chore: Configure Renovate

[elastic-renovate-prod]

Welcome to Renovate! This is an onboarding PR to help you understand and configure settings before regular Pull Requests begin.

🚦 To activate Renovate, merge this Pull Request. To disable Renovate, simply close this Pull Request unmerged.

---

Detected Package Files

• contrib/googletest/WORKSPACE (bazel)
• docker/Dockerfile.builder (dockerfile)
• docker/Dockerfile.imagepack (dockerfile)
• testing/kernel_builder/Dockerfile.new (dockerfile)
• testing/kernel_builder/Dockerfile.old (dockerfile)
• .github/workflows/build.yml (github-actions)
• .github/workflows/ci.yml (github-actions)
• .github/workflows/issues.yml (github-actions)
• .github/workflows/multikernel-tester.yml (github-actions)
• contrib/libbpf/.github/actions/vmtest/action.yml (github-actions)
• contrib/libbpf/.github/workflows/build.yml (github-actions)
• contrib/libbpf/.github/workflows/cifuzz.yml (github-actions)
• contrib/libbpf/.github/workflows/codeql.yml (github-actions)
• contrib/libbpf/.github/workflows/coverity.yml (github-actions)
• contrib/libbpf/.github/workflows/lint.yml (github-actions)
• contrib/libbpf/.github/workflows/ondemand.yml (github-actions)
• contrib/libbpf/.github/workflows/pahole.yml (github-actions)
• contrib/libbpf/.github/workflows/test.yml (github-actions)
• testing/testrunner/go.mod (gomod)
• contrib/googletest/docs/_layouts/default.html (html)
• contrib/libbpf/docs/sphinx/requirements.txt (pip_requirements)
• docker/Dockerfile.builder (regex)
• docker/Dockerfile.imagepack (regex)
• docker/Dockerfile.builder (regex)
• docker/Dockerfile.imagepack (regex)

Configuration Summary

Based on the default config's presets, Renovate will:

• Start dependency updates only once this onboarding PR is merged
• Chainguard Renovate configuration (https://ela.st/wolfi)
• Chainguard Renovate configuration (https://ela.st/wolfi)
• Enable Renovate Dependency Dashboard creation.
• Use semantic commit type fix for dependencies and chore for all others if semantic commits are in use.
• Ignore node_modules, bower_components, vendor and various test/tests directories.
• Group known monorepo packages together.
• Use curated list of recommended non-monorepo package groupings.
• Apply crowd-sourced package replacement rules.
• Apply crowd-sourced workarounds for known problems with packages.
• Pin Docker digests.
• Pin github-action digests.
• Pin dependency versions for devDependencies.
• Preset with best practices from the Renovate maintainers. Recommended for advanced users, who want to follow our best practices.
• Shared Renovate configuration for an out-of-the-box set of defaults for Renovate at Elastic

🔡 Do you want to change how Renovate upgrades your dependencies? Add your custom config to renovate.json in this branch. Renovate will update the Pull Request description the next time it runs.

---

What to Expect

With your current configuration, Renovate will create 17 Pull Requests:

chore(deps): pin dependencies

• Schedule: ["at any time"]
• Branch name: renovate/pin-dependencies
• Merge into: main
• Upgrade actions/add-to-project to a9f041ddd462ed185893ea1024cec954f50dbe42
• Upgrade actions/checkout to f43a0e5ff2bd294095638e18286ca9a3d1956744
• Upgrade actions/checkout to ee0669bd1cc54295c223e0bb666b733df41de1c5
• Upgrade actions/download-artifact to fa0a91b85d4f404e444e00e005971372dc801d16
• Upgrade actions/setup-go to 6edd4406fa81c3da01a34fa6f6343087c207a568
• Upgrade actions/upload-artifact to 3446296876d12d4e3a0f3145a3c87e67bf0a16b5
• Upgrade actions/upload-artifact to 50769540e7f4bd5e21e526ee35c689e35e0d6874
• Upgrade debian to sha256:152b9a5dc2a03f18ddfd88fbe7b1df41bd2b16be9f2df573a373caf46ce78c08
• Upgrade docker.io/centos to sha256:be65f488b7764ad3638f236b7b515b3678369a5124c47b8d32916d6487418ea4
• Upgrade docker.io/ubuntu to sha256:dfc10878be8d8fc9c61cbff33166cb1d1fe44391539243703c72766894fa834a
• Upgrade docker.io/ubuntu to sha256:58b87898e82351c6cf9cf5b9f3c20257bb9e2dcf33af051e12ce532d7f94e3fe
• Upgrade github/codeql-action to d97ba04b39135f37e9d60c84a6995bb18b7ac328
• Upgrade uraimo/run-on-arch-action to cd5f294c3b7be88bc5b708fe25e1af36818f9ead

