workflows: add tasks-container-update workflow

This workflow tries to update our cockpit CI container on a weekly
interval.

.github/workflows/tasks-container-update.yml

@@ -0,0 +1,34 @@
+name: tasks-container-update
+on:
+  schedule:
+    - cron: '0 2 * * 4'
+  # can be run manually on https://github.com/cockpit-project/starter-kit/actions
+  workflow_dispatch:
+jobs:
+  tasks-container-update:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: write
+      pull-requests: write
+      statuses: write
+    container:
+      image: quay.io/cockpit/tasks
+      options: --user root
+    steps:
+      - name: Set up configuration and secrets
+        run: |
+          printf '[user]\n\tname = Cockpit Project\n\[email protected]\n' > ~/.gitconfig
+          mkdir -p ~/.config
+          echo '${{ secrets.GITHUB_TOKEN }}' > ~/.config/github-token
+
+      - name: Clone repository
+        uses: actions/checkout@v4
+
+      # https://github.blog/2022-04-12-git-security-vulnerability-announced/
+      - name: Pacify git's permission check
+        run: git config --global --add safe.directory /__w/starter-kit/starter-kit
+
+      - name: Run tasks-container-update
+        run: |
+          make bots
+          bots/tasks-container-update