Merge branch 'main' into main
This commit is contained in:
Ramya Parimi
@@ -14,3 +14,8 @@ FROM mcr.microsoft.com/vscode/devcontainers/javascript-node:0-${VARIANT}
|
||||
|
||||
# [Optional] Uncomment if you want to install more global node modules
|
||||
# RUN su node -c "npm install -g <your-package-list-here>"
|
||||
|
||||
# Install the GitHub CLI see:
|
||||
# https://github.com/microsoft/vscode-dev-containers/blob/3d59f9fe37edb68f78874620f33dac5a62ef2b93/script-library/docs/github.md
|
||||
COPY library-scripts/github-debian.sh /tmp/library-scripts/
|
||||
RUN apt-get update && bash /tmp/library-scripts/github-debian.sh
|
||||
|
||||
@@ -20,7 +20,6 @@
|
||||
"sissel.shopify-liquid",
|
||||
"davidanson.vscode-markdownlint",
|
||||
"bierner.markdown-preview-github-styles",
|
||||
"yzhang.markdown-all-in-one",
|
||||
"streetsidesoftware.code-spell-checker",
|
||||
"hubwriter.open-reusable"
|
||||
],
|
||||
|
||||
43
.devcontainer/library-scripts/github-debian.sh
Normal file
43
.devcontainer/library-scripts/github-debian.sh
Normal file
@@ -0,0 +1,43 @@
|
||||
#!/usr/bin/env bash
|
||||
#-------------------------------------------------------------------------------------------------------------
|
||||
# Copyright (c) Microsoft Corporation. All rights reserved.
|
||||
# Licensed under the MIT License. See https://go.microsoft.com/fwlink/?linkid=2090316 for license information.
|
||||
#-------------------------------------------------------------------------------------------------------------
|
||||
#
|
||||
# Docs: https://github.com/microsoft/vscode-dev-containers/blob/master/script-library/docs/github.md
|
||||
#
|
||||
# Syntax: ./github-debian.sh [version]
|
||||
|
||||
CLI_VERSION=${1:-"latest"}
|
||||
|
||||
set -e
|
||||
|
||||
if [ "$(id -u)" -ne 0 ]; then
|
||||
echo -e 'Script must be run as root. Use sudo, su, or add "USER root" to your Dockerfile before running this script.'
|
||||
exit 1
|
||||
fi
|
||||
|
||||
export DEBIAN_FRONTEND=noninteractive
|
||||
|
||||
# Install curl, apt-transport-https or gpg if missing
|
||||
if ! dpkg -s curl ca-certificates > /dev/null 2>&1; then
|
||||
if [ ! -d "/var/lib/apt/lists" ] || [ "$(ls /var/lib/apt/lists/ | wc -l)" = "0" ]; then
|
||||
apt-get update
|
||||
fi
|
||||
apt-get -y install --no-install-recommends curl ca-certificates
|
||||
fi
|
||||
|
||||
# Get latest release number if latest is specified
|
||||
if [ "${CLI_VERSION}" = "latest" ] || [ "${CLI_VERSION}" = "current" ] || [ "${CLI_VERSION}" = "lts" ]; then
|
||||
LATEST_RELEASE=$(curl -sSL -H "Accept: application/vnd.github.v3+json" "https://api.github.com/repos/cli/cli/releases?per_page=1&page=1")
|
||||
CLI_VERSION=$(echo ${LATEST_RELEASE} | grep -oE 'tag_name":\s*"v[^"]+' | sed -n '/tag_name":\s*"v/s///p')
|
||||
fi
|
||||
|
||||
# Install the GitHub CLI
|
||||
echo "Downloading github CLI..."
|
||||
curl -OsSL https://github.com/cli/cli/releases/download/v${CLI_VERSION}/gh_${CLI_VERSION}_linux_amd64.deb
|
||||
echo "Installing github CLI..."
|
||||
apt-get install ./gh_${CLI_VERSION}_linux_amd64.deb
|
||||
echo "Removing github CLI deb file after installation..."
|
||||
rm -rf ./gh_${CLI_VERSION}_linux_amd64.deb
|
||||
echo "Done!"
|
||||
@@ -1,23 +1,20 @@
|
||||
#!/usr/bin/env node
|
||||
|
||||
import createStagingAppName from '../../script/deployment/create-staging-app-name.js'
|
||||
import * as github from '@actions/github'
|
||||
import { setOutput } from '@actions/core'
|
||||
|
||||
const { GITHUB_TOKEN, APP_URL } = process.env
|
||||
const context = github.context
|
||||
|
||||
const githubToken = process.env.GITHUB_TOKEN
|
||||
if (!githubToken) {
|
||||
if (!GITHUB_TOKEN) {
|
||||
throw new Error(`GITHUB_TOKEN environment variable not set`)
|
||||
}
|
||||
|
||||
const stagingPrefix = createStagingAppName({
|
||||
repo: context.payload.repository.name,
|
||||
pullNumber: context.payload.number,
|
||||
branch: context.payload.pull_request.head.ref,
|
||||
})
|
||||
if (!APP_URL) {
|
||||
throw new Error(`APP_URL environment variable not set`)
|
||||
}
|
||||
|
||||
const octokit = github.getOctokit(githubToken)
|
||||
const octokit = github.getOctokit(GITHUB_TOKEN)
|
||||
|
||||
const response = await octokit.rest.repos.compareCommits({
|
||||
owner: context.repo.owner,
|
||||
@@ -29,7 +26,7 @@ const response = await octokit.rest.repos.compareCommits({
|
||||
const { files } = response.data
|
||||
|
||||
let markdownTable =
|
||||
'| **Source** | **Staging** | **Production** | **What Changed** |\n|:----------- |:----------- |:----------- |:----------- |\n'
|
||||
'| **Source** | **Preview** | **Production** | **What Changed** |\n|:----------- |:----------- |:----------- |:----------- |\n'
|
||||
|
||||
const pathPrefix = 'content/'
|
||||
const articleFiles = files.filter(
|
||||
@@ -39,14 +36,14 @@ for (const file of articleFiles) {
|
||||
const sourceUrl = file.blob_url
|
||||
const fileName = file.filename.slice(pathPrefix.length)
|
||||
const fileUrl = fileName.slice(0, fileName.lastIndexOf('.'))
|
||||
const stagingLink = `https://${stagingPrefix}.herokuapp.com/${fileUrl}`
|
||||
const previewLink = `https://${APP_URL}/${fileUrl}`
|
||||
const productionLink = `https://docs.github.com/${fileUrl}`
|
||||
let markdownLine = ''
|
||||
|
||||
if (file.status === 'modified') {
|
||||
markdownLine = `| [content/${fileName}](${sourceUrl}) | [Modified](${stagingLink}) | [Original](${productionLink}) | |\n`
|
||||
markdownLine = `| [content/${fileName}](${sourceUrl}) | [Modified](${previewLink}) | [Original](${productionLink}) | |\n`
|
||||
} else if (file.status === 'added') {
|
||||
markdownLine = `| New file: [content/${fileName}](${sourceUrl}) | [Modified](${stagingLink}) | | |\n`
|
||||
markdownLine = `| New file: [content/${fileName}](${sourceUrl}) | [Modified](${previewLink}) | | |\n`
|
||||
}
|
||||
markdownTable += markdownLine
|
||||
}
|
||||
|
||||
41
.github/actions-scripts/get-preview-app-info.sh
vendored
Executable file
41
.github/actions-scripts/get-preview-app-info.sh
vendored
Executable file
@@ -0,0 +1,41 @@
|
||||
#!/usr/bin/env bash
|
||||
|
||||
# [start-readme]
|
||||
#
|
||||
# This script sets environment variables with info about the preview app for a given PR
|
||||
#
|
||||
# [end-readme]
|
||||
|
||||
# ENV VARS NEEDED TO RUN
|
||||
[[ -z $GITHUB_REPOSITORY ]] && { echo "Missing GITHUB_REPOSITORY. Exiting."; exit 1; }
|
||||
[[ -z $PR_NUMBER ]] && { echo "Missing PR_NUMBER. Exiting."; exit 1; }
|
||||
[[ -z $GITHUB_ENV ]] && { echo "Missing GITHUB_ENV. Exiting."; exit 1; }
|
||||
|
||||
# Number of resource groups that we use to split preview envs across
|
||||
PREVIEW_ENV_RESOURCE_GROUPS=4
|
||||
|
||||
REPO_NAME="${GITHUB_REPOSITORY#*\/}"
|
||||
echo "REPO_NAME=${REPO_NAME}" >> $GITHUB_ENV
|
||||
|
||||
DEPLOYMENT_NAME="${REPO_NAME}-pr-${PR_NUMBER}"
|
||||
echo "DEPLOYMENT_NAME=${DEPLOYMENT_NAME}" >> $GITHUB_ENV
|
||||
|
||||
RESOURCE_GROUP="preview-env-${REPO_NAME}-$((${PR_NUMBER} % ${PREVIEW_ENV_RESOURCE_GROUPS}))"
|
||||
echo "RESOURCE_GROUP=${RESOURCE_GROUP}" >> $GITHUB_ENV
|
||||
|
||||
APP_NAME_SHORT="${REPO_NAME}-preview-${PR_NUMBER}"
|
||||
echo "APP_NAME_SHORT=${APP_NAME_SHORT}" >> $GITHUB_ENV
|
||||
|
||||
IMAGE_REPO="${GITHUB_REPOSITORY}/pr-${PR_NUMBER}"
|
||||
echo "IMAGE_REPO=${IMAGE_REPO}" >> $GITHUB_ENV
|
||||
|
||||
# Since this incurs a network request and can be slow, we make it optional
|
||||
if [ $FULL_APP_INFO ]; then
|
||||
APP_INFO=$(az webapp list -g ${RESOURCE_GROUP} --query "[?tags.DocsAppName == '${APP_NAME_SHORT}'].{defaultHostName:defaultHostName, name:name} | [0]")
|
||||
|
||||
APP_URL=$(echo $APP_INFO | jq '.defaultHostName' | tr -d '"')
|
||||
echo "APP_URL=${APP_URL}" >> $GITHUB_ENV
|
||||
|
||||
APP_NAME_FULL=$(echo $APP_INFO | jq '.name' | tr -d '"')
|
||||
echo "APP_NAME_FULL=${APP_NAME_FULL}" >> $GITHUB_ENV
|
||||
fi
|
||||
33
.github/workflows/azure-preview-env-deploy.yml
vendored
33
.github/workflows/azure-preview-env-deploy.yml
vendored
@@ -1,4 +1,4 @@
|
||||
name: Deploy Azure Preview Environment
|
||||
name: Azure - Deploy Preview Environment
|
||||
|
||||
# **What it does**: Build and deploy to an Azure preview environment
|
||||
# **Why we have it**: It's our preview environment deploy mechanism, only applicable to docs-internal
|
||||
@@ -17,6 +17,11 @@ on:
