From 25049a7efc78ed121f3d438147c6a8d99ab86c68 Mon Sep 17 00:00:00 2001
From: Your Name <you@example.com>
Date: Wed, 13 Sep 2023 16:13:32 +0000
Subject: [PATCH] Onboard dependabot workflows

---
 .github/dependabot.yml                         | 18 +++++++++++-------
 .github/workflows/approve-dependabot-pr.yml    |  9 +++++++++
 .../workflows/release-dependabot-updates.yml   | 18 ++++++++++++++++++
 3 files changed, 38 insertions(+), 7 deletions(-)
 create mode 100644 .github/workflows/approve-dependabot-pr.yml
 create mode 100644 .github/workflows/release-dependabot-updates.yml

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index 26f36b4..c058b29 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -4,18 +4,22 @@ updates:
   directory: "/"
   schedule:
     interval: daily
-  open-pull-requests-limit: 10
+  ignore:
+  - dependency-name: "github.com/goadesign/goa"
+    update-types: ["version-update:semver-minor", "version-update:semver-major"]
+  - dependency-name: "github.com/aws/aws-sdk-go"
+    update-types: ["version-update:semver-patch"]
   labels:
     - "dependencies"
-  commit-message:
-    prefix: "feat"
-    include: "scope"
 - package-ecosystem: "docker"
   directory: "/"
   schedule:
     interval: "weekly"
   labels:
     - "dependencies"
-  commit-message:
-    prefix: "feat"
-    include: "scope"
+- package-ecosystem: "github-actions"
+  directory: "/"
+  schedule:
+    interval: "weekly"
+  labels:
+    - "dependencies"
diff --git a/.github/workflows/approve-dependabot-pr.yml b/.github/workflows/approve-dependabot-pr.yml
new file mode 100644
index 0000000..c969941
--- /dev/null
+++ b/.github/workflows/approve-dependabot-pr.yml
@@ -0,0 +1,9 @@
+name: Approve dependabot PR
+
+on: pull_request
+
+jobs:
+  approve:
+    uses: adevinta/vulcan-cicd/.github/workflows/approve-dependabot-pr.yml@v1
+    secrets:
+      PAT: ${{ secrets.DEPENDABOT_AUTOMERGE_TOKEN }}
diff --git a/.github/workflows/release-dependabot-updates.yml b/.github/workflows/release-dependabot-updates.yml
new file mode 100644
index 0000000..7815782
--- /dev/null
+++ b/.github/workflows/release-dependabot-updates.yml
@@ -0,0 +1,18 @@
+name: Release dependabot updates
+
+on:
+
+  # To generate a release on every update
+  # push:
+  #  branches: master
+
+  # To group dependabot updates in the same release
+  schedule:
+    - cron: '30 5 * * *'
+
+  # To allow manual execution
+  workflow_dispatch:
+
+jobs:
+  release:
+    uses: adevinta/vulcan-cicd/.github/workflows/release-dependabot-updates.yml@v1