chore: Configure Renovate

[redhat-renovate-bot]

Welcome to Renovate! This is an onboarding PR to help you understand and configure settings before regular Pull Requests begin.

🚦 To activate Renovate, merge this Pull Request. To disable Renovate, simply close this Pull Request unmerged.

---

Detected Package Files

• build/Dockerfile (dockerfile)
• .github/workflows/check_hashicorp_modules.yaml (github-actions)
• go.mod (gomod)

Configuration Summary

Based on the default config's presets, Renovate will:

• Start dependency updates only once this onboarding PR is merged
• Enable Renovate Dependency Dashboard creation.
• Use semantic commit type fix for dependencies and chore for all others if semantic commits are in use.
• Ignore node_modules, bower_components, vendor and various test/tests (except for nuget) directories.
• Group known monorepo packages together.
• Use curated list of recommended non-monorepo package groupings.
• Apply crowd-sourced package replacement rules.
• Apply crowd-sourced workarounds for known problems with packages.
• Enable Renovate Dependency Dashboard creation.
• Use semantic commit type fix for dependencies and chore for all others if semantic commits are in use.
• Ignore node_modules, bower_components, vendor and various test/tests (except for nuget) directories.
• Group known monorepo packages together.
• Use curated list of recommended non-monorepo package groupings.
• Apply crowd-sourced package replacement rules.
• Apply crowd-sourced workarounds for known problems with packages.
• Pin Docker digests.
• Pin github-action digests.
• Enable Renovate configuration migration PRs when needed.
• Pin dependency versions for devDependencies.
• Run lock file maintenance (updates) early Monday mornings.
• Enable the pre-commit manager.
• Group all updates together.
• Update _VERSION variables in Dockerfiles.
• Weekly schedule on early Monday mornings.
• Use specific versioning for Red Hat-maintained container images.
• Append Signed-off-by: to signoff Git commits.
• Disable pinning of Docker dependency digests.
• Default preset for use with Renovate's repos
• Run Renovate on following schedule: before 4am on Monday

🔡 Do you want to change how Renovate upgrades your dependencies? Add your custom config to renovate.json in this branch. Renovate will update the Pull Request description the next time it runs.

---

What to Expect

With your current configuration, Renovate will create 3 Pull Requests:

chore(deps): update module golang.org/x/net to v0.33.0 [security]

• Branch name: renovate/go-golang.org-x-net-vulnerability
• Merge into: main
• Upgrade golang.org/x/net to v0.33.0

chore(deps): update actions/checkout action to v4

• Schedule: ["before 4am on Monday"]
• Branch name: renovate/all
• Merge into: main
• Upgrade actions/checkout to v4

chore(deps): update go updates

• Schedule: ["before 4am on Monday"]
• Branch name: renovate/go-updates
• Merge into: main
• Upgrade github.com/emicklei/go-restful/v3 to v3.12.1
• Upgrade github.com/fsnotify/fsnotify to v1.8.0
• Upgrade github.com/go-logr/logr to v1.4.2
• Upgrade github.com/go-openapi/jsonpointer to v0.21.0
• Upgrade github.com/go-openapi/jsonreference to v0.21.0
• Upgrade github.com/go-openapi/swag to v0.23.0
• Upgrade github.com/golang/glog to 04dbec0df8d03d5c187beaf5ce8e6c58e9fc82b5
• Upgrade github.com/google/gnostic-models to v0.6.9
• Upgrade github.com/google/uuid to v1.6.0
• Upgrade github.com/imdario/mergo to v1.0.1
• Upgrade github.com/mailru/easyjson to v0.9.0
• Upgrade github.com/nxadm/tail to v1.4.11
• Upgrade github.com/onsi/ginkgo to v2.22.1
• Upgrade github.com/onsi/gomega to v1.36.1
• Upgrade github.com/vishvananda/netlink to 6f5713947556a0288c5cb71f036f9e91924ebcaa
• Upgrade github.com/vishvananda/netns to 4c46424d73b556b3ea4bc5a7cec9e7376dcb2a73
• Upgrade go to 1.23.4
• Upgrade golang.org/x/oauth2 to v0.24.0
• Upgrade golang.org/x/sys to v0.28.0
• Upgrade golang.org/x/term to v0.27.0
• Upgrade golang.org/x/text to v0.21.0
• Upgrade golang.org/x/time to v0.8.0
• Upgrade golang.org/x/tools to v0.28.0
• Upgrade google.golang.org/appengine to v2.0.6
• Upgrade google.golang.org/protobuf to v1.36.0
• Upgrade gopkg.in/yaml.v2 to v3.0.1
• Upgrade k8s.io/api to v0.32.0
• Upgrade k8s.io/apimachinery to v0.32.0
• Upgrade k8s.io/client-go to v0.32.0
• Upgrade k8s.io/klog/v2 to v2.130.1
• Upgrade k8s.io/kube-openapi to 2c72e554b1e7
• Upgrade k8s.io/utils to 24370beab758
• Upgrade kubevirt.io/qe-tools to v0.1.8
• Upgrade sigs.k8s.io/json to cfa47c3a1cc8
• Upgrade sigs.k8s.io/structured-merge-diff/v4 to v4.5.0
• Upgrade sigs.k8s.io/yaml to v1.4.0

🚸 Branch creation will be limited to maximum 2 per hour, so it doesn't swamp any CI resources or overwhelm the project. See docs for prhourlylimit for details.

---

Warning

Please correct - or verify that you can safely ignore - these dependency lookup failures before you merge this PR.

• Could not determine new digest for update (go package github.com/go-task/slim-sprig)

Files affected: go.mod

---

❓ Got questions? Check out Renovate's Docs, particularly the Getting Started section.
If you need any further assistance then you can also request help here.

---

This PR has been generated by Renovate Bot.

[kubevirt-bot]

Adding the "do-not-merge/release-note-label-needed" label because no release-note block was detected, please follow our release note process to remove it.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[kubevirt-bot]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please assign phoracek for approval. For more information see the Kubernetes Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment