Use dependabot for Docker

You can get Dependabot to help you with keeping your Docker files up to date with their base images.

# Basic dependabot.yml file 
# REF: https://docs.github.com/en/code-security/supply-chain-security/keeping-your-actions-up-to-date-with-dependabot

version: 2
updates:
  # Enable version updates for Docker
  - package-ecosystem: "docker"
    # Look for a `Dockerfile` in the `root` directory
    directory: "/"
    # Check for updates once a week
    schedule:
      interval: "weekly"
    # Assign pull requests to an assignee

Resources and References

GitHub Documentation, supported eco-systems
GitHub Documentation: “Keeping your actions up to date with Dependabot”

til

Today I Learned: collection of notes, tips and tricks and stuff I learn from day to day working with computers and technology as an open source contributor and product manager

Use dependabot for Docker

Resources and References