chore: add gha workflows

Author: elylucas

.circleci/config.yml .circlecibak/config.yml.circleci/config.yml renamed to .circlecibak/config.yml

@@ -0,0 +1,56 @@
+---
+name: Bug Report
+about: Create a report to help us improve
+title: '[BUG] '
+labels: bug
+assignees: ''
+---
+
+## Bug Description
+
+A clear and concise description of what the bug is.
+
+## Steps to Reproduce
+
+1. Go to '...'
+2. Execute '...'
+3. See error
+
+## Expected Behavior
+
+A clear and concise description of what you expected to happen.
+
+## Actual Behavior
+
+A clear and concise description of what actually happened.
+
+## Code Sample
+
+```javascript
+// Minimal code to reproduce the issue
+```
+
+## Environment
+
+- OS: [e.g. macOS 13.0, Windows 11, Ubuntu 22.04]
+- Package Version: [e.g. 1.2.3]
+- Node Version: [e.g. 18.0.0]
+- Package Manager: [e.g. npm 9.0.0, yarn 1.22.0]
+
+## Error Messages/Logs
+
+```
+Paste any error messages or relevant logs here
+```
+
+## Screenshots
+
+If applicable, add screenshots to help explain your problem.
+
+## Additional Context
+
+Add any other context about the problem here.
+
+## Possible Solution
+
+If you have suggestions on how to fix the bug, please describe them here.

.github/ISSUE_TEMPLATE/bug_report.md

@@ -0,0 +1,11 @@
+blank_issues_enabled: true
+contact_links:
+  - name: Question or Discussion
+    url: https://github.com/contentful/contentful-management/discussions
+    about: Ask questions or discuss ideas with the community
+  - name: Documentation
+    url: https://docs.yourproject.com
+    about: Check out our documentation for help and guides
+  - name: Security Vulnerability
+    url: https://github.com/contentful/contentful-management/security/advisories/new
+    about: Report a security vulnerability privately

.github/ISSUE_TEMPLATE/config.yml

@@ -0,0 +1,70 @@
+---
+name: Feature Request
+about: Suggest an idea for this project
+title: '[FEATURE] '
+labels: enhancement
+assignees: ''
+---
+
+## Feature Description
+
+A clear and concise description of the feature you'd like to see.
+
+## Problem Statement
+
+Is your feature request related to a problem? Please describe.
+Example: I'm always frustrated when [...]
+
+## Proposed Solution
+
+A clear and concise description of what you want to happen.
+
+## Use Case
+
+Describe the use case for this feature. How would you use it?
+
+```javascript
+// Example of how the feature would be used
+const example = new Feature({
+  option: 'value',
+});
+```
+
+## Alternatives Considered
+
+A clear and concise description of any alternative solutions or features you've considered.
+
+## Benefits
+
+What are the benefits of implementing this feature?
+
+- Benefit 1
+- Benefit 2
+- Benefit 3
+
+## Potential Drawbacks
+
+Are there any potential drawbacks or challenges with this feature?
+
+## Additional Context
+
+Add any other context, screenshots, or examples about the feature request here.
+
+## Implementation Suggestions
+
+If you have ideas about how this could be implemented, please share them here.
+
+## Priority
+
+How important is this feature to you?
+
+- [ ] Critical - Blocking my usage
+- [ ] High - Important for my use case
+- [ ] Medium - Would be nice to have
+- [ ] Low - Just a suggestion
+
+## Willingness to Contribute
+
+- [ ] I'd be willing to submit a PR for this feature
+- [ ] I can help test this feature
+- [ ] I can help with documentation

.github/ISSUE_TEMPLATE/feature_request.md

@@ -1,7 +1,7 @@
 <!--
 Thank you for opening a pull request.
 
-Please fill in as much of the template below as you're able. Feel free to delete
+Please fill in as much of the template below as you're able. Feel free to remove
 any section you want to skip.
 -->
 
@@ -20,16 +20,10 @@ Why is this change required? What problem does it solve?
 If it fixes an open issue, please link to the issue here.
 -->
 
-## Checklist (check all before merging)
+## PR Checklist
 
-- [ ] Both unit and integration tests are passing
+- [ ] I have read the `CONTRIBUTING.md` file
+- [ ] All commits follow [conventional commits](https://www.conventionalcommits.org/en/v1.0.0/)
+- [ ] Documentation is updated (if necessary)
+- [ ] PR doesn't contain any sensitive information
 - [ ] There are no breaking changes
-- [ ] Changes are reflected in the documentation
-
-When adding a new method:
-
-- [ ] The new method is exported through the default and plain CMA client
-- [ ] All new public types are exported from `./lib/export-types.ts`
-- [ ] Added a unit test for the new method
-- [ ] Added an integration test for the new method
-- [ ] The new method is added to the documentation

