[DO NOT MERGE] GitHub AE consumables beta megabranch (#17620)

* Empty commit * updated beta note for GHAE * more GHAE update + resolve conflict * more GHAE updates + prepare for screenshots * Apply suggestions from code review Co-authored-by: Shati Patel <42641846+shati-patel@users.noreply.github.com> * Apply suggestions from code review Co-authored-by: Shati Patel <42641846+shati-patel@users.noreply.github.com> * address remaining review comments * Revise "About GitHub AE" (#17679) * add screenshots to the Configuring article * reworked to have a separate GHAE section * list numbering * more work on screenshots and conditions * add GHAE screenshots in article * review screenshots in article * added more screenshots and updated more articles * screenshot madness * fix liquid versioning * refactor the ghae script * [GHAE CB/Feb 22]: Add article about data residency for GitHub AE (#17847) * add missing GHAE versioning to article * move screenshots to GHAE asset directory * forgot to change the path for these two images * replace CBB screenshot + add better screenshot * [GHAE CB/Feb 22]: Document upgrades for GitHub AE (#17848) * Version article for GitHub AE * Replace unused variable * Incorporate reviewer feedback * Update intro Co-authored-by: Ethan P <56270045+ethanpalm@users.noreply.github.com> * [GHAE] Enable IP allow list (#17691) * Notes for CC * Updat permission leves chart * Add updated article to further reading * Update gated feature callout with GitHub AE * Version "Managing allowed IP addresses for your organization" for AE * Update images * Update "Restricting network traffic to your enterprise" with new procedures * remove todo note * Update audited actions * Update info about Premium Runners * Use reusable for Premium Runners * Change "Premium Runners" to "AE hosted runners" * Incorporate reviewer feedback * Use correct reusable * Version reusable correctly * [Feb 22] GHAE: Code scanning beta (#17830) * Add "github-ae" to all the frontmatter * GHAE-ify the reusables * Add some more changes * Re-use some content * 🔪 Semmle links * Revert change re "--external-repository-token" in the CodeQL runner * Update CodeQL runner token scopes * Update two screenshots * Remove mention of GitHub.com from AE + other fixes * Apply suggestions from code review Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com> * Use `product_name` variable instead of `product_location` * Remove confusing phrase * [Feb 22] GHAE: Code scanning API and webhook docs (#17883) * Version API and webhook docs * Actually add versioning for GHAE * Fix anchor * [TEMPORARY] Preview for API endpoints * Revert API previews * Update procedure step Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com> * Update docs for AzureAD Group SCIM support in GHAE (#17892) * [GHAE CB] SMTP bootstrapping flow (#17888) * draft * update with AE conntent * update with tons of versioning * remove that lie * fill out the rest of these steps * update with correct versioning * more edits * add images * reversion most of ae article * fix versioning * format correctlly * words matter * last image * update with permmissions * update versioning * add link * apply feedback ❤️ * update with differrent spacing * update with feedback * more feedback * Temporary GHAE release notes for consumables beta launch (#17859) * Create release-notes.md * Add frontmatter * Add to index file * Update github-ae-release-notes.md * Add release notes from Google Doc * Update finalized docs links that have been reviewed * OAuth device flow link update * version for AE * few fixes * Update content/admin/overview/github-ae-release-notes.md * small edits * whoops * commit * update with different links * used wrong reusable * fix more brokenness * Update repository-references.js * Update repository-references.js Co-authored-by: Meg Bird <megbird@github.com> Co-authored-by: Kevin Heis <heiskr@users.noreply.github.com> * [GHAE] Audit public repos (#17917) * verifying what we mean by public * Apply suggestions from code review * Update content/developers/apps/installing-github-apps.md Co-authored-by: Laura Coursen <lecoursen@github.com> * fixing placememnt of liquid conditional Co-authored-by: Laura Coursen <lecoursen@github.com> * GHAE packages beta (#17786) Co-authored-by: jmarlena <6732600+jmarlena@users.noreply.github.com> Co-authored-by: Martin Lopes <martin389@github.com> * fix broken links * [GHAE CB/March 01]: GitHub Actions on GHAE (beta) (#17725) * Added initial layout for