Add Dependabot config for release-0.24 branch

[tpantelis]

Summary by CodeRabbit

• Chores
  • Updated internal CI/CD configuration for improved dependency management on the release branch.

---

Note: This release includes no user-facing changes.

[submariner-bot]

🤖 Created branch: z_pr2394/tpantelis/add-dependabot-0.24

[coderabbitai]

Walkthrough

Configuration update to .github/dependabot.yml to add dependency management rules for the release-0.24 branch. Introduces monthly GitHub Actions updates and weekly Go module updates, with specific allow/ignore rules for Kubernetes client-go dependencies to prevent cross-branch version conflicts.

Changes

Cohort / File(s)	Summary
Dependabot Configuration .github/dependabot.yml	Adds github-actions and gomod ecosystem update jobs for release-0.24 branch; configures weekly Go module updates with allowlist for k8s.io/client-go and version constraints on k8s.io/* packages to prevent incompatible upgrades.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~5 minutes

Suggested labels

dependencies, github_actions

Suggested reviewers

• mkolesnik
• Oats87
• skitt
• sridhargaddam
• vthapar

---

Caution

Pre-merge checks failed

Please resolve all errors before merging. Addressing warnings is optional.

• Ignore

❌ Failed checks (1 error)

Check name	Status	Explanation	Resolution
Actionable Comments Resolved	❌ Error	The actionable comment has not been resolved. The release-0.24 configuration in lines 184-186 remains identical to release-0.23, tracking the 0.35 branch instead of the required 0.36 branch.	Update lines 184-186 to change the comment to '0.24 tracks the 0.36 branch' and update the versions constraint from '>= 0.36.0-alpha.0' to '>= 0.37.0-alpha.0'.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately summarizes the main change: adding Dependabot configuration for the release-0.24 branch, which matches the file changes and PR objectives.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In @.github/dependabot.yml:
- Around line 184-186: The dependabot entry for release-0.24 currently lists
"dependency-name: k8s.io/*" with versions ">= 0.36.0-alpha.0" but the comment
says the tracked Kubernetes minor branch should be 0.36 (not 0.35); update the
release-0.24 dependabot configuration so it follows the established pattern by
adjusting the k8s tracking version to target the 0.36 branch (i.e., change the
versions constraint used for the k8s.io/* dependency under release-0.24 to
reflect the 0.36 series).

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 0de2ab1e-657e-4a64-a35d-265669e00138

📥 Commits

Reviewing files that changed from the base of the PR and between c2d57d2 and 2d271ff.

📒 Files selected for processing (1)

• .github/dependabot.yml

[tpantelis]

@coderabbitai approve

[coderabbitai]

✅ Actions performed

Comments resolved and changes approved.

[submariner-bot]

🤖 Closed branches: [z_pr2394/tpantelis/add-dependabot-0.24]