name: Update dependabot.yml

on:
  workflow_dispatch:
  schedule:
    - cron: '0 0 * * *' # Once per day at midnight UTC

permissions:
  contents: read

jobs:

  get-supported-branches:
    uses: spring-io/spring-security-release-tools/.github/workflows/retrieve-spring-supported-versions.yml@d615a5694c761901330655fdd0e3721dc4ccf0fe
    with:
      project: spring-security
      type: oss

  main:
    runs-on: ubuntu-latest
    needs: [get-supported-branches]
    if: ${{ (github.repository == 'spring-projects/spring-security') && (github.ref == 'refs/heads/main') }}
    permissions:
      contents: write
    steps:
      - uses: actions/checkout@v4
        with:
          fetch-depth: 1
      - uses: marcusdacoregio/generate-dependabot-yml@380cfc736e153864e970429ea6a640ce46953a17
        name: Update dependabot.yml
        with:
          gradle-branches: ${{ needs.get-supported-branches.outputs.supported_versions }},main
          github-actions-branches: ${{ needs.get-supported-branches.outputs.supported_versions }},main,docs-build
          gh-token: ${{ secrets.GITHUB_TOKEN }}
      - uses: stefanzweifel/git-auto-commit-action@v5
        with:
          commit_message: Update dependabot.yml