From 1af70aa5fcb7748cef3f9acacd8f79f34cd94f0a Mon Sep 17 00:00:00 2001 From: Andrew Kroh Date: Thu, 8 Jun 2023 19:27:05 -0400 Subject: [PATCH] dependabot - Segment by responsible team (#35723) Segment the dependabot config based on the responsible GitHub team in order to make it more clear who is responsible for approving the change. The idea is that the responsible team is in the best position to know if the dependency should be updated, whether it should be backported, and what should be listed in the changelog. --- .github/CODEOWNERS | 1 + .github/dependabot.yml | 61 +++++++++++++++++++++++++++++++++++++----- 2 files changed, 56 insertions(+), 6 deletions(-) diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index 97d5edd24f4..056aff10854 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -109,6 +109,7 @@ CHANGELOG* /x-pack/filebeat/input/azureblobstorage/ @elastic/security-external-integrations /x-pack/filebeat/input/azureeventhub/ @elastic/obs-cloud-monitoring /x-pack/filebeat/input/cel/ @elastic/security-external-integrations +/x-pack/filebeat/input/cometd/ @elastic/obs-infraobs-integrations /x-pack/filebeat/input/entityanalytics/ @elastic/security-external-integrations /x-pack/filebeat/input/gcppubsub/ @elastic/security-external-integrations /x-pack/filebeat/input/gcs/ @elastic/security-external-integrations diff --git a/.github/dependabot.yml b/.github/dependabot.yml index ecb9a52d677..0238179f29c 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -1,15 +1,64 @@ --- version: 2 +# This section is segmented by the responsible GitHub teams in order +# to make it clear who is responsible for reviewing. updates: - - package-ecosystem: "gomod" - directory: "/" + - package-ecosystem: gomod + directory: / schedule: - interval: "daily" + interval: daily labels: - automation + - dependabot - Team:Elastic-Agent-Data-Plane allow: - - dependency-name: "github.com/elastic/*" + - dependency-name: github.com/elastic/elastic-agent-autodiscover + - dependency-name: github.com/elastic/elastic-agent-client/* + - dependency-name: github.com/elastic/elastic-agent-libs + - dependency-name: github.com/elastic/elastic-agent-shipper-client + - dependency-name: github.com/elastic/elastic-agent-system-metrics + - dependency-name: github.com/elastic/go-concert + - dependency-name: github.com/elastic/go-elasticsearch/* + - dependency-name: github.com/elastic/go-licenser + - dependency-name: github.com/elastic/go-lookslike + - dependency-name: github.com/elastic/go-lumber + - dependency-name: github.com/elastic/go-structform + - dependency-name: github.com/elastic/go-sysinfo + - dependency-name: github.com/elastic/go-ucfg + - dependency-name: github.com/elastic/gosigar + - dependency-name: go.elastic.co/apm/* + - dependency-name: go.elastic.co/ecszap + - dependency-name: go.elastic.co/go-licence-detector reviewers: - - "elastic/elastic-agent-data-plane" - open-pull-requests-limit: 10 + - elastic/elastic-agent-data-plane + open-pull-requests-limit: 2 + - package-ecosystem: gomod + directory: / + schedule: + interval: daily + labels: + - automation + - dependabot + - Team:Security-External Integrations + allow: + # Skip github.com/elastic/mito because it requires documentation updates. + - dependency-name: github.com/elastic/go-libaudit/* + - dependency-name: github.com/elastic/go-perf + - dependency-name: github.com/elastic/go-seccomp-bpf + - dependency-name: github.com/elastic/toutoumomoma + reviewers: + - elastic/security-external-integrations + open-pull-requests-limit: 2 + - package-ecosystem: gomod + directory: / + schedule: + interval: daily + labels: + - automation + - dependabot + - Team:Service-Integrations + allow: + - dependency-name: github.com/elastic/bayeux + reviewers: + - elastic/obs-infraobs-integrations + open-pull-requests-limit: 2