Add Generate Dependabot YML Workflow

Issue gh-20

.github/actions/generate-dependabot-yml/.eslintignore

@@ -0,0 +1,4 @@
+lib/
+dist/
+node_modules/
+coverage/

.github/actions/generate-dependabot-yml/.gitattributes

@@ -0,0 +1,3 @@
+* text=auto eol=lf
+
+dist/** -diff linguist-generated=true

.github/actions/generate-dependabot-yml/.github/dependabot.template.yml

@@ -0,0 +1,40 @@
+version: 2
+
+registries:
+  spring-milestones:
+    type: maven-repository
+    url: https://repo.spring.io/milestone
+
+updates:
+
+  - package-ecosystem: "gradle"
+    target-branch: "main"
+    directory: "/"
+    schedule:
+      interval: "daily"
+      time: "03:00"
+      timezone: "Etc/UTC"
+    labels: [ "type: dependency-upgrade" ]
+    registries:
+      - "spring-milestones"
+    ignore:
+      - dependency-name: "com.nimbusds:nimbus-jose-jwt" # nimbus-jose-jwt gets updated when oauth2-oidc-sdk is updated to ensure consistency
+      - dependency-name: "org.python:jython" # jython updates break integration tests
+      - dependency-name: "org.apache.directory.server:*" # ApacheDS version > 1.5.5 contains break changes
+      - dependency-name: "org.junit:junit-bom"
+        update-types: [ "version-update:semver-major" ]
+      - dependency-name: "org.mockito:mockito-bom"
+        update-types: [ "version-update:semver-major" ]
+      - dependency-name: "*"
+        update-types: [ "version-update:semver-major", "version-update:semver-minor" ]
+
+#    GitHub Actions
+
+  - package-ecosystem: github-actions
+    target-branch: "main"
+    milestone: -1
+    directory: "/"
+    schedule:
+      interval: weekly
+    ignore:
+      - dependency-name: "sjohnr/*"

.github/actions/generate-dependabot-yml/.gitignore

@@ -0,0 +1,103 @@
+# Dependency directory
+node_modules
+
+# Rest pulled from https://github.com/github/gitignore/blob/master/Node.gitignore
+# Logs
+logs
+*.log
+npm-debug.log*
+yarn-debug.log*
+yarn-error.log*
+lerna-debug.log*
+
+# Diagnostic reports (https://nodejs.org/api/report.html)
+report.[0-9]*.[0-9]*.[0-9]*.[0-9]*.json
+
+# Runtime data
+pids
+*.pid
+*.seed
+*.pid.lock
+
+# Directory for instrumented libs generated by jscoverage/JSCover
+lib-cov
+
+# Coverage directory used by tools like istanbul
+coverage
+*.lcov
+
+# nyc test coverage
+.nyc_output
+
+# Grunt intermediate storage (https://gruntjs.com/creating-plugins#storing-task-files)
+.grunt
+
+# Bower dependency directory (https://bower.io/)
+bower_components
+
+# node-waf configuration
+.lock-wscript
+
+# Compiled binary addons (https://nodejs.org/api/addons.html)
+build/Release
+
+# Dependency directories
+jspm_packages/
+
+# TypeScript v1 declaration files
+typings/
+
+# TypeScript cache
+*.tsbuildinfo
+
+# Optional npm cache directory
+.npm
+
+# Optional eslint cache
+.eslintcache
+
+# Optional REPL history
+.node_repl_history
+
+# Output of 'npm pack'
+*.tgz
+
+# Yarn Integrity file
+.yarn-integrity
+
+# dotenv environment variables file
+.env
+.env.test
+
+# parcel-bundler cache (https://parceljs.org/)
+.cache
+
+# next.js build output
+.next
+
+# nuxt.js build output
+.nuxt
+
+# vuepress build output
+.vuepress/dist
+
+# Serverless directories
+.serverless/
+
+# FuseBox cache
+.fusebox/
+
+# DynamoDB Local files
+.dynamodb/
+
+# OS metadata
+.DS_Store
+Thumbs.db
+
+# Ignore built ts files
+__tests__/runner/*
+
+# IDE files
+.idea
+.vscode
+*.code-workspace

.github/actions/generate-dependabot-yml/.node-version

@@ -0,0 +1 @@
+20.6.0

.github/actions/generate-dependabot-yml/.prettierignore

@@ -0,0 +1,3 @@
+dist/
+node_modules/
+coverage/

.github/actions/generate-dependabot-yml/.prettierrc.json

@@ -0,0 +1,16 @@
+{
+  "printWidth": 80,
+  "tabWidth": 2,
+  "useTabs": false,
+  "semi": false,
+  "singleQuote": true,
+  "quoteProps": "as-needed",
+  "jsxSingleQuote": false,
+  "trailingComma": "none",
+  "bracketSpacing": true,
+  "bracketSameLine": true,
+  "arrowParens": "avoid",
+  "proseWrap": "always",
+  "htmlWhitespaceSensitivity": "css",
+  "endOfLine": "lf"
+}

.github/actions/generate-dependabot-yml/CODEOWNERS

@@ -0,0 +1,3 @@
+# Repository CODEOWNERS
+
+* @actions/actions-oss-maintainers

.github/actions/generate-dependabot-yml/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright GitHub
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

.github/actions/generate-dependabot-yml/README.md

@@ -0,0 +1,3 @@
+# Generate Dependabot YML
+
+Run `npm run bundle` to prepare the `dist` folder before pushing the changes.

.github/actions/generate-dependabot-yml/action.yml

@@ -0,0 +1,28 @@
+name: 'The name of your action here'
+description: 'Provide a description here'
+author: 'Your name or organization here'
+
+# Add your action's branding here. This will appear on the GitHub Marketplace.
+branding:
+  icon: 'heart'
+  color: 'red'
+
+# Define your inputs here.
+inputs:
+  gradle-branches:
+    description: 'The branches for gradle package-ecosystem'
+    required: false
+  github-actions-branches:
+    description: 'The branches for github-actions package-ecosystem'
+    required: false
+  template-file:
+    description: 'The file used as template'
+    required: false
+    default: '.github/dependabot.template.yml'
+  gh-token:
+    description: 'GitHub Token'
+    required: true
+
+runs:
+  using: node20
+  main: dist/index.js