updatecli: automate EDOT SDK k8s auto-instrumentation images to their latest version

[v1v]

What does this PR do?

Enable some automated dependency management for EDOT SDK docker images in the elastic-agent repository using updatecli. The automation tracks latest releases from EDOT SDK repositories and creates pull requests to update image versions in Helm chart configurations.

Why is it important?

Previously, EDOT SDK image versions in elastic-agent had to be updated manually, as shown in #7327. This manual process was time-consuming and could lead to outdated dependencies.

Checklist

• I have read and understood the pull request guidelines of this project.
• My code follows the style guidelines of this project
• I have commented my code, particularly in hard-to-understand areas
• I have made corresponding changes to the documentation
• I have made corresponding change to the default configuration files
• I have added tests that prove my fix is effective or that my feature works
• I have added an entry in ./changelog/fragments using the changelog tool
• I have added an integration test or an E2E test

Disruptive User Impact

How to test this PR locally

$ GITHUB_TOKEN=$(gh auth token) \
   GITHUB_ACTOR=v1v \
   updatecli diff --config .ci/updatecli/updatecli-bump-edot.yml --values .ci/updatecli/values.d/scm.yml

and

--- a/.ci/updatecli/values.d/scm.yml
+++ b/.ci/updatecli/values.d/scm.yml
@@ -1,8 +1,8 @@
 scm:
   enabled: true
-  owner: elastic
+  owner: v1v
   repository: elastic-agent
-  branch: main
+  branch: test/updatecli-branch
   commitusingapi: true
   # begin updatecli-compose policy values
   user: 'github-actions[bot]'

produced

SUMMARY:

⚠ Bump golang-version to latest version:
	Source:
		✔ [elastic-otel-dotnet] Get latest Elastic OTEL .NET release
		✔ [elastic-otel-java] Get latest Elastic OTEL Java release
		✔ [elastic-otel-node] Get latest Elastic OTEL Node.js release
		✔ [elastic-otel-python] Get latest Elastic OTEL Python release
		✔ [otel-go-instrumentation] Get latest OpenTelemetry Go Instrumentation release
	Target:
		⚠ [update-dotnet-managed-otlp] Update Elastic OTEL .NET image in values.yaml
		⚠ [update-go-main] Update OpenTelemetry Go Instrumentation image in values.yaml
		⚠ [update-java-managed-otlp] Update Elastic OTEL Java image in values.yaml
		⚠ [update-nodejs-managed-otlp] Update Elastic OTEL Node.js image in values.yaml
		⚠ [update-python-managed-otlp] Update Elastic OTEL Python image in managed_otlp/values.yaml


Run Summary
===========
Pipeline(s) run:
  * Changed:	1
  * Failed:	0
  * Skipped:	0
  * Succeeded:	0
  * Total:	1

then if I applied the changes

$ GITHUB_TOKEN=$(gh auth token) \
   GITHUB_ACTOR=v1v \
   updatecli apply --config .ci/updatecli/updatecli-bump-edot.yml --values .ci/updatecli/values.d/scm.yml

SUMMARY:

⚠ Bump golang-version to latest version:
	Source:
		✔ [elastic-otel-dotnet] Get latest Elastic OTEL .NET release
		✔ [elastic-otel-java] Get latest Elastic OTEL Java release
		✔ [elastic-otel-node] Get latest Elastic OTEL Node.js release
		✔ [elastic-otel-python] Get latest Elastic OTEL Python release
		✔ [otel-go-instrumentation] Get latest OpenTelemetry Go Instrumentation release
	Target:
		⚠ [update-dotnet-managed-otlp] Update Elastic OTEL .NET image in values.yaml
		⚠ [update-go-main] Update OpenTelemetry Go Instrumentation image in values.yaml
		⚠ [update-java-managed-otlp] Update Elastic OTEL Java image in values.yaml
		⚠ [update-nodejs-managed-otlp] Update Elastic OTEL Node.js image in values.yaml
		⚠ [update-python-managed-otlp] Update Elastic OTEL Python image in managed_otlp/values.yaml


Run Summary
===========
Pipeline(s) run:
  * Changed:	1
  * Failed:	0
  * Skipped:	0
  * Succeeded:	0
  * Total:	1

One action to follow up:
  * https://github.com/v1v/elastic-agent/pull/11

Caveats

It removes the inline comments:

Shall we remove them? Or move them one line above so they are not removed by the updatecli automation?

• 6b4ae3e

Related issues

Questions to ask yourself

• How are we going to support this in production?
• How are we going to measure its adoption?
• How are we going to debug this?
• What are the metrics I should take care of?
• ...

[oakrizan]

lgtm

[fr4nc1sc0-r4m0n]

LGTM

Regarding the caveat, I would like to keep those comments putting them just in the line above

[ChrsMark]

Changes in kube-stack files look good to me.

[elasticmachine]

⏳ Build in-progress, with failures

• Buildkite Build
• Commit: 6b4ae3e

Failed CI Steps

• Packaging: Containers linux/amd64

cc @v1v

[v1v]

Regarding the caveat, I would like to keep those comments putting them just in the line above

I changed it at 6b4ae3e (#9686) and tested the changes locally, so v1v#12 works nicely now

[elastic-sonarqube]

Quality Gate passed

Issues
0 New issues
0 Fixed issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarQube

[pkoutsovasilis]

I reviewed only the github action and it makes sense, however I don't know the specifics of the EDOT SDK versioning

[fr4nc1sc0-r4m0n]

LGTM

[github-actions]

@Mergifyio backport 8.18 8.19 9.0 9.1

[mergify]

backport 8.18 8.19 9.0 9.1

✅ Backports have been created

• #9758 [8.18] (backport #9686) updatecli: automate EDOT SDK k8s auto-instrumentation images to their latest version has been created for branch 8.18
• #9759 [8.19] (backport #9686) updatecli: automate EDOT SDK k8s auto-instrumentation images to their latest version has been created for branch 8.19
• #9760 [9.0] (backport #9686) updatecli: automate EDOT SDK k8s auto-instrumentation images to their latest version has been created for branch 9.0
• #9761 [9.1] (backport #9686) updatecli: automate EDOT SDK k8s auto-instrumentation images to their latest version has been created for branch 9.1