From 1cea37b3978433e4a9e32a15fdf82967470ce94d Mon Sep 17 00:00:00 2001
From: Jordan Acosta <jordanjacosta@gmail.com>
Date: Thu, 7 Dec 2023 10:57:15 -0800
Subject: [PATCH 1/2] feat: ignore local TF dev files

---
 .gitignore | 2 ++
 1 file changed, 2 insertions(+)
 create mode 100644 .gitignore

diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..7a78a0a
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,2 @@
+# ignore local TF dev files
+.terraform

From 40720dae35242f7317199df53a9a116613348be0 Mon Sep 17 00:00:00 2001
From: Jordan Acosta <jordanjacosta@gmail.com>
Date: Thu, 7 Dec 2023 11:49:03 -0800
Subject: [PATCH 2/2] feat: add release tagging

This just versions the entire repo. As we add more sandboxes we'll
probably want to tracka and tag versions for each, but this is good
enough to get started.
---
 .github/CODEOWNERS            |  1 +
 .github/dependabot.yml        |  8 +++++++
 .github/workflows/release.yml | 42 +++++++++++++++++++++++++++++++++++
 3 files changed, 51 insertions(+)
 create mode 100644 .github/CODEOWNERS
 create mode 100644 .github/dependabot.yml
 create mode 100644 .github/workflows/release.yml

diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS
new file mode 100644
index 0000000..fc4cac4
--- /dev/null
+++ b/.github/CODEOWNERS
@@ -0,0 +1 @@
+* @nuonco/team
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
new file mode 100644
index 0000000..af374dd
--- /dev/null
+++ b/.github/dependabot.yml
@@ -0,0 +1,8 @@
+# See GitHub's documentation for more information on this file:
+# https://docs.github.com/en/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/configuration-options-for-dependency-updates
+version: 2
+updates:
+  - package-ecosystem: "gomod"
+    directory: "/"
+    schedule:
+      interval: "daily"
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
new file mode 100644
index 0000000..931ddc4
--- /dev/null
+++ b/.github/workflows/release.yml
@@ -0,0 +1,42 @@
+---
+name: release
+on:
+  push:
+    branches:
+      - main
+
+permissions:
+  contents: write
+  id-token: write
+  issues: read
+  packages: write
+  pull-requests: write
+  statuses: write
+  actions: read
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.head_ref || github.ref }}
+  cancel-in-progress: false
+
+defaults:
+  run:
+    shell: bash
+
+jobs:
+  bump_tag:
+    name: bump tag
+    runs-on: ubuntu-latest
+    steps:
+      - name: Determine next version
+        id: semver
+        uses: ietf-tools/semver-action@v1
+        with:
+          token: ${{ secrets.GITHUB_TOKEN }}
+          branch: main
+          patchAll: true
+
+      - name: Push tag
+        uses: mathieudutour/github-tag-action@v6.1
+        with:
+          github_token: ${{ secrets.GITHUB_TOKEN }}
+          custom_tag: ${{ steps.semver.outputs.nextStrict }}