feat: add Dependabot scaffold (#7)

scaffolder-skeletons/dependabot/.github/dependabot.yml

@@ -0,0 +1,20 @@
+version: 2
+updates:
+{% if values.is_docker %}
+  - package-ecosystem: "docker"
+    directory: "/"
+    schedule:
+      interval: "daily"
+{% endif %}
+{% if values.is_python %}
+  - package-ecosystem: pip
+    directory: "/"
+    schedule:
+      interval: "daily"
+{% endif %}
+{% if values.is_github_actions %}
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "daily"
+{% endif %}

scaffolder-templates/dependabot/template.yaml

@@ -0,0 +1,69 @@
+apiVersion: scaffolder.backstage.io/v1beta3
+kind: Template
+metadata:
+  name: dependabot
+  title: Dependabot
+  description: Enable Dependabot on an existing project.
+  tags:
+    - recommended
+spec:
+  owner: it-reaktion
+  type: ci
+  parameters:
+    - title: Choose a location
+      required:
+        - repoUrl
+      properties:
+        repoUrl:
+          title: Repository Location
+          type: string
+          ui:field: RepoUrlPicker
+          ui:options:
+            allowedHosts:
+              - github.com
+            allowedOwners:
+              - radiorabe
+            requestUserCredentials:
+              secretsKey: USER_GITHUB_OAUTH_TOKEN
+    - title: Enable Ecosystems
+      required:
+        - ecosystems
+      properties:
+        ecosystems:
+          title: Select ecosystems
+          type: array
+          items:
+            type: boolean
+            enum:
+              - 'Enable Docker'
+              - 'Enable Python'
+              - 'Enable GitHub Actions'
+          uniqueItems: true
+          ui:widget: checkboxes
+  steps:
+    - id: fetch-base
+      name: Fetch Base
+      action: fetch:template
+      input:
+        url: ../../scaffolder-skeletons/dependabot/
+        replace: true
+        values:
+          is_docker: ${{ parameters.ecosystems.includes('Enable Docker') }}
+          is_python: ${{ parameters.ecosystems.includes('Enable Python') }}
+          is_github_actions: ${{ parameters.ecosystems.includes('Enable GitHub Actions') }}
+    - id: publish
+      name: Publish
+      action: publish:github:pull-request
+      input:
+        title: "chore(ci): configure dependabot"
+        token: ${{ secrets.USER_GITHUB_OAUTH_TOKEN }}
+        repoUrl: ${{ parameters.repoUrl }}
+        branchName: chore/ci/dependabot
+        description: |
+          # Initialize [GitHub Dependabot](https://docs.github.com/en/code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates).
+
+          Configures Dependabot to create weekly update PRs.
+  output:
+    links:
+      - url: ${{steps.publish.output.remoteUrl}}
+        title: "Go to PR"

scaffolder-templates/semrel/template.yaml

@@ -30,7 +30,7 @@ spec:
                   - workflow
   steps:
     - id: getversion
-      name: get actions version
+      name: Get radiorabe/actions version
       action: http:backstage:request
       input:
         method: 'GET'
@@ -56,8 +56,7 @@ spec:
 
           Based on [radiorabe/actions: Semantic Release](https://github.com/radiorabe/actions#semantic-release).
 
-          Semantic Releases are done by [@it-reaktion](https://github.com/it-reaktion). Ensure that this repo
-          hass access to the org-level  `RABE_ITREAKTION_GITHUB_TOKEN` secret before merging this.
+          Semantic Releases are done by [@it-reaktion](https://github.com/it-reaktion). Ensure that this repo has access to the org-level `RABE_ITREAKTION_GITHUB_TOKEN` secret before merging this.
   output:
     links:
       - url: ${{steps.publish.output.remoteUrl}}