diff --git a/.github/dependabot.yml b/.github/dependabot.yml
deleted file mode 100644
index 559f8f717..000000000
--- a/.github/dependabot.yml
+++ /dev/null
@@ -1,20 +0,0 @@
-version: 2
-updates:
-  - package-ecosystem: "github-actions"
-    directory: "/"
-    schedule:
-      interval: weekly
-    open-pull-requests-limit: 5
-    pull-request-branch-name:
-      # Separate sections of the branch name with a hyphen
-      # for example, `dependabot-npm_and_yarn-next_js-acorn-6.4.1`
-      separator: "-"
-  - package-ecosystem: "gomod"
-    directory: "/"
-    schedule:
-      interval: weekly
-    open-pull-requests-limit: 5
-    pull-request-branch-name:
-      # Separate sections of the branch name with a hyphen
-      # for example, `dependabot-npm_and_yarn-next_js-acorn-6.4.1`
-      separator: "-"
diff --git a/.github/workflows/f5-cla.yml b/.github/workflows/f5-cla.yml
index 2b1dc3b1f..5257032a1 100644
--- a/.github/workflows/f5-cla.yml
+++ b/.github/workflows/f5-cla.yml
@@ -43,7 +43,7 @@ jobs:
           remote-repository-name: "f5-cla-data"
           path-to-signatures: "signatures/beta/signatures.json"
           # Comma separated list of usernames for maintainers or any other individuals who should not be prompted for a CLA.
-          allowlist: "bot*"
+          allowlist: "bot*,renovate,mend"
           # Do not lock PRs after a merge.
           lock-pullrequest-aftermerge: false
         env:
diff --git a/renovate.json b/renovate.json
new file mode 100644
index 000000000..490f99b20
--- /dev/null
+++ b/renovate.json
@@ -0,0 +1,15 @@
+{
+    "$schema": "https://docs.renovatebot.com/renovate-schema.json",
+    "extends": [
+        "schedule:daily",
+        "config:recommended",
+        "docker:enableMajor",
+        "helpers:pinGitHubActionDigests",
+        ":gitSignOff",
+        ":maintainLockFilesMonthly",
+        ":disableRateLimiting",
+        ":semanticCommitsDisabled"
+    ],
+    "rebaseWhen": "behind-base-branch",
+    "baseBranchPatterns": ["main", "dev-v2"]
+}