chore: Set up integ tests on gh actions

[thaddmt]

Description of changes

• Copied relevant Amplify JS gh actions and workflow to run geo integration tests only - https://github.com/aws-amplify/amplify-js/tree/main/.github/workflows
• POC of tests running successfully - https://github.com/aws-amplify/maplibre-gl-js-amplify/actions/runs/5881898326
• TODO
  • Run analysis tool on workflow - https://github.com/bin3xish477/ghast/tree/main

❯ ghast -d .github/workflows
AUXI missing CODEOWNERS file which can provide additional protections for your workflow files.
AUXI missing SECURITY.md file which is crucial for researchers looking to report a finding.
FILE => coverage.yml
WARN check_for_inline_script
WARN check_for_non_github_managed_actions

FILE => publish.yml

FILE => codeql.yml
WARN check_for_non_github_managed_actions

FILE => callable-e2e-test.yml
WARN check_for_upload_download_artifact_action
WARN check_for_inline_script
WARN check_for_non_github_managed_actions

FILE => callable-e2e-tests.yml

Summary
The following Actions failed to pass one or more checks:
 • .github/workflows/coverage.yml
 • .github/workflows/codeql.yml
 • .github/workflows/callable-e2e-test.yml

• Update the environment secret to use a PAT from our amplify-ui-automation account (currently using my personal one only for testing)

Issue #, if available

Description of how you validated changes

Checklist

• PR description included
• yarn test passes
• Tests are [changed or added]
• Relevant documentation is changed or added (and PR referenced)

[codecov-commenter]

Codecov Report

Merging #229 (2bb3334) into main (0e359a8) will not change coverage.
The diff coverage is n/a.

❗ Your organization is not using the GitHub App Integration. As a result you may experience degraded service beginning May 15th. Please install the Github App Integration for your organization. Read more.

@@           Coverage Diff           @@
##             main     #229   +/-   ##
=======================================
  Coverage   43.99%   43.99%           
=======================================
  Files          16       16           
  Lines        1273     1273           
  Branches      201      201           
=======================================
  Hits          560      560           
  Misses        713      713           

📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more

[stocaaro]

Ghast looks really cool. We received feedback from AppSec to do static analysis on a few security areas, which I added as a JS script. We might be able to replace this with Ghast, but I think we would need security review for this tool before turning it on.

Don't see anything concerning here. Has this work been through security review yet?

[thaddmt]

Ghast looks really cool. We received feedback from AppSec to do static analysis on a few security areas, which I added as a JS script. We might be able to replace this with Ghast, but I think we would need security review for this tool before turning it on.

Don't see anything concerning here. Has this work been through security review yet?

I actually received a recommendation to use this tool from appsec!

[github-actions]

🎉 This PR is included in version 3.0.0-geo.1 🎉

The release is available on:

• npm package (@geo dist-tag)
• GitHub release

Your semantic-release bot 📦🚀

[github-actions]

🎉 This PR is included in version 3.0.0-unstable.10 🎉

The release is available on:

• npm package (@unstable dist-tag)
• GitHub release

Your semantic-release bot 📦🚀

[github-actions]

🎉 This PR is included in version 4.0.0 🎉

The release is available on:

• npm package (@latest dist-tag)
• GitHub release

Your semantic-release bot 📦🚀