|
||||
# request creator has permission to access secrets.
|
||||
pull_request:
|
||||
workflow_dispatch:
|
||||
inputs:
|
||||
PR_NUMBER:
|
||||
description: 'PR Number'
|
||||
type: string
|
||||
required: true
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
@@ -30,31 +35,19 @@ concurrency:
|
||||
jobs:
|
||||
build-and-deploy-azure-preview:
|
||||
if: ${{ github.repository == 'github/docs-internal' }}
|
||||
name: Build and deploy image to Azure
|
||||
name: Build and deploy Azure preview environment
|
||||
runs-on: ubuntu-latest
|
||||
timeout-minutes: 15
|
||||
environment:
|
||||
name: preview-env-${{ github.event.number }}
|
||||
url: ${{ steps.deploy.outputs.defaultHostName }}
|
||||
env:
|
||||
GITHUB_EVENT_NUMBER: ${{ github.event.number }}
|
||||
PREVIEW_ENV_RESOURCE_GROUPS: 4
|
||||
PR_NUMBER: ${{ github.event.number || github.event.inputs.PR_NUMBER }}
|
||||
NONPROD_REGISTRY_USERNAME: ghdocs
|
||||
APP_LOCATION: eastus
|
||||
ENABLE_EARLY_ACCESS: ${{ github.repository == 'github/docs-internal' }}
|
||||
# Image tag is unique to each workflow run so that it always triggers a new deployment
|
||||
DOCKER_IMAGE: ${{ secrets.NONPROD_REGISTRY_SERVER }}/${{ github.repository }}/pr-${{ github.event.number }}:${{ github.event.pull_request.head.sha }}-${{ github.run_number }}-${{ github.run_attempt }}
|
||||
|
||||
steps:
|
||||
- name: 'Set env vars'
|
||||
id: vars
|
||||
run: |
|
||||
REPO_NAME=${GITHUB_REPOSITORY#*\/}
|
||||
echo "REPO_NAME=${REPO_NAME}" >> $GITHUB_ENV
|
||||
echo "DEPLOYMENT_NAME=${REPO_NAME}-pr-${GITHUB_EVENT_NUMBER}" >> $GITHUB_ENV
|
||||
echo "RESOURCE_GROUP=preview-env-${REPO_NAME}-$((${GITHUB_EVENT_NUMBER} % ${PREVIEW_ENV_RESOURCE_GROUPS}))" >> $GITHUB_ENV
|
||||
echo "APP_NAME=${REPO_NAME}-preview-${GITHUB_EVENT_NUMBER}" >> $GITHUB_ENV
|
||||
|
||||
- name: 'Az CLI login'
|
||||
uses: azure/login@1f63701bf3e6892515f1b7ce2d2bf1708b46beaf
|
||||
with:
|
||||
@@ -81,6 +74,14 @@ jobs:
|
||||
- name: Check out LFS objects
|
||||
run: git lfs checkout
|
||||
|
||||
- name: Get preview app info
|
||||
run: .github/actions-scripts/get-preview-app-info.sh
|
||||
|
||||
- name: 'Set env vars'
|
||||
run: |
|
||||
# Image tag is unique to each workflow run so that it always triggers a new deployment
|
||||
echo "DOCKER_IMAGE=${{ secrets.NONPROD_REGISTRY_SERVER }}/${IMAGE_REPO}:${{ github.event.pull_request.head.sha }}-${{ github.run_number }}-${{ github.run_attempt }}" >> $GITHUB_ENV
|
||||
|
||||
- if: ${{ env.ENABLE_EARLY_ACCESS }}
|
||||
name: Determine which docs-early-access branch to clone
|
||||
id: 'check-early-access'
|
||||
@@ -155,7 +156,7 @@ jobs:
|
||||
subscriptionId: ${{ secrets.NONPROD_SUBSCRIPTION_ID }}
|
||||
template: ./azure-preview-env-template.json
|
||||
deploymentName: ${{ env.DEPLOYMENT_NAME }}
|
||||
parameters: appName="${{ env.APP_NAME }}"
|
||||
parameters: appName="${{ env.APP_NAME_SHORT }}"
|
||||
location="${{ env.APP_LOCATION }}"
|
||||
linuxFxVersion="DOCKER|${{ env.DOCKER_IMAGE }}"
|
||||
dockerRegistryUrl="https://${{ secrets.NONPROD_REGISTRY_SERVER }}"
|
||||
|
||||
40
.github/workflows/azure-preview-env-destroy.yml
vendored
40
.github/workflows/azure-preview-env-destroy.yml
vendored
@@ -1,4 +1,4 @@
|
||||
name: Destroy Azure Preview Env
|
||||
name: Azure - Destroy Preview Env
|
||||
|
||||
# **What it does**: Destroys resources associated with a PRs Azure preview environment
|
||||
# **Why we have it**: Closed PRs don't need apps
|
||||
@@ -9,49 +9,47 @@ on:
|
||||
types:
|
||||
- closed
|
||||
- locked
|
||||
workflow_dispatch:
|
||||
inputs:
|
||||
PR_NUMBER:
|
||||
description: 'PR Number'
|
||||
type: string
|
||||
required: true
|
||||
|
||||
jobs:
|
||||
destory-azure-preview-env:
|
||||
name: Destroy
|
||||
if: ${{ github.repository == 'github/docs-internal' }}
|
||||
runs-on: ubuntu-latest
|
||||
timeout-minutes: 5
|
||||
env:
|
||||
GITHUB_EVENT_NUMBER: ${{ github.event.number }}
|
||||
PREVIEW_ENV_RESOURCE_GROUPS: 4
|
||||
PR_NUMBER: ${{ github.event.number || github.event.inputs.PR_NUMBER }}
|
||||
NONPROD_REGISTRY_NAME: ghdocs
|
||||
IMAGE_REPO: ${{ github.repository }}/pr-${{ github.event.number }}
|
||||
|
||||
steps:
|
||||
- name: 'Set env vars'
|
||||
id: vars
|
||||
run: |
|
||||
REPO_NAME=${GITHUB_REPOSITORY#*\/}
|
||||
echo "RESOURCE_GROUP=preview-env-${REPO_NAME}-$((${GITHUB_EVENT_NUMBER} % ${PREVIEW_ENV_RESOURCE_GROUPS}))" >> $GITHUB_ENV
|
||||
echo "DEPLOYMENT_NAME=${REPO_NAME}-pr-${GITHUB_EVENT_NUMBER}" >> $GITHUB_ENV
|
||||
echo "APP_NAME=${REPO_NAME}-preview-${GITHUB_EVENT_NUMBER}" >> $GITHUB_ENV
|
||||
|
||||
- name: 'Az CLI login'
|
||||
uses: azure/login@1f63701bf3e6892515f1b7ce2d2bf1708b46beaf
|
||||
with:
|
||||
creds: ${{ secrets.NONPROD_AZURE_CREDENTIALS }}
|
||||
|
||||
- name: Check out repo
|
||||
uses: actions/checkout@1e204e9a9253d643386038d443f96446fa156a97
|
||||
|
||||
- name: Get preview app info
|
||||
env:
|
||||
FULL_APP_INFO: 1
|
||||
run: .github/actions-scripts/get-preview-app-info.sh
|
||||
|
||||
# Succeed despite any non-zero exit code (e.g. if there is no deployment to cancel)
|
||||
- name: 'Cancel any in progress deployments'
|
||||
run: |
|
||||
az deployment group cancel --name ${{ env.DEPLOYMENT_NAME }} -g ${{ env.RESOURCE_GROUP }} || true
|
||||
|
||||
# The full app name is obfuscated by an identifier, so we need to query to find the one for this PR
|
||||
- name: 'Get full app name'
|
||||
id: full-app-name
|
||||
run: |
|
||||
FULL_APP_NAME=$(az webapp list -g ${{ env.RESOURCE_GROUP }} --query "[?tags.DocsAppName == '${{ env.APP_NAME }}'})].name | [0]")
|
||||
echo "::set-output name=result::${FULL_APP_NAME}"
|
||||
|
||||
# Delete web app (which will also delete the App Service plan)
|
||||
# This will succeed even if the app doesn't exist / has already been deleted
|
||||
- name: 'Delete App Service App (which will also delete the App Service plan)'
|
||||
run: |
|
||||
az webapp delete -n ${{ steps.full-app-name.result }} -g ${{ env.RESOURCE_GROUP }})
|
||||
az webapp delete -n ${{ env.APP_NAME_FULL }} -g ${{ env.RESOURCE_GROUP }}
|
||||
|
||||
# Untag all images under this PR's container registry repo - the container registry will automatically remove untagged images.
|
||||
# This will fail if the IMAGE_REPO doesn't exist, but we don't care
|
||||
@@ -63,4 +61,4 @@ jobs:
|
||||
- uses: strumwolf/delete-deployment-environment@45c821e46baa405e25410700fe2e9643929706a0
|
||||
with:
