About the GITHUB_TOKEN
At the start of each workflow job, GitHub automatically creates a unique GITHUB_TOKEN secret to use in your workflow. You can use the GITHUB_TOKEN to authenticate in the workflow job.
When you enable GitHub Actions, GitHub installs a GitHub App on your repository. The GITHUB_TOKEN secret is a GitHub App installation access token. You can use the installation access token to authenticate on behalf of the GitHub App installed on your repository. The token's permissions are limited to the repository that contains your workflow. For more information, see GITHUB_TOKEN reference.
Before each job begins, GitHub fetches an installation access token for the job. GITHUB_TOKEN 在作业完成或最多 24 小时后过期。
The token is also available in the github.token context. For more information, see Contexts reference.
When GITHUB_TOKEN triggers workflow runs
使用仓库的 GITHUB_TOKEN 执行任务时,GITHUB_TOKEN 触发的事件(workflow_dispatch 和 repository_dispatch 除外)不会创建新的工作流运行。 这可以防止意外创建递归工作流程运行。 例如,如果工作流运行使用存储库的 GITHUB_TOKEN 推送代码,则即使存储库包含配置为在 push 事件发生时运行的工作流,新工作流也不会运行。
由使用 GITHUB_TOKEN 的 GitHub Actions 工作流推送的提交不会触发 GitHub Pages 生成。