Migrate CI/CD from CircleCI to GitHub Actions

[fabiocicerchia]

Summary

This PR migrates the project's continuous integration and continuous deployment (CI/CD) pipeline from CircleCI to GitHub Actions. Two new workflow files have been added to replace the existing CircleCI configuration.

Key Changes

• builds.yml: Main workflow that runs on every push to any branch (except tags). Handles:

  • Docker image building for 6 distributions (almalinux, alpine, amazonlinux, debian, fedora, ubuntu) across 2 architectures (amd64, arm64)
  • Image testing and vulnerability scanning with Trivy
  • Image signing with Cosign and SBOM generation with Syft
  • GeoIP MaxMind database caching
  • Package building and testing
  • Multi-architecture manifest bundling (on main branch only)
  • Metadata generation and auto-commit
  • Release creation

• nightly.yml: Scheduled workflow that runs daily at 00:00 UTC and on manual trigger. Performs:

  • Version updates and PR generation
  • Release creation without requiring build artifacts

Notable Implementation Details

• Uses matrix strategy to parallelize builds across 12 combinations (6 distros × 2 architectures)
• Implements artifact caching for GeoIP databases to optimize build times
• Includes security scanning as a build gate on the main branch
• Separates concerns into distinct jobs with proper dependency ordering (docker → package → docker-bundle → metadata → release)
• Leverages GitHub Actions' native artifact upload/download for inter-job communication
• Maintains feature parity with the original CircleCI configuration including tool versions (Trivy v0.69.3, Cosign v3.0.5, Syft v1.42.3)

https://claude.ai/code/session_01PDdn6XVtM3KBTDAQfhoJDt