feat(ci): dispatch GitHub analytics action

[rubenfonseca]

Issue number: #2160

Summary

Changes

Please provide a summary of what's being changed

This PR adds a new GitHub action that runs every hour. The action assumes an OIDC role and calls a Lambda Function that dispatches all the crawling functions synchronously.

User experience

Please share what the user experience looks like before and after this change

After this change, we should see fresh analytics every hour.

Checklist

If your change doesn't seem to apply, please leave them unchecked.

• Meet tenets criteria
• I have performed a self-review of this change
• Changes have been tested
• Changes are documented
• PR title follows conventional commit semantics

Is this a breaking change?

RFC issue number:

Checklist:

• Migration process documented
• Implement warnings (if it can live side by side)

Acknowledgment

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

Disclaimer: We value your time and bandwidth. As such, any pull requests created on non-triaged issues might not be successful.

[heitorlessa]

Two tiny changes. fantastic work, Ruben!

It's quite a genius move to do this and cut down all the infra required to exchange tokens and whatnot per repo

[heitorlessa]

Can we run in an environment do secrets are encrypted from forks?

You never know if we ever accidentally make a mistake in the IAM OIDC and allow any repo. This will prevent this attack vector.

[rubenfonseca]

Done, created a new "analytics" environment and moved the secrets there. I've removed the old secrets too.

[rubenfonseca]

Please note that the IAM OIDC would not be assumable since there's a condition to only be assumable by this repository too. In any case, it's better this way.

[dreamorosi]

Hey folks, do we need something like this in the TS repo?

[rubenfonseca]

@dreamorosi yes Andrea, I will send instructions and open PR for the rest of the runtimes during the day!