Configure security vuln dependabot automation for latest image.

[bwplotka]

I think https://github.com/prometheus/client_golang/security/dependabot works great, but it's easy to forget we might have NOT released those patches on the latest release. Let's make sure we are notified/dependabot ports patches.

See #1494

[ying-jeanne]

Hey @bwplotka, I noticed that Dependabot only updates the default branch for security patches. Do we open to switch to Renovate? the later is used in Mimir, and it handles multiple branches better and seems more flexible. wdyt, or do you have another idea in mind?

[bwplotka]

Whatever works! (:

[ArthurSens]

If we move forward with renovate, I'd love to see this workflow still working 🙈. It currently depends on the github action dependabot/fetch-metadata, not sure how this works with renovate

[stale]

Hello 👋 Looks like there was no activity on this issue for the last 3 months. Do you mind updating us on the status? Is this still reproducible or needed? If yes, just comment on this PR or push a commit. Thanks! 🤗
If there will be no activity in the next 4 weeks, this issue will be closed (we can always reopen an issue if we need!).