|
||||
token: ${{ secrets.DOCUBOT_REPO_PAT }}
|
||||
environment: preview-env-${{ github.event.number }}
|
||||
environment: preview-env-${{ env.PR_NUMBER }}
|
||||
|
||||
30
.github/workflows/codespaces-prebuild.yml
vendored
30
.github/workflows/codespaces-prebuild.yml
vendored
@@ -1,30 +0,0 @@
|
||||
name: Prebuild Codespaces
|
||||
|
||||
# **What it does**: Prebuild the Codespaces image using powerful machines.
|
||||
# See https://github.com/github/codespaces-precache#readme for more details.
|
||||
# IMPORTANT: Requires we set a `EXPERIMENTAL_CODESPACE_CACHE_TOKEN` Codespaces
|
||||
# Secret (NOT an Actions Secret) in the repository.
|
||||
# **Why we have it**: Reduces startup time when booting Codespaces.
|
||||
# **Who does it impact**: Any Docs contributors who want to use Codespaces.
|
||||
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- main
|
||||
workflow_dispatch:
|
||||
|
||||
# Currently requires write, but in the future will only require read
|
||||
permissions:
|
||||
contents: write
|
||||
|
||||
jobs:
|
||||
createPrebuild:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579
|
||||
- uses: github/codespaces-precache@2ad40630d7e3e45e8725d6a74656cb6dd17363dc
|
||||
with:
|
||||
regions: WestUs2 EastUs WestEurope SouthEastAsia
|
||||
sku_name: basicLinux32gb
|
||||
env:
|
||||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||
@@ -45,10 +45,22 @@ jobs:
|
||||
needs: PR-Preview-Links
|
||||
if: ${{ needs.PR-Preview-Links.outputs.filterContentDir == 'true' }}
|
||||
runs-on: ubuntu-latest
|
||||
env:
|
||||
PR_NUMBER: ${{ github.event.pull_request.number }}
|
||||
steps:
|
||||
- name: 'Az CLI login'
|
||||
uses: azure/login@1f63701bf3e6892515f1b7ce2d2bf1708b46beaf
|
||||
with:
|
||||
creds: ${{ secrets.NONPROD_AZURE_CREDENTIALS }}
|
||||
|
||||
- name: check out repo content
|
||||
uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579
|
||||
|
||||
- name: Get preview app info
|
||||
env:
|
||||
FULL_APP_INFO: 1
|
||||
run: .github/actions-scripts/get-preview-app-info.sh
|
||||
|
||||
- name: Setup Node
|
||||
uses: actions/setup-node@1f8c6b94b26d0feae1e387ca63ccbdc44d27b561
|
||||
with:
|
||||
@@ -57,12 +69,13 @@ jobs:
|
||||
|
||||
- name: Install temporary dependencies
|
||||
run: |
|
||||
npm install --no-save github-slugger
|
||||
npm install --no-save github-slugger --registry https://registry.npmjs.org/
|
||||
|
||||
- name: Get changes table
|
||||
id: changes
|
||||
env:
|
||||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||
APP_URL: ${{ env.APP_URL }}
|
||||
run: .github/actions-scripts/content-changes-table-comment.js
|
||||
|
||||
- name: Find content directory changes comment
|
||||
|
||||
2
.github/workflows/optimize-images.yml
vendored
2
.github/workflows/optimize-images.yml
vendored
@@ -50,6 +50,6 @@ jobs:
|
||||
git push --set-upstream origin $BRANCH
|
||||
|
||||
echo "Open a pull request"
|
||||
gh pr create --title "Optimize images" --body "Optimize images"
|
||||
gh pr create --title "Optimize images" --body "Optimize images" --reviewer "@github/docs-engineering"
|
||||
env:
|
||||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||
|
||||
4
.github/workflows/test.yml
vendored
4
.github/workflows/test.yml
vendored
@@ -47,9 +47,13 @@ jobs:
|
||||
- name: Check out repo
|
||||
uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579
|
||||
with:
|
||||
lfs: true
|
||||
# Enables cloning the Early Access repo later with the relevant PAT
|
||||
persist-credentials: 'false'
|
||||
|
||||
- name: Checkout LFS objects
|
||||
run: git lfs checkout
|
||||
|
||||
- name: Gather files changed
|
||||
uses: trilom/file-changes-action@a6ca26c14274c33b15e6499323aac178af06ad4b
|
||||
id: get_diff_files
|
||||
|
||||
33
.github/workflows/workflow-lint.yml
vendored
33
.github/workflows/workflow-lint.yml
vendored
@@ -1,33 +0,0 @@
|
||||
name: Lint workflows
|
||||
|
||||
# **What it does**: This lints our workflow files.
|
||||
# **Why we have it**: We want some level of consistency in our workflow files.
|
||||
# **Who does it impact**: Docs engineering.
|
||||
|
||||
on:
|
||||
workflow_dispatch:
|
||||
pull_request:
|
||||
paths:
|
||||
- '.github/workflows/*.yml'
|
||||
- '.github/workflows/*.yaml'
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
|
||||
# This allows a subsequently queued workflow run to interrupt previous runs
|
||||
concurrency:
|
||||
group: '${{ github.workflow }} @ ${{ github.event.pull_request.head.label || github.head_ref || github.ref }}'
|
||||
cancel-in-progress: true
|
||||
|
||||
jobs:
|
||||
lint:
|
||||
if: ${{ github.repository == 'github/docs-internal' }}
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Check out repo
|
||||
uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579
|
||||
|
||||
- name: Run linter
|
||||
uses: cschleiden/actions-linter@caffd707beda4fc6083926a3dff48444bc7c24aa
|
||||
with:
|
||||
workflows: '[".github/workflows/*.yml", ".github/workflows/*.yaml", "!.github/workflows/remove-from-fr-board.yaml", "!.github/workflows/staging-deploy-pr.yml", "!.github/workflows/triage-issue-comments.yml", "!.github/workflows/azure-preview-env-deploy.yml", "!.github/workflows/azure-preview-env-destroy.yml"]'
|
||||
@@ -76,9 +76,6 @@ ENV NODE_ENV production
|
||||
# Whether to hide iframes, add warnings to external links
|
||||
ENV AIRGAP false
|
||||
|
||||
# By default we typically don't want to run in clustered mode
|
||||
ENV WEB_CONCURRENCY 1
|
||||
|
||||
# Preferred port for server.mjs
|
||||
ENV PORT 4000
|
||||
|
||||
|
||||
Binary file not shown.
|
Before Width: | Height: | Size: 47 KiB After Width: | Height: | Size: 94 KiB |
Binary file not shown.
|
Before Width: | Height: | Size: 12 KiB After Width: | Height: | Size: 49 KiB |
Binary file not shown.
|
Before Width: | Height: | Size: 34 KiB After Width: | Height: | Size: 74 KiB |
Binary file not shown.
|
Before Width: | Height: | Size: 47 KiB After Width: | Height: | Size: 93 KiB |
Binary file not shown.
|
Before Width: | Height: | Size: 18 KiB After Width: | Height: | Size: 44 KiB |
Binary file not shown.
|
Before Width: | Height: | Size: 63 KiB After Width: | Height: | Size: 118 KiB |
Binary file not shown.
|
Before Width: | Height: | Size: 24 KiB After Width: | Height: | Size: 53 KiB |
BIN
assets/images/help/2fa/try-recovering-your-account-link.png
Normal file
BIN
assets/images/help/2fa/try-recovering-your-account-link.png
Normal file
Binary file not shown.
|
After Width: | Height: | Size: 76 KiB |
BIN
assets/images/help/2fa/verify-email-address.png
Normal file
BIN
assets/images/help/2fa/verify-email-address.png
Normal file
Binary file not shown.
|
After Width: | Height: | Size: 46 KiB |
BIN
assets/images/help/organizations/member-privileges.png
Normal file
BIN
assets/images/help/organizations/member-privileges.png
Normal file
Binary file not shown.
|
After Width: | Height: | Size: 46 KiB |
Binary file not shown.
|
Before Width: | Height: | Size: 39 KiB After Width: | Height: | Size: 81 KiB |
Binary file not shown.
|
Before Width: | Height: | Size: 125 KiB After Width: | Height: | Size: 120 KiB |
Binary file not shown.
|
Before Width: | Height: | Size: 39 KiB After Width: | Height: | Size: 67 KiB |
Binary file not shown.
|
Before Width: | Height: | Size: 215 KiB After Width: | Height: | Size: 119 KiB |
Binary file not shown.
|
Before Width: | Height: | Size: 46 KiB After Width: | Height: | Size: 95 KiB |
Binary file not shown.
|
Before Width: | Height: | Size: 337 KiB After Width: | Height: | Size: 104 KiB |
Binary file not shown.
|
Before Width: | Height: | Size: 86 KiB After Width: | Height: | Size: 83 KiB |
Binary file not shown.
|
Before Width: | Height: | Size: 12 KiB |
Binary file not shown.
|
Before Width: | Height: | Size: 7.0 KiB |
Binary file not shown.
|
Before Width: | Height: | Size: 3.5 KiB |
Binary file not shown.
|
Before Width: | Height: | Size: 14 KiB |
Binary file not shown.
|
Before Width: | Height: | Size: 9.8 KiB |
Binary file not shown.
|
Before Width: | Height: | Size: 5.9 KiB |
Binary file not shown.
|
Before Width: | Height: | Size: 4.3 KiB |
Binary file not shown.
|
Before Width: | Height: | Size: 4.8 KiB |
Binary file not shown.
|
Before Width: | Height: | Size: 4.0 KiB |
@@ -83,10 +83,6 @@
|
||||
"name": "DEPLOYMENT_ENV",
|
||||
"value": "azure"
|
||||
},
|
||||
{
|
||||
"name": "WEB_CONCURRENCY",
|
||||
"value": "1"
|
||||
},
|
||||
{
|
||||
"name": "ENABLED_LANGUAGES",
|
||||
"value": "en"
|
||||
|
||||
@@ -2,6 +2,7 @@ import { useEffect, useState } from 'react'
|
||||
import Cookies from 'js-cookie'
|
||||
import { SubNav, TabNav, UnderlineNav } from '@primer/components'
|
||||
import { sendEvent, EventType } from 'components/lib/events'
|
||||
import { useRouter } from 'next/router'
|
||||
|
||||
import { useArticleContext } from 'components/context/ArticleContext'
|
||||
import parseUserAgent from 'components/lib/user-agent'
|
||||
@@ -50,6 +51,7 @@ type Props = {
|
||||
export const PlatformPicker = ({ variant = 'subnav' }: Props) => {
|
||||
const { defaultPlatform, detectedPlatforms } = useArticleContext()
|
||||
const [currentPlatform, setCurrentPlatform] = useState(defaultPlatform || '')
|
||||
const { asPath } = useRouter()
|
||||
|
||||
// Run on mount for client-side only features
|
||||
useEffect(() => {
|
||||
@@ -63,7 +65,7 @@ export const PlatformPicker = ({ variant = 'subnav' }: Props) => {
|
||||
|
||||
// always trigger this on initial render. if the default doesn't change the other useEffect won't fire
|
||||
showPlatformSpecificContent(platform)
|
||||
}, [])
|
||||
}, [asPath])
|
||||
|
||||
// Make sure we've always selected a platform that exists in the article
|
||||
useEffect(() => {
|
||||
|
||||
@@ -26,8 +26,8 @@ export const VersionPicker = ({ variant }: Props) => {
|
||||
selected: allVersions[currentVersion].versionTitle === permalink.pageVersionTitle,
|
||||
item: <Link href={permalink.href}>{permalink.pageVersionTitle}</Link>,
|
||||
}))
|
||||
const hasEnterpriseVersions = (page.permalinks || []).find((permalink) =>
|
||||
permalink.pageVersion.startsWith('enterprise-version')
|
||||
const hasEnterpriseVersions = (page.permalinks || []).some((permalink) =>
|
||||
permalink.pageVersion.startsWith('enterprise-server')
|
||||
)
|
||||
|
||||
if (hasEnterpriseVersions) {
|
||||
|
||||
@@ -7,7 +7,7 @@ redirect_from:
|
||||
- /articles/inviting-collaborators-to-a-personal-repository
|
||||
- /github/setting-up-and-managing-your-github-user-account/inviting-collaborators-to-a-personal-repository
|
||||
- /github/setting-up-and-managing-your-github-user-account/managing-access-to-your-personal-repositories/inviting-collaborators-to-a-personal-repository
|
||||
product: '{% ifversion fpt %}{% data reusables.gated-features.user-repo-collaborators %}{% endif %}'
|
||||
product: '{% data reusables.gated-features.user-repo-collaborators %}'
|
||||
versions:
|
||||
fpt: '*'
|
||||
ghes: '*'
|
||||
|
||||
@@ -9,7 +9,6 @@ redirect_from:
|
||||
- /articles/removing-yourself-from-a-collaborators-repository
|
||||
- /github/setting-up-and-managing-your-github-user-account/removing-yourself-from-a-collaborators-repository
|
||||
- /github/setting-up-and-managing-your-github-user-account/managing-access-to-your-personal-repositories/removing-yourself-from-a-collaborators-repository
|
||||
product: '{% data reusables.gated-features.user-repo-collaborators %}'
|
||||
versions:
|
||||
fpt: '*'
|
||||
ghes: '*'
|
||||
@@ -21,8 +20,12 @@ topics:
|
||||
shortTitle: Remove yourself
|
||||
---
|
||||
{% data reusables.user_settings.access_settings %}
|
||||
{% ifversion fpt or ghec or ghes > 3.3 or ghae-issue-5658 %}
|
||||
2. In the "Code, planning, and automation" section of the sidebar, click **{% octicon "repo" aria-label="The repo icon" %} Repositories**.
