Deprecate 3.0 (#25646)
* Deprecate 3.0 * 3.0 deprecation: remove 3.0 markup (#25647) * Remove liquid conditionals and content for 3.0 deprecation * Remove manually, no longer versioned in a supported version * Remove translations manually, no longer versioned in a supported version * Remove 'if', now in all supported versions * Remove dangling 'elseif', now in all supported versions * Remove dangling 'elseif' and 3.0 screenshot reference, now in all supported versions * Nudge to latest supported GHES version * Nudge to latest supported release GHES version * Bump all the version for the liquid tests * Bump first deprecated version for linting tests * Prefer double quotes Co-authored-by: Laura Coursen <lecoursen@github.com> * Prefer double quotes Co-authored-by: Laura Coursen <lecoursen@github.com> * Prefer double quotes Co-authored-by: Laura Coursen <lecoursen@github.com> * Prefer double quotes Co-authored-by: Laura Coursen <lecoursen@github.com> * Prefer double quotes Co-authored-by: Laura Coursen <lecoursen@github.com> * Prefer double quotes Co-authored-by: Laura Coursen <lecoursen@github.com> * Prefer double quotes Co-authored-by: Laura Coursen <lecoursen@github.com> * Prefer double quotes Co-authored-by: Laura Coursen <lecoursen@github.com> * Prefer double quotes Co-authored-by: Laura Coursen <lecoursen@github.com> * Remove extra newline Co-authored-by: Laura Coursen <lecoursen@github.com> * Remove extra newline Co-authored-by: Laura Coursen <lecoursen@github.com> * Remove extra newline Co-authored-by: Laura Coursen <lecoursen@github.com> * One reusable per line Co-authored-by: Laura Coursen <lecoursen@github.com> * One reusable per line Co-authored-by: Laura Coursen <lecoursen@github.com> * One reusable per line Co-authored-by: Laura Coursen <lecoursen@github.com> * Version check not needed anymore Co-authored-by: Laura Coursen <lecoursen@github.com> * Version check not needed anymore Co-authored-by: Laura Coursen <lecoursen@github.com> * Version check not needed anymore Co-authored-by: Laura Coursen <lecoursen@github.com> * Version check not needed anymore Co-authored-by: Laura Coursen <lecoursen@github.com> * Version check not needed anymore Co-authored-by: Laura Coursen <lecoursen@github.com> * Version check not needed anymore Co-authored-by: Laura Coursen <lecoursen@github.com> * Version check not needed anymore Co-authored-by: Laura Coursen <lecoursen@github.com> * Stray whitespace ✂️ Co-authored-by: Laura Coursen <lecoursen@github.com> * Stray whitespace ✂️ Co-authored-by: Laura Coursen <lecoursen@github.com> * Stray whitespace ✂️ Co-authored-by: Laura Coursen <lecoursen@github.com> * Stray whitespace ✂️ Co-authored-by: Laura Coursen <lecoursen@github.com> * Stray whitespace ✂️ Co-authored-by: Laura Coursen <lecoursen@github.com> * Stray whitespace ✂️ Co-authored-by: Laura Coursen <lecoursen@github.com> * Stray whitespace ✂️ Co-authored-by: Laura Coursen <lecoursen@github.com> * Stray whitespace ✂️ Co-authored-by: Laura Coursen <lecoursen@github.com> * Version check not needed anymore Co-authored-by: Laura Coursen <lecoursen@github.com> * Version check not needed anymore Co-authored-by: Laura Coursen <lecoursen@github.com> * Just 'ghes' since we're deprecating 3.0 Co-authored-by: Laura Coursen <lecoursen@github.com> * Just 'ghes' since we're deprecating 3.0 Co-authored-by: Laura Coursen <lecoursen@github.com> * Just 'ghes' since we're deprecating 3.0 Co-authored-by: Laura Coursen <lecoursen@github.com> * Just 'ghes' since we're deprecating 3.0 Co-authored-by: Laura Coursen <lecoursen@github.com> * Just 'ghes' since we're deprecating 3.0 Co-authored-by: Laura Coursen <lecoursen@github.com> * Just 'ghes' since we're deprecating 3.0 Co-authored-by: Laura Coursen <lecoursen@github.com> * Just 'ghes' since we're deprecating 3.0 Co-authored-by: Laura Coursen <lecoursen@github.com> * Just 'ghes' since we're deprecating 3.0 Co-authored-by: Laura Coursen <lecoursen@github.com> * Don't depend on hardcoded versions Co-authored-by: Laura Coursen <lecoursen@github.com> * Remove static files for 3.0 deprecation (#25649) Co-authored-by: Laura Coursen <lecoursen@github.com>
