Less frequent, and grouped dependabot updates

Monthly may seem like an excaggeration, but our only real dependency
is OPA, and we update that anyway. The rest are just peripheral anyway,
and security related updates will be suggested immediately regardless.

Signed-off-by: Anders Eknert <[email protected]>

Author: anderseknert

.github/dependabot.yml

@@ -3,11 +3,15 @@ updates:
   - package-ecosystem: "github-actions"
     directory: "/"
     schedule:
-      interval: "daily"
+      interval: "weekly"
   - package-ecosystem: "gomod"
     directory: "/"
     schedule:
-      interval: "daily"
+      interval: "monthly"
     ignore:
       # update OPA manually to bump version in README too
       - dependency-name: "github.com/open-policy-agent/opa"
+    groups:
+      dependencies:
+        patterns:
+          - "*"