github: add Dependabot for managing versions in go.mod

Dependabot can automatically create PRs for packages that have have a
new release. By depending on recent versions of the consumed packages,
the result of the OpenSSF scorecard will improve.

See-also: https://deps.dev/go/github.com%2Fceph%2Fgo-ceph/
Signed-off-by: Niels de Vos <ndevos@redhat.com>

.github/dependabot.yml

@@ -0,0 +1,12 @@
+---
+version: 2
+updates:
+  - package-ecosystem: "gomod"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+    rebase-strategy: "disabled"
+    labels:
+      - rebase
+    commit-message:
+      prefix: "rebase"