From 3be00b18a168f4f5e02d7f9137f97b5f5efcad9f Mon Sep 17 00:00:00 2001
From: Sebastian Serth <Sebastian.Serth@hpi.de>
Date: Tue, 5 Oct 2021 11:53:46 +0200
Subject: [PATCH] Add dependabot auto updates

---
 .github/auto-merge.yml           | 11 +++++++++++
 .github/dependabot.yml           | 11 +++++++++++
 .github/workflows/dependabot.yml | 15 +++++++++++++++
 3 files changed, 37 insertions(+)
 create mode 100644 .github/auto-merge.yml
 create mode 100644 .github/dependabot.yml
 create mode 100644 .github/workflows/dependabot.yml

diff --git a/.github/auto-merge.yml b/.github/auto-merge.yml
new file mode 100644
index 0000000..ca80427
--- /dev/null
+++ b/.github/auto-merge.yml
@@ -0,0 +1,11 @@
+- match:
+    dependency_type: all
+    update_type: security:minor # includes patch updates!
+
+- match:
+    dependency_type: development
+    update_type: semver:minor # includes patch updates!
+
+- match:
+    dependency_type: production
+    update_type: semver:patch
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
new file mode 100644
index 0000000..4f2fd18
--- /dev/null
+++ b/.github/dependabot.yml
@@ -0,0 +1,11 @@
+version: 2
+
+updates:
+  - package-ecosystem: gomod
+    directory: "/"
+    schedule:
+      interval: daily
+      time: "03:00"
+      timezone: UTC
+    labels:
+      - dependencies
diff --git a/.github/workflows/dependabot.yml b/.github/workflows/dependabot.yml
new file mode 100644
index 0000000..412cf49
--- /dev/null
+++ b/.github/workflows/dependabot.yml
@@ -0,0 +1,15 @@
+name: Dependabot Automerge Check
+on:
+  - pull_request_target
+
+jobs:
+  auto-merge:
+    if: github.actor == 'dependabot[bot]'
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v2
+      - name: Automerge dependabot dependencies
+        uses: ahmadnassri/action-dependabot-auto-merge@v2
+        with:
+          github-token: ${{ secrets.OPENHPI_BOT_TOKEN }}