[WIP] chore(ci): add script to mirror community PRs for safe CI execution

[bantonsson]

What does this PR do?

A brief description of the change being made with this pull request.

Motivation

What inspired you to submit this pull request?

Additional Notes

Anything else we should know when reviewing?

How to test the change?

Describe here in detail how the change can be validated.

[datadog-official]

✨ Fix all issues with BitsAI

⚠️ Warnings

🚦 3 Pipeline jobs failed

Required checks pass | allchecks     

🔄 Retry job. This looks flaky and may succeed on retry.

Some checks have failed or timed out during validation.

Lint | Validate CODEOWNERS     

🛟 This job is unlikely to succeed on retry. Please review your pipeline configuration.

1 not owned file found: scripts/mirror-community-pull-request.sh during CODEOWNERS validation.

pr-name | pr_name_lint     

🛟 This job is unlikely to succeed on retry. Please review your pipeline configuration.

PR title validation failed: subject and type may not be empty.

ℹ️ Info

🎯 Code Coverage (details)
• Patch Coverage: 100.00%
• Overall Coverage: 72.80% (-0.01%)

Useful? React with 👍 / 👎

_{This comment will be updated automatically if new data arrives.
🔗 Commit SHA: e6b9e0f | Docs | Datadog PR Page | Give us feedback!}

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: e6b9e0f103

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[chatgpt-codex-connector]

Keep untrusted CI files out of the mirror

When an external PR changes GitHub workflows, local actions, or scripts invoked by CI, this full cherry-pick puts those untrusted files onto a same-repository branch before opening the mirror PR. That defeats the stated safety property: this repo has pull_request workflows that check out the PR head and use secrets (for example .github/workflows/test.yml lines 3, 27, and 265), so a fork author could include a workflow/CI-script change that runs with the maintainer permissions/secrets the mirror is meant to enable. The mirror needs to reset/filter CI-sensitive paths back to the trusted base or run trusted workflows against the diff instead of cherry-picking them verbatim.

Useful? React with 👍 / 👎.

[bantonsson]

That part needs to be verified by a human.

[codecov-commenter]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 72.79%. Comparing base (09d307d) to head (e6b9e0f).
⚠️ Report is 2 commits behind head on main.

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #2032      +/-   ##
==========================================
- Coverage   72.84%   72.79%   -0.05%     
==========================================
  Files         458      458              
  Lines       75789    75789              
==========================================
- Hits        55210    55173      -37     
- Misses      20579    20616      +37     

Components	Coverage Δ
libdd-crashtracker	65.17% <ø> (-0.06%)	⬇️
libdd-crashtracker-ffi	36.82% <ø> (ø)
libdd-alloc	98.77% <ø> (ø)
libdd-data-pipeline	86.69% <ø> (ø)
libdd-data-pipeline-ffi	78.63% <ø> (ø)
libdd-common	79.81% <ø> (ø)
libdd-common-ffi	74.41% <ø> (ø)
libdd-telemetry	73.34% <ø> (-0.03%)	⬇️
libdd-telemetry-ffi	31.36% <ø> (ø)
libdd-dogstatsd-client	82.64% <ø> (ø)
datadog-ipc	74.75% <ø> (-1.47%)	⬇️
libdd-profiling	81.69% <ø> (-0.03%)	⬇️
libdd-profiling-ffi	64.79% <ø> (ø)
libdd-sampling	97.46% <ø> (ø)
datadog-sidecar	29.06% <ø> (+0.01%)	⬆️
datdog-sidecar-ffi	9.52% <ø> (+0.22%)	⬆️
spawn-worker	48.86% <ø> (ø)
libdd-tinybytes	93.16% <ø> (ø)
libdd-trace-normalization	81.71% <ø> (ø)
libdd-trace-obfuscation	87.30% <ø> (ø)
libdd-trace-protobuf	68.25% <ø> (ø)
libdd-trace-utils	88.86% <ø> (ø)
libdd-tracer-flare	86.88% <ø> (ø)
libdd-log	74.83% <ø> (ø)

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[dd-octo-sts]

