[EPIC] Migrate from CircleCI to GitHub Actions on synthetix repository

[drptbl]

Summary

Improve and modernize current CI process of synthetix repository.

Tasks

• [x] Upgrade to nodejs 14 and npm 7
• [ ] Migrate current jobs from CircleCI to Github Actions
• [ ] Set up a GitHub Actions runner (if better specs are required than default one)
• [x] Add CodeQL workflow
• [x] Add dependabot config
• [x] Lock dependencies properly
• [ ] Improve dependency caching (use package-lock.json hash)
• [ ] Add eslint with sarif reports
• [ ] Add more security-oriented tools to the CI process like: lockfile-lint and dependency auditing

QA Tasks

• [ ] CI should be all green 😄
• [ ] Review associated PRs

Associated PR (wip): #1116

[drptbl]

Warning: We recommend that you only use self-hosted runners with private repositories. This is because forks of your repository can potentially run dangerous code on your self-hosted runner machine by creating a pull request that executes the code in a workflow.

For more information, see "About self-hosted runners."

source: https://docs.github.com/en/actions/hosting-your-own-runners/adding-self-hosted-runners

https://docs.github.com/en/actions/reference/events-that-trigger-workflows#pull_request_target

https://securitylab.github.com/research/github-actions-preventing-pwn-requests/