Instead of using merify which seems to not do what we want, use
a combination of mergify and automerge. We let mergify review
dependabot PRs. We let mergify dismiss reviews on updates but
exclude those from Schutzbot. We then let Schutzbot update and
merge the PRs via automerge if the `ci:automerge` label is set.
Re-review the PR after rebasing it. Leave a message to make it
clear that it was not the impersonated person but mergify that
did it.
Ideally, if we had premium, we would impersonate Schutzbot so
it is clear who did it and then use mergify to dismiss reviews
on changes but not for Schutzbot.
For dependabot we dont want it anyway (but it is true by default).
Also remove it for "merge via auto-label", so that once all the
conditions are met the PR is queued and the label is removed.
Currently the queuing might not happen because the branch protection
is not met. Therefore we make the condition explicit and remove the
branch protection.
Define a merge queue "default", with all current checks (minus the
ostree one) are required to get out of.
Two rules to get into the queue: 1) standard branch protection,
plus packit, plus the ci:automerge
2) dependabot, does not require the standard branch protection
since that implies reviews. Instead the checks are manually
listed.