Artifact Size Benchmark Report

aarch64-alpine-linux-musl

Artifact	Baseline	Commit	Change
/aarch64-alpine-linux-musl/lib/libdatadog_profiling.a	82.01 MB	82.01 MB	0% (0 B) 👌
/aarch64-alpine-linux-musl/lib/libdatadog_profiling.so	7.57 MB	7.57 MB	0% (0 B) 👌

aarch64-unknown-linux-gnu

Artifact	Baseline	Commit	Change
/aarch64-unknown-linux-gnu/lib/libdatadog_profiling.a	98.27 MB	98.27 MB	0% (0 B) 👌
/aarch64-unknown-linux-gnu/lib/libdatadog_profiling.so	10.02 MB	10.02 MB	0% (0 B) 👌

libdatadog-x64-windows

Artifact	Baseline	Commit	Change
/libdatadog-x64-windows/debug/dynamic/datadog_profiling_ffi.dll	24.54 MB	24.54 MB	0% (0 B) 👌
/libdatadog-x64-windows/debug/dynamic/datadog_profiling_ffi.lib	81.48 KB	81.48 KB	0% (0 B) 👌
/libdatadog-x64-windows/debug/dynamic/datadog_profiling_ffi.pdb	180.48 MB	180.46 MB	--.01% (-24.00 KB) 💪
/libdatadog-x64-windows/debug/static/datadog_profiling_ffi.lib	914.99 MB	914.99 MB	0% (0 B) 👌
/libdatadog-x64-windows/release/dynamic/datadog_profiling_ffi.dll	7.76 MB	7.76 MB	0% (0 B) 👌
/libdatadog-x64-windows/release/dynamic/datadog_profiling_ffi.lib	81.48 KB	81.48 KB	0% (0 B) 👌
/libdatadog-x64-windows/release/dynamic/datadog_profiling_ffi.pdb	23.24 MB	23.24 MB	0% (0 B) 👌
/libdatadog-x64-windows/release/static/datadog_profiling_ffi.lib	45.50 MB	45.50 MB	0% (0 B) 👌

libdatadog-x86-windows

Artifact	Baseline	Commit	Change
/libdatadog-x86-windows/debug/dynamic/datadog_profiling_ffi.dll	21.15 MB	21.15 MB	0% (0 B) 👌
/libdatadog-x86-windows/debug/dynamic/datadog_profiling_ffi.lib	82.76 KB	82.76 KB	0% (0 B) 👌
/libdatadog-x86-windows/debug/dynamic/datadog_profiling_ffi.pdb	184.74 MB	184.69 MB	--.02% (-48.00 KB) 💪
/libdatadog-x86-windows/debug/static/datadog_profiling_ffi.lib	900.70 MB	900.70 MB	0% (0 B) 👌
/libdatadog-x86-windows/release/dynamic/datadog_profiling_ffi.dll	6.01 MB	6.01 MB	0% (0 B) 👌
/libdatadog-x86-windows/release/dynamic/datadog_profiling_ffi.lib	82.76 KB	82.76 KB	0% (0 B) 👌
/libdatadog-x86-windows/release/dynamic/datadog_profiling_ffi.pdb	24.90 MB	24.90 MB	0% (0 B) 👌
/libdatadog-x86-windows/release/static/datadog_profiling_ffi.lib	43.00 MB	43.00 MB	0% (0 B) 👌

x86_64-alpine-linux-musl

Artifact	Baseline	Commit	Change
/x86_64-alpine-linux-musl/lib/libdatadog_profiling.a	73.11 MB	73.11 MB	0% (0 B) 👌
/x86_64-alpine-linux-musl/lib/libdatadog_profiling.so	8.45 MB	8.45 MB	0% (0 B) 👌

x86_64-unknown-linux-gnu

Artifact	Baseline	Commit	Change
/x86_64-unknown-linux-gnu/lib/libdatadog_profiling.a	90.92 MB	90.92 MB	0% (0 B) 👌
/x86_64-unknown-linux-gnu/lib/libdatadog_profiling.so	10.08 MB	10.08 MB	0% (0 B) 👌