This commit is contained in:
Robert Sese
@@ -67,15 +67,11 @@ When you unwatch a repository, you unsubscribe from future updates from that rep
|
||||
|
||||
|
||||
2. On the watched repositories page, after you've evaluated the repositories you're watching, choose whether to:
|
||||
{%- ifversion fpt or ghes > 3.0 or ghae or ghec %}
|
||||
|
||||
- Unwatch a repository
|
||||
- Ignore all notifications for a repository
|
||||
- If enabled, customize the types of event you receive notifications for ({% data reusables.notifications-v2.custom-notification-types %})
|
||||
{%- else %}
|
||||
- Unwatch a repository
|
||||
- Only watch releases for a repository
|
||||
- Ignore all notifications for a repository
|
||||
{%- endif %}
|
||||
|
||||
{%- ifversion fpt or ghec or ghes > 3.3 or ghae-issue-5819 %}
|
||||
1. Optionally, to unsubscribe from all repositories owned by a given user or organization, select the **Unwatch all** dropdown and click the organization whose repositories you'd like to unsubscribe from. The button to unwatch all repositories is only available if you are watching all activity or custom notifications on over 10 repositories.
|
||||
|
||||
|
||||
@@ -38,13 +38,11 @@ When your inbox has too many notifications to manage, consider whether you have
|
||||
For more information, see "[Configuring notifications](/github/managing-subscriptions-and-notifications-on-github/configuring-notifications#automatic-watching)."
|
||||
|
||||
To see an overview of your repository subscriptions, see "[Reviewing repositories that you're watching](#reviewing-repositories-that-youre-watching)."
|
||||
{% ifversion fpt or ghes > 3.0 or ghae or ghec %}
|
||||
{% tip %}
|
||||
|
||||
**Tip:** You can select the types of event to be notified of by using the **Custom** option of the **Watch/Unwatch** dropdown list in your [watching page](https://github.com/watching) or on any repository page on {% data variables.product.product_name %}. For more information, see "[Configuring notifications](/github/managing-subscriptions-and-notifications-on-github/configuring-notifications#configuring-your-watch-settings-for-an-individual-repository)."
|
||||
|
||||
{% endtip %}
|
||||
{% endif %}
|
||||
|
||||
Many people forget about repositories that they've chosen to watch in the past. From the "Watched repositories" page you can quickly unwatch repositories. For more information on ways to unsubscribe, see "[Unwatch recommendations](https://github.blog/changelog/2020-11-10-unwatch-recommendations/)" on {% data variables.product.prodname_blog %} and "[Managing your subscriptions](/github/managing-subscriptions-and-notifications-on-github/managing-your-subscriptions)." You can also create a triage workflow to help with the notifications you receive. For guidance on triage workflows, see "[Customizing a workflow for triaging your notifications](/github/managing-subscriptions-and-notifications-on-github/customizing-a-workflow-for-triaging-your-notifications)."
|
||||
|
||||
@@ -72,15 +70,11 @@ Many people forget about repositories that they've chosen to watch in the past.
|
||||
1. In the left sidebar, under the list of repositories, use the "Manage notifications" drop-down menu and click **Watched repositories**.
|
||||
|
||||
2. Evaluate the repositories that you are watching and decide if their updates are still relevant and helpful. When you watch a repository, you will be notified of all conversations for that repository.
|
||||
{% ifversion fpt or ghes > 3.0 or ghae or ghec %}
|
||||
|
||||
{% else %}
|
||||
|
||||
{% endif %}
|
||||
|
||||
|
||||
{% tip %}
|
||||
|
||||
**Tip:** Instead of watching a repository, consider only receiving notifications {% ifversion fpt or ghes > 3.0 or ghae or ghec %}when there are updates to {% data reusables.notifications-v2.custom-notification-types %} (if enabled for the repository), or any combination of these options,{% else %}for releases in a repository,{% endif %} or completely unwatching a repository.
|
||||
**Tip:** Instead of watching a repository, consider only receiving notifications when there are updates to {% data reusables.notifications-v2.custom-notification-types %} (if enabled for the repository), or any combination of these options, or completely unwatching a repository.
|
||||
|
||||
When you unwatch a repository, you can still be notified when you're @mentioned or participating in a thread. When you configure to receive notifications for certain event types, you're only notified when there are updates to these event types in the repository, you're participating in a thread, or you or a team you're on is @mentioned.
|
||||
|
||||
|
||||
@@ -28,9 +28,8 @@ You can choose to receive ongoing updates about specific activity on {% data var
|
||||
You can choose to subscribe to notifications for:
|
||||
- A conversation in a specific issue, pull request, or gist.
|
||||
- All activity in a repository or team discussion.
|
||||
- CI activity, such as the status of workflows in repositories set up with {% data variables.product.prodname_actions %}. {% ifversion fpt or ghes > 3.0 or ghae or ghec %}
|
||||
- Repository {% data reusables.notifications-v2.custom-notification-types %} (if enabled).{% else %}
|
||||
- Releases in a repository.{% endif %}
|
||||
- CI activity, such as the status of workflows in repositories set up with {% data variables.product.prodname_actions %}.
|
||||
- Repository {% data reusables.notifications-v2.custom-notification-types %} (if enabled).
|
||||
|
||||
You can also choose to automatically watch all repositories that you have push access to, except forks. You can watch any other repository you have access to manually by clicking **Watch**.
|
||||
|
||||
|
||||
@@ -71,16 +71,13 @@ When you watch a repository, you're subscribing to updates for activity in that
|
||||
|
||||
To see repositories that you're watching, go to your [watching page](https://github.com/watching). For more information, see "[Managing subscriptions and notifications on GitHub](/github/managing-subscriptions-and-notifications-on-github/managing-subscriptions-for-activity-on-github)."
|
||||
|
||||
{% ifversion ghae or ghes < 3.1 %}
|
||||
{% ifversion ghae %}
|
||||
### Configuring notifications
|
||||
{% endif %}
|
||||
You can configure notifications for a repository on the repository page, or on your watching page.{% ifversion ghes < 3.1 %} You can choose to only receive notifications for releases in a repository, or ignore all notifications for a repository.{% endif %}
|
||||
|
||||
{% ifversion fpt or ghes > 3.0 or ghae or ghec %}
|
||||
You can configure notifications for a repository on the repository page, or on your watching page.
|
||||
|
||||
### About custom notifications
|
||||
You can customize notifications for a repository. For example, you can choose to only be notified when updates to one or more types of events ({% data reusables.notifications-v2.custom-notification-types %}) happen within a repository, or ignore all notifications for a repository.
|
||||
{% endif %} For more information, see "[Configuring your watch settings for an individual repository](#configuring-your-watch-settings-for-an-individual-repository)" below.
|
||||
You can customize notifications for a repository. For example, you can choose to only be notified when updates to one or more types of events ({% data reusables.notifications-v2.custom-notification-types %}) happen within a repository, or ignore all notifications for a repository. For more information, see "[Configuring your watch settings for an individual repository](#configuring-your-watch-settings-for-an-individual-repository)" below.
|
||||
|
||||
### Participating in conversations
|
||||
Anytime you comment in a conversation or when someone @mentions your username, you are _participating_ in a conversation. By default, you are automatically subscribed to a conversation when you participate in it. You can unsubscribe from a conversation you've participated in manually by clicking **Unsubscribe** on the issue or pull request or through the **Unsubscribe** option in the notifications inbox.
|
||||
@@ -160,17 +157,17 @@ If "Automatically watch repositories" is disabled, then you will not automatical
|
||||
|
||||
## Configuring your watch settings for an individual repository
|
||||
|
||||
You can choose whether to watch or unwatch an individual repository. You can also choose to only be notified of {% ifversion fpt or ghes > 3.0 or ghae or ghec %}certain event types such as {% data reusables.notifications-v2.custom-notification-types %} (if enabled for the repository) {% else %}new releases{% endif %}, or completely ignore an individual repository.
|
||||
You can choose whether to watch or unwatch an individual repository. You can also choose to only be notified of certain event types such as {% data reusables.notifications-v2.custom-notification-types %} (if enabled for the repository) , or completely ignore an individual repository.
