pez-infra/.github/workflows
Rasmus "Pez" Wejlgaard 7b2552fea5
Some checks are pending
Deploy (on merge) / Discover hosts (push) Waiting to run
Deploy (on merge) / deploy (push) Blocked by required conditions
chore: fix dependabot PRs (#118)
* chore: add dependabot config

Add Dependabot for the three supported ecosystems in this repo:
GitHub Actions, Terraform (root + grafana/hetzner/pagerduty modules),
and Docker (service compose files + dotfile Dockerfiles). Weekly
schedule with per-ecosystem grouping to keep PR noise down.

* ci: make terraform validation work on dependabot PRs

Dependabot PRs run with no access to repository secrets and a read-only
token, so the SOPS decrypt step (and the PR-comment step) fail. Give
Dependabot a secret-free path: stub the secrets.yaml keys it reads and
run init -backend=false + validate, skipping decrypt/plan/comment. Human
PRs are unchanged and still get a full plan.
2026-06-03 19:29:23 +01:00
..
_deploy-core.yml Update cache action (#111) 2026-05-16 11:13:38 +01:00
deploy-on-merge.yml ci: serialize terraform and deploy runs with concurrency guards (#114) 2026-06-02 19:39:13 +01:00
deploy.yml hotfix: broken pipeline (#109) 2026-05-15 20:19:56 +01:00
lint-ansible.yml fix: update checkout version to dodge deprecation (#77) 2026-04-26 18:13:38 +01:00
lint-docker-compose.yml fix: update checkout version to dodge deprecation (#77) 2026-04-26 18:13:38 +01:00
terraform.yml ci: serialize terraform and deploy runs with concurrency guards (#114) 2026-06-02 19:39:13 +01:00
validate-caddyfile.yml fix: update checkout version to dodge deprecation (#77) 2026-04-26 18:13:38 +01:00
validate-terraform.yml chore: fix dependabot PRs (#118) 2026-06-03 19:29:23 +01:00