From c3acb8cc27208a24065efaa3e31e2d5dd050e816 Mon Sep 17 00:00:00 2001
From: Evgeni Golov <evgeni@golov.de>
Date: Thu, 23 Nov 2023 09:40:26 +0100
Subject: [PATCH 1/4] use a digest in Containerfile so that dependabot can bump
 it

---
 Containerfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Containerfile b/Containerfile
index b661d8f..1adc566 100644
--- a/Containerfile
+++ b/Containerfile
@@ -1,4 +1,4 @@
-FROM postgres:12
+FROM postgres:12@sha256:f9e8ae1fbd03f2c48d843efe7484f45913ef0283a60dec7ad0bd36a80158245b
 
 COPY Makefile *.control *.sql /src/
 

From 79b486295cf72ba160c03ef1fe6d3ecaae482909 Mon Sep 17 00:00:00 2001
From: Evgeni Golov <evgeni@golov.de>
Date: Thu, 23 Nov 2023 09:45:48 +0100
Subject: [PATCH 2/4] configure dependabot for docker

---
 .github/dependabot.yml | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index 5ace460..2bbfda4 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -4,3 +4,7 @@ updates:
     directory: "/"
     schedule:
       interval: "weekly"
+  - package-ecosystem: "docker"
+    directory: "/"
+    schedule:
+      interval: "weekly"

From 84af3f12a06feb002d64696bce4ac34967a0d60b Mon Sep 17 00:00:00 2001
From: Evgeni Golov <evgeni@golov.de>
Date: Thu, 23 Nov 2023 09:46:02 +0100
Subject: [PATCH 3/4] rename Containerfile to Dockerfile, dependabot does not
 support the former

https://github.com/dependabot/dependabot-core/issues/6067
---
 .github/workflows/container-release.yml | 2 +-
 .github/workflows/container.yml         | 2 +-
 Containerfile => Dockerfile             | 0
 3 files changed, 2 insertions(+), 2 deletions(-)
 rename Containerfile => Dockerfile (100%)

diff --git a/.github/workflows/container-release.yml b/.github/workflows/container-release.yml
index 753610a..1aa5b3d 100644
--- a/.github/workflows/container-release.yml
+++ b/.github/workflows/container-release.yml
@@ -35,7 +35,7 @@ jobs:
         uses: docker/build-push-action@v5
         with:
           context: .
-          file: Containerfile
+          file: Dockerfile
           push: true
           tags: ${{ steps.meta.outputs.tags }}
           labels: ${{ steps.meta.outputs.labels }}
diff --git a/.github/workflows/container.yml b/.github/workflows/container.yml
index 7e21389..4858354 100644
--- a/.github/workflows/container.yml
+++ b/.github/workflows/container.yml
@@ -15,7 +15,7 @@ jobs:
       - name: Build container
         uses: docker/build-push-action@v5
         with:
-          file: Containerfile
+          file: Dockerfile
           tags: postgresql-evr:latest
       - name: Run container
         run: docker run -p 5432:5432 -e POSTGRES_PASSWORD=password --detach --name postgres postgresql-evr:latest
diff --git a/Containerfile b/Dockerfile
similarity index 100%
rename from Containerfile
rename to Dockerfile

From 5a82de2654d287421c842c98f07d5cc179cad035 Mon Sep 17 00:00:00 2001
From: Evgeni Golov <evgeni@golov.de>
Date: Tue, 28 Nov 2023 18:39:01 +0100
Subject: [PATCH 4/4] ignore new major versions

---
 .github/dependabot.yml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index 2bbfda4..fa1411b 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -8,3 +8,6 @@ updates:
     directory: "/"
     schedule:
       interval: "weekly"
+    ignore:
+      - dependency-name: "postgres"
+        update-types: ["version-update:semver-major"]