chore: Add github workflows

[sirambd]

No description provided.

[github-actions]

PR Reviewer Guide 🔍

Here are some key observations to aid the review process:

⏱️ Estimated effort to review: 2 🔵🔵⚪⚪⚪

🧪 No relevant tests

🔒 Security concerns Secrets exposure via inherit: The euria-review.yml workflow uses secrets: inherit, granting the reusable workflow access to all repository secrets. While the called workflow is internal to the organization, this pattern violates least-privilege principles and increases risk if the reusable workflow is compromised. External action with elevated context: The semantic-commit.yml workflow uses pull_request_target (which executes with repository write permissions and access to secrets) combined with an external action gsactions/commit-message-checker@v2. If this third-party action is compromised, it could potentially exfiltrate the GITHUB_TOKEN or modify PRs. Consider pinning to a specific commit hash for supply chain security.

⚡ Recommended focus areas for review Invalid Action Version The workflow references actions/checkout@v6.0.2 which does not exist. The latest stable version is v4. This will cause the workflow to fail immediately upon execution. uses: actions/checkout@v6.0.2 Invalid Action Version The workflow references actions/checkout@v5.0.0 which does not exist. The latest stable version is v4. This will cause the workflow to fail immediately upon execution. uses: actions/checkout@v5.0.0 Overly Broad Secrets Access The workflow uses secrets: inherit which passes all repository secrets to the reusable workflow. If infomaniak/.github/.github/workflows/euria-review.yml@v2 is compromised, it could expose sensitive credentials. Explicitly pass only required secrets instead of inheriting all. uses: infomaniak/.github/.github/workflows/euria-review.yml@v2 secrets: inherit

[github-actions]

Failed to generate code suggestions for PR