ci: add ubuntu-latest noop workflow for docs-only PRs#179
Merged
Conversation
Fixes the branch-protection vs paths-ignore mismatch that left docs-only PRs (e.g. #177) BLOCKED with no status check reporting: - main protection requires `ubuntu-latest` - ubuntu-latest.yml has `paths-ignore: docs/**, .assets/**, **/*.md` - Docs PRs never trigger a check → never satisfy protection The new ubuntu-latest-docs.yml fires on the inverse path set, runs nothing of substance, and reports success under the same `ubuntu-latest` status-check context. Pattern mirrors the existing hand-written release.yml (auto-generation can't quite express it). CI minutes cost: ~30s of a single ubuntu runner per docs PR.
ChrisonSimtian
added a commit
that referenced
this pull request
May 25, 2026
ChrisonSimtian
added a commit
that referenced
this pull request
May 25, 2026
…002 (auth/secrets) (#167) (#177) * docs(adr): seed ADR home + propose ADR-0001 (CD primitives) and ADR-0002 (auth/secrets) Introduces docs/adr/ as the home for Architecture Decision Records, with a README that locks the MADR-lite format, status lifecycle, and filename convention. Adds the first two ADRs — both Proposed, dated 2026-05-24 — as the architectural framing for the v13 CD work: - ADR-0001 splits CD primitives into attribute-driven file generators (config that lives in git) vs tasks-driven REST calls (state that lives in an external system's DB), with a sparingly-used hybrid for stable config that lives in an external DB. Validates the split against GitHub Releases/Environments, Octopus, and the RFC #113 deployment agent. - ADR-0002 codifies a shared auth/secret convention across providers: canonical SCREAMING_SNAKE from PascalCase field names, plugins receive resolved values only (never raw stores), [Secret] as the trust marker, and a documented resolution chain (CLI > env var > provider secret > encrypted parameters > Keychain > prompt). Lands as Proposed so review (#167) is where the status flips to Accepted or supersedes either with a follow-up ADR. Per docs/adr/README.md, ADRs are history — corrections happen via new ADRs, not in-place edits. Refs #167 * ci: retrigger after #179 (sibling ubuntu-latest workflow)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Fixes the branch-protection vs
paths-ignoremismatch that left docs-only PRs (e.g. #177) BLOCKED indefinitely with no status check reporting.The problem
mainprotectionubuntu-lateststatus check (required_status_checks.contexts: ["ubuntu-latest"]).ubuntu-latest.ymlpaths-ignore: ['docs/**', '.assets/**', '**/*.md']— does not fire on docs-only PRs.Docs PR → workflow never runs → no check reported → protection rule never satisfied → PR sits BLOCKED.
The fix
New hand-written
.github/workflows/ubuntu-latest-docs.yml:paths: ['docs/**', '.assets/**', '**/*.md']).name:isubuntu-latest(same as the auto-generated workflow), so it reports a status check under the same context.Pattern mirrors the existing hand-written
release.yml— auto-generation via[GitHubActions]can't quite express the dual-workflow shape, so we keep it out-of-band.Why hand-written, not generator-driven
Adding this to the
[GitHubActions]attribute would need a new property (e.g.OnPullRequestSkipPathsEmitNoop) that's specific to one use case. Sibling files for special cases matchrelease.yml's precedent. Documented at the top of both yamls.Test plan
ubuntu-latestcheck fires from the originalubuntu-latest.yml(touches.github/**, not in paths-ignore) — proves the existing workflow still works on non-docs changes.ubuntu-latestcontext.Related
CheckoutRef— prior parallel fix for the same regen-vs-protection class of problems)🤖 Generated with Claude Code