From 46eda5069d04f4725e3d40626e4921ed77e055ab Mon Sep 17 00:00:00 2001
From: Axel Pavageau <axel.pavageau@ekino.com>
Date: Wed, 30 Oct 2024 16:50:38 +0100
Subject: [PATCH 1/3] chore: adding a build schedule to rebuild the image on a
 weekly basis

---
 .github/workflows/docker-image.yml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/.github/workflows/docker-image.yml b/.github/workflows/docker-image.yml
index a90417b..c23a0bb 100644
--- a/.github/workflows/docker-image.yml
+++ b/.github/workflows/docker-image.yml
@@ -5,6 +5,8 @@ on:
     branches: ["master"]
   pull_request:
     branches: ["master"]
+  schedule:
+    - cron: '0 0 * * 0'
 
 jobs:
   docker:

From eb8365ea0bedaa28ad6a430e26564a57568c4a65 Mon Sep 17 00:00:00 2001
From: Axel Pavageau <axel.pavageau@ekino.com>
Date: Wed, 30 Oct 2024 16:51:07 +0100
Subject: [PATCH 2/3] chore: setting the nginx version & dependabot
 configuration to update it

---
 .github/dependabot.yml | 7 +++++++
 Dockerfile             | 2 +-
 2 files changed, 8 insertions(+), 1 deletion(-)
 create mode 100644 .github/dependabot.yml

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
new file mode 100644
index 0000000..22bbb8a
--- /dev/null
+++ b/.github/dependabot.yml
@@ -0,0 +1,7 @@
+version: 2
+updates:
+  - package-ecosystem: "docker"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+    open-pull-requests-limit: 5
diff --git a/Dockerfile b/Dockerfile
index c34ed8f..606ed1a 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,4 +1,4 @@
-FROM nginx:latest
+FROM nginx:1.27.2
 
 ARG COLOR
 ARG COLOR_CODE

From 2e770c2ca9aab6f8f60bcf2e66fa7ad808741864 Mon Sep 17 00:00:00 2001
From: Axel Pavageau <axel.pavageau@ekino.com>
Date: Wed, 30 Oct 2024 16:51:30 +0100
Subject: [PATCH 3/3] chore: enabling auto-merge for nginx patches PRs

---
 .github/workflows/auto-merge.yml | 23 +++++++++++++++++++++++
 1 file changed, 23 insertions(+)
 create mode 100644 .github/workflows/auto-merge.yml

diff --git a/.github/workflows/auto-merge.yml b/.github/workflows/auto-merge.yml
new file mode 100644
index 0000000..1b556cc
--- /dev/null
+++ b/.github/workflows/auto-merge.yml
@@ -0,0 +1,23 @@
+name: Dependabot auto-merge
+on: pull_request
+
+permissions:
+  contents: write
+  pull-requests: write
+
+jobs:
+  dependabot:
+    runs-on: ubuntu-latest
+    if: github.actor == 'dependabot[bot]'
+    steps:
+      - name: Dependabot metadata
+        id: metadata
+        uses: dependabot/fetch-metadata@v2
+        with:
+          github-token: "${{ secrets.GITHUB_TOKEN }}"
+      - name: Enable auto-merge for Dependabot PRs
+        if: steps.metadata.outputs.update-type == 'version-update:semver-patch'
+        run: gh pr merge --auto --merge "$PR_URL"
+        env:
+          PR_URL: ${{github.event.pull_request.html_url}}
+          GH_TOKEN: ${{secrets.GITHUB_TOKEN}}