premium runners * Restructured content * Added placeholder for removing premium runner * Added versioning and warning note for self-hosted runners * Added versioning and beta notice for actions content * Rephrased beta note * Added versioning for API docs, fixes * Added versioning fixes * Split Github-hosted and premium topics into separate articles * Added edits * Restructured some topics * Revised "Using premium runners in a workflow" * Some small fixes * Fixed typo * Added fixes to reusable * Added edits * Made section titles consistent * Added billing, group mgmt, reusable steps * Cropped certain screenshots for future-proofing * Removed superfluous reusable * Added fixes * Revert "Cropped certain screenshots for future-proofing" This reverts commit c7f24f31fa30d4fe3de2b63fc3cd5feba44ef518. * Added new section for custom images * Added versioning for enterprise-admin operations * Added edits * Added edits * Update adding-premium-runners.md * Removed SHR screenshots. Intending to update them when UI is available. * Update using-labels-with-premium-runners.md * Added custom labels section * Added preview of API docs changes * Added versioning for ip allow list section * Removed removal article * Renamed premium runners to AE hosted runners * Re-added added API preview * Fixed links, updated software specs * Revised "Software specifications" based on feedback * Fixed typos * Small fixes * Added new article "Creating custom images" * Moved "Creating custom images" link * Apply suggestions from code review Co-authored-by: ahdbilal <55514721+ahdbilal@users.noreply.github.com> * Added update from review * Added updates from tech review * Apply suggestions from code review Co-authored-by: ahdbilal <55514721+ahdbilal@users.noreply.github.com> * Added updates from tech review * Added updates from tech review * Added updates from tech review * Added updates from tech review * Fixed reusable * Added fixes * Added update from tech review * Removed the dereferenced OpenAPI schema files * Added fixes * Fixed links * Fixed links * Apply suggestions from code review Co-authored-by: jmarlena <6732600+jmarlena@users.noreply.github.com> * Added updates from peer review * Removed sections that are not in beta * Update viewing-your-github-actions-usage.md * Update viewing-job-execution-time.md * Update index.md * Update about-github-hosted-runners.md * Restored versioning to match GHES approach * Fixed link * Restored self-hosted runner reference to UI steps. * Updated screenshots * Updated screenshots and procedures * Small edits to screenshots * Added AE url info for SHR * Removed superfluous versioning * Update security-hardening-for-github-actions.md * Update actions-shared.md * Small edits * Update usage-limits-billing-and-administration.md * Update managing-complex-workflows.md * Additional versioning * Additional versioning * version environments api and checkrun deployments for ghae (#17991) Co-authored-by: Martin Lopes <martin389@github.com> * Update reviewing-the-audit-log-for-your-organization.md * Added versioning for enterprise policy settings * version configuring artifact retention for AE * remove AE versioning for connecting to Marketplace * Apply suggestions from code review Co-authored-by: Joe Bourne <thejoebourneidentity@github.com> * Update content/admin/github-actions/getting-started-with-github-actions-for-github-ae.md Co-authored-by: Joe Bourne <thejoebourneidentity@github.com> * rewording not public to private * fixing liquid * Fixed elseif entries * Added expectations note * Revised label management article for AE hosted runners * Added enterprise-admin note for adding AE hosted runners * Update enterprise-admin.md * Update self-hosted-runner-security.md * Versioned reusable for AE * Empty commit for CI Co-authored-by: ahdbilal <55514721+ahdbilal@users.noreply.github.com> Co-authored-by: jmarlena <6732600+jmarlena@users.noreply.github.com> Co-authored-by: skedwards88 <skedwards88@github.com> Co-authored-by: Leona B. Campbell <3880403+runleonarun@users.noreply.github.com> Co-authored-by: Joe Bourne <thejoebourneidentity@github.com> Co-authored-by: runleonarun <runleonarun@github.com> * Update OpenAPI Descriptions for GHAE * Update content/admin/overview/github-ae-release-notes.md Co-authored-by: Ethan Palm <56270045+ethanpalm@users.noreply.github.com> Co-authored-by: mchammer01 <42146119+mchammer01@users.noreply.github.com> Co-authored-by: Shati Patel <42641846+shati-patel@users.noreply.github.com> Co-authored-by: