chore: Configure Renovate

[stackable-bot]

Welcome to Renovate! This is an onboarding PR to help you understand and configure settings before regular Pull Requests begin.

🚦 To activate Renovate, merge this Pull Request. To disable Renovate, simply close this Pull Request unmerged.

---

Detected Package Files

• tools/harbor-garbage-collector/Cargo.toml (cargo)
• tools/harbor-sbom-browser/Cargo.toml (cargo)
• tools/monitor-oci-artifacts/Cargo.toml (cargo)
• tools/nexus-garbage-collector/Cargo.toml (cargo)
• apps/docker/jenkins-job-builder/Dockerfile (dockerfile)
• apps/docker/operator-test-runner/Dockerfile (dockerfile)
• tools/harbor-garbage-collector/Dockerfile (dockerfile)
• tools/harbor-sbom-browser/Dockerfile (dockerfile)
• tools/matterbridge/Dockerfile (dockerfile)
• tools/monitor-oci-artifacts/Dockerfile (dockerfile)
• tools/nexus-garbage-collector/Dockerfile (dockerfile)
• .github/workflows/build_harbor_garbage_collector.yml (github-actions)
• .github/workflows/build_harbor_sbom_browser.yml (github-actions)
• .github/workflows/build_matterbridge.yml (github-actions)
• .github/workflows/build_nexus_garbage_collector.yml (github-actions)
• .github/workflows/build_oci_monitor.yml (github-actions)
• .github/workflows/renovate.yml (github-actions)
• renovate.json (renovate-config-presets)

Configuration Summary

Based on the default config's presets, Renovate will:

• Start dependency updates only once this onboarding PR is merged
• Enable Renovate Dependency Dashboard creation.
• Use semantic commit type fix for dependencies and chore for all others if semantic commits are in use.
• Ignore node_modules, bower_components, vendor and various test/tests (except for nuget) directories.
• Group known monorepo packages together.
• Use curated list of recommended non-monorepo package groupings.
• Show only the Age and Confidence Merge Confidence badges for pull requests.
• Apply crowd-sourced package replacement rules.
• Apply crowd-sourced workarounds for known problems with packages.
• Pin Docker digests.
• Pin github-action digests.
• Enable Renovate configuration migration PRs when needed.
• Pin dependency versions for development dependencies.
• Recommended configuration for abandoned packages, treating packages without a release for 1 year as abandoned, while taking into account community-sourced overrides.
• Wait until the npm package is three days old before raising the update. This a) introduces a short delay to allow for malware researchers and scanners to (possibly) detect any malicious behaviour in packages, and b) prevents the maintainer and/or NPM from unpublishing a package you already upgraded to, breaking builds.
• Enable Renovate Dependency Dashboard approval workflow.
• Remove limit for open PRs at any time.
• Removes rate limit for PR creation per hour.
• Convert pinned GitHub Action digests to SemVer.
• Run Renovate on following schedule:

🔡 Do you want to change how Renovate upgrades your dependencies? Add your custom config to renovate.json in this branch. Renovate will update the Pull Request description the next time it runs.

---

What to Expect

With your current configuration, Renovate will create 19 Pull Requests:

chore(deps): update rust crate tracing-subscriber to v0.3.20 [security]

• Branch name: renovate/crate-tracing-subscriber-vulnerability
• Merge into: main
• Upgrade tracing-subscriber to 0.3.20

chore(deps): update rust crate tokio to v1.38.2 [security]

• Branch name: renovate/crate-tokio-vulnerability
• Merge into: main
• Upgrade tokio to 1.38.2

chore(deps): pin dependencies

• Branch name: renovate/pin-dependencies
• Merge into: main
• Upgrade actions/checkout to f43a0e5ff2bd294095638e18286ca9a3d1956744
• Upgrade oci.stackable.tech/sdp/ubi8-rust-builder to sha256:8ad6fa16363d789a58053dd99cbccf40a5f8c73f48f342522fa9111f819766e6
• Upgrade oci.stackable.tech/sdp/ubi9-rust-builder to sha256:04048076f7e901b394280b9fd4ca7e4fba66870034aa88655197d6a1b93e9022
• Upgrade python to sha256:e6b1f7011589cc717a5112e6fdb56217e9e734a57e4cb50216e912b068b392a8
• Upgrade registry.access.redhat.com/ubi8/ubi-minimal to sha256:951ee3cabb74246821ae31c2b808b7789310f5509882c153b7b178aaaeefa2d3
• Upgrade registry.access.redhat.com/ubi9/ubi-minimal to sha256:53ea1f6d835898acda5becdb3f8b1292038a480384bbcf994fc0bcf1f7e8eaf7
• Upgrade ubuntu to sha256:e96e81f410a9f9cae717e6cdd88cc2a499700ff0bb5061876ad24377fcc517d7

chore(deps): update registry.access.redhat.com/ubi9/ubi-minimal:9.6 docker digest to 34880b6

