BjoernKarma · dependabot · Sep 12, 2025 · Sep 12, 2025 · Sep 12, 2025 · Sep 15, 2025
diff --git a/.github/dependabot-tidy.yml b/.github/dependabot-tidy.yml
@@ -0,0 +1,79 @@
+# Copyright 2025 Deutsche Telekom IT GmbH
+#
+# SPDX-License-Identifier: Apache-2.0
+
+name: Dependabot Tidy
+
+on:
+  pull_request:
+    paths:
+      - '**/go.mod'
+      - '**/go.sum'
+
+jobs:
+  tidy:
+    name: Run go mod tidy
+    if: github.actor == 'dependabot[bot]'
+    runs-on: ubuntu-latest
+    permissions:
+      contents: write
+      pull-requests: write
+
+    steps:
+      - uses: actions/checkout@v5
+        with:
+          ref: ${{ github.head_ref }}
+          fetch-depth: 0
+
+      - name: Set up Go
+        uses: actions/setup-go@v5
+        with:
+          go-version: 'stable'
+          check-latest: true
+
+      - name: Run go mod tidy on all modules
+        run: |
+          echo "Identified modules:"
+          MODULES=$(find . -name 'go.mod' -exec dirname {} \; | sort)
+          echo "$MODULES"
+          echo "\nRunning go mod tidy on all modules..."
+          echo "$MODULES" | while read -r module_dir; do
+            if [ -n "$module_dir" ]; then
+              echo "Processing: $module_dir"
+              (cd "$module_dir" && go mod tidy)
+            fi
+          done
+
+      - name: Check for changes
+        id: check_changes
+        run: |
+          if [[ -n "$(git status --porcelain)" ]]; then
+            echo "changes=true" >> $GITHUB_OUTPUT
+            echo "Changes detected after running go mod tidy:"
+            git diff --name-only
+          else
+            echo "changes=false" >> $GITHUB_OUTPUT
+            echo "No changes detected after running go mod tidy"
+          fi
+
+      - name: Commit and push changes
+        if: steps.check_changes.outputs.changes == 'true'
+        run: |
+          git config user.name "github-actions[bot]"
+          git config user.email "github-actions[bot]@users.noreply.github.com"
+          git add .
+          git commit -m "chore: run go mod tidy for modules updated by dependabot"
+          git push
+
+      - name: Add comment to PR
+        if: steps.check_changes.outputs.changes == 'true'
+        uses: actions/github-script@v7
+        with:
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+          script: |
+            github.rest.issues.createComment({
+              issue_number: context.issue.number,
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              body: '✅ `go mod tidy` has been run for all Go modules and changes have been committed to this PR.'
+            })
diff --git a/.github/workflows/dependabot-tidy.yml b/.github/workflows/dependabot-tidy.yml
@@ -0,0 +1,80 @@
+# Copyright 2025 Deutsche Telekom IT GmbH
+#
+# SPDX-License-Identifier: Apache-2.0
+
+name: Dependabot Tidy
+
+on:
+  pull_request:
+    paths:
+      - '**/go.mod'
+      - '**/go.sum'
+  workflow_dispatch:
+
+jobs:
+  tidy:
+    name: Run go mod tidy
+    if: github.actor == 'dependabot[bot]' || github.event_name == 'workflow_dispatch'
+    runs-on: ubuntu-latest
+    permissions:
+      contents: write
+      pull-requests: write
+
+    steps:
+      - uses: actions/checkout@v5
+        with:
+          ref: ${{ github.head_ref }}
+          fetch-depth: 0
+
+      - name: Set up Go
+        uses: actions/setup-go@v5
+        with:
+          go-version: 'stable'
+          check-latest: true
+
+      - name: Run go mod tidy on all modules
+        run: |
+          echo "Identified modules:"
+          MODULES=$(find . -name 'go.mod' -exec dirname {} \; | sort)
+          echo "$MODULES"
+          echo "\nRunning go mod tidy on all modules..."
+          echo "$MODULES" | while read -r module_dir; do
+            if [ -n "$module_dir" ]; then
+              echo "Processing: $module_dir"
+              (cd "$module_dir" && go mod tidy)
+            fi
+          done
+
+      - name: Check for changes
+        id: check_changes
+        run: |
+          if [[ -n "$(git status --porcelain)" ]]; then
+            echo "changes=true" >> $GITHUB_OUTPUT
+            echo "Changes detected after running go mod tidy:"
+            git diff --name-only
+          else
+            echo "changes=false" >> $GITHUB_OUTPUT
+            echo "No changes detected after running go mod tidy"
+          fi
+
+      - name: Commit and push changes
+        if: steps.check_changes.outputs.changes == 'true'
+        run: |
+          git config user.name "github-actions[bot]"
+          git config user.email "github-actions[bot]@users.noreply.github.com"
+          git add .
+          git commit -m "chore: run go mod tidy for modules updated by dependabot"
+          git push
+
+      - name: Add comment to PR
+        if: steps.check_changes.outputs.changes == 'true'
+        uses: actions/github-script@v7
+        with:
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+          script: |
+            github.rest.issues.createComment({
+              issue_number: context.issue.number,
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              body: '✅ `go mod tidy` has been run for all Go modules and changes have been committed to this PR.'
+            })
diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
@@ -38,7 +38,7 @@ jobs:
             ~/.cache/go-build
             ~/go/pkg/mod
           key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
-      - uses: sigstore/cosign-installer@v3.9.2
+      - uses: sigstore/cosign-installer@v3.10.0
       - uses: anchore/sbom-action/download-syft@v0.20.5
       - name: Install GoReleaser
         uses: goreleaser/goreleaser-action@v6

diff --git a/tools/route-tester/main.go b/tools/route-tester/main.go
@@ -13,17 +13,18 @@ import (
 	"os"
 
 	"github.com/pkg/errors"
-	applicationv1 "github.com/telekom/controlplane/application/api/v1"
-	"github.com/telekom/controlplane/common/pkg/util/labelutil"
-	gatewayv1 "github.com/telekom/controlplane/gateway/api/v1"
-	secretsapi "github.com/telekom/controlplane/secret-manager/api"
-	"github.com/telekom/controlplane/secret-manager/api/accesstoken"
 	"golang.org/x/oauth2/clientcredentials"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/client-go/rest"
 	"sigs.k8s.io/controller-runtime/pkg/client"
 	kconfig "sigs.k8s.io/controller-runtime/pkg/client/config"
+
+	applicationv1 "github.com/telekom/controlplane/application/api/v1"
+	accesstoken "github.com/telekom/controlplane/common-server/pkg/client/token"
+	"github.com/telekom/controlplane/common/pkg/util/labelutil"
+	gatewayv1 "github.com/telekom/controlplane/gateway/api/v1"
+	secretsapi "github.com/telekom/controlplane/secret-manager/api"
 )
 
 var (