Merge branch 'dependabot' into 'main'

chore: add dependabot config

See merge request unboundsoftware/shiny/auth0mock!6

.gitlab-ci.yml

@@ -1,9 +1,12 @@
 include:
-  - template: 'Workflows/MergeRequest-Pipelines.gitlab-ci.yml'
+- template: 'Workflows/MergeRequest-Pipelines.gitlab-ci.yml'
+- project: 'unboundsoftware/dependabot-staged-flow'
+  file: '.gitlab-ci.yml'
 
 stages:
-  - build
-  - acctest
+- build
+- acctest
+- dependabot
 
 variables:
   DOCKER_HOST: tcp://docker:2376
@@ -12,20 +15,28 @@ variables:
   DOCKER_CERT_PATH: "$DOCKER_TLS_CERTDIR/client"
   DOCKER_DRIVER: overlay2
 
+.exclude_from_schedule: &not_on_schedule
+  rules:
+  - if: $CI_PIPELINE_SOURCE == "schedule"
+    when: never
+  - when: always
+
 image: buildtool/build-tools:${BUILDTOOLS_VERSION}
 
 build:
+  <<: *not_on_schedule
   stage: build
   services:
   - docker:dind
   script:
-    - build
-    - push
+  - build
+  - push
   artifacts:
     paths:
-      - k8s
+    - k8s
 
 acceptance-test:
+  <<: *not_on_schedule
   stage: acctest
   variables:
     AUTH0MOCK_COMMIT: ${CI_COMMIT_SHA}

.gitlab/dependabot.yml

@@ -0,0 +1,17 @@
+# To get started with Dependabot version updates, you'll need to specify which
+# package ecosystems to update and where the package manifests are located.
+# Please see the documentation for all configuration options:
+# https://help.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
+
+version: 2
+updates:
+- package-ecosystem: "npm"
+  directory: "/"
+  schedule:
+    interval: "daily"
+  open-pull-requests-limit: 20
+- package-ecosystem: "docker"
+  directory: "/"
+  schedule:
+    interval: "daily"
+  open-pull-requests-limit: 20