From b4c8b64c2ddca699d67d7459a9168a8a36d89e2d Mon Sep 17 00:00:00 2001 From: Jean-Philippe Evrard Date: Mon, 30 Nov 2020 12:03:50 +0100 Subject: [PATCH] Do not bump kubernetes with dependabot Without this patch, we'll get kubernetes updates. This is not necessary, and could be even a problem on merge: those kubernetes updates are done separately, knowingly, to respect the life cycle of the kubernetes we need (and stay one version below latest to have a larger coverage of versions). We could keep dependabot to update those on a lower frequency, but that sounds clunky and not great. Instead disable them all, and rely on the team to do this regular maintenance work. --- .github/dependabot.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 6bf603a..6c159aa 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -10,3 +10,6 @@ updates: directory: "/" schedule: interval: "daily" + ignore: + - dependency-name: "k8s.io/kubectl" + - dependency-name: "k8s.io/apimachinery"