.github/PULL_REQUEST_TEMPLATE.md

@@ -1,20 +1,19 @@
 version: 2
-registries:
-  npm-github:
-    type: npm-registry
-    url: https://npm.pkg.github.com
-    token: ${{secrets.NPM_REGISTRY_REGISTRY_GH_ORG_TOKEN}}
 updates:
-  - package-ecosystem: npm
-    versioning-strategy: lockfile-only
-    registries:
-      - npm-github
-    directory: "/"
+  # Enable version updates for npm
+  - package-ecosystem: 'npm'
+    directory: '/'
     schedule:
-      interval: daily
-      time: "00:00"
-      timezone: UTC
+      interval: 'weekly'
+      day: 'monday'
     open-pull-requests-limit: 10
+    reviewers:
+      - 'contentful/team-developer-experience'
+    labels:
+      - 'dependencies'
+    commit-message:
+      prefix: 'chore'
+      include: 'scope'
     ignore:
     - dependency-name: husky
       versions:
@@ -25,27 +24,3 @@ updates:
     - dependency-name: webpack
       versions:
         - '>= 5.0.0'
-    # requires node@18
-    - dependency-name: semantic-release
-      versions:
-        - '>= 20.0.0'
-    commit-message:
-      prefix: build
-      include: scope
-    groups:
-      production-dependencies:
-        applies-to: version-updates
-        dependency-type: production
-        update-types:
-          - minor
-          - patch
-        patterns:
-          - '*'
-      dev-dependencies:
-        applies-to: version-updates
-        dependency-type: development
-        update-types:
-          - minor
-          - patch
-        patterns:
-          - '*'

.github/dependabot.yml

@@ -0,0 +1,39 @@
+name: Build
+
+on:
+  workflow_call:
+
+jobs:
+  
+  build:
+    runs-on: ubuntu-latest
+
+    permissions:
+      contents: read
+
+    steps:
+      
+      - name: Checkout code
+        uses: actions/checkout@v5
+
+      - name: Setup Node.js
+        uses: actions/setup-node@v6
+        with:
+          node-version: '22'
+          cache: 'npm'
+
+      - name: Install dependencies
+        run: npm ci
+
+      - name: Build
+        run: npm run build
+
+      - name: Check build artifacts
+        run: ls -la dist/
+
+      - name: Save Build folders
+        uses: actions/cache/save@v4
+        with:
+          path: |
+            dist            
+          key: build-cache-${{ github.run_id }}-${{ github.run_attempt }}

.github/workflows/build.yaml

@@ -0,0 +1,43 @@
+name: Run Checks
+
+on:
+  workflow_call:
+
+jobs:
+  lint:
+    runs-on: ubuntu-latest
+
+    permissions:
+      contents: read
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v5
+
+      - name: Setup Node.js
+        uses: actions/setup-node@v6
+        with:
+          node-version: '22'
+          cache: 'npm'
+
+      - name: Install dependencies
+        run: npm ci
+
+      - name: Restore the build folders
+        uses: actions/cache/restore@v4
+        with:
+          path: |
+            dist 
+          key: build-cache-${{ github.run_id }}-${{ github.run_attempt }}
+
+      - name: Run linter
+        run: npm run lint
+
+      - name: Check formatting
+        run: npm run format:check
+
+      - name: Run unit tests
+        run: npm run test:unit:cover
+      
+      - name: Test package size
+        run: npm run test:size

.github/workflows/check.yaml

@@ -3,10 +3,7 @@ name: "CodeQL Scan for GitHub Actions Workflows"
 
 on:
   push:
-    branches: [main, master]
-    paths: [".github/workflows/**"]
-  pull_request:
-    branches: [main, master]
+    branches: [main]
     paths: [".github/workflows/**"]
 
 jobs:
@@ -19,14 +16,14 @@ jobs:
       security-events: write
 
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
 
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@v3
+        uses: github/codeql-action/init@v4
         with:
           languages: actions
 
       - name: Run CodeQL Analysis
-        uses: github/codeql-action/analyze@v3
+        uses: github/codeql-action/analyze@v4
         with:
           category: actions

.github/workflows/codeql.yml

@@ -0,0 +1,31 @@
+name: CI
+permissions:
+  contents: read
+
+on:
+  push:
+    branches: ['**']
+
+jobs:
+  build:
+    uses: ./.github/workflows/build.yaml
+
+  check:
+    needs: build
+    uses: ./.github/workflows/check.yaml
+
+  test-integration:
+    needs: [build, check]
+    uses: ./.github/workflows/test-integration.yaml
+    secrets: inherit
+
+  release:
+    if: github.event_name == 'push' && (github.ref == 'refs/heads/main' || github.ref == 'refs/heads/beta' || github.ref == 'refs/heads/canary' || github.ref == 'refs/heads/dx-542-update-to-gha')
+    needs: [build, check, test-integration]
+    permissions:
+      contents: write
+      id-token: write
+      actions: read
+    uses: ./.github/workflows/release.yaml
+    secrets:
+      VAULT_URL: ${{ secrets.VAULT_URL }}