chore(deps): update com_google_absl digest to c6b2735

• Schedule: ["at any time"]
• Branch name: renovate/com_google_absl-digest
• Merge into: main
• Upgrade com_google_absl to c6b27359c3d27438b1313dddd7598914c1274a50

chore(deps): update rules_cc digest to 848d56a

• Schedule: ["at any time"]
• Branch name: renovate/rules_cc-digest
• Merge into: main
• Upgrade rules_cc to 848d56aa290b17535797f56ceafca39ab64d577f

chore(deps): update rules_python digest to 18380a2

• Schedule: ["at any time"]
• Branch name: renovate/rules_python-digest
• Merge into: main
• Upgrade rules_python to 18380a283d73060db856c2f3d105a0290143971a

chore(deps): update actions/add-to-project action to v0.6.1

• Schedule: ["at any time"]
• Branch name: renovate/actions-add-to-project-0.x
• Merge into: main
• Upgrade actions/add-to-project to 1b844f0c5ac6446a402e0cb3693f9be5eca188c5

chore(deps): update dependency anchor-js to v4.3.1

• Schedule: ["at any time"]
• Branch name: renovate/anchor-js-4.x
• Merge into: main
• Upgrade anchor-js to sha512-zPB79j2C+3sFS9zcA3vg/z6bVKzJVEyu9pY5w89akQRys76zpAT2t6S3wZKla3QQ14O5l/Yt0RUQ/DHXx82Y5g==

chore(deps): update uraimo/run-on-arch-action action to v2.7.2

• Schedule: ["at any time"]
• Branch name: renovate/uraimo-run-on-arch-action-2.x
• Merge into: main
• Upgrade uraimo/run-on-arch-action to b0ffb25eb00af00468375982384441f063da1741

chore(deps): update actions/add-to-project action to v1

• Schedule: ["at any time"]
• Branch name: renovate/actions-add-to-project-1.x
• Merge into: main
• Upgrade actions/add-to-project to 244f685bbc3b7adfa8466e08b698b5577571133e

chore(deps): update actions/checkout action to v4

• Schedule: ["at any time"]
• Branch name: renovate/actions-checkout-4.x
• Merge into: main
• Upgrade actions/checkout to 692973e3d937129bcbf40652eb9f2f61becf3332

chore(deps): update actions/setup-go action to v5

• Schedule: ["at any time"]
• Branch name: renovate/actions-setup-go-5.x
• Merge into: main
• Upgrade actions/setup-go to 0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32

chore(deps): update actions/upload-artifact action to v4

• Schedule: ["at any time"]
• Branch name: renovate/major-github-artifact-actions
• Merge into: main
• Upgrade actions/upload-artifact to 50769540e7f4bd5e21e526ee35c689e35e0d6874

chore(deps): update debian docker tag to v12

• Schedule: ["at any time"]
• Branch name: renovate/debian-12.x
• Merge into: main
• Upgrade debian to sha256:27586f4609433f2f49a9157405b473c62c3cb28a581c413393975b4e8496d0ab

chore(deps): update dependency anchor-js to v5

• Schedule: ["at any time"]
• Branch name: renovate/anchor-js-5.x
• Merge into: main
• Upgrade anchor-js to sha512-byAcNWVEzFfu+tZItctr+WIMUJvpzT2kokkqcBq+VsrM3OrC5Aj9E2gh+hHpU0XNA3wDmX4sDbV5/nkhvTrj4w==

chore(deps): update dependency ubuntu to v22

• Schedule: ["at any time"]
• Branch name: renovate/ubuntu-22.x
• Merge into: main
• Upgrade ubuntu to 22.04

chore(deps): update docker.io/centos docker tag to v8

• Schedule: ["at any time"]
• Branch name: renovate/docker.io-centos-8.x
• Merge into: main
• Upgrade docker.io/centos to sha256:a27fd8080b517143cbbbab9dfb7c8571c40d67d534bbdee55bd6c473f432b177

chore(deps): update docker.io/ubuntu docker tag to v24

• Schedule: ["at any time"]
• Branch name: renovate/docker.io-ubuntu-24.x
• Merge into: main
• Upgrade docker.io/ubuntu to sha256:dfc10878be8d8fc9c61cbff33166cb1d1fe44391539243703c72766894fa834a

chore(deps): update github/codeql-action action to v3

• Schedule: ["at any time"]
• Branch name: renovate/github-codeql-action-3.x
• Merge into: main
• Upgrade github/codeql-action to 461ef6c76dfe95d5c364de2f431ddbd31a417628

🚸 Branch creation will be limited to maximum 2 per hour, so it doesn't swamp any CI resources or overwhelm the project. See docs for prhourlylimit for details.

---

❓ Got questions? Check out Renovate's Docs, particularly the Getting Started section.
If you need any further assistance then you can also request help here.

---

This PR has been generated by Renovate Bot.