Dependabot fix and pr actions (#1950)

* Updating the dependabot paths for nested directories

Signed-off-by: Vacha Shah <vachshah@amazon.com>

* Adding a workflow for running actions on the dependabot generated PR

Signed-off-by: Vacha Shah <vachshah@amazon.com>

* Changing limits and using Github App token

Signed-off-by: Vacha Shah <vachshah@amazon.com>

.github/workflows/dependabot_pr.yml

@@ -0,0 +1,49 @@
+name: Dependabot PR actions
+on: pull_request
+
+jobs:
+  dependabot:
+    runs-on: ubuntu-latest
+    permissions:
+      pull-requests: write
+      contents: write
+    if: ${{ github.actor == 'dependabot[bot]' }}
+    steps:
+      - name: GitHub App token
+        id: github_app_token
+        uses: tibdex/github-app-token@v1.5.0
+        with:
+          app_id: ${{ secrets.APP_ID }}
+          private_key: ${{ secrets.APP_PRIVATE_KEY }}
+          installation_id: 22958780
+
+      - name: Check out code
+        uses: actions/checkout@v2
+        with:
+          token: ${{ steps.github_app_token.outputs.token }}
+
+      - name: Update Gradle SHAs
+        run: |
+          ./gradlew updateSHAs
+
+      - name: Commit the changes
+        uses: stefanzweifel/git-auto-commit-action@v4.7.2
+        with:
+          commit_message: Updating SHAs
+          branch: ${{ github.head_ref }}
+          commit_user_name: dependabot[bot]
+          commit_user_email: support@github.com
+          commit_options: '--signoff'
+
+      - name: Run spotless
+        run: |
+          ./gradlew spotlessApply
+
+      - name: Commit the changes
+        uses: stefanzweifel/git-auto-commit-action@v4.7.2
+        with:
+          commit_message: Spotless formatting
+          branch: ${{ github.head_ref }}
+          commit_user_name: dependabot[bot]
+          commit_user_email: support@github.com
+          commit_options: '--signoff'