Preinstall latest dependabot-updater-core docker image into ubuntu-2404

[jonabc]

Description

New tool, Bug fixing, or Improvement?
Please include a summary of the change and which issue is fixed. Also include relevant motivation and context.

This adds the dependabot-updater-core:latest image as a preinstalled docker image. Dependabot pulls this image on every single Dependabot actions job which can cause disruptive behavior to GitHub services, but many of the layers of the image don't frequently change.

For recurring jobs, on average we enqueue 8-10 jobs/s, peaking weekly on Sunday morning through Monday evening up to 40 jobs/s. We also deal with bursty usage patterns when large-scale vulnerabilities are disclosed and Dependabot works to open remediation PRs. The combination of the sustained rate + additional busty behavior can cause Dependabot to run slowly and encounter elevated error rates while pulilng images from GHCR

Preinstalling the image can save up to 12s and 11 layer pulls per job, reducing impact on the systems Dependabot relies on.

Timing: docker pull on my local machine took ~12s

The 15s timing below includes ~3s of me filling out a popup prompting me to give docker access to my stored credentials to ghcr.io

➜  ~ time docker pull ghcr.io/dependabot/dependabot-updater-core:latest
latest: Pulling from dependabot/dependabot-updater-core
02de03a7213b: Pull complete
22ffc31ce5ef: Pull complete
9633d5c66cb7: Pull complete
493aa06a4db2: Pull complete
4f4fb700ef54: Pull complete
919cf6e8ec76: Pull complete
d6281cdd15ae: Pull complete
1e0f76a1b41f: Pull complete
08ee8b28aab9: Pull complete
b868c62be690: Pull complete
e24f6944b21e: Pull complete
Digest: sha256:e4f859809c0866f0936182fb2f2b30f7384a17b622246537ab42e7e9f006940c
Status: Downloaded newer image for ghcr.io/dependabot/dependabot-updater-core:latest
ghcr.io/dependabot/dependabot-updater-core:latest

What's next:
    View a summary of image vulnerabilities and recommendations → docker scout quickview ghcr.io/dependabot/dependabot-updater-core:latest
docker pull ghcr.io/dependabot/dependabot-updater-core:latest  0.10s user 0.06s system 1% cpu 15.532 total

Size: 775MB

➜  ~ docker image ls
REPOSITORY                                                               TAG       IMAGE ID       CREATED         SIZE
ghcr.io/dependabot/dependabot-updater-core                               latest    c036b208800d   3 days ago      775MB

Related issue:

Check list

• Related issue / work item is attached
• Tests are written (if applicable)
• Documentation is updated (if applicable)
• Changes are tested and related VM images are successfully generated

[Copilot]

Pull request overview

This PR adds the ghcr.io/dependabot/dependabot-updater-core:latest Docker image as a preinstalled image for Ubuntu 24.04 runners. This addresses performance and reliability issues caused by Dependabot pulling the image on every job execution. By preinstalling the 775MB image, each Dependabot job can save approximately 12 seconds and 11 layer pulls, reducing load on GitHub Container Registry during sustained high-volume periods (8-10 jobs/s average, peaking at 40 jobs/s) and bursty usage patterns during vulnerability disclosures.

• Adds dependabot-updater-core:latest to the preinstalled Docker images list for Ubuntu 24.04
• Leverages existing installation and validation infrastructure that automatically handles images in the toolset file

[Copilot]

The documentation generation script currently skips the "Cached Docker images" section for Ubuntu 24.04. Since this PR adds a preinstalled Docker image to Ubuntu 24.04, the condition on line 257 in images/ubuntu/scripts/docs-gen/Generate-SoftwareReport.ps1 should be updated to include this section for Ubuntu 24.04 as well. Without this change, the cached Docker images won't be documented in the Ubuntu2404-Readme.md file.