Org: Add dependabot to the kubernetes-client organization.

Created on 21 Jun 2019  路  13Comments  路  Source: kubernetes/org

Organization or repository

kubernetes-client/javascript

Name of integration

dependabot

Link to integration website

https://github.com/marketplace/dependabot-preview

Describe what is attempting to be accomplished

Dependabot automatically sends PRs for updates to dependencies due to security issues.

Additional context for request

N/A

Thanks!

aregithub-integration
Source
picture brendandburns

Most helpful comment

I opened a PR earlier today (https://github.com/kubernetes/test-infra/pull/13445) to get the regex in place. Still need to figure out the CLA stuff though.

picture cblecker on 15 Jul 2019
👍2

All 13 comments

Hey @brendandburns! I've been investigating this.. GitHub now integrates dependabot right into your repo settings, but there have been two issues in testing:

  • It opens branches directly on your repo (not a fork), so these new branches get protected by prow
  • The bot doesn't have a CLA signed, so it gets blocked on the CLA context

We're working on both of these, and I'll let you know when we make progress

/assign

cblecker picture cblecker on 22 Jun 2019

@cblecker Thanks, I'm happy to guinea pig test anything you need, this will save us a bunch of time.

brendandburns picture brendandburns on 25 Jun 2019

One puzzle piece is in place: https://github.com/kubernetes/test-infra/pull/13016

This will allow is to exempt these branches from protection, so we can clean them up.

cblecker picture cblecker on 29 Jun 2019

a polite bump, any updates in this thread?

yue9944882 picture yue9944882 on 15 Jul 2019

I opened a PR earlier today (https://github.com/kubernetes/test-infra/pull/13445) to get the regex in place. Still need to figure out the CLA stuff though.

cblecker picture cblecker on 15 Jul 2019
👍2

Poked CLA issue again: https://github.com/cncf/foundation/issues/3#issuecomment-511532076

cblecker picture cblecker on 15 Jul 2019

Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.

If this issue is safe to close now please do so with /close.

Send feedback to sig-testing, kubernetes/test-infra and/or fejta.
/lifecycle stale

fejta-bot picture fejta-bot on 13 Oct 2019

/remove-lifecycle stale

cblecker picture cblecker on 15 Oct 2019

kubernetes/dashboard repo also uses dependabot and faces same problem.

shu-mutou picture shu-mutou on 17 Dec 2019
👍1

Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.

If this issue is safe to close now please do so with /close.

Send feedback to sig-testing, kubernetes/test-infra and/or fejta.
/lifecycle stale

fejta-bot picture fejta-bot on 16 Mar 2020

/remove-lifecycle stale

nikhita picture nikhita on 16 Mar 2020

This is now enabled and is functional on https://github.com/kubernetes-client/javascript/network/alerts

/close

cblecker picture cblecker on 17 Mar 2020

@cblecker: Closing this issue.

In response to this:

This is now enabled and is functional on https://github.com/kubernetes-client/javascript/network/alerts

/close

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

k8s-ci-robot picture k8s-ci-robot on 17 Mar 2020
Was this page helpful?
0 / 5 - 0 ratings

Related issues

savitharaghunathan picture savitharaghunathan  路  3Comments
lpabon picture lpabon  路  3Comments
camilamacedo86 picture camilamacedo86  路  3Comments
Raffo picture Raffo  路  3Comments
rlenferink picture rlenferink  路  3Comments