shati-patel <shati-patel@github.com> Co-authored-by: Sarah Schneider <sarahs@github.com> Co-authored-by: skedwards88 <skedwards88@github.com> Co-authored-by: Sarah Schneider <sarahs@users.noreply.github.com> Co-authored-by: Melanie Yarbrough <11952755+myarb@users.noreply.github.com> Co-authored-by: Felicity Chapman <felicitymay@github.com> Co-authored-by: Meg Bird <megbird@github.com> Co-authored-by: Kevin Heis <heiskr@users.noreply.github.com> Co-authored-by: Leona B. Campbell <3880403+runleonarun@users.noreply.github.com> Co-authored-by: Laura Coursen <lecoursen@github.com> Co-authored-by: jmarlena <6732600+jmarlena@users.noreply.github.com> Co-authored-by: Martin Lopes <martin389@github.com> Co-authored-by: ahdbilal <55514721+ahdbilal@users.noreply.github.com> Co-authored-by: Joe Bourne <thejoebourneidentity@github.com> Co-authored-by: runleonarun <runleonarun@github.com> Co-authored-by: github-openapi-bot <69533958+github-openapi-bot@users.noreply.github.com>
2025-12-30 03:01:36 -05:00 · 2021-03-01 22:07:02 +01:00
parent 42c3c2a978
commit 2db9da5c8f
279 changed files with 38133 additions and 555 deletions
--- a/data/reusables/github-actions/artifact-log-retention-statement.md
+++ b/data/reusables/github-actions/artifact-log-retention-statement.md
@@ -1,2 +1,2 @@
-{% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@2.22" %} By default, {% data variables.product.product_name %} stores build logs and artifacts for 90 days, and this retention period can be customized. For more information, see "[Usage limits, billing, and administration](/actions/reference/usage-limits-billing-and-administration#artifact-and-log-retention-policy)".{% endif %} 
+{% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@2.22" or currentVersion == "github-ae@latest" %} By default, {% data variables.product.product_name %} stores build logs and artifacts for 90 days, and this retention period can be customized. For more information, see "[Usage limits, billing, and administration](/actions/reference/usage-limits-billing-and-administration#artifact-and-log-retention-policy)".{% endif %} 
 {% if currentVersion == "enterprise-server@2.22" %} {% data variables.product.product_name %} stores full build logs and artifacts for 90 days.{% endif %}
--- a/data/reusables/github-actions/disabling-github-actions.md
+++ b/data/reusables/github-actions/disabling-github-actions.md
@@ -1 +1 @@
-By default, {% if currentVersion ver_gt "enterprise-server@2.21" %}after {% data variables.product.prodname_actions %} is enabled on {% data variables.product.product_location %}, it{% elsif currentVersion == "free-pro-team@latest" %}{% data variables.product.prodname_actions %}{% endif %} is enabled on all repositories and organizations. You can choose to disable {% data variables.product.prodname_actions %} or limit them to private actions only, which means that people can only use actions that exist in your repository.
+By default, {% if currentVersion ver_gt "enterprise-server@2.21" or currentVersion == "github-ae@latest" %}after {% data variables.product.prodname_actions %} is enabled on {% data variables.product.product_location %}, it{% elsif currentVersion == "free-pro-team@latest" %}{% data variables.product.prodname_actions %}{% endif %} is enabled on all repositories and organizations. You can choose to disable {% data variables.product.prodname_actions %} or limit them to private actions only, which means that people can only use actions that exist in your repository.
--- a/data/reusables/github-actions/hosted-runner-configure-runner-group-access.md
+++ b/data/reusables/github-actions/hosted-runner-configure-runner-group-access.md
@@ -0,0 +1,2 @@
+1. In the runner section of the settings page, click {% octicon "kebab-horizontal" aria-label="The horizontal kebab icon" %} next to the runner group you'd like to configure, then click **Edit name and [organization|repository] access**.
+1. Modify your policy options, or change the runner group name.
--- a/data/reusables/github-actions/hosted-runner-labels-view-assigned-labels.md
+++ b/data/reusables/github-actions/hosted-runner-labels-view-assigned-labels.md
@@ -0,0 +1,3 @@
+1. Locate the runner you want to update, and click {% octicon "triangle-down" aria-label="The downward triangle" %} to view the label selection menu. This menu displays all the custom labels available to your runner. Labels already assigned to your runner have a {% octicon "check" aria-label="Check mark" %} next to them.
