From 42e5162f1c10091344b09b192ebca0462cea9d5e Mon Sep 17 00:00:00 2001
From: Mike Estevez <mikestvz@amazon.com>
Date: Thu, 22 May 2025 22:56:32 -0700
Subject: [PATCH] Enabling dependabot to run go-mod-tidy

---
 .github/dependabot-readme.md                 | 42 ++++++++++++++++
 .github/dependabot.yml                       | 35 ++++++++++++++
 .github/workflows/dependabot-go-mod-tidy.yml | 50 ++++++++++++++++++++
 3 files changed, 127 insertions(+)
 create mode 100644 .github/dependabot-readme.md
 create mode 100644 .github/dependabot.yml
 create mode 100644 .github/workflows/dependabot-go-mod-tidy.yml

diff --git a/.github/dependabot-readme.md b/.github/dependabot-readme.md
new file mode 100644
index 00000000..da72187a
--- /dev/null
+++ b/.github/dependabot-readme.md
@@ -0,0 +1,42 @@
+# Dependabot Configuration for Go Modules
+
+This repository is configured to use Dependabot for automated dependency updates with `go mod tidy` support.
+
+## Configuration Files
+
+1. `.github/dependabot.yml` - Configures Dependabot to check for Go module updates weekly
+2. `.github/workflows/dependabot-go-mod-tidy.yml` - GitHub Actions workflow that runs `go mod tidy` on Dependabot PRs
+
+## How It Works
+
+1. Dependabot creates PRs to update Go dependencies according to the schedule in `dependabot.yml`
+2. When a PR is created that modifies `go.mod` or `go.sum`, the workflow is triggered
+3. The workflow checks if the PR was created by Dependabot
+4. If so, it runs `go mod tidy` and commits any changes back to the PR
+
+## Required Repository Settings
+
+For the workflow to function properly, you need to configure the repository to allow Dependabot to trigger workflows with write permissions:
+
+1. Go to the repository on GitHub
+2. Navigate to Settings > Code and automation > Actions > General
+3. Scroll down to "Workflow permissions"
+4. Enable "Read and write permissions"
+5. Check "Allow GitHub Actions to create and approve pull requests"
+6. Save changes
+
+Additionally, you need to configure Dependabot to have write access to PRs:
+
+1. Go to the repository on GitHub
+2. Navigate to Settings > Code and automation > Actions > General
+3. Scroll down to "Workflow permissions from pull requests"
+4. Select "Allow Dependabot to run workflows"
+5. Save changes
+
+## Troubleshooting
+
+If the workflow isn't running or isn't able to commit changes:
+
+1. Check that the repository settings are configured as described above
+2. Verify that the PR was created by Dependabot
+3. Check the workflow run logs for any errors
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
new file mode 100644
index 00000000..630264d1
--- /dev/null
+++ b/.github/dependabot.yml
@@ -0,0 +1,35 @@
+version: 2
+updates:
+  - package-ecosystem: "gomod"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+    # Enable go mod tidy after updates
+    ignore:
+      - dependency-name: "*"
+        update-types: ["version-update:semver-patch"]
+    commit-message:
+      prefix: "chore"
+      include: "scope"
+    labels:
+      - "dependencies"
+      - "go"
+    # Add the go mod tidy command
+    gomod:
+      update-tool: "go mod tidy"
+
+  - package-ecosystem: "gomod"
+    directory: "/test"
+    schedule:
+      interval: "weekly"
+    ignore:
+      - dependency-name: "*"
+        update-types: ["version-update:semver-patch"]
+    commit-message:
+      prefix: "chore"
+      include: "scope"
+    labels:
+      - "dependencies"
+      - "go"
+    gomod:
+      update-tool: "go mod tidy"
diff --git a/.github/workflows/dependabot-go-mod-tidy.yml b/.github/workflows/dependabot-go-mod-tidy.yml
new file mode 100644
index 00000000..1654c10b
--- /dev/null
+++ b/.github/workflows/dependabot-go-mod-tidy.yml
@@ -0,0 +1,50 @@
+name: Dependabot Go Mod Tidy
+
+on:
+  pull_request:
+    paths:
+      - 'go.mod'
+      - 'go.sum'
+
+permissions:
+  contents: write
+  pull-requests: write
+
+jobs:
+  go-mod-tidy:
+    runs-on: ubuntu-latest
+    if: ${{ github.actor == 'dependabot[bot]' }}
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+        with:
+          ref: ${{ github.head_ref }}
+          token: ${{ secrets.GITHUB_TOKEN }}
+          
+      - name: Setup Go
+        uses: actions/setup-go@v4
+        with:
+          go-version: '1.x'
+          
+      - name: Run go mod tidy
+        run: |
+          go mod tidy
+          
+      - name: Check for changes
+        id: git-check
+        run: |
+          git status --porcelain
+          if [ -n "$(git status --porcelain)" ]; then
+            echo "changes=true" >> $GITHUB_OUTPUT
+          else
+            echo "changes=false" >> $GITHUB_OUTPUT
+          fi
+          
+      - name: Commit and push changes
+        if: steps.git-check.outputs.changes == 'true'
+        run: |
+          git config --local user.email "41898282+github-actions[bot]@users.noreply.github.com"
+          git config --local user.name "github-actions[bot]"
+          git add go.mod go.sum
+          git commit -m "Run go mod tidy for Dependabot PR"
+          git push