feat(ci): streamline GitHub Actions workflows and configurations

- Introduced a new pipeline workflow for handling builds and releases more effectively.
- Added auto-merge functionality for Dependabot PRs to enhance dependency management.
- Set up a stale issue and PR management workflow to automate cleanup of inactive contributions.
- Established a GitVersion configuration for managing versioning across branches.
- Removed legacy workflows and Dockerfiles, consolidating image builds under a unified structure.

Author: winromulus

.claude/settings.local.json

@@ -0,0 +1,16 @@
+{
+  "permissions": {
+    "allow": [
+      "Bash(rm:*)",
+      "Bash(docker build:*)",
+      "Bash(docker run:*)",
+      "Bash(docker manifest inspect:*)",
+      "Bash(docker pull:*)",
+      "Bash(docker image inspect:*)",
+      "Bash(docker inspect:*)",
+      "WebFetch(domain:github.com)",
+      "Bash(mv:*)"
+    ],
+    "deny": []
+  }
+}

.github/dependabot.yml

@@ -0,0 +1,13 @@
+version: 2
+updates:
+  - package-ecosystem: "docker"
+    directory: "/src"
+    schedule:
+      interval: "daily"
+    open-pull-requests-limit: 15
+    labels:
+      - "area-dependencies"
+    groups:
+      all-dependencies:
+        patterns:
+          - "*"

