Bump the github-actions group with 2 updates

.github/codecov.yml

@@ -0,0 +1,25 @@
+coverage:
+  status:
+    project:
+      default:
+        informational: true
+    patch:
+      default:
+        informational: true
+ignore:
+  # All 'pb.go's.
+  - "**/*.pb.go"
+  # Tests and test related files.
+  - "**/test"
+  - "**/testdata"
+  - "**/testutils"
+  - "benchmark"
+  - "interop"
+  # Other submodules.
+  - "cmd"
+  - "examples"
+  - "gcp"
+  - "security"
+  - "stats/opencensus"
+comment:
+  layout: "header, diff, files"

.github/dependabot.yml

@@ -0,0 +1,18 @@
+# To get started with Dependabot version updates, you'll need to specify which
+# package ecosystems to update and where the package manifests are located.
+# Please see the documentation for all configuration options:
+# https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
+
+version: 2
+updates:
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "monthly"
+    groups:
+      github-actions:
+        patterns:
+          - "*"
+    ignore:
+      - dependency-name: "*"
+        update-types: ["version-update:semver-major"]

.github/workflows/ci.yml

@@ -0,0 +1,65 @@
+name: Workflow for CI
+on: [ push, pull_request ]
+jobs:
+  run:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        go-version: [ '1.21', '1.22' ]
+    steps:
+      - name: Checkout
+        uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
+        with:
+          fetch-depth: 0
+
+      - name: Setup Go ${{ matrix.go-version }}
+        uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
+        with:
+          go-version: ${{ matrix.go-version }}
+
+      - name: Ensure the Go module is nice and tidy
+        run: |
+          go mod tidy && git diff --exit-code go.mod go.sum
+        # We set the shell explicitly, here, and in other golang test actions,
+        # as by default multi-line shell scripts do not error out on the first
+        # failed command. Since we want an error reported if any of the lines
+        # fail, we set the shell explicitly:
+        # https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions?ref=cloudtechsimplified.com#exit-codes-and-error-action-preference
+        shell: bash
+
+      - name: Install Tools
+        run: |
+          pushd "$(mktemp -d)"
+          go mod init example.com/m # fake module
+          go install github.com/onsi/ginkgo/v2/[email protected]
+          go install honnef.co/go/tools/cmd/[email protected]
+          popd
+        shell: bash
+
+      - name: Verify Go Modules Setup
+        run: go mod verify
+        shell: bash
+
+      - name: Build
+        run: go build -v ./...
+        shell: bash
+
+      - name: Sanity Check (staticcheck)
+        run: staticcheck ./...
+        shell: bash
+
+      - name: golangci-lint
+        uses: golangci/golangci-lint-action@v4
+
+      - name: Test
+        run: ginkgo -v -race -coverprofile=coverage.out -coverpkg=./... ./...
+        shell: bash
+
+      - name: Upload coverage to Codecov
+        uses: codecov/codecov-action@84508663e988701840491b86de86b666e8a86bed # v4.3.0
+        with:
+          token: ${{ secrets.CODECOV_TOKEN }}
+          slug: maguro/gslog
+          flags: smart-tests
+          verbose: true
+