This action runs dependabot for Clojure (lein) projects using a fork of dependabot/dependabot-core that has support for lein.

The action executes the update.rb script using a trimmed down version of the Dockerfile from dependabot-core which contains only what is required to run updates on lein projects. The image is pushed to ghcr.io/cga1123/dependabot-lein-runner.

It uses the following variables:

• token the github access token to use to both check the private repositories and create pull requests (may be the GitHub Actions token or a personal access token)
• registries any github packages maven repository urls for private packages (comma separated, default '')
• directory the directory to look for project.clj within (default '/')
• repository the repo to update in owner/repo format

Example daily workflow within for a single repo:

name: Daily Scheduled Bump on: workflow_dispatch: schedule: - cron: '30 9 * * *' jobs: update: runs-on: ubuntu-latest steps: - uses: CGA1123/dependabot-lein-runner@main with: token: ${{ github.token }} repository: ${{ github.repository }} directory: '/' # can be ommited registries: '' # can be ommited

Example workflow for multiple repos (must use a Personal Access Token in order to open PRs in repositories which are not the repository the action is running in):

name: Daily Scheduled Bump on: workflow_dispatch: schedule: - cron: '30 9 * * *' jobs: update: name: Update runs-on: ubuntu-latest strategy: fail-fast: false matrix: projects: - repository: CGA1123/dependabot-lein-runner directory: '/dummy' steps: - uses: CGA1123/dependabot-lein-runner@main with: token: ${{ secrets.PERSONAL_TOKEN }} repository: ${{ matrix.projects.repository }} directory: ${{ matrix.projects.directory }}