+
+    ![Change runner label](/assets/images/help/settings/actions-hosted-runner-list-label.png)
--- a/data/reusables/github-actions/hosted-runner-list-group.md
+++ b/data/reusables/github-actions/hosted-runner-list-group.md
@@ -0,0 +1,3 @@
+1. If your runner is in a group, locate the runner group and click {% octicon "chevron-down" aria-label="The downward chevron" %} to view the list of runners.
+
+    ![List runner group](/assets/images/help/settings/actions-hosted-runner-group-members.png)
--- a/data/reusables/github-actions/hosted-runner-list.md
+++ b/data/reusables/github-actions/hosted-runner-list.md
@@ -0,0 +1 @@
+1. Click the "Self-hosted runners" tab, and locate the list of runners.
--- a/data/reusables/github-actions/hosted-runner-navigate-to-repo-org-enterprise.md
+++ b/data/reusables/github-actions/hosted-runner-navigate-to-repo-org-enterprise.md
@@ -0,0 +1,15 @@
+1. Navigate to where your {% data variables.actions.hosted_runner %} is registered:
+   * **In an organization or repository**: navigate to the main page and click {% octicon "gear" aria-label="The Settings gear" %} **Settings**.
+   * **If using an enterprise-level runner**:
+   
+     1. In the upper-right corner of any page, click {% octicon "rocket" aria-label="The rocket ship" %}.
+     1. In the left sidebar, click **Enterprise overview**. 
+     1. In the enterprise sidebar, click {% octicon "law" aria-label="The law icon" %} **Policies**.
+1. Navigate to the {% data variables.product.prodname_actions %} settings:
+   * **In an organization or repository**: Click **Actions** in the left sidebar.
+     
+     ![Actions setting](/assets/images/help/settings/settings-sidebar-actions.png)
+   * **If using an enterprise-level runner**: Under "{% octicon "law" aria-label="The law icon" %} Policies", click **Actions**.
+   
+     ![Actions setting](/assets/images/help/settings/actions-enterprise-policies.png)
+  
--- a/data/reusables/github-actions/ip-allow-list-hosted-runners.md
+++ b/data/reusables/github-actions/ip-allow-list-hosted-runners.md
@@ -0,0 +1,3 @@
+To allow your {% data variables.actions.hosted_runner %}s to communicate with {% data variables.product.prodname_dotcom %}, add the IP address or IP address range of your {% data variables.actions.hosted_runner %}s to the IP allow list. For more information, see "[Adding an allowed IP address](#adding-an-allowed-ip-address)."
+
+For more information about {% data variables.actions.hosted_runner %}s, see "[About {% data variables.actions.hosted_runner %}s](/github-ae@latest/actions/using-github-hosted-runners/about-ae-hosted-runners)."
--- a/data/reusables/github-actions/ip-allow-list-self-hosted-runners.md
+++ b/data/reusables/github-actions/ip-allow-list-self-hosted-runners.md
@@ -1,3 +1,6 @@
+{% if currentVersion == "github-ae@latest" %}
+To allow your {% data variables.actions.hosted_runner %}s to communicate with {% data variables.product.prodname_dotcom %}, add the IP address or IP address range of your {% data variables.actions.hosted_runner %}s to the IP allow list. For more information, see "[Adding an allowed IP address](#adding-an-allowed-ip-address)."
+{% else %}
 {% warning %}

 **Warning**: If you use an IP allow list and would also like to use {% data variables.product.prodname_actions %}, you must use self-hosted runners. For more information, see "[Hosting your own runners](/actions/automating-your-workflow-with-github-actions/about-self-hosted-runners)."
@@ -5,3 +8,4 @@
 {% endwarning %}

 To allow your self-hosted runners to communicate with {% data variables.product.prodname_dotcom %}, add the IP address or IP address range of your self-hosted runners to the IP allow list. For more information, see "[Adding an allowed IP address](#adding-an-allowed-ip-address)."
