diff --git a/.github/dependabot.template.yml b/.github/dependabot.template.yml
new file mode 100644
index 00000000..652cbe92
--- /dev/null
+++ b/.github/dependabot.template.yml
@@ -0,0 +1,27 @@
+---
+version: 2
+registries:
+  ghcr:
+    type: docker-registry
+    url: ghcr.io
+    username: PAT
+    password: ${{ secrets.CONTAINER_BUILDER_TOKEN }}
+updates:
+  - package-ecosystem: "bundler"
+    directory: "/"
+    schedule:
+      interval: "daily"
+    open-pull-requests-limit: 20
+    vendor: true
+  - package-ecosystem: "docker"
+    directory: "/"
+    registries:
+      - ghcr
+    schedule:
+      interval: "daily"
+    open-pull-requests-limit: 20
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "daily"
+    open-pull-requests-limit: 20
diff --git a/.github/workflows/add-dependabot-pr-to-project.yml b/.github/workflows/add-dependabot-pr-to-project.yml
new file mode 100644
index 00000000..115aa6c3
--- /dev/null
+++ b/.github/workflows/add-dependabot-pr-to-project.yml
@@ -0,0 +1,22 @@
+---
+name: Assign Dependabot PR to Compute Foundation Project
+
+on:
+  workflow_dispatch:
+  pull_request:
+    types: [opened, reopened, labeled]
+
+permissions:
+  contents: read
+  pull-requests: write
+
+jobs:
+  add-to-project:
+    name: Add to Compute Foundation Project Board
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/add-to-project@v0.5.0
+        with:
+          project-url: https://github.com/orgs/github/projects/5753/ # Compute Foundation Project Board
+          github-token: ${{ secrets.ADD_TO_PROJECT_PAT }}
+          labeled: dependencies,external-dependency
diff --git a/.github/workflows/generate-dependabot.yml b/.github/workflows/generate-dependabot.yml
new file mode 100644
index 00000000..3519fe7e
--- /dev/null
+++ b/.github/workflows/generate-dependabot.yml
@@ -0,0 +1,27 @@
+---
+name: Generate dependabot.yml
+
+on:
+  push:
+  repository_dispatch:
+  workflow_dispatch:
+
+permissions:
+  contents: write
+  pull-requests: write
+
+jobs:
+  generate:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Generate dependabot.yml
+        uses: Makeshift/generate-dependabot-glob-action@5cd45385ce6519f68d574aab9699832b3a5e5031 # v1.3.4
+
+      - name: Create Pull Request
+        uses: peter-evans/create-pull-request@b1ddad2c994a25fbc81a28b3ec0e368bb2021c50 # v6.0.0
+        with:
+          title: '[Automated] Update dependabot.yml'
+          body: |
+            This PR was automatically generated by the generate-dependabot.yml workflow.