CI: Enforce conventional commits and signed commits

[realeinherjar]

During the devcall today @danielabrozzoni mentioned that the enforcement of both conventional commits (the fix, refactor, `feat, etc.) and the signed commits are manual.

We should add a CI step to automate this.
For the conventional commits, we have webiny/action-conventional-commits.
And for the signed commits, we have 1Password/check-signed-commits-action.

[realeinherjar]

Assign this to me, I have experience with GHA from my fiat dev career.

[danielabrozzoni]

Personally I'd love to see this, I remember agreeing with @evanlinjin that it would be useful to enforce signed commits in CI; while I don't remember who but someone wasn't fond of enforcing conventional commits (maybe @notmandatory?)

[realeinherjar]

Yes, I plan to add the conventional commits commented out in the new .yml file.

EDIT: Or we just don't make that CI check mandatory for a PR to be merged

[danielabrozzoni]

Or we just don't make that CI check mandatory for a PR to be merged

I like this!

Just assigned it to you, happy hacking

[notmandatory]

Concept ACK. We already have "Require signed commits" enabled for merging PRs to the bdk master branch. So only need a plugin to enforce conventional commits.