ci: tsc and commitci workflows (#7269)

### Summary

- tsc and commitci workflows

.github/workflows/build.yaml

@@ -7,13 +7,6 @@ on:
       - release/v*
 
 jobs:
-  check-no-ee-references:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-      - name: Run check
-        run: make check-no-ee-references
-
   build-frontend:
     runs-on: ubuntu-latest
     steps:
@@ -21,9 +14,6 @@ jobs:
         uses: actions/checkout@v4
       - name: Install dependencies
         run: cd frontend && yarn install
-      - name: TSC
-        run: yarn i18n:generate-hash && yarn tsc
-        working-directory: ./frontend
       - name: Build frontend docker image
         shell: bash
         run: |

.github/workflows/commitci.yaml

@@ -0,0 +1,39 @@
+name: commitci
+
+on:
+  pull_request:
+    branches:
+      - main
+  pull_request_target:
+    types:
+      - labeled
+
+jobs:
+  refcheck:
+    if: |
+      (github.event_name == 'pull_request' && ! github.event.pull_request.head.repo.fork && github.event.pull_request.user.login != 'dependabot[bot]' && ! contains(github.event.pull_request.labels.*.name, 'safe-to-test')) ||
+      (github.event_name == 'pull_request_target' && contains(github.event.pull_request.labels.*.name, 'safe-to-test'))
+    runs-on: ubuntu-latest
+    steps:
+      - name: checkout
+        uses: actions/checkout@v4
+      - name: check
+        run: |
+          if grep -R --include="*.go" '.*/ee/.*' pkg/; then
+            echo "Error: Found references to 'ee' packages in 'pkg' directory"
+            exit 1
+          else
+            echo "No references to 'ee' packages found in 'pkg' directory"
+          fi
+  lint:
+    if: |
+      (github.event_name == 'pull_request' && ! github.event.pull_request.head.repo.fork && github.event.pull_request.user.login != 'dependabot[bot]' && ! contains(github.event.pull_request.labels.*.name, 'safe-to-test')) ||
+      (github.event_name == 'pull_request_target' && contains(github.event.pull_request.labels.*.name, 'safe-to-test'))
+    runs-on: ubuntu-latest
+    steps:
+      - name: checkout
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+      - name: lint
+        uses: wagoid/commitlint-github-action@v5

.github/workflows/commitlint.yml

@@ -1,13 +0,0 @@
-name: commitlint
-on: [pull_request]
-defaults:
-  run:
-    working-directory: frontend
-jobs:
-  lint-commits:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-        with:
-          fetch-depth: 0
-      - uses: wagoid/commitlint-github-action@v5

.github/workflows/jsci.yaml

@@ -9,6 +9,18 @@ on:
       - labeled
 
 jobs:
+  tsc:
+    if: |
+      (github.event_name == 'pull_request' && ! github.event.pull_request.head.repo.fork && github.event.pull_request.user.login != 'dependabot[bot]' && ! contains(github.event.pull_request.labels.*.name, 'safe-to-test')) ||
+      (github.event_name == 'pull_request_target' && contains(github.event.pull_request.labels.*.name, 'safe-to-test'))
+    runs-on: ubuntu-latest
+    steps:
+      - name: checkout
+        uses: actions/checkout@v4
+      - name: install
+        run: cd frontend && yarn install
+      - name: tsc
+        run: cd frontend && yarn tsc
   test:
     if: |
       (github.event_name == 'pull_request' && ! github.event.pull_request.head.repo.fork && github.event.pull_request.user.login != 'dependabot[bot]' && ! contains(github.event.pull_request.labels.*.name, 'safe-to-test')) ||

.github/workflows/remove-label.yaml

@@ -8,12 +8,6 @@ jobs:
   remove:
     runs-on: ubuntu-latest
     steps:
-      - name: Remove label ok-to-test from PR
-        uses: buildsville/add-remove-label@v2.0.0
-        with:
-          label: ok-to-test
-          type: remove
-          token: ${{ secrets.GITHUB_TOKEN }}
       - name: Remove label testing-deploy from PR
         uses: buildsville/add-remove-label@v2.0.0
         with: