docs: document how to add a new action

... and update the `tag-release` workflow with the AWS Lambda actions

.forgejo/workflows/tag-release.yml

@@ -16,6 +16,8 @@ on:
           - aikido-full-scan
           - aikido-pr-scan
           - aws-configure
+          - aws-lambda-alias-update
+          - aws-lambda-wait-for-provisioned-concurrency
           - cache
           - checkout
           - download-artifact
@@ -24,9 +26,9 @@ on:
           - i18n-sync
           - inject-content
           - maven-build
-          - pnpm-build
           - playwright-merge
           - playwright-run
+          - pnpm-build
           - publish-npm-package
           - publish-rust-crate
           - publish-static-contents

README.md

@@ -35,6 +35,26 @@ Shared actions for Forgejo CI/CD pipelines.
 
 Where third-party Forgejo/GitHub Actions are used internally, they are pinned to exact commit hashes rather than mutable tags to prevent supply chain attacks.
 
+## Adding a new Action
+
+- Create a new directory for the action
+- Implement the action
+- Add a `README.md` file that describes (1) purpose, (2) inputs using a table, (3) example usage, and additional details if requried to the action directory
+- Update the table in the main README (this file) with a new row. The list is sorted alphabetically.
+- Update the `tag-release.yml` workflow in the `.forgejo/` directory if the action is a public action: Add the name to the option list.
+
+## Releasing a new Version
+
+**We only use Major-Versions, e.g. `1`, `2`, `3`, etc.**
+
+- Decide which Version to use
+  - Breaking Change: Increment the current version by one (e.g. `1 -> 2`)
+  - All non-breaking changes: Stay on the current major version (`1 -> 1`)
+- Manually run the `tag-release.yml` workflow
+  - Branch: `main`
+  - Action: Name of the Action to release
+  - Version: The version to release
+
 ## Usage
 
 Reference actions from your project's workflow: