[backport] ci(github): fix branch glob to actually match release branches

[acelyc111]

Summary

Backport of #2401 to v2.5.

The branch filter 'v[0-9]+.*' used in workflow files never matches the v2.5 branch, because GitHub Actions branch filters use glob syntax (not regex):

• + is a literal character, not a quantifier
• [0-9] matches exactly one digit, not "one or more"

As a result, PRs targeting v2.5 silently skip every workflow that has this filter, while only those without branches: filters (e.g., the Golang/Labeler ones) actually run.

Evidence

PR #2394 targets v2.5 and modifies src/replica/duplication/** (C++ code):

• ✅ Triggered: Golang Lint and Unit Test - admin-cli/pegic, Module Labeler (no branches filter)
• ❌ Did NOT trigger: Cpp CI, Lint and Test - admin-cli (cli proper), Lint and Test - go-client, etc.

Confirmed historically:

$ gh run list --repo apache/incubator-pegasus \
    --workflow lint_and_test_cpp.yaml --branch v2.5 --limit 5
(empty — never run)

Cpp CI has never run on the v2.5 branch since the workflow was added.

Fix

Replace 'v[0-9]+.*' with 'v[0-9]*', which is valid GitHub Actions glob syntax and matches v2.5, v2.5.1, v10.20, etc. Applied uniformly to all 14 affected workflows on v2.5 (mechanical sed replacement, one-line change per file).

Self-validating

This PR modifies .github/workflows/lint_and_test_cpp.yaml, which matches Cpp CI's own paths: filter. Combined with the branch glob fix on v2.5, this PR itself should be the first time Cpp CI ever runs on a v2.5 PR — providing direct, in-band proof that the fix works.

Verification

• All workflow YAMLs parse successfully (yaml.safe_load)
• Diff is minimal: 14 files changed, +14/-14
• After this PR is opened: confirm Cpp CI actually appears in the checks list (proof the fix works)

[acelyc111]

Closing — original diagnosis was wrong

After deeper investigation, the premise of this PR is incorrect:

1. v[0-9]+.* actually does match v2.5. GitHub Actions branch filters tolerate this glob shape and successfully match release branches like v2.5. PR #2394's Cpp CI workflow was triggered (run https://github.com/apache/incubator-pegasus/actions/runs/24079456724), it just doesn't show up in the PR Checks UI because of (2) below.

2. The reason Cpp CI doesn't appear in PR #2394's Checks UI: the workflow run ended in conclusion: startup_failure with an empty jobs array. When a run fails before any job is created, GitHub doesn't emit any check_run, so the PR's Checks UI has nothing to display.

3. The actual root cause of startup_failure: the ASF GitHub Actions allow-list policy (effective 2025-08-01, see INFRA-27084). On v2.5, workflows still reference unpinned third-party actions like dorny/paths-filter@v2, actions/checkout@v3, etc., which are blocked by the org-level policy. The error message reads:

The action dorny/paths-filter@v2 is not allowed in apache/incubator-pegasus because all actions must be ... or match one of the patterns: ...

This is exactly what #2398 fixed on master (pinning every action to a SHA from the ASF allow-list, plus restructuring some workflows to use local composite actions).

Correct fix

I'll open a new PR targeting v2.5 that backports #2398-style SHA pinning of all third-party actions. Sorry for the noise.