|
||||
{% else %}
|
||||
2. In the left sidebar, click **Repositories**.
|
||||
|
||||
{% endif %}
|
||||
3. Next to the repository you want to leave, click **Leave**.
|
||||
|
||||
4. Read the warning carefully, then click "I understand, leave this repository."
|
||||
|
||||
@@ -12,13 +12,12 @@ shortTitle: Integrate Jira with projects
|
||||
---
|
||||
{% data reusables.user_settings.access_settings %}
|
||||
{% data reusables.user_settings.developer_settings %}
|
||||
3. In the left sidebar, click **{% data variables.product.prodname_oauth_apps %}**.
|
||||
|
||||
3. Click **Register a new application**.
|
||||
4. Under **Application name**, type "Jira".
|
||||
5. Under **Homepage URL**, type the full URL to your Jira instance.
|
||||
6. Under **Authorization callback URL**, type the full URL to your Jira instance.
|
||||
7. Click **Register application**.
|
||||
{% data reusables.user-settings.oauth_apps %}
|
||||
1. Click **Register a new application**.
|
||||
2. Under **Application name**, type "Jira".
|
||||
3. Under **Homepage URL**, type the full URL to your Jira instance.
|
||||
4. Under **Authorization callback URL**, type the full URL to your Jira instance.
|
||||
5. Click **Register application**.
|
||||
|
||||
8. Under **Developer applications**, note the "Client ID" and "Client Secret" values.
|
||||
|
||||
|
||||
@@ -14,7 +14,6 @@ shortTitle: Managing your tab size
|
||||
If you feel that tabbed indentation in code rendered on {% data variables.product.product_name %} takes up too much, or too little space, you can change this in your settings.
|
||||
|
||||
{% data reusables.user_settings.access_settings %}
|
||||
1. In the user settings sidebar, click **Appearance**.
|
||||
|
||||
1. In the left sidebar, click **{% octicon "paintbrush" aria-label="The paintbrush icon" %} Appearance**.
|
||||
2. Under "Tab size preference", select the drop-down menu and choose your preference.
|
||||
|
||||
|
||||
@@ -218,6 +218,10 @@ For example:
|
||||
curl -H "Authorization: bearer $ACTIONS_ID_TOKEN_REQUEST_TOKEN" "$ACTIONS_ID_TOKEN_REQUEST_URL&audience=api://AzureADTokenExchange"
|
||||
```
|
||||
|
||||
### Adding permissions settings
|
||||
|
||||
{% data reusables.actions.oidc-permissions-token %}
|
||||
|
||||
## Updating your workflows for OIDC
|
||||
|
||||
You can now update your YAML workflows to use OIDC access tokens instead of secrets. Popular cloud providers have published their official login actions that make it easy for you to get started with OIDC. For more information about updating your workflows, see the cloud-specific guides listed below in "[Enabling OpenID Connect for your cloud provider](#enabling-openid-connect-for-your-cloud-provider)."
|
||||
|
||||
@@ -56,14 +56,7 @@ To update your workflows for OIDC, you will need to make two changes to your YAM
|
||||
|
||||
### Adding permissions settings
|
||||
|
||||
The workflow will require a `permissions` setting with a defined [`id-token`](/actions/security-guides/automatic-token-authentication#permissions-for-the-github_token) value. If you only need to fetch an OIDC token for a single job, then this permission can be set within that job. For example:
|
||||
|
||||
```yaml{:copy}
|
||||
permissions:
|
||||
id-token: write
|
||||
```
|
||||
|
||||
You may need to specify additional permissions here, depending on your workflow's requirements.
|
||||
{% data reusables.actions.oidc-permissions-token %}
|
||||
|
||||
### Requesting the access token
|
||||
|
||||
|
||||
@@ -50,14 +50,7 @@ To update your workflows for OIDC, you will need to make two changes to your YAM
|
||||
|
||||
### Adding permissions settings
|
||||
|
||||
The workflow will require a `permissions` setting with a defined [`id-token`](/actions/security-guides/automatic-token-authentication#permissions-for-the-github_token) value. If you only need to fetch an OIDC token for a single job, then this permission can be set within that job. For example:
|
||||
|
||||
```yaml{:copy}
|
||||
permissions:
|
||||
id-token: write
|
||||
```
|
||||
|
||||
You may need to specify additional permissions here, depending on your workflow's requirements.
|
||||
{% data reusables.actions.oidc-permissions-token %}
|
||||
|
||||
### Requesting the access token
|
||||
|
||||
|
||||
@@ -37,14 +37,7 @@ If your cloud provider doesn't yet offer an official action, you can update your
|
||||
|
||||
### Adding permissions settings
|
||||
|
||||
The workflow will require a `permissions` setting with a defined [`id-token`](/actions/security-guides/automatic-token-authentication#permissions-for-the-github_token) value. If you only need to fetch an OIDC token for a single job, then this permission can be set within that job. For example:
|
||||
|
||||
```yaml{:copy}
|
||||
permissions:
|
||||
id-token: write
|
||||
```
|
||||
|
||||
You may need to specify additional permissions here, depending on your workflow's requirements.
|
||||
{% data reusables.actions.oidc-permissions-token %}
|
||||
|
||||
### Using official actions
|
||||
|
||||
|
||||
@@ -49,14 +49,7 @@ To update your workflows for OIDC, you will need to make two changes to your YAM
|
||||
|
||||
### Adding permissions settings
|
||||
|
||||
The workflow will require a `permissions` setting with a defined [`id-token`](/actions/security-guides/automatic-token-authentication#permissions-for-the-github_token) value. If you only need to fetch an OIDC token for a single job, then this permission can be set within that job. For example:
|
||||
|
||||
```yaml{:copy}
|
||||
permissions:
|
||||
id-token: write
|
||||
```
|
||||
|
||||
You may need to specify additional permissions here, depending on your workflow's requirements.
|
||||
{% data reusables.actions.oidc-permissions-token %}
|
||||
|
||||
### Requesting the access token
|
||||
|
||||
|
||||
@@ -54,14 +54,7 @@ This example demonstrates how to use OIDC with the official action to request a
|
||||
|
||||
### Adding permissions settings
|
||||
|
||||
The workflow will require a `permissions` setting with a defined [`id-token`](/actions/security-guides/automatic-token-authentication#permissions-for-the-github_token) value. If you only need to fetch an OIDC token for a single job, then this permission can be set within that job. For example:
|
||||
|
||||
```yaml{:copy}
|
||||
permissions:
|
||||
id-token: write
|
||||
```
|
||||
|
||||
You may need to specify additional permissions here, depending on your workflow's requirements.
