chore: bump go and vault versions, add dependabot (#2245)

* chore: bump go and vault versions, add dependabot * Update .github/dependabot.yml
hashicorp · Jun 10, 2024 · 3fca3dd · 3fca3dd
1 parent 05ce7ce
commit 3fca3dd
Show file tree

Hide file tree

Showing 3 changed files with 26 additions and 4 deletions.
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -0,0 +1,22 @@
+# See GitHub's docs for more information on this file:
+# https://docs.github.com/en/free-pro-team@latest/github/administering-a-repository/configuration-options-for-dependency-updates
+version: 2
+updates:
+  # Dependabot only updates hashicorp GHAs, external GHAs are managed by internal tooling (tsccr)
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+    allow:
+      - dependency-name: "hashicorp/*"
+  # Defines a group by package name, for security updates for golang dependencies
+  - package-ecosystem: "gomod"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+    groups:
+      golang:
+        applies-to: security-updates
+        patterns:
+          - "golang.org*"
+          - "google.golang.org*"
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -66,9 +66,9 @@ jobs:
         - "vault-enterprise:1.11.12-ent"
         - "vault-enterprise:1.12.11-ent"
         - "vault-enterprise:1.13.13-ent"
-        - "vault-enterprise:1.14.11-ent"
-        - "vault-enterprise:1.15.7-ent"
-        - "vault-enterprise:1.16.1-ent"
+        - "vault-enterprise:1.14.12-ent"
+        - "vault-enterprise:1.15.8-ent"
+        - "vault-enterprise:1.16.2-ent"
         - "vault:latest"
     services:
       vault:

diff --git a/.go-version b/.go-version
@@ -1 +1 @@
-1.21.6
+1.22.3