(PUP-12055) Build references on commit to main

[joshcooper]

When a commit is pushed to main, build all of the references, including man pages. If the only changes are due to SHA and dates, then do nothing. Otherwise, commit all of the references and man pages.

The action is only triggered when a commit is pushed to main, but not on pull requests so that we don't have to worry about untrusted inputs.

The action is only triggered when the repo owner is puppetlabs, so it won't trigger on forks.

The action uses full SHAs for the pandoc and add-and-commit actions.

If changes are detected, the action creates a commit whose author is GitHub Actions actions@github.com with message:

Update references [no-promote]

And pushes the commit to the main branch. It uses the repository's GITHUB_TOKEN to accomplish this. We don't need to worry about recursive workflow runs[1]:

When you use the repository's GITHUB_TOKEN to perform tasks, events
triggered by the GITHUB_TOKEN ... will not create a new workflow run. This
prevents you from accidentally creating recursive workflow runs.

[1] https://docs.github.com/en/actions/writing-workflows/choosing-when-your-workflow-runs/triggering-a-workflow

[joshcooper]

I tested this out as best I could on my puppet fork.

This run detected no changes were necessary. From the branch history you can see that no automated commits were made between e5b8639ce27810efe493a0ddb52754054fe94be9 and 39b98eda4a0ac1a1b02c3d9e9ed8d7cd225edc9e.

This run detected man/man5/pupet.conf.5 and references/configuration.md were modified and pushed commit https://github.com/joshcooper/puppet/commit/d0df47a166.

[mhashizume]

@joshcooper It looks like this failed due to branch protections: https://github.com/puppetlabs/puppet/actions/runs/10800909036/job/29959927892

I assume we can add an exemption, but I'm not sure that the user that pushes to main is able to do that. Maybe we need to try having another user be the one that pushes?