Remove dependabot gradle wrapper (#5746)

.github/dependabot.yml

@@ -1,29 +0,0 @@
-version: 2
-registries:
-  gradle-plugin-portal:
-    type: maven-repository
-    url: https://plugins.gradle.org/m2
-    username: dummy # Required by dependabot
-    password: dummy # Required by dependabot
-updates:
-  - package-ecosystem: "github-actions"
-    directory: "/"
-    schedule:
-      interval: "daily"
-
-  - package-ecosystem: "gradle"
-    directory: "/"
-    registries:
-      - gradle-plugin-portal
-    schedule:
-      interval: "daily"
-    open-pull-requests-limit: 10
-    ignore:
-      - dependency-name: "edu.berkeley.cs.jqf:jqf-fuzz"
-      - dependency-name: "org.jetbrains.kotlinx:kotlinx-coroutines-core"
-      # Ignore updates to next mockito major version 5.x.x, which requires Java 11
-      - dependency-name: "org.mockito:mockito-core"
-        update-types: ["version-update:semver-major"]
-      - dependency-name: "org.junit-pioneer:junit-pioneer"
-        # junit-pioneer 2.x requires Java 11
-        versions: [ "[1,)" ]

.github/repository-settings.md

@@ -36,11 +36,11 @@ Same settings as above for `main`, except:
 
   (So that opentelemetrybot can create release branches)
 
-### `dependabot/**/**`, `renovate/**/**`, `opentelemetrybot/*`, and `gradlew-update-*`
+### `renovate/**/**`, and `opentelemetrybot/*`
 
 * Require status checks to pass before merging: UNCHECKED
 
-  (So that dependabot PRs can be rebased)
+  (So that renovate PRs can be rebased)
 
 * Restrict who can push to matching branches: UNCHECKED
 
@@ -48,7 +48,7 @@ Same settings as above for `main`, except:
 
 * Allow force pushes > Everyone
 
-  (So that dependabot PRs can be rebased)
+  (So that renovate PRs can be rebased)
 
 * Allow deletions: CHECKED
 

.github/scripts/draft-change-log-entries.sh

@@ -28,7 +28,7 @@ echo
 
 git log --reverse \
         --perl-regexp \
-        --author='^(?!dependabot\[bot\] )' \
+        --author='^(?!renovate\[bot\] )' \
         --pretty=format:"* %s" \
         "$range" \
   | sed -E 's,\(#([0-9]+)\)$,\n  ([#\1](https://github.com/open-telemetry/opentelemetry-java/pull/\1)),'

.github/scripts/generate-release-contributors.sh

@@ -84,7 +84,7 @@ echo $contributors1 $contributors2 \
   | sort -uf \
   | grep -v linux-foundation-easycla \
   | grep -v github-actions \
-  | grep -v dependabot \
+  | grep -v renovate \
   | grep -v codecov \
   | grep -v opentelemetrybot \
   | sed 's/^/@/'

.github/workflows/owasp-dependency-check-daily.yml

@@ -1,5 +1,5 @@
-# the benefit of this over dependabot is that this also analyzes transitive dependencies
-# while dependabot (at least currently) only analyzes top-level dependencies
+# the benefit of this over renovate is that this also analyzes transitive dependencies
+# while renovate (at least currently) only analyzes top-level dependencies
 name: OWASP dependency check (daily)
 
 on:

.github/workflows/reusable-workflow-notification.yml

@@ -1,34 +0,0 @@
-# this is useful because notifications for scheduled workflows are only sent to the user who
-# initially created the given workflow
-name: Reusable - Workflow notification
-
-on:
-  workflow_call:
-    inputs:
-      success:
-        type: boolean
-        required: true
-
-jobs:
-  workflow-notification:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v3
-
-      - name: Open issue or add comment if issue already open
-        env:
-          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        run: |
-          number=$(gh issue list --search "Workflow failed: $GITHUB_WORKFLOW" --limit 1 --json number -q .[].number)
-
-          if [[ $number ]]; then
-            if [[ "${{ inputs.success }}" == "true" ]]; then
-              gh issue close $number
-            else
-              gh issue comment $number \
-                               --body "See [$GITHUB_WORKFLOW #$GITHUB_RUN_NUMBER](https://github.com/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID)."
-            fi
-          elif [[ "${{ inputs.success }}" == "false" ]]; then
-            gh issue create --title "Workflow failed: $GITHUB_WORKFLOW (#$GITHUB_RUN_NUMBER)" \
-                            --body "See [$GITHUB_WORKFLOW #$GITHUB_RUN_NUMBER](https://github.com/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID)."
-          fi

.github/workflows/update-gradle-wrappers-daily.yml

@@ -1,34 +0,0 @@
-name: Update gradle wrappers (daily)
-
-on:
-  schedule:
-    # daily at 1:30 UTC
-    - cron: "30 1 * * *"
-  workflow_dispatch:
-
-jobs:
-  update-gradle-wrapper:
-    runs-on: ubuntu-latest
-
-    steps:
-      - uses: actions/checkout@v3
-
-      - id: setup-java
-        uses: actions/setup-java@v3
-        with:
-          distribution: temurin
-          java-version: 17
-
-      - name: Update Gradle Wrapper
-        uses: gradle-update/update-gradle-wrapper-action@v1
-        with:
-          # not using secrets.GITHUB_TOKEN since pull requests from that token do not run workflows
-          github-token: ${{ secrets.OPENTELEMETRYBOT_GITHUB_TOKEN }}
-
-  workflow-notification:
-    needs:
-      - update-gradle-wrapper
-    if: always()
-    uses: ./.github/workflows/reusable-workflow-notification.yml
-    with:
-      success: ${{ needs.update-gradle-wrapper.result == 'success' }}