• Branch name: renovate/registry.access.redhat.com-ubi9-ubi-minimal-9.6
• Merge into: main
• Upgrade registry.access.redhat.com/ubi9/ubi-minimal to sha256:34880b64c07f28f64d95737f82f891516de9a3b43583f39970f7bf8e4cfa48b7

chore(deps): update ubuntu docker digest to e96e81f

• Branch name: renovate/ubuntu
• Merge into: main
• Upgrade ubuntu to sha256:e96e81f410a9f9cae717e6cdd88cc2a499700ff0bb5061876ad24377fcc517d7

chore(deps): update all dependencies (patch only)

• Branch name: renovate/all-dependencies-(patch-only)
• Merge into: main
• Upgrade base64 to 0.22.1
• Upgrade env_logger to 0.11.8
• Upgrade futures to 0.3.31
• Upgrade log to 0.4.28
• Upgrade serde to 1.0.228
• Upgrade serde_json to 1.0.145
• Upgrade snafu to 0.8.9
• Upgrade tracing to 0.1.41

chore(deps): update actions/checkout action to v4.3.0

• Branch name: renovate/actions-checkout-4.x
• Merge into: main
• Upgrade actions/checkout to 08eba0b27e820071cde6df949e0beb9ba4906955

chore(deps): update docker/login-action action to v3.6.0

• Branch name: renovate/docker-login-action-3.x
• Merge into: main
• Upgrade docker/login-action to 5e57cd118135c172c3672efd75eb46360885c0ef

chore(deps): update registry.access.redhat.com/ubi9/ubi-minimal docker tag to v9.7-1762956380

• Branch name: renovate/registry.access.redhat.com-ubi9-ubi-minimal-9.x
• Merge into: main
• Upgrade registry.access.redhat.com/ubi9/ubi-minimal to sha256:53ea1f6d835898acda5becdb3f8b1292038a480384bbcf994fc0bcf1f7e8eaf7

chore(deps): update rust crate lazy_static to v1.5.0

• Branch name: renovate/lazy_static-1.x-lockfile
• Merge into: main
• Upgrade lazy_static to 1.5.0

chore(deps): update rust crate regex to v1.12.2

• Branch name: renovate/regex-1.x-lockfile
• Merge into: main
• Upgrade regex to 1.12.2

chore(deps): update sigstore/cosign-installer action to v3.10.1

• Branch name: renovate/sigstore-cosign-installer-3.x
• Merge into: main
• Upgrade sigstore/cosign-installer to 7e8b541eb2e61bf99390e1afd4be13a184e9ebc5

fix(deps): update axum monorepo

• Branch name: renovate/axum-monorepo
• Merge into: main
• Upgrade axum to 0.8.0
• Upgrade axum-extra to 0.12.0

fix(deps): update rust crate reqwest to 0.12.0

• Branch name: renovate/reqwest-0.x
• Merge into: main
• Upgrade reqwest to 0.12.0

fix(deps): update rust crate strum to 0.27.0

• Branch name: renovate/strum-monorepo
• Merge into: main
• Upgrade strum to 0.27.0

chore(deps): update actions/checkout action to v5

• Branch name: renovate/actions-checkout-5.x
• Merge into: main
• Upgrade actions/checkout to 08c6903cd8c0fde910a37f88322edcfb5dd907a8

chore(deps): update docker/build-push-action action to v6

• Branch name: renovate/docker-build-push-action-6.x
• Merge into: main
• Upgrade docker/build-push-action to 263435318d21b8e681c14492fe198d362a7d2c83

chore(deps): update sigstore/cosign-installer action to v4

• Branch name: renovate/sigstore-cosign-installer-4.x
• Merge into: main
• Upgrade sigstore/cosign-installer to faadad0cce49287aee09b3a48701e75088a2c6ad

chore(deps): lock file maintenance

• Branch name: renovate/lock-file-maintenance
• Merge into: main
• Regenerate lock files to use latest dependency versions

---

❓ Got questions? Check out Renovate's Docs, particularly the Getting Started section.
If you need any further assistance then you can also request help here.

---

This PR has been generated by Renovate Bot.