dependabot config for GitHub Actions version updates#9033
knative-prow[bot] merged 2 commits intoknative:mainfrom
Ankitsinghsisodya:add/dependabot-github-actions

Conversation

@Ankitsinghsisodya
Copy link
Copy Markdown
Contributor

@Ankitsinghsisodya Ankitsinghsisodya commented Apr 21, 2026
edited
Loading

Closes #9034

Summary

Test plan

  • Verify dependabot opens PRs for outdated actions after merge

Copilot AI review requested due to automatic review settings April 21, 2026 17:42
@knative-prow knative-prow Bot added the size/S Denotes a PR that changes 10-29 lines, ignoring generated files. label Apr 21, 2026
@knative-prow knative-prow Bot requested review from Leo6Leo and matzew April 21, 2026 17:42
@knative-prow knative-prow Bot added the needs-ok-to-test Indicates a PR that requires an org member to verify it is safe to test. label Apr 21, 2026
@knative-prow
Copy link
Copy Markdown

knative-prow Bot commented Apr 21, 2026

Hi @Ankitsinghsisodya. Thanks for your PR.

I'm waiting for a knative member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work.

Tip

We noticed you've done this a few times! Consider joining the org to skip this step and gain /lgtm and other bot rights. We recommend asking approvers on your previous PRs to sponsor you.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

@Ankitsinghsisodya Ankitsinghsisodya force-pushed the add/dependabot-github-actions branch from ab98f0a to 0223adc Compare April 21, 2026 17:45
Copilot AI reviewed Apr 21, 2026
View reviewed changes
Copy link
Copy Markdown

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Adds Dependabot configuration to automate GitHub Actions dependency updates, and aligns Slack notification action versions used in workflows.

Changes:

  • Add .github/dependabot.yml enabling weekly updates for the github-actions ecosystem.
  • Bump rtCamp/action-slack-notify to v2.3.3 in the weekly Slack reminder workflow.
  • Bump rtCamp/action-slack-notify to v2.3.3 in the KinD e2e workflow failure notification.

Reviewed changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated 5 comments.

File Description
.github/dependabot.yml Introduces Dependabot config to check GitHub Actions dependencies weekly.
.github/workflows/weekly-office-hours-slack-reminder.yaml Updates Slack notification action version for the scheduled reminder.
.github/workflows/kind-e2e.yaml Updates Slack notification action version for e2e failure alerts.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread .github/workflows/weekly-office-hours-slack-reminder.yaml Outdated
Comment thread .github/dependabot.yml
Comment thread .github/workflows/weekly-office-hours-slack-reminder.yaml Outdated
Comment thread .github/dependabot.yml
Comment thread .github/workflows/kind-e2e.yaml Outdated
@knative-prow knative-prow Bot added size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. and removed size/S Denotes a PR that changes 10-29 lines, ignoring generated files. labels Apr 21, 2026
@codecov
Copy link
Copy Markdown

codecov Bot commented Apr 21, 2026
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 51.06%. Comparing base (32bc524) to head (3691522).
⚠️ Report is 11 commits behind head on main.

Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #9033      +/-   ##
==========================================
- Coverage   51.07%   51.06%   -0.01%     
==========================================
  Files         409      409              
  Lines       21999    21997       -2     
==========================================
- Hits        11236    11233       -3     
+ Misses       9903     9901       -2     
- Partials      860      863       +3

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@Ankitsinghsisodya Ankitsinghsisodya mentioned this pull request Apr 21, 2026
Open
creydr
creydr requested changes Apr 23, 2026
View reviewed changes
Copy link
Copy Markdown
Member

@creydr creydr left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we group those updates into one PR (like here). Also please check on the ignore similar to https://github.com/knative/serving/blob/main/.github/dependabot.yaml

@knative-prow knative-prow Bot added size/S Denotes a PR that changes 10-29 lines, ignoring generated files. and removed size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. labels Apr 23, 2026
@Ankitsinghsisodya
Copy link
Copy Markdown
Contributor Author

Ankitsinghsisodya commented Apr 23, 2026

Can we group those updates into one PR (like here). Also please check on the ignore similar to https://github.com/knative/serving/blob/main/.github/dependabot.yaml

Done!

@creydr
Copy link
Copy Markdown
Member

creydr commented Apr 23, 2026

/ok-to-test
/lgtm
/approve

@knative-prow knative-prow Bot added lgtm Indicates that a PR is ready to be merged. ok-to-test Indicates a non-member PR verified by an org member that is safe to test. and removed needs-ok-to-test Indicates a PR that requires an org member to verify it is safe to test. labels Apr 23, 2026
@knative-prow
Copy link
Copy Markdown

knative-prow Bot commented Apr 23, 2026

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: Ankitsinghsisodya, creydr

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@knative-prow knative-prow Bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Apr 23, 2026
@knative-prow knative-prow Bot merged commit 12b12a3 into knative:main Apr 23, 2026
37 of 39 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@creydr creydr creydr requested changes

@Leo6Leo Leo6Leo Awaiting requested review from Leo6Leo

@matzew matzew Awaiting requested review from matzew

Assignees

@creydr creydr

Labels

approved Indicates a PR has been approved by an approver from all required OWNERS files. lgtm Indicates that a PR is ready to be merged. ok-to-test Indicates a non-member PR verified by an org member that is safe to test. size/S Denotes a PR that changes 10-29 lines, ignoring generated files.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Add dependabot config to auto-bump GitHub Actions versions

3 participants

@Ankitsinghsisodya @creydr