chore: Configure Renovate

[renovate]

Welcome to Renovate! This is an onboarding PR to help you understand and configure settings before regular Pull Requests begin.

🚦 To activate Renovate, merge this Pull Request. To disable Renovate, simply close this Pull Request unmerged.

---

Detected Package Files

• docker-compose.yml (docker-compose)
• Dockerfile.kafka (dockerfile)
• .github/workflows/apidiff.yml (github-actions)
• .github/workflows/cache-cleanup.yml (github-actions)
• .github/workflows/ci.yml (github-actions)
• .github/workflows/codeql-analysis.yml (github-actions)
• .github/workflows/dependency-review.yml (github-actions)
• .github/workflows/fuzz.yml (github-actions)
• .github/workflows/fvt.yml (github-actions)
• .github/workflows/i386.yml (github-actions)
• .github/workflows/scorecard.yml (github-actions)
• .github/workflows/stale.yml (github-actions)
• go.mod (gomod)

Configuration Summary

Based on the default config's presets, Renovate will:

• Start dependency updates only once this onboarding PR is merged
• Hopefully safe environment variables to allow users to configure.
• Show all Merge Confidence badges for pull requests.
• Enable Renovate Dependency Dashboard creation.
• Use semantic commit type fix for dependencies and chore for all others if semantic commits are in use.
• Ignore node_modules, bower_components, vendor and various test/tests (except for nuget) directories.
• Group known monorepo packages together.
• Use curated list of recommended non-monorepo package groupings.
• Apply crowd-sourced package replacement rules.
• Apply crowd-sourced workarounds for known problems with packages.

🔡 Do you want to change how Renovate upgrades your dependencies? Add your custom config to renovate.json in this branch. Renovate will update the Pull Request description the next time it runs.

---

What to Expect

With your current configuration, Renovate will create 5 Pull Requests:

fix(deps): update github.com/rcrowley/go-metrics digest to 65e299d

• Schedule: ["at any time"]
• Branch name: renovate/g.yxqyang.asia-rcrowley-go-metrics-digest
• Merge into: main
• Upgrade github.com/rcrowley/go-metrics to 65e299d6c5c9

chore(deps): update github/codeql-action action to v3.28.18

• Schedule: ["at any time"]
• Branch name: renovate/github-codeql-action-3.x
• Merge into: main
• Upgrade github/codeql-action to ff0a06e83cb2de871e5a09832bc6a81e7276941f

chore(deps): update registry.access.redhat.com/ubi9/ubi-minimal docker tag to v9.6-1747218906

• Schedule: ["at any time"]
• Branch name: renovate/registry.access.redhat.com-ubi9-ubi-minimal-9.x
• Merge into: main
• Upgrade registry.access.redhat.com/ubi9/ubi-minimal to sha256:92b1d5747a93608b6adb64dfd54515c3c5a360802db4706765ff3d8470df6290

chore(deps): update docker.io/library/zookeeper docker tag to v3.9.3

• Schedule: ["at any time"]
• Branch name: renovate/docker.io-library-zookeeper-3.x
• Merge into: main
• Upgrade docker.io/library/zookeeper to 3.9.3

chore(deps): update ghcr.io/shopify/toxiproxy docker tag to v2.12.0

• Schedule: ["at any time"]
• Branch name: renovate/ghcr.io-shopify-toxiproxy-2.x
• Merge into: main
• Upgrade ghcr.io/shopify/toxiproxy to 2.12.0

🚸 Branch creation will be limited to maximum 2 per hour, so it doesn't swamp any CI resources or overwhelm the project. See docs for prhourlylimit for details.

---

❓ Got questions? Check out Renovate's Docs, particularly the Getting Started section.
If you need any further assistance then you can also request help here.

---

This PR was generated by Mend Renovate. View the repository job log.

[dnwe]

There's a few areas where renovate's customManagers might be useful to us and dependabot cannot currently satisfy, so lets start running renovate alongside and see how it goes