validate dependabot configuration

Borrowed from Ubuntu (ubuntu/authd@3f9df8f) Sadly, this won't check our existing config unless I make a dummy update.
geekosaur · Aug 22, 2024 · 2d397c5 · 2d397c5
1 parent a1c94c1
commit 2d397c5
Showing 1 changed file with 23 additions and 0 deletions.
diff --git a/.github/workflows/dependabot.yml b/.github/workflows/dependabot.yml
@@ -0,0 +1,23 @@
+# copied from https://github.com/ubuntu/authd/commit/3f9df8f21d952cd33fd44d3834d0edeec1f5766f
+
+name: Dependabot rules validation
+
+on:
+  pull_request:
+    paths:
+      - '.github/dependabot.yml'
+
+jobs:
+  validate:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - uses: marocchino/validate-dependabot@v3
+        id: validate
+
+      - uses: marocchino/sticky-pull-request-comment@v2
+        if: always()
+        with:
+          header: validate-dependabot
+          message: ${{ steps.validate.outputs.markdown }}