.github/workflows/actions-runner-images.yaml

@@ -0,0 +1,222 @@
+name: Pipeline
+
+on:
+  push:
+    branches:
+      - "**" # Matches all branches
+  pull_request:
+    branches:
+      - "**" # Matches all branches
+
+  workflow_dispatch:
+    inputs:
+      force_build:
+        description: "Forces a build even if no changes are detected"
+        required: true
+        default: "false"
+      force_release:
+        description: "Forces a release even if no changes are detected"
+        required: true
+        default: "false"
+
+concurrency:
+  group: pipeline-${{ github.ref_name }}
+  cancel-in-progress: true        
+
+env:
+  container_image: "github-actions-runner"
+  container_image_build_context: "."
+  container_image_build_platforms: "linux/amd64,linux/arm64"
+  container_image_build_dockerfile: "src/Dockerfile"
+  container_image_repository_dockerhub: "emberstack"
+  container_image_repository_ghcr: "ghcr.io/emberstack"
+
+jobs:
+  discovery:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      pull-requests: read
+    outputs:
+      pathsFilter_src: ${{ steps.pathsFilter.outputs.src }}
+      gitVersion_SemVer: ${{ steps.gitversion.outputs.GitVersion_SemVer }}
+      gitVersion_AssemblySemFileVer: ${{ steps.gitversion.outputs.GitVersion_AssemblySemFileVer }}
+      build: ${{ steps.evaluate_build.outputs.result }}
+      build_push: ${{ steps.evaluate_build_push.outputs.result }}
+      build_configuration: ${{ steps.evaluate_build_configuration.outputs.result }}
+      release: ${{ steps.evaluate_release.outputs.result }}
+    steps:
+      - name: checkout
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: tools - dotnet - install
+        uses: actions/setup-dotnet@v4
+        with:
+          dotnet-version: "9.x"
+
+      - name: tools - gitversion - install
+        uses: gittools/actions/gitversion/[email protected]
+        with:
+          versionSpec: "6.x"
+          preferLatestVersion: true
+
+      - name: gitversion - execute
+        id: gitversion
+        uses: gittools/actions/gitversion/[email protected]
+        with:
+          configFilePath: GitVersion.yaml
+
+      - name: tools - detect changes
+        id: pathsFilter
+        uses: dorny/paths-filter@v3
+        with:
+          base: ${{ github.ref }}
+          filters: |
+            src:
+              - '*.sln'
+              - '*.slnx'
+              - '*.props'
+              - 'src/**'
+            build:
+              - '*.sln'
+              - '*.slnx'
+              - '*.props'
+              - 'src/**'
+              - 'tests/**'
+              - 'playground/**'
+
+      - name: evaluate - build
+        id: evaluate_build
+        env:
+          RESULT: ${{ steps.pathsFilter.outputs.build == 'true' || github.event.inputs.force_build == 'true' || github.event.inputs.force_release == 'true' }}
+        run: echo "result=$RESULT" >> $GITHUB_OUTPUT
+
+      - name: evaluate - build_push
+        id: evaluate_build_push
+        env:
+          RESULT: ${{ github.actor != 'dependabot[bot]' && github.event_name != 'pull_request' && (steps.pathsFilter.outputs.src == 'true' || github.event.inputs.force_build == 'true') }}
+        run: echo "result=$RESULT" >> $GITHUB_OUTPUT
+
+      - name: evaluate - build_configuration
+        id: evaluate_build_configuration
+        env:
+          RESULT: ${{ github.ref == 'refs/heads/main' && 'Release' || 'Debug' }}
+        run: echo "result=$RESULT" >> $GITHUB_OUTPUT
+
+      - name: evaluate - release
+        id: evaluate_release
+        env:
+          RESULT: ${{ github.ref == 'refs/heads/main' || github.event.inputs.force_release == 'true' }}
+        run: echo "result=$RESULT" >> $GITHUB_OUTPUT
+
+
+  build:
+    name: build
+    if: ${{ needs.discovery.outputs.build == 'true' }}
+    needs: [discovery]
+    runs-on: ubuntu-latest
+    env:
+      build: ${{ needs.discovery.outputs.build }}
+      build_push: ${{ needs.discovery.outputs.build_push }}
+      build_configuration: ${{ needs.discovery.outputs.build_configuration }}
+      gitVersion_SemVer: ${{ needs.discovery.outputs.gitVersion_SemVer }}
+      gitVersion_AssemblySemFileVer: ${{ needs.discovery.outputs.gitVersion_AssemblySemFileVer }}
+    steps:
+      - name: checkout
+        uses: actions/checkout@v4
+
+      - name: tools - docker - login ghcr.io
+        if: ${{ env.build_push == 'true' }}
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.ES_GITHUB_PAT }}
+
+      - name: tools - docker - login docker.io
+        if: ${{ env.build_push == 'true' }}
+        uses: docker/login-action@v3
+        with:
+          registry: docker.io
+          username: ${{ secrets.ES_DOCKERHUB_USERNAME }}
+          password: ${{ secrets.ES_DOCKERHUB_PAT }}
+
+      - name: tools - docker - register QEMU
+        run: |
+          docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
+
+      - name: tools - docker - setup buildx
+        uses: docker/setup-buildx-action@v3
+        with:
+          driver: docker-container # REQUIRED for multi-platform builds
+
+      - name: docker - build and push
+        uses: docker/build-push-action@v6
+        with:
+          context: ${{ env.container_image_build_context }}
+          file: ${{ env.container_image_build_dockerfile }}
+          build-args: |
+            BUILD_CONFIGURATION=${{ env.build_configuration }}
+          push: ${{ env.build_push == 'true' }}
+          provenance: false
+          platforms: ${{ env.container_image_build_platforms }}
+          labels: |
+            org.opencontainers.image.source=https://github.com/${{ github.repository }}
+            org.opencontainers.image.url=https://github.com/${{ github.repository }}
+            org.opencontainers.image.vendor=https://github.com/${{ github.repository_owner }}
+            org.opencontainers.image.version=${{ env.gitVersion_SemVer }}
+            org.opencontainers.image.revision=${{ github.sha }}
+          tags: |
+            ${{ env.container_image_repository_dockerhub }}/${{ env.container_image }}:${{ env.gitVersion_SemVer }}
+            ${{ env.container_image_repository_ghcr }}/${{ env.container_image }}:${{ env.gitVersion_SemVer }}
+
+  release:
+    name: release
+    if: ${{ needs.discovery.outputs.release == 'true' && github.ref == 'refs/heads/main' }}
+    needs: [discovery, build]
+    runs-on: ubuntu-latest
+    env:
+      gitVersion_SemVer: ${{ needs.discovery.outputs.gitVersion_SemVer }}
+      gitVersion_AssemblySemFileVer: ${{ needs.discovery.outputs.gitVersion_AssemblySemFileVer }}
+    steps:
+      - name: tools - docker - login ghcr.io
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.ES_GITHUB_PAT }}
+
+      - name: tools - docker - login docker.io
+        uses: docker/login-action@v3
+        with:
+          registry: docker.io
+          username: ${{ secrets.ES_DOCKERHUB_USERNAME }}
+          password: ${{ secrets.ES_DOCKERHUB_PAT }}
+
+      - name: tools - docker - setup buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: docker - tag and push - latest
+        run: |
+          docker buildx imagetools create \
+            --tag ${{ env.container_image_repository_dockerhub }}/${{ env.container_image }}:latest \
+            --tag ${{ env.container_image_repository_ghcr }}/${{ env.container_image }}:latest \
+            --tag ${{ env.container_image_repository_dockerhub }}/${{ env.container_image }}:${{ env.gitVersion_SemVer }} \
+            --tag ${{ env.container_image_repository_ghcr }}/${{ env.container_image }}:${{ env.gitVersion_SemVer }} \
+            ${{ env.container_image_repository_ghcr }}/${{ env.container_image }}:${{ env.gitVersion_SemVer }}
+
+      - name: github - release - create
+        uses: softprops/action-gh-release@v2
+        with:
+          repository: ${{ github.repository }}
+          name: v${{ env.gitVersion_SemVer }}
+          tag_name: v${{ env.gitVersion_SemVer }}
+          body: The release process is automated.
+          generate_release_notes: true
+          token: ${{ secrets.ES_GITHUB_PAT }}
+
+
+
+

.github/workflows/pipeline.yaml

@@ -0,0 +1,35 @@
+name: PR - Auto Merge Dependencies
+
+on:
+  pull_request:
+    branches:
+      - main
+
+permissions:
+  contents: write
+  pull-requests: write
+
+jobs:
+  dependabot:
+    runs-on: ubuntu-latest
+    if: github.event.pull_request.user.login == 'dependabot[bot]'
+    steps:
+      - name: Fetch Dependabot metadata
+        id: metadata
+        uses: dependabot/fetch-metadata@v2
+        with:
+          github-token: "${{ secrets.GITHUB_TOKEN }}"
+          skip-commit-verification: true
+          skip-verification: true
+
+      - name: Enable auto-merge
+        run: gh pr merge --auto --squash "$PR_URL"
+        env:
+          PR_URL: ${{ github.event.pull_request.html_url }}
+          GH_TOKEN: ${{ secrets.ES_GITHUB_PAT }}
+
+      - name: Approve the PR
+        run: gh pr review --approve "$PR_URL"
+        env:
+          PR_URL: ${{ github.event.pull_request.html_url }}
+          GH_TOKEN: ${{ secrets.ES_GITHUB_PAT }}