Enable Dependabot Monitoring for Repo Tools

.github/dependabot.yml

@@ -10,10 +10,24 @@ updates:
       go-dependencies:
         patterns:
           - "*"
+  - package-ecosystem: "gomod"
+    directory: "/tools"
+    schedule:
+      interval: "weekly"
+    allow:
+      - dependency-type: "all"
+    labels:
+      - "tools"
+    groups:
+      go-dependencies:
+        patterns:
+          - "*"
   - package-ecosystem: "github-actions"
     directory: "/"
     schedule:
       interval: "weekly"
+    labels:
+      - "github_actions"
     groups:
       gha-dependencies:
         patterns:

.github/workflows/dependabot_changelog_update.yml

@@ -8,12 +8,31 @@ on:
       - reopened
 permissions:
   contents: read
+  pull-requests: write
 jobs:
   dependabot-changelog-update:
     if: github.actor == 'dependabot[bot]'
     runs-on: ubuntu-latest
     steps:
+      - name: Check labels
+        id: check-labels
+        uses: actions/github-script@v7
+        with:
+          script: |
+            const labels = context.payload.pull_request.labels.map(l => l.name);
+            const skip = labels.includes('tools') || labels.includes('github_actions');
+            if (skip) {
+              await github.rest.issues.addLabels({
+                owner: context.repo.owner,
+                repo: context.repo.repo,
+                issue_number: context.payload.pull_request.number,
+                labels: ['Skip-Changelog']
+              });
+            }
+            return !skip;
+          result-encoding: string
       - name: Generate a GitHub token
+        if: steps.check-labels.outputs.result == 'true'
         id: github-token
         uses: actions/create-github-app-token@v3
         with:
@@ -22,18 +41,21 @@ jobs:
           owner: ${{ github.repository_owner }}
           repositories: "cli"
       - name: Checkout code
+        if: steps.check-labels.outputs.result == 'true'
         uses: actions/checkout@v6
         with:
           token: ${{ steps.github-token.outputs.token }}
           repository: ${{ github.event.pull_request.head.repo.full_name }}
           ref: ${{ github.event.pull_request.head.ref }}
       - name: Generate changelog entry
+        if: steps.check-labels.outputs.result == 'true'
         uses: dangoslen/dependabot-changelog-helper@v4
         with:
           activationLabels: dependencies
           changelogPath: './CHANGELOG.md'
           entryPrefix: 'build(deps): '
       - name: Commit changelog entry
+        if: steps.check-labels.outputs.result == 'true'
         uses: stefanzweifel/git-auto-commit-action@v7
         with:
           commit_message: "docs(CHANGELOG.md): add dependency bump from dependabot"

Makefile

@@ -47,7 +47,7 @@ GOLANGCI_LINT := $(BIN_DIR)/golangci-lint
 # EXAMPLE:
 # make release GORELEASER_ARGS="--clean --skip=post-hooks --skip=validate"
 release: $(GO_FILES) ## Build executables using goreleaser
-	$(GO_BIN) tool -modfile=tools.mod goreleaser build ${GORELEASER_ARGS}
+	$(GO_BIN) tool -modfile=tools/go.mod goreleaser build ${GORELEASER_ARGS}
 
 # Useful for attaching a debugger such as https://github.com/go-delve/delve
 debug:
@@ -121,7 +121,7 @@ scaffold-category:
 # e.g. make graph PKG_IMPORT_PATH=github.com/fastly/cli/pkg/commands/kvstoreentry
 .PHONY: graph
 graph: ## Graph generates a call graph that focuses on the specified package
-	$(GO_BIN) tool -modfile=tools.mod go-callvis -file "callvis" -focus "$(PKG_IMPORT_PATH)" ./cmd/fastly/
+	$(GO_BIN) tool -modfile=tools/go.mod go-callvis -file "callvis" -focus "$(PKG_IMPORT_PATH)" ./cmd/fastly/
 	@rm callvis.gv
 
 .PHONY: deps-app-update