From 01bc003b987f90e089dfcba051d4f82d7c95ca12 Mon Sep 17 00:00:00 2001
From: Matthew Christopher <matthchr@users.noreply.github.com>
Date: Wed, 15 May 2024 10:00:12 -0700
Subject: [PATCH] Group dependabot updates (#4012)

---
 .github/dependabot.yml | 46 ++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 46 insertions(+)

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index bfdf9b9dfb0..01a969889c7 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -11,15 +11,61 @@ updates:
     schedule:
       interval: "weekly"
     rebase-strategy: "disabled"
+    groups:
+      # Group updates together, so that they are all applied in a single PR.
+      # Grouped updates are currently in beta and is subject to change.
+      # xref: https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#groups
+      k8s-go-deps:
+        applies-to: version-updates  # security-updates would need a separate entry but for now lets try this
+        patterns:
+          - "k8s.io/*"
+          - "sigs.k8s.io/*"
+      go-deps:
+        applies-to: version-updates
+        patterns:
+          - "*"
+        exclude-patterns:
+          - "k8s.io/*"
+          - "sigs.k8s.io/*"
   # ASO v2 asoctl
   - package-ecosystem: "gomod" 
     directory: "/v2/cmd/asoctl" 
     schedule:
       interval: "weekly"
     rebase-strategy: "disabled"
+    # Group updates together, so that they are all applied in a single PR.
+    # Grouped updates are currently in beta and is subject to change.
+    # xref: https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#groups
+    k8s-go-deps:
+      applies-to: version-updates  # security-updates would need a separate entry but for now lets try this
+      patterns:
+        - "k8s.io/*"
+        - "sigs.k8s.io/*"
+    go-deps:
+      applies-to: version-updates
+      patterns:
+        - "*"
+      exclude-patterns:
+        - "k8s.io/*"
+        - "sigs.k8s.io/*"
   # ASO v2 generator
   - package-ecosystem: "gomod" 
     directory: "/v2/tools/generator" 
     schedule:
       interval: "weekly"
     rebase-strategy: "disabled"
+    # Group updates together, so that they are all applied in a single PR.
+    # Grouped updates are currently in beta and is subject to change.
+    # xref: https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#groups
+    k8s-go-deps:
+      applies-to: version-updates  # security-updates would need a separate entry but for now lets try this
+      patterns:
+        - "k8s.io/*"
+        - "sigs.k8s.io/*"
+    go-deps:
+      applies-to: version-updates
+      patterns:
+        - "*"
+      exclude-patterns:
+        - "k8s.io/*"
+        - "sigs.k8s.io/*"