|
||||
{% data reusables.actions.oidc-permissions-token %}
|
||||
|
||||
### Requesting the access token
|
||||
|
||||
|
||||
@@ -55,7 +55,7 @@ As part of an expression, you can use `boolean`, `null`, `number`, or `string` d
|
||||
| `boolean` | `true` or `false` |
|
||||
| `null` | `null` |
|
||||
| `number` | Any number format supported by JSON. |
|
||||
| `string` | You don't need to enclose strings in {% raw %}${{{% endraw %} and {% raw %}}}{% endraw %}. However, if you do, you must use single quotes around the string and escape literal single quotes with an additional single quote. |
|
||||
| `string` | You don't need to enclose strings in `{% raw %}${{{% endraw %}` and `{% raw %}}}{% endraw %}`. However, if you do, you must use single quotes (`'`) around the string. To use a literal single quote, escape the literal single quote using an additional single quote (`''`). Wrapping with double quotes (`"`) will throw an error. |
|
||||
|
||||
#### Example
|
||||
|
||||
|
||||
@@ -917,8 +917,6 @@ on:
|
||||
```yaml
|
||||
on:
|
||||
push:
|
||||
types:
|
||||
- opened
|
||||
branches:
|
||||
- 'releases/**'
|
||||
paths:
|
||||
@@ -960,8 +958,6 @@ on:
|
||||
```yaml
|
||||
on:
|
||||
push:
|
||||
types:
|
||||
- opened
|
||||
branches:
|
||||
- 'releases/**'
|
||||
paths:
|
||||
@@ -998,7 +994,7 @@ on:
|
||||
|
||||
| Webhook event payload | Activity types | `GITHUB_SHA` | `GITHUB_REF` |
|
||||
| --------------------- | -------------- | ------------ | -------------|
|
||||
| [`release`](/developers/webhooks-and-events/webhooks/webhook-events-and-payloads/#release) | - `published` <br/>- `unpublished` <br/>- `created` <br/>- `edited` <br/>- `deleted` <br/>- `prereleased`<br/> - `released` | Last commit in the tagged release | Tag of release |
|
||||
| [`release`](/developers/webhooks-and-events/webhooks/webhook-events-and-payloads/#release) | - `published` <br/>- `unpublished` <br/>- `created` <br/>- `edited` <br/>- `deleted` <br/>- `prereleased`<br/> - `released` | Last commit in the tagged release | Tag ref of release `refs/tags/<tag_name>` |
|
||||
|
||||
{% note %}
|
||||
|
||||
|
||||
@@ -830,7 +830,7 @@ services:
|
||||
image: ghcr.io/owner/myservice1
|
||||
credentials:
|
||||
username: ${{ github.actor }}
|
||||
password: ${{ secrets.ghcr_token }}
|
||||
password: ${{ secrets.github_token }}
|
||||
myservice2:
|
||||
image: dockerhub_org/myservice2
|
||||
credentials:
|
||||
@@ -973,7 +973,7 @@ For more information about branch, tag, and path filter syntax, see "[`on.<push>
|
||||
| `'**'` | Matches all branch and tag names. This is the default behavior when you don't use a `branches` or `tags` filter. | `all/the/branches`<br/><br/>`every/tag` |
|
||||
| `'*feature'` | The `*` character is a special character in YAML. When you start a pattern with `*`, you must use quotes. | `mona-feature`<br/><br/>`feature`<br/><br/>`ver-10-feature` |
|
||||
| `v2*` | Matches branch and tag names that start with `v2`. | `v2`<br/><br/>`v2.0`<br/><br/>`v2.9` |
|
||||
| `v[12].[0-9]+.[0-9]+` | Matches all semantic versioning branches and tags with major version 1 or 2 | `v1.10.1`<br/><br/>`v2.0.0` |
|
||||
| `v[12].[0-9]+.[0-9]+` | Matches all semantic versioning branches and tags with major version 1 or 2. | `v1.10.1`<br/><br/>`v2.0.0` |
|
||||
|
||||
### Patterns to match file paths
|
||||
|
||||
|
||||
@@ -37,6 +37,8 @@ You can generate a certificate signing request (CSR) for your instance using the
|
||||
|
||||
## Uploading a custom TLS certificate
|
||||
|
||||
{% data reusables.enterprise_site_admin_settings.tls-downtime %}
|
||||
|
||||
{% data reusables.enterprise_site_admin_settings.access-settings %}
|
||||
{% data reusables.enterprise_site_admin_settings.management-console %}
|
||||
{% data reusables.enterprise_management_console.privacy %}
|
||||
@@ -69,6 +71,8 @@ You can also use the `ghe-ssl-acme` command line utility on {% data variables.pr
|
||||
|
||||
{% data reusables.enterprise_installation.lets-encrypt-prerequisites %}
|
||||
|
||||
{% data reusables.enterprise_site_admin_settings.tls-downtime %}
|
||||
|
||||
{% data reusables.enterprise_site_admin_settings.access-settings %}
|
||||
{% data reusables.enterprise_site_admin_settings.management-console %}
|
||||
{% data reusables.enterprise_management_console.privacy %}
|
||||
|
||||
@@ -136,5 +136,5 @@ $ ghe-restore -c 169.154.1.1
|
||||
{% endnote %}
|
||||
|
||||
You can use these additional options with `ghe-restore` command:
|
||||
- The `-c` flag overwrites the settings, certificate, and license data on the target host even if it is already configured. Omit this flag if you are setting up a staging instance for testing purposes and you wish to retain the existing configuration on the target. For more information, see the "Using using backup and restore commands" section of the [{% data variables.product.prodname_enterprise_backup_utilities %} README](https://github.com/github/backup-utils#using-the-backup-and-restore-commands).
|
||||
- The `-c` flag overwrites the settings, certificate, and license data on the target host even if it is already configured. Omit this flag if you are setting up a staging instance for testing purposes and you wish to retain the existing configuration on the target. For more information, see the "Using backup and restore commands" section of the [{% data variables.product.prodname_enterprise_backup_utilities %} README](https://github.com/github/backup-utils#using-the-backup-and-restore-commands).
|
||||
- The `-s` flag allows you to select a different backup snapshot.
|
||||
|
||||
@@ -88,8 +88,7 @@ settings to allow incoming emails](#configuring-dns-and-firewall-settings-to-all
|
||||
4. If the test email fails, [troubleshoot your email settings](#troubleshooting-email-delivery).
|
||||
5. When the test email succeeds, at the bottom of the page, click **Save settings**.
|
||||
|
||||
6. Wait for the configuration run to complete.
|
||||
|
||||
{% data reusables.enterprise_site_admin_settings.wait-for-configuration-run %}
|
||||
|
||||
## Configuring DNS and firewall settings to allow incoming emails
|
||||
|
||||
|
||||
@@ -34,7 +34,7 @@ High Availability (HA) and Clustering both provide redundancy by eliminating the
|
||||
|
||||
## Backups and disaster recovery
|
||||
|
||||
Neither HA or Clustering should be considered a replacement for regular backups. For more information, see "[Configuring backups on your appliance](/enterprise/admin/guides/installation/configuring-backups-on-your-appliance)."
|
||||
Neither HA nor Clustering should be considered a replacement for regular backups. For more information, see "[Configuring backups on your appliance](/enterprise/admin/guides/installation/configuring-backups-on-your-appliance)."
|
||||
|
||||
## Monitoring
|
||||
|
||||
|
||||
@@ -15,8 +15,6 @@ redirect_from:
|
||||
- /admin/authentication/managing-identity-and-access-for-your-enterprise/switching-your-saml-configuration-from-an-organization-to-an-enterprise-account
|
||||
---
|
||||
|
||||
{% data reusables.enterprise-accounts.emu-saml-note %}
|
||||
|
||||
## About SAML single sign-on for enterprise accounts
|
||||
|
||||
{% data reusables.saml.dotcom-saml-explanation %} {% data reusables.saml.about-saml-enterprise-accounts %}
|
||||
|
||||
@@ -90,6 +90,9 @@ The `$GITHUB_VIA` variable is available in the pre-receive hook environment when
|
||||
| <pre>git refs delete api</pre> | Deletion of a ref via the API | "[Git database](/rest/reference/git#delete-a-reference)" in the REST API documentation |
|
||||
| <pre>git refs update api</pre> | Update of a ref via the API | "[Git database](/rest/reference/git#update-a-reference)" in the REST API documentation |
|
||||
| <pre>git repo contents api</pre> | Change to a file's contents via the API | "[Create or update file contents](/rest/reference/repos#create-or-update-file-contents)" in the REST API documentation |
|
||||
{%- ifversion ghes > 3.0 %}
|
||||
| `merge ` | Merge of a pull request using auto-merge | "[Automatically merging a pull request](/pull-requests/collaborating-with-pull-requests/incorporating-changes-from-a-pull-request/automatically-merging-a-pull-request)" |
|
||||
{%- endif %}
|
||||
| <pre>merge base into head</pre> | Update of the topic branch from the base branch when the base branch requires strict status checks (via **Update branch** in a pull request, for example) | "[About protected branches](/github/administering-a-repository/about-protected-branches#require-status-checks-before-merging)" |
|
||||
| <pre>pull request branch delete button</pre> | Deletion of a topic branch from a pull request in the web interface | "[Deleting and restoring branches in a pull request](/github/administering-a-repository/deleting-and-restoring-branches-in-a-pull-request#deleting-a-branch-used-for-a-pull-request)" |
|
||||
| <pre>pull request branch undo button</pre> | Restoration of a topic branch from a pull request in the web interface | "[Deleting and restoring branches in a pull request](/github/administering-a-repository/deleting-and-restoring-branches-in-a-pull-request#restoring-a-deleted-branch)" |
|
||||
|
||||
@@ -17,8 +17,12 @@ shortTitle: Deploy keys
|
||||
---
|
||||
{% data reusables.repositories.navigate-to-repo %}
|
||||
{% data reusables.repositories.sidebar-settings %}
|
||||
{% ifversion fpt or ghec or ghes > 3.3 or ghae-issue-5658 %}
|
||||
3. In the "Security" section of the sidebar, click **{% octicon "key" aria-label="The key icon" %} Deploy keys**.
|
||||
{% else %}
|
||||
3. In the left sidebar, click **Deploy keys**.
|
||||
|
||||
{% endif %}
|
||||
4. On the Deploy keys page, take note of the deploy keys associated with your account. For those that you don't recognize, or that are out-of-date, click **Delete**. If there are valid deploy keys you'd like to keep, click **Approve**.
|
||||
|
||||
|
||||
|
||||
@@ -19,7 +19,10 @@ shortTitle: Recover an account with 2FA
|
||||
|
||||
{% warning %}
|
||||
|
||||
**Warning**: {% data reusables.two_fa.support-may-not-help %}
|
||||
**Warnings**:
|
||||
|
||||
- {% data reusables.two_fa.support-may-not-help %}
|
||||
- {% data reusables.accounts.you-must-know-your-password %}
|
||||
|
||||
{% endwarning %}
|
||||
|
||||
@@ -27,15 +30,21 @@ shortTitle: Recover an account with 2FA
|
||||
|
||||
## Using a two-factor authentication recovery code
|
||||
|
||||
Use one of your recovery codes to automatically regain entry into your account. You may have saved your recovery codes to a password manager or your computer's downloads folder. The default filename for recovery codes is `github-recovery-codes.txt`. For more information about recovery codes, see "[Configuring two-factor authentication recovery methods](/articles/configuring-two-factor-authentication-recovery-methods#downloading-your-two-factor-authentication-recovery-codes)."
|
||||
Use one of your recovery codes to automatically regain entry into your account. You may have saved your recovery codes to a password manager or your computer's downloads folder. The default filename for recovery codes is `github-recovery-codes.txt`. For more information about recovery codes, see "[Configuring two-factor authentication recovery methods](/authentication/securing-your-account-with-two-factor-authentication-2fa/configuring-two-factor-authentication-recovery-methods#downloading-your-two-factor-authentication-recovery-codes)."