+{% endif %}
--- a/data/reusables/github-actions/self-hosted-runner-management-permissions-required.md
+++ b/data/reusables/github-actions/self-hosted-runner-management-permissions-required.md
@@ -1,9 +1,9 @@
-A self-hosted runner can be located in either your repository, organization, or {% if currentVersion == "free-pro-team@latest" %}enterprise account settings on {% data variables.product.prodname_dotcom %}{% elsif enterpriseServerVersions contains currentVersion and currentVersion ver_gt "enterprise-server@2.21" %} enterprise settings on {% data variables.product.product_location %}{% endif %}. To manage a self-hosted runner, you must have the following permissions, depending on where the self-hosted runner was added:
+A self-hosted runner can be located in either your repository, organization, or {% if currentVersion == "free-pro-team@latest" %}enterprise account settings on {% data variables.product.prodname_dotcom %}{% elsif enterpriseServerVersions contains currentVersion and currentVersion ver_gt "enterprise-server@2.21" or currentVersion == "github-ae@latest" %} enterprise settings on {% data variables.product.product_location %}{% endif %}. To manage a self-hosted runner, you must have the following permissions, depending on where the self-hosted runner was added:
 - **User repository**: You must be the repository owner.
 - **Organization**: You must be an organization owner. 
 - **Organization repository**: You must be an organization owner, or have admin access to the repository.
 {% if currentVersion == "free-pro-team@latest" %}
 - **Enterprise account**: You must be an enterprise owner.
-{% elsif enterpriseServerVersions contains currentVersion and currentVersion ver_gt "enterprise-server@2.21" %}
+{% elsif enterpriseServerVersions contains currentVersion and currentVersion ver_gt "enterprise-server@2.21" or currentVersion == "github-ae@latest" %}
 - **Enterprise**: You must be a {% data variables.product.prodname_enterprise %} site administrator.
 {% endif %}
--- a/data/reusables/github-actions/self-hosted-runner-navigate-to-repo-org-enterprise.md
+++ b/data/reusables/github-actions/self-hosted-runner-navigate-to-repo-org-enterprise.md
@@ -1,6 +1,6 @@
 1. Navigate to where your self-hosted runner is registered:
   * **In an organization or repository**: navigate to the main page and click {% octicon "gear" aria-label="The Settings gear" %} **Settings**.
-   * {% if currentVersion == "free-pro-team@latest" %}**If using an enterprise account**: navigate to your enterprise account by visiting `https://github.com/enterprises/ENTERPRISE-NAME`, replacing `ENTERPRISE-NAME` with your enterprise account's name.{% elsif enterpriseServerVersions contains currentVersion and currentVersion ver_gt "enterprise-server@2.21" %}**If using an enterprise-level runner**:
+   * {% if currentVersion == "free-pro-team@latest" %}**If using an enterprise account**: navigate to your enterprise account by visiting `https://github.com/enterprises/ENTERPRISE-NAME`, replacing `ENTERPRISE-NAME` with your enterprise account's name.{% elsif enterpriseServerVersions contains currentVersion and currentVersion ver_gt "enterprise-server@2.21" or currentVersion == "github-ae@latest" %}**If using an enterprise-level runner**:
   
     1. In the upper-right corner of any page, click {% octicon "rocket" aria-label="The rocket ship" %}.
     1. In the left sidebar, click **Enterprise overview**. 
@@ -9,4 +9,4 @@
   * **In an organization or repository**: click **Actions** in the left sidebar.
     
     ![Actions setting](/assets/images/help/settings/settings-sidebar-actions.png)
-   * {% if currentVersion == "free-pro-team@latest" %}**If using an enterprise account**{% elsif enterpriseServerVersions contains currentVersion and currentVersion ver_gt "enterprise-server@2.21" %}**If using an enterprise-level runner**{% endif %}: click **Actions** under "{% octicon "law" aria-label="The law icon" %} Policies".
+   * {% if currentVersion == "free-pro-team@latest" %}**If using an enterprise account**{% elsif enterpriseServerVersions contains currentVersion and currentVersion ver_gt "enterprise-server@2.21" or currentVersion == "github-ae@latest" %}**If using an enterprise-level runner**{% endif %}: click **Actions** under "{% octicon "law" aria-label="The law icon" %} Policies".
--- a/data/reusables/github-actions/self-hosted-runner-security.md
+++ b/data/reusables/github-actions/self-hosted-runner-security.md
@@ -1,3 +1 @@
-We recommend that you do not use self-hosted runners with public repositories.
-
-Forks of your public repository can potentially run dangerous code on your self-hosted runner machine by creating a pull request that executes the code in a workflow.
+We recommend that you only use self-hosted runners with private repositories. This is because forks of your repository can potentially run dangerous code on your self-hosted runner machine by creating a pull request that executes the code in a workflow.
				`@@ -0,0 +1 @@`
				`1. Click the "Self-hosted runners" tab, and locate the list of runners.`