Replace sast-analyzer-deps-bot with renovate

Proposal

We decided to create a custom sast-analyzer-deps-bot to handle automated dependency management as part of Proposal: Automate SAST Analyzers Monthly Updates (#366864 - closed) • Vishwa Bhat • 15.3. At the time, the renovate bot was unable handle some of our requirements, so that's why we decided on a custom solution. However, 3 years have now passed since this decision, and it seems renovate can now handle all of our requirements, so the purpose of this issue is to investigate replacing the custom sast-analyzer-deps-bot with renovate.

Reasons to migrate

1. The sast-analyzer-deps-bot requires complex access token configuration, needing three separate access tokens and different token configurations for various scheduled pipelines.
2. (To be determined) The Release Issue Generation functionality of the sast-analyzer-deps-bot might not even be necessary.
3. The sast-analyzer-deps-bot requires maintenance effort, whereas renovate is a turnkey solution.

Implementation Plan

1. Generate forks for SAST projects by adding to forks/config.tfvars based on this doc through this MR
   • PMD Apex
   • KubeSec
   • Sobelow
   • KICS
   • Spotbugs
   • Semgrep
2. Update changelog-parser with script to add new entry to changelog
   • Add update command MR
   • Add support for multiple messages for the update command MR
3. Add new template to ci-templates repo to update changelog with correct MR IID.
   • WIP MR
4. Update sast-bot script to download and run changelog-parser
   • WIP MR
5. Create Config for SAST projects based on this doc through this MR.
   • Semgrep MR
   • PMD Apex
   • KubeSec
   • Sobelow
   • KICS
   • Spotbugs
6. Remove the following pipeline schedules from the sast-analyzer-deps-bot that generates the SAST dependency update MRs
   • PMD Apex
   • KubeSec
   • Sobelow
   • KICS
   • Spotbugs
   • Semgrep

/cc @amarpatel @thiagocsf @vbhat161 @hacks4oats