Directly maintain template workflow dependencies via Dependabot

Dependabot supports managing GitHub Actions action dependencies of workflows. In addition to the workflows used in the
repository's own infrastructure, this system was also used to maintain the dependencies of the "template" workflows.

At the time it was set up, Dependabot had an inconvenient behavior where workflows were expected to be found in the
`.github/workflows/` subfolder of the path specified via the `directory` key of the `dependabot.yml` configuration file.
This meant it was not possible to directly scan the workflows in the `workflow-templates` folder. The workaround was to
put a set of copies in `workflow-templates/dependabot/workflow-template-copies/.github/workflows/`. The Dependabot PRs
proposing to update those workflows when an outdated action dependency was detected were not merged, but instead used as
a notification of available updates for the source workflows in `workflow-templates`.

A change in Dependabot in spring of 2022 caused the template maintenance system to stop working. That bug has been
fixed. Along with the fix, the odd system of not looking for workflows in the folder specified via the `directory` key
was dropped, which means it is now possible to use Dependabot to directly maintain the workflow templates, making the
duplicates no longer necessary.

Author: per1234

.github/dependabot.yml

@@ -16,12 +16,9 @@ updates:
 
   # Configure check for outdated GitHub Actions actions in workflow templates.
   - package-ecosystem: github-actions
-    # The workflows under the .github/workflows/ subfolder of this path will be checked.
-    directory: /workflow-templates/dependabot/workflow-template-copies/
+    directory: /workflow-templates/
     schedule:
       interval: daily
-    commit-message:
-      prefix: (DO NOT MERGE)
     labels:
       - "topic: infrastructure"
     assignees:

.github/workflows/check-dependabot-sync.yml

@@ -10,7 +10,6 @@
 [![Check npm status](https://github.com/arduino/tooling-project-assets/actions/workflows/check-npm-task.yml/badge.svg)](https://github.com/arduino/tooling-project-assets/actions/workflows/check-npm-task.yml)
 [![Check General Formatting status](https://github.com/arduino/tooling-project-assets/actions/workflows/check-general-formatting-task.yml/badge.svg)](https://github.com/arduino/tooling-project-assets/actions/workflows/check-general-formatting-task.yml)
 [![Check License status](https://github.com/arduino/tooling-project-assets/actions/workflows/check-license.yml/badge.svg)](https://github.com/arduino/tooling-project-assets/actions/workflows/check-license.yml)
-[![Check Workflow Duplicates Sync status](https://github.com/arduino/tooling-project-assets/actions/workflows/check-dependabot-sync.yml/badge.svg)](https://github.com/arduino/tooling-project-assets/actions/workflows/check-dependabot-sync.yml)
 [![Check CI Workflows Sync status](https://github.com/arduino/tooling-project-assets/actions/workflows/check-ci-sync.yml/badge.svg)](https://github.com/arduino/tooling-project-assets/actions/workflows/check-ci-sync.yml)
 [![Check Community Health Files Sync status](https://github.com/arduino/tooling-project-assets/actions/workflows/check-community-health-sync.yml/badge.svg)](https://github.com/arduino/tooling-project-assets/actions/workflows/check-community-health-sync.yml)
 [![Check Configuration Files Sync status](https://github.com/arduino/tooling-project-assets/actions/workflows/check-config-sync.yml/badge.svg)](https://github.com/arduino/tooling-project-assets/actions/workflows/check-config-sync.yml)

README.md

@@ -42,7 +42,6 @@ tasks:
     deps:
       - task: ci:sync
       - task: config:sync
-      - task: dependabot:sync
       - task: general:correct-spelling
       - task: general:format-prettier
       - task: github:sync
@@ -371,22 +370,6 @@ tasks:
           -s "{{.SCHEMA_PATH}}" \
           -d "{{.PROJECT_FOLDER}}/{{.DATA_PATH}}"
 
-  dependabot:sync:
-    desc: Sync workflow duplicates for dependabot checks
-    vars:
-      WORKFLOW_TEMPLATES_PATH: "./workflow-templates"
-      WORKFLOW_TEMPLATE_COPIES_PATH: "./workflow-templates/dependabot/workflow-template-copies/.github/workflows"
-    cmds:
-      # Sync workflow templates with the copies in the folder where Dependabot can check them for updates.
-      - mkdir --parents "{{.WORKFLOW_TEMPLATE_COPIES_PATH}}"
-      - rm --force "{{.WORKFLOW_TEMPLATE_COPIES_PATH}}"/*
-      - |
-        find "{{.WORKFLOW_TEMPLATES_PATH}}" \
-          -maxdepth 1 \
-          -type f \
-          -regex '.*\.ya?ml' \
-          -exec cp '{}' "{{.WORKFLOW_TEMPLATE_COPIES_PATH}}" \;
-
   docs:generate:
     desc: Create all generated documentation content
     # This is an "umbrella" task used to call any documentation generation processes the project has.

Taskfile.yml

@@ -23,6 +23,10 @@ Addition of, or requests for, any additional workflows that can be reusable betw
 
 ## Dependabot
 
-Dependabot is used to check for outdated action versions used in the workflow templates. Details about that are [here](dependabot/README.md).
+Dependabot is used to [check for outdated action versions](https://docs.github.com/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot) used in the template workflows.
+
+Dependabot's PRs will occasionally try to pin to the patch version of the action (e.g., updating `uses: foo/bar@v1` to `uses: foo/bar@v2.3.4`). When the action author has [provided a major version ref](https://docs.github.com/actions/creating-actions/about-custom-actions#using-release-management-for-actions), use that instead (e.g., `uses: foo/bar@v2`). Once the major version has been updated in the workflow, Dependabot should not submit an update PR again until the next major version bump.
+
+---
 
 The same can be done for the workflows of any repository. See the instructions [here](assets/dependabot/README.md).