|
||||
|
||||
{% data reusables.two_fa.username-password %}{% ifversion fpt or ghec %}
|
||||
2. Under "Having Problems?", click **Enter a two-factor recovery code**.
|
||||
{% else %}
|
||||
2. On the 2FA page, under "Don't have your phone?", click **Enter a two-factor recovery code**.
|
||||
{% endif %}
|
||||
3. Type one of your recovery codes, then click **Verify**.
|
||||
|
||||
{% data reusables.two_fa.username-password %}
|
||||
|
||||
{% ifversion fpt or ghec %}
|
||||
1. Under "Having problems?", click **Use a recovery code or request a reset**.
|
||||
|
||||
|
||||
{%- else %}
|
||||
1. On the 2FA page, under "Don't have your phone?", click **Enter a two-factor recovery code**.
|
||||
|
||||
{% endif %}
|
||||
1. Type one of your recovery codes, then click **Verify**.
|
||||
|
||||
|
||||
|
||||
{% ifversion fpt or ghec %}
|
||||
## Authenticating with a fallback number
|
||||
@@ -45,43 +54,52 @@ If you lose access to your primary TOTP app or phone number, you can provide a t
|
||||
|
||||
## Authenticating with a security key
|
||||
|
||||
If you configured two-factor authentication using a security key, you can use your security key as a secondary authentication method to automatically regain access to your account. For more information, see "[Configuring two-factor authentication](/articles/configuring-two-factor-authentication#configuring-two-factor-authentication-using-a-security-key)."
|
||||
If you configured two-factor authentication using a security key, you can use your security key as a secondary authentication method to automatically regain access to your account. For more information, see "[Configuring two-factor authentication](/authentication/securing-your-account-with-two-factor-authentication-2fa/configuring-two-factor-authentication#configuring-two-factor-authentication-using-a-security-key)."
|
||||
|
||||
{% ifversion fpt or ghec %}
|
||||
## Authenticating with a verified device, SSH token, or personal access token
|
||||
|
||||
If you know your {% data variables.product.product_name %} password but don't have the two-factor authentication credentials or your two-factor authentication recovery codes, you can have a one-time password sent to your verified email address to begin the verification process and regain access to your account.
|
||||
If you know your password for {% data variables.product.product_location %} but don't have the two-factor authentication credentials or your two-factor authentication recovery codes, you can have a one-time password sent to your verified email address to begin the verification process and regain access to your account.
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note**: For security reasons, regaining access to your account by authenticating with a one-time password can take 3-5 business days. Additional requests submitted during this time will not be reviewed.
|
||||
**Note**: For security reasons, regaining access to your account by authenticating with a one-time password can take 1-3 business days. {% data variables.product.company_short %} will not review additional requests submitted during this time.
|
||||
|
||||
{% endnote %}
|
||||
|
||||
You can use your two-factor authentication credentials or two-factor authentication recovery codes to regain access to your account anytime during the 3-5 day waiting period.
|
||||
|
||||
1. Type your username and password to prompt authentication. If you do not know your {% data variables.product.product_name %} password, you will not be able to generate a one-time password.
|
||||
2. Under "Having Problems?", click **Can't access your two factor device or valid recovery codes?**
|
||||
|
||||
3. Click **I understand, get started** to request a reset of your authentication settings.
|
||||
|
||||
4. Click **Send one-time password** to send a one-time password to all email addresses associated with your account.
|
||||
|
||||
5. Under "One-time password", type the temporary password from the recovery email {% data variables.product.prodname_dotcom %} sent.
|
||||
|
||||
6. Click **Verify email address**.
|
||||
7. Choose an alternative verification factor.
|
||||
1. Type your username and password to prompt authentication.
|
||||
|
||||
{% warning %}
|
||||
|
||||
**Warning**: {% data reusables.accounts.you-must-know-your-password %}
|
||||
|
||||
{% endwarning %}
|
||||
1. Under "Having problems?", click **Use a recovery code or request a reset**.
|
||||
|
||||
|
||||
1. To the right of "Locked out?", click **Try recovering your account**.
|
||||
|
||||
|
||||
1. Click **I understand, get started** to request a reset of your authentication settings.
|
||||
|
||||
|
||||
1. Click **Send one-time password** to send a one-time password to all eligible addresses associated with your account. Only verified emails are eligible for account recovery. If you've restricted password resets to your primary and/or backup addresses, these addresses are the only addresses eligible for account recovery.
|
||||
|
||||
|
||||
1. Under "One-time password", type the temporary password from the recovery email {% data variables.product.prodname_dotcom %} sent.
|
||||
|
||||
|
||||
1. Click **Verify email address**.
|
||||
|
||||
|
||||
1. Choose an alternative verification factor.
|
||||
- If you've used your current device to log into this account before and would like to use the device for verification, click **Verify with this device**.
|
||||
- If you've previously set up an SSH key on this account and would like to use the SSH key for verification, click **SSH key**.
|
||||
- If you've previously set up a personal access token and would like to use the personal access token for verification, click **Personal access token**.
|
||||
|
||||
8. A member of {% data variables.contact.github_support %} will review your request and email you within 3-5 business days. If your request is approved, you'll receive a link to complete your account recovery process. If your request is denied, the email will include a way to contact support with any additional questions.
|
||||
|
||||
|
||||
1. A member of {% data variables.contact.github_support %} will review your request and email you within 1-3 business days. If your request is approved, you'll receive a link to complete your account recovery process. If your request is denied, the email will include a way to contact support with any additional questions.
|
||||
|
||||
{% endif %}
|
||||
|
||||
## Further reading
|
||||
|
||||
- "[About two-factor authentication](/articles/about-two-factor-authentication)"
|
||||
- "[Configuring two-factor authentication](/articles/configuring-two-factor-authentication)"
|
||||
- "[Configuring two-factor authentication recovery methods](/articles/configuring-two-factor-authentication-recovery-methods)"
|
||||
- "[Accessing {% data variables.product.prodname_dotcom %} using two-factor authentication](/articles/accessing-github-using-two-factor-authentication)"
|
||||
|
||||
@@ -126,7 +126,7 @@ You can search the list of alerts. This is useful if there is a large number of
|
||||
|
||||
{% endif %}
|
||||
|
||||
{% ifversion fpt or ghes > 3.3 or ghae-issue-5036 %}
|
||||
{% if code-scanning-task-lists %}
|
||||
## Tracking {% data variables.product.prodname_code_scanning %} alerts in issues
|
||||
|
||||
{% data reusables.code-scanning.beta-alert-tracking-in-issues %}
|
||||
|
||||
@@ -5,9 +5,7 @@ intro: You can add code scanning alerts to issues using task lists. This makes i
|
||||
product: '{% data reusables.gated-features.code-scanning %}'
|
||||
permissions: 'If you have write permission to a repository you can track {% data variables.product.prodname_code_scanning %} alerts in issues using task lists.'
|
||||
versions:
|
||||
fpt: '*'
|
||||
ghes: '> 3.3'
|
||||
ghae: issue-5036
|
||||
feature: 'code-scanning-task-lists'
|
||||
type: how_to
|
||||
topics:
|
||||
- Advanced Security
|
||||
|
||||
@@ -25,7 +25,7 @@ The {% data variables.product.prodname_advisory_database %} contains a curated l
|
||||
{% endif %}
|
||||
{% ifversion fpt or ghes > 3.0 or ghae or ghec %}
|
||||
### Security policy
|
||||
|
||||
|
||||
Make it easy for your users to confidentially report security vulnerabilities they've found in your repository. For more information, see "[Adding a security policy to your repository](/code-security/getting-started/adding-a-security-policy-to-your-repository)."
|
||||
{% endif %}
|
||||
|
||||
@@ -74,7 +74,7 @@ Automatically detect security vulnerabilities and coding errors in new or modifi
|
||||
|
||||
### {% data variables.product.prodname_secret_scanning_caps %}
|
||||
|
||||
Automatically detect tokens or credentials that have been checked into a repository. {% ifversion fpt or ghec %}For secrets identified in public repositories, the service is informed that the secret may be compromised.{% endif %}
|
||||
Automatically detect tokens or credentials that have been checked into a repository. {% ifversion fpt or ghec %}For secrets identified in public repositories, the service is informed that the secret may be compromised.{% endif %}
|
||||
{%- ifversion ghec or ghes or ghae %}
|
||||
{% ifversion ghec %}For private repositories, you can view {% elsif ghes or ghae %}View {% endif %}any secrets that {% data variables.product.company_short %} has found in your code. You should treat tokens or credentials that have been checked into the repository as compromised.{% endif %} For more information, see "[About secret scanning](/github/administering-a-repository/about-secret-scanning)."
|
||||
|
||||
@@ -84,6 +84,12 @@ Automatically detect tokens or credentials that have been checked into a reposit
|
||||
Show the full impact of changes to dependencies and see details of any vulnerable versions before you merge a pull request. For more information, see "[About dependency review](/code-security/supply-chain-security/about-dependency-review)."
|
||||
{% endif %}
|
||||
|
||||
{% ifversion ghec or ghes > 3.1 %}
|
||||
### Security overview
|
||||
|
||||
Review the security configuration and alerts for your organization and identify the repositories at greatest risk. For more information, see "[About the security overview](/code-security/security-overview/about-the-security-overview)."
|
||||
{% endif %}
|
||||
|
||||
## Further reading
|
||||
- "[{% data variables.product.prodname_dotcom %}'s products](/github/getting-started-with-github/githubs-products)"
|
||||
- "[{% data variables.product.prodname_dotcom %} language support](/github/getting-started-with-github/github-language-support)"
|
||||
|
||||
@@ -27,7 +27,6 @@ You can also block users. For more information, see "[Blocking a user from your
|
||||
## Limiting interactions for your user account
|
||||
|
||||
{% data reusables.user_settings.access_settings %}
|
||||
1. In your user settings sidebar, under "Moderation settings", click **Interaction limits**.
|
||||
|
||||
1. In the "Access" section of the sidebar, select **{% octicon "report" aria-label="The report icon" %} Moderation** then click **Interaction limits**.
|
||||
{% data reusables.community.set-interaction-limit %}
|
||||
|
||||
|
||||
@@ -40,7 +40,7 @@ You can set the following top-level keys for each issue form.
|
||||
| `description` | A description for the issue form template, which appears in the template chooser interface. | Required | String |
|
||||
| `body` | Definition of the input types in the form. | Required | Array |
|
||||
| `assignees` | People who will be automatically assigned to issues created with this template. | Optional | Array or comma-delimited string |
|
||||
| `labels` | Labels that will automatically be added to issues created with this template. | Optional | String |
|
||||
| `labels` | Labels that will automatically be added to issues created with this template. | Optional | Array or comma-delimited string |
|
||||
| `title` | A default title that will be pre-populated in the issue submission form. | Optional | String |
|
||||
|
||||
For the available `body` input types and their syntaxes, see "[Syntax for {% data variables.product.prodname_dotcom %}'s form schema](/communities/using-templates-to-encourage-useful-issues-and-pull-requests/syntax-for-githubs-form-schema)."