|
||||
|
||||
{% data reusables.repositories.navigate-to-repo %}
|
||||
2. In the upper-right corner, select the "Watch" drop-down menu to click a watch option.
|
||||
{% ifversion fpt or ghes > 3.0 or ghae-issue-4910 or ghec %}
|
||||
{% ifversion fpt or ghes or ghae-issue-4910 or ghec %}
|
||||
|
||||
|
||||
The **Custom** option allows you to further customize notifications so that you're only notified when specific events happen in the repository, in addition to participating and @mentions.
|
||||
{% else %}
|
||||
{% endif %}
|
||||
{% ifversion fpt or ghes > 3.0 or ghae-issue-4910 or ghec %}
|
||||
{% ifversion fpt or ghes or ghae-issue-4910 or ghec %}
|
||||
|
||||
If you select "Issues", you will be notified about, and subscribed to, updates on every issue (including those that existed prior to you selecting this option) in the repository. If you're @mentioned in a pull request in this repository, you'll receive notifications for that too, and you'll be subscribed to updates on that specific pull request, in addition to being notified about issues.
|
||||
{% endif %}
|
||||
|
||||
@@ -34,15 +34,14 @@ The repository owner has full control of the repository. In addition to the acti
|
||||
| :- | :- |
|
||||
| {% ifversion fpt or ghec %}Invite collaborators{% else %}Add collaborators{% endif %} | "[Inviting collaborators to a personal repository](/github/setting-up-and-managing-your-github-user-account/inviting-collaborators-to-a-personal-repository)" |
|
||||
| Change the visibility of the repository | "[Setting repository visibility](/github/administering-a-repository/setting-repository-visibility)" |{% ifversion fpt or ghec %}
|
||||
| Limit interactions with the repository | "[Limiting interactions in your repository](/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository)" |{% endif %}{% ifversion fpt or ghes > 3.0 or ghae or ghec %}
|
||||
| Rename a branch, including the default branch | "[Renaming a branch](/github/administering-a-repository/renaming-a-branch)" |{% endif %}
|
||||
| Limit interactions with the repository | "[Limiting interactions in your repository](/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository)" |{% endif %}
|
||||
| Rename a branch, including the default branch | "[Renaming a branch](/github/administering-a-repository/renaming-a-branch)" |
|
||||
| Merge a pull request on a protected branch, even if there are no approving reviews | "[About protected branches](/github/administering-a-repository/about-protected-branches)" |
|
||||
| Delete the repository | "[Deleting a repository](/repositories/creating-and-managing-repositories/deleting-a-repository)" |
|
||||
| Manage the repository's topics | "[Classifying your repository with topics](/github/administering-a-repository/classifying-your-repository-with-topics)" |{% ifversion fpt or ghec %}
|
||||
| Manage security and analysis settings for the repository | "[Managing security and analysis settings for your repository](/github/administering-a-repository/managing-security-and-analysis-settings-for-your-repository)" |{% endif %}{% ifversion fpt or ghec %}
|
||||
| Enable the dependency graph for a private repository | "[Exploring the dependencies of a repository](/github/visualizing-repository-data-with-graphs/exploring-the-dependencies-of-a-repository#enabling-and-disabling-the-dependency-graph-for-a-private-repository)" |{% endif %}{% ifversion fpt or ghes > 3.1 or ghec or ghae %}
|
||||
| Delete and restore packages | "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)" |{% endif %}{% ifversion ghes < 3.1 %}
|
||||
| Delete packages | "[Deleting packages](/packages/learn-github-packages/deleting-a-package)" |{% endif %}
|
||||
| Delete and restore packages | "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)" |{% endif %}
|
||||
| Customize the repository's social media preview | "[Customizing your repository's social media preview](/github/administering-a-repository/customizing-your-repositorys-social-media-preview)" |
|
||||
| Create a template from the repository | "[Creating a template repository](/github/creating-cloning-and-archiving-repositories/creating-a-template-repository)" |{% ifversion fpt or ghes or ghae-issue-4864 or ghec %}
|
||||
| Control access to {% data variables.product.prodname_dependabot_alerts %} for vulnerable dependencies | "[Managing security and analysis settings for your repository](/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository#granting-access-to-security-alerts)" |{% endif %}{% ifversion fpt or ghec %}
|
||||
@@ -51,8 +50,8 @@ The repository owner has full control of the repository. In addition to the acti
