|
| 1 | +# What's in the Actions list |
| 2 | + |
| 3 | +The Workflows sidebar mixes workflows defined in this directory with entries |
| 4 | +GitHub adds on its own, which makes it hard to tell what deploys the site and |
| 5 | +what merely validates it. The short version: **only "Deploy site (manual)" |
| 6 | +changes keepachangelog.com, and only when run by hand.** Everything else is |
| 7 | +validation, release bookkeeping, or GitHub-managed automation. |
| 8 | + |
| 9 | +## Defined in this repo |
| 10 | + |
| 11 | +| Workflow | File | Trigger | What it does | |
| 12 | +|----------|------|---------|--------------| |
| 13 | +| **CI checks** | [`ci.yml`](ci.yml) | push + PR to `main` | Validation only. Runs the Rake suite (unit tests + full Middleman build) and the axe-core accessibility audit. Never deploys. | |
| 14 | +| **Deploy site (manual)** | [`deploy.yml`](deploy.yml) | manual (`workflow_dispatch`) | The only way the live site changes. Builds the production site and pushes it to the `gh-pages` branch that GitHub Pages serves. | |
| 15 | +| **Release from changelog** | [`release.yml`](release.yml) | push to `main` touching `CHANGELOG.md`, or manual | Creates tags and GitHub Releases from CHANGELOG.md entries, gated behind the `release` environment's approval. Touches Releases only, never the site. | |
| 16 | + |
| 17 | +## Added by GitHub (no file in this repo) |
| 18 | + |
| 19 | +These appear in the same list but are configured in the repository's |
| 20 | +**Settings**, not here: |
| 21 | + |
| 22 | +| Entry | Where it comes from | What it does | |
| 23 | +|-------|---------------------|--------------| |
| 24 | +| **pages-build-deployment** | GitHub Pages | Runs automatically whenever `gh-pages` is pushed (i.e. right after "Deploy site (manual)") and publishes that branch. It's the second half of every deploy — not a separate deploy path. | |
| 25 | +| **CodeQL** | Settings → Code security | GitHub's default-setup code scanning. | |
| 26 | +| **Dependabot Updates** | Settings → Code security + [`dependabot.yml`](../dependabot.yml) | Opens dependency update PRs. | |
| 27 | +| **Dependency Graph** | Settings → Code security | Indexes the dependency manifest. | |
| 28 | + |
| 29 | +## Retired names |
| 30 | + |
| 31 | +"Ruby" (`ruby.yml`) and "Accessibility" (`accessibility.yml`) were merged into |
| 32 | +**CI checks** — same jobs, same check names (`test (3.3)` and `axe`), one |
| 33 | +workflow. The old names linger in the sidebar as long as their past runs are |
| 34 | +retained. |
0 commit comments