|
||||
|
||||
@@ -298,10 +298,10 @@ subdirectory of the callback URL.
|
||||
|
||||
The optional `redirect_uri` parameter can also be used for localhost URLs. If the application specifies a localhost URL and a port, then after authorizing the application users will be redirected to the provided URL and port. The `redirect_uri` does not need to match the port specified in the callback url for the app.
|
||||
|
||||
For the `http://localhost/path` callback URL, you can use this `redirect_uri`:
|
||||
For the `http://127.0.0.1/path` callback URL, you can use this `redirect_uri`:
|
||||
|
||||
```
|
||||
http://localhost:1234/path
|
||||
http://127.0.0.1:1234/path
|
||||
```
|
||||
|
||||
## Creating multiple tokens for OAuth Apps
|
||||
|
||||
@@ -25,13 +25,9 @@ shortTitle: Enterprise Cloud trial
|
||||
|
||||
You can use organizations for free with {% data variables.product.prodname_free_team %}, which includes limited features. For additional features, such as SAML single sign-on (SSO), access control for {% data variables.product.prodname_pages %}, and included {% data variables.product.prodname_actions %} minutes, you can upgrade to {% data variables.product.prodname_ghe_cloud %}. For a detailed list of the features available with {% data variables.product.prodname_ghe_cloud %}, see our [Pricing](https://github.com/pricing) page.
|
||||
|
||||
{% data reusables.saml.saml-accounts %}
|
||||
You can set up a trial of {% data variables.product.prodname_ghe_cloud %} to evaluate these additional features on a new or existing organization account.
|
||||
|
||||
For more information, see "[About identity and access management with SAML single sign-on](/enterprise-cloud@latest/organizations/managing-saml-single-sign-on-for-your-organization/about-identity-and-access-management-with-saml-single-sign-on){% ifversion not ghec %}" in the {% data variables.product.prodname_ghe_cloud %} documentation.{% else %}."{% endif %}
|
||||
|
||||
{% data reusables.enterprise-accounts.emu-short-summary %}
|
||||
|
||||
{% data variables.product.prodname_emus %} is not part of the free trial of {% data variables.product.prodname_ghe_cloud %}. If you're interested in {% data variables.product.prodname_emus %}, please contact [{% data variables.product.prodname_dotcom %}'s Sales team](https://enterprise.github.com/contact).
|
||||
Trials are also available for {% data variables.product.prodname_ghe_server %}. For more information, see "[Setting up a trial of {% data variables.product.prodname_ghe_server %}](/articles/setting-up-a-trial-of-github-enterprise-server)."
|
||||
|
||||
{% data reusables.products.which-product-to-use %}
|
||||
|
||||
@@ -41,7 +37,11 @@ You can set up a 30-day trial to evaluate {% data variables.product.prodname_ghe
|
||||
|
||||
Your trial includes 50 seats. If you need more seats to evaluate {% data variables.product.prodname_ghe_cloud %}, contact {% data variables.contact.contact_enterprise_sales %}. At the end of the trial, you can choose a different number of seats.
|
||||
|
||||
Trials are also available for {% data variables.product.prodname_ghe_server %}. For more information, see "[Setting up a trial of {% data variables.product.prodname_ghe_server %}](/articles/setting-up-a-trial-of-github-enterprise-server)."
|
||||
{% data reusables.saml.saml-accounts %}
|
||||
|
||||
For more information, see "[About identity and access management with SAML single sign-on](/enterprise-cloud@latest/organizations/managing-saml-single-sign-on-for-your-organization/about-identity-and-access-management-with-saml-single-sign-on){% ifversion not ghec %}" in the {% data variables.product.prodname_ghe_cloud %} documentation.{% else %}."{% endif %}
|
||||
|
||||
{% data variables.product.prodname_emus %} is not part of the free trial of {% data variables.product.prodname_ghe_cloud %}. If you're interested in {% data variables.product.prodname_emus %}, please contact [{% data variables.product.prodname_dotcom %}'s Sales team](https://enterprise.github.com/contact).
|
||||
|
||||
## Setting up your trial of {% data variables.product.prodname_ghe_cloud %}
|
||||
|
||||
@@ -64,11 +64,13 @@ After setting up your trial, you can explore {% data variables.product.prodname_
|
||||
|
||||
## Finishing your trial
|
||||
|
||||
You can buy {% data variables.product.prodname_enterprise %} or downgrade to {% data variables.product.prodname_team %} at any time during your trial.
|
||||
You can buy {% data variables.product.prodname_enterprise %} at any time during your trial. Purchasing {% data variables.product.prodname_enterprise %} ends your trial, removing the 50-seat maximum and initiating payment.
|
||||
|
||||
If you don't purchase {% data variables.product.prodname_enterprise %} or {% data variables.product.prodname_team %} before your trial ends, your organization will be downgraded to {% data variables.product.prodname_free_team %} and lose access to any advanced tooling and features that are only included with paid products, including {% data variables.product.prodname_pages %} sites published from those private repositories. If you don't plan to upgrade, to avoid losing access to advanced features, make the repositories public before your trial ends. For more information, see "[Setting repository visibility](/articles/setting-repository-visibility)."
|
||||
If you don't purchase {% data variables.product.prodname_enterprise %}, when the trial ends, your organization will be downgraded. If you used an existing organization for the trial, the organization will be downgraded to the product you were using before the trial. If you created a new organization for the trial, the organization will be downgraded to {% data variables.product.prodname_free_team %}.
|
||||
|
||||
Downgrading to {% data variables.product.prodname_free_team %} for organizations also disables any SAML settings configured during the trial period. Once you purchase {% data variables.product.prodname_enterprise %} or {% data variables.product.prodname_team %}, your SAML settings will be enabled again for users in your organization to authenticate.
|
||||
Your organization will lose access to any functionality that is not included in the new product, such as advanced features like {% data variables.product.prodname_pages %} for private repositories. If you don't plan to upgrade, to avoid losing access to advanced features, consider making affected repositories public before your trial ends. For more information, see "[Setting repository visibility](/articles/setting-repository-visibility)."
|
||||
|
||||
Downgrading also disables any SAML settings configured during the trial period. If you later purchase {% data variables.product.prodname_enterprise %}, your SAML settings will be enabled again for users in your organization to authenticate.
|
||||
|
||||
{% data reusables.profile.access_org %}
|
||||
{% data reusables.profile.org_settings %}
|
||||
|
||||
@@ -76,5 +76,5 @@ Any issues that are referenced in a task list specify that they are tracked by t
|
||||
|
||||
## Further reading
|
||||
|
||||
* "[Basic writing and formatting syntax](/articles/basic-writing-and-formatting-syntax)"{% ifversion fpt or ghes > 3.3 or ghae-issue-5036 %}
|
||||
* "[Basic writing and formatting syntax](/articles/basic-writing-and-formatting-syntax)"{% if code-scanning-task-lists %}
|
||||
* "[Tracking {% data variables.product.prodname_code_scanning %} alerts in issues using task lists](/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/tracking-code-scanning-alerts-in-issues-using-task-lists)"{% endif %}
|
||||
|
||||
@@ -153,7 +153,7 @@ Query parameter | Example
|
||||
`projects` | `https://github.com/octo-org/octo-repo/issues/new?title=Bug+fix&projects=octo-org/1` creates an issue with the title "Bug fix" and adds it to the organization's project board 1.
|
||||
`template` | `https://github.com/octo-org/octo-repo/issues/new?template=issue_template.md` creates an issue with a template in the issue body. The `template` query parameter works with templates stored in an `ISSUE_TEMPLATE` subdirectory within the root, `docs/` or `.github/` directory in a repository. For more information, see "[Using templates to encourage useful issues and pull requests](/communities/using-templates-to-encourage-useful-issues-and-pull-requests)."
|
||||
|
||||
{% ifversion fpt or ghes > 3.3 or ghae-issue-5036 %}
|
||||
{% if code-scanning-task-lists %}
|
||||
## Creating an issue from a {% data variables.product.prodname_code_scanning %} alert
|
||||
|
||||
{% data reusables.code-scanning.beta-alert-tracking-in-issues %}
|
||||
|
||||
@@ -23,6 +23,7 @@ If you allow forking of private{% ifversion ghes or ghec or ghae %} and internal
|
||||
|
||||
{% data reusables.profile.access_org %}
|
||||
{% data reusables.profile.org_settings %}
|
||||
{% data reusables.profile.org_member_privileges %}
|
||||
1. Under "Repository forking", select **Allow forking of private {% ifversion ghec or ghes or ghae %}and internal {% endif %}repositories**.
|
||||
|
||||
{%- ifversion fpt %}
|
||||
|
||||
@@ -23,8 +23,7 @@ It's also possible to verify a domain for your organization{% ifversion ghec %}
|
||||
## Verifying a domain for your user site
|
||||
|
||||
{% data reusables.user_settings.access_settings %}
|
||||
1. In the left sidebar, click **Pages**.
|
||||
|
||||
1. In the "Code, planning, and automation" section of the sidebar, click **{% octicon "browser" aria-label="The pages icon" %} Pages**.
|
||||
{% data reusables.pages.settings-verify-domain-setup %}
|
||||
1. Wait for your DNS configuration to change, this may be immediate or take up to 24 hours. You can confirm the change to your DNS configuration by running the `dig` command on the command line. In the command below, replace `USERNAME` with your username and `example.com` with the domain you're verifying. If your DNS configuration has updated, you should see your new TXT record in the output.
|
||||
```
|
||||
@@ -38,8 +37,7 @@ Organization owners can verify custom domains for their organization.
|
||||
|
||||
{% data reusables.profile.access_org %}
|
||||
{% data reusables.profile.org_settings %}
|
||||
1. In the left sidebar, click **Pages**.
|
||||
|
||||
1. In the "Code, planning, and automation" section of the sidebar, click **{% octicon "browser" aria-label="The browser icon" %} Pages**.
|
||||
{% data reusables.pages.settings-verify-domain-setup %}
|
||||
1. Wait for your DNS configuration to change, this may be immediate or take up to 24 hours. You can confirm the change to your DNS configuration by running the `dig` command on the command line. In the command below, replace `ORGANIZATION` with the name of your organization and `example.com` with the domain you're verifying. If your DNS configuration has updated, you should see your new TXT record in the output.
|
||||
```
|
||||
|
||||
@@ -24,7 +24,7 @@ the moment your code lands on the default branch.
|
||||
This guide will use that API to demonstrate a setup that you can use.
|
||||
In our scenario, we will:
|
||||
|
||||
* Merge a pull request
|
||||
* Merge a pull request.