|
||||
| Define code owners for the repository | "[About code owners](/github/creating-cloning-and-archiving-repositories/about-code-owners)" |
|
||||
| Archive the repository | "[Archiving repositories](/repositories/archiving-a-github-repository/archiving-repositories)" |{% ifversion fpt or ghec %}
|
||||
| Create security advisories | "[About {% data variables.product.prodname_security_advisories %}](/github/managing-security-vulnerabilities/about-github-security-advisories)" |
|
||||
| Display a sponsor button | "[Displaying a sponsor button in your repository](/github/administering-a-repository/displaying-a-sponsor-button-in-your-repository)" |{% endif %}{% ifversion fpt or ghae or ghes > 3.0 or ghec %}
|
||||
| Allow or disallow auto-merge for pull requests | "[Managing auto-merge for pull requests in your repository](/github/administering-a-repository/managing-auto-merge-for-pull-requests-in-your-repository)" | {% endif %}
|
||||
| Display a sponsor button | "[Displaying a sponsor button in your repository](/github/administering-a-repository/displaying-a-sponsor-button-in-your-repository)" |{% endif %}
|
||||
| Allow or disallow auto-merge for pull requests | "[Managing auto-merge for pull requests in your repository](/github/administering-a-repository/managing-auto-merge-for-pull-requests-in-your-repository)" |
|
||||
|
||||
## Collaborator access for a repository owned by a user account
|
||||
|
||||
@@ -75,8 +74,8 @@ Collaborators can also perform the following actions.
|
||||
| Manage labels for issues and pull requests in the repository | "[Labeling issues and pull requests](/github/managing-your-work-on-github/labeling-issues-and-pull-requests)" |
|
||||
| Manage milestones for issues and pull requests in the repository | "[Creating and editing milestones for issues and pull requests](/github/managing-your-work-on-github/creating-and-editing-milestones-for-issues-and-pull-requests)" |
|
||||
| Mark an issue or pull request in the repository as a duplicate | "[About duplicate issues and pull requests](/github/managing-your-work-on-github/about-duplicate-issues-and-pull-requests)" |
|
||||
| Create, merge, and close pull requests in the repository | "[Proposing changes to your work with pull requests](/github/collaborating-with-issues-and-pull-requests/proposing-changes-to-your-work-with-pull-requests)" |{% ifversion fpt or ghae or ghes > 3.0 or ghec %}
|
||||
| Enable and disable auto-merge for a pull request | "[Automatically merging a pull request](/pull-requests/collaborating-with-pull-requests/incorporating-changes-from-a-pull-request/automatically-merging-a-pull-request)"{% endif %}
|
||||
| Create, merge, and close pull requests in the repository | "[Proposing changes to your work with pull requests](/github/collaborating-with-issues-and-pull-requests/proposing-changes-to-your-work-with-pull-requests)" |
|
||||
| Enable and disable auto-merge for a pull request | "[Automatically merging a pull request](/pull-requests/collaborating-with-pull-requests/incorporating-changes-from-a-pull-request/automatically-merging-a-pull-request)"
|
||||
| Apply suggested changes to pull requests in the repository |"[Incorporating feedback in your pull request](/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/incorporating-feedback-in-your-pull-request)" |
|
||||
| Create a pull request from a fork of the repository | "[Creating a pull request from a fork](/github/collaborating-with-issues-and-pull-requests/creating-a-pull-request-from-a-fork)" |
|
||||
| Submit a review on a pull request that affects the mergeability of the pull request | "[Reviewing proposed changes in a pull request](/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/reviewing-proposed-changes-in-a-pull-request)" |
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
---
|
||||
title: Viewing people's roles in an organization
|
||||
intro: 'You can view a list of the people in your organization and filter by their role. For more information on organization roles, see "[Roles in an organization](/organizations/managing-peoples-access-to-your-organization-with-roles/roles-in-an-organization)."'
|
||||
permissions: "Organization members can see people's roles in the organization."
|
||||
permissions: Organization members can see people's roles in the organization.
|
||||
redirect_from:
|
||||
- /articles/viewing-people-s-roles-in-an-organization
|
||||
- /articles/viewing-peoples-roles-in-an-organization
|
||||
|
||||
@@ -73,11 +73,9 @@ jobs:
|
||||
* `run: Test-Path resultsfile.log` - Check whether a file called `resultsfile.log` is present in the repository's root directory.
