Overhaul of CI/CD

[michaelbeutler]

This pull request introduces a comprehensive overhaul of CI/CD and release automation for the repository. The changes modernize workflows, improve reliability, and add new tooling for commit message linting and changelog generation. The previous workflows have been replaced with more modular and robust configurations, and new tools have been added to enforce conventional commit standards and generate changelogs automatically.

CI/CD Workflow Modernization

• Replaced the old .github/workflows/ci.yaml and .github/workflows/release.yaml workflows with new modular workflows: ci.yml, release.yml, and release-candidate.yml. These new workflows add matrix testing, concurrency controls, improved permissions, and better separation of lint, test, secret detection, and release steps. [1] [2] [3] [4] [5]

Commit Message Standards & Pre-commit Hooks

• Added commitlint pre-commit hook to .pre-commit-config.yaml and included a commitlint.config.js to enforce conventional commit message standards, improving commit quality and automating changelog grouping. [1] [2]

Changelog Automation

• Introduced cliff.toml configuration for git-cliff, enabling automated, semver-based changelog generation that adheres to Keep a Changelog and Semantic Versioning standards. This is now integrated into release workflows.

Dependabot Configuration

• Added .github/dependabot.yml to automate dependency updates for Go modules, with grouping rules for minor/patch updates and separate PRs for major updates.

Release Workflow Improvements

• Release workflows now enforce clean working trees and tidy go.mod/go.sum before publishing, generate release notes from commit history, and distinguish between stable and release-candidate tags for publishing. [1] [2]

Let me know if you want a deeper walkthrough of any workflow or tool added!

[Copilot]

Pull Request Overview

This pull request introduces a comprehensive overhaul of the CI/CD infrastructure, modernizing GitHub Actions workflows and adding automated tooling for commit standards and changelog generation.

• Replaces legacy .yaml workflows with new modular .yml workflows featuring matrix testing, improved permissions, and concurrency controls
• Introduces conventional commit enforcement through commitlint pre-commit hooks and CI validation
• Adds automated changelog generation using git-cliff with semantic versioning support

Reviewed Changes

Copilot reviewed 9 out of 9 changed files in this pull request and generated no comments.

Show a summary per file

File	Description
.github/workflows/ci.yml	New modular CI workflow with matrix testing, separate lint/test jobs, and commitlint validation
.github/workflows/ci.yaml	Removed legacy CI workflow
.github/workflows/release.yml	New stable release workflow with automated changelog generation and clean tree validation
.github/workflows/release.yaml	Removed legacy release workflow
.github/workflows/release-candidate.yml	New RC release workflow for pre-release management
.github/dependabot.yml	Added dependency update automation with grouping rules
.pre-commit-config.yaml	Added commitlint hook for conventional commit enforcement
commitlint.config.js	Configuration for conventional commit message validation
cliff.toml	Configuration for automated changelog generation with semantic versioning

---

_{Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.}

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[sonarqubecloud]

Quality Gate failed

Failed conditions
11 Security Hotspots

See analysis details on SonarQube Cloud