|
||||
* When the CI is finished, we'll set the pull request's status accordingly.
|
||||
* When the pull request is merged, we'll run our deployment to our server.
|
||||
|
||||
|
||||
@@ -68,7 +68,7 @@ You can also read the current version by calling the [meta endpoint](/rest/refer
|
||||
|
||||
{% endif %}
|
||||
|
||||
{% ifversion fpt or ghec or ghes > 3.2 %}
|
||||
{% ifversion fpt or ghec or ghes > 3.2 or ghae-issue-5528 %}
|
||||
|
||||
## Audit log
|
||||
|
||||
|
||||
@@ -921,6 +921,9 @@ _Teams_
|
||||
{% ifversion fpt or ghes > 3.0 or ghae -%}
|
||||
- [`GET /repos/:owner/:repo/code-scanning/sarifs/:sarif_id`](/rest/reference/code-scanning#get-information-about-a-sarif-upload) (:read)
|
||||
{% endif -%}
|
||||
{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-5435 -%}
|
||||
- [`GET /orgs/:org/code-scanning/alerts`](/rest/reference/code-scanning#list-code-scanning-alerts-by-organization) (:read)
|
||||
{% endif -%}
|
||||
|
||||
{% ifversion fpt or ghes or ghec %}
|
||||
### Permission on "self-hosted runners"
|
||||
|
||||
@@ -1,6 +1,8 @@
|
||||
files:
|
||||
- source: /content/**/*.md
|
||||
translation: /translations/%locale%/%original_path%/%original_file_name%
|
||||
# See lib/page-data.js for a matching list of prefix exceptions
|
||||
# Try to keep these in sync when editing in either location.
|
||||
ignore:
|
||||
- '/content/README.md'
|
||||
- '/content/early-access'
|
||||
|
||||
4
data/features/code-scanning-task-lists.yml
Normal file
4
data/features/code-scanning-task-lists.yml
Normal file
@@ -0,0 +1,4 @@
|
||||
versions:
|
||||
fpt: '*'
|
||||
ghec: '*'
|
||||
ghae: 'issue-5036'
|
||||
1
data/reusables/accounts/you-must-know-your-password.md
Normal file
1
data/reusables/accounts/you-must-know-your-password.md
Normal file
@@ -0,0 +1 @@
|
||||
If you protect your personal account with two-factor authentication but do not know your password, you will not be able to generate a one-time password to recover your account. {% data variables.product.company_short %} can send a password reset email to a verified address associated with your account. For more information, see "[Updating your {% data variables.product.prodname_dotcom %} access credentials](/authentication/keeping-your-account-and-data-secure/updating-your-github-access-credentials#requesting-a-new-password)."
|
||||
@@ -8,6 +8,6 @@ container:
|
||||
image: ghcr.io/owner/image
|
||||
credentials:
|
||||
username: ${{ github.actor }}
|
||||
password: ${{ secrets.ghcr_token }}
|
||||
password: ${{ secrets.github_token }}
|
||||
```
|
||||
{% endraw %}
|
||||
|
||||
13
data/reusables/actions/oidc-permissions-token.md
Normal file
13
data/reusables/actions/oidc-permissions-token.md
Normal file
@@ -0,0 +1,13 @@
|
||||
The job or workflow run requires a `permissions` setting with [`id-token: write`](/actions/security-guides/automatic-token-authentication#permissions-for-the-github_token). This allows the JWT to be requested from GitHub's OIDC provider using one of these approaches:
|
||||
|
||||
- Using environment variables on the runner (`ACTIONS_ID_TOKEN_REQUEST_URL` and `ACTIONS_ID_TOKEN_REQUEST_TOKEN`).
|
||||
- Using `getIDToken()` from the Actions toolkit.
|
||||
|
||||
If you only need to fetch an OIDC token for a single job, then this permission can be set within that job. For example:
|
||||
|
||||
```yaml{:copy}
|
||||
permissions:
|
||||
id-token: write
|
||||
```
|
||||
|
||||
You may need to specify additional permissions here, depending on your workflow's requirements.
|
||||
@@ -1,4 +1,4 @@
|
||||
{% ifversion fpt or ghes > 3.3 or ghae-issue-5036 %}
|
||||
{% if code-scanning-task-lists %}
|
||||
|
||||
{% note %}
|
||||
|
||||
|
||||
@@ -1,3 +1,3 @@
|
||||
1. Under the left sidebar, click **Save settings**.
|
||||
|
||||
1. Wait for the configuration run to complete.
|
||||
{% data reusables.enterprise_site_admin_settings.wait-for-configuration-run %}
|
||||
@@ -0,0 +1,5 @@
|
||||
{% warning %}
|
||||
|
||||
**Warning:** Configuring TLS causes a small amount of downtime for {% data variables.product.product_location %}.
|
||||
|
||||
{% endwarning %}
|
||||
@@ -0,0 +1,3 @@
|
||||
1. Wait for the configuration run to complete.
|
||||
|
||||
|
||||
@@ -1 +1,3 @@
|
||||
{% ifversion fpt %}
|
||||
If you're using {% data variables.product.prodname_free_user %}, you can add unlimited collaborators on public and private repositories.
|
||||
{% endif %}
|
||||
@@ -1,4 +1,4 @@
|
||||
{% data reusables.user_settings.access_settings %}
|
||||
2. In the settings sidebar, click **{% octicon "organization" aria-label="The organization icon" %} Organizations**.
|
||||
1. In the "Access" section of the sidebar, click **{% octicon "organization" aria-label="The organization icon" %} Organizations**.
|
||||
{% data reusables.profile.org_settings %}
|
||||
1. If you're an organization owner, in the left sidebar, click **{% octicon "credit-card" aria-label="The credit card icon" %} Billing and plans**.
|
||||
1. If you are an organization owner, in the "Access" section of the sidebar, click **{% octicon "credit-card" aria-label="The credit-card icon" %} Billing and plans**.
|
||||
|
||||
@@ -1,4 +1 @@
|
||||
{% ifversion fpt or ghec %}
|
||||
1. In the Settings sidebar, click **Third-party access**.
|
||||
|
||||
{% endif %}
|
||||
1. In the "Integrations" section of the sidebar, click **{% octicon "key" aria-label="The key icon" %} Third-party access**.
|
||||
|
||||
@@ -1,2 +1,6 @@
|
||||
{% ifversion fpt or ghec or ghes > 3.3 or ghae-issue-5658 %}
|
||||
1. In the "Access" section of the sidebar, click **{% octicon "comment-discussion" aria-label="The comment-discussion icon" %} Team discussions**.
|
||||
{% else %}
|
||||
1. In the Settings sidebar, click **Teams**.
|
||||
|
||||
{% endif %}
|
||||
|
||||
2
data/reusables/profile/org_member_privileges.md
Normal file
2
data/reusables/profile/org_member_privileges.md
Normal file
@@ -0,0 +1,2 @@
|
||||
3. Under "Access", click **Member privileges**.
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
You can schedule a workflow to run at specific UTC times using [POSIX cron syntax](https://pubs.opengroup.org/onlinepubs/9699919799/utilities/crontab.html#tag_20_25_07). Scheduled workflows run on the latest commit on the default or base branch. The shortest interval you can run scheduled workflows is once every 15 minutes.
|
||||
You can schedule a workflow to run at specific UTC times using [POSIX cron syntax](https://pubs.opengroup.org/onlinepubs/9699919799/utilities/crontab.html#tag_20_25_07). Scheduled workflows run on the latest commit on the default or base branch. The shortest interval you can run scheduled workflows is once every 5 minutes.
|
||||
|
||||
This example triggers the workflow every day at 5:30 and 17:30 UTC:
|
||||
|
||||
|
||||
@@ -1,2 +1,6 @@
|
||||
{% ifversion fpt or ghec or ghes > 3.3 or ghae-issue-5658 %}
|
||||
1. In the "Integrations" section of the sidebar, click **{% octicon "mail" aria-label="The mail icon" %} Email notifications**.
|
||||
{% else %}
|
||||
1. Click **Notifications**.
|
||||
|
||||
{% endif %}
|
||||
|
||||
@@ -1,2 +1,2 @@
|
||||
1. In the left sidebar, click **OAuth Apps**.
|
||||
1. In the left sidebar, click **{% data variables.product.prodname_oauth_apps %}**.
|
||||
|
||||
|
||||
@@ -1,2 +1,6 @@
|
||||
{% ifversion fpt or ghec or ghes > 3.3 or ghae-issue-5658 %}
|
||||
1. In the "Integrations" section of the sidebar, click **{% octicon "apps" aria-label="The apps icon" %} Applications**.
|
||||
{% else %}
|
||||
1. In the left sidebar, click **Applications**.
|
||||
|
||||
{% endif %}
|
||||
|
||||
@@ -1,2 +1 @@
|
||||
1. In the navigation on the left hand side, click the **Accessibility** link.
|
||||
|
||||
1. In the left sidebar, click **{% octicon "accessibility" aria-label="The accessibility icon" %} Accessibility**.
|
||||
|
||||
@@ -1,2 +1,6 @@
|
||||
{% ifversion fpt or ghec or ghes > 3.3 or ghae-issue-next %}
|
||||
1. In the left sidebar, click **{% octicon "gear" aria-label="The gear icon" %} Account**.
|
||||
{% else %}
|
||||
1. In the left sidebar, click **Account**.
|
||||
|
||||
{% endif %}
|
||||
|
||||
@@ -1,3 +1,7 @@
|
||||
{% ifversion fpt or ghec or ghes > 3.3 or ghae-issue-5658 %}
|
||||
1. In the left sidebar, click **{% octicon "paintbrush" aria-label="The paintbrush icon" %} Appearance**.
|
||||
{% else %}
|
||||
1. In the user settings sidebar, click **Appearance**.
|
||||
|
||||
|
||||
|
||||
{% endif %}
|
||||
@@ -1,2 +1 @@
|
||||
1. In your user settings sidebar, click **Billing & plans**.
|
||||
|
||||
1. In the "Access" section of the sidebar, click **{% octicon "credit-card" aria-label="The credit-card icon" %} Billing and plans**.
|
||||
|
||||
@@ -1,2 +1 @@
|
||||
1. In your user settings sidebar, click **Blocked users** under **Moderation settings**.
|
||||
|
||||
1. In the "Access" section of the sidebar, select **{% octicon "report" aria-label="The report icon" %} Moderation** then click **Blocked users**.
|
||||
|
||||
Some files were not shown because too many files have changed in this diff Show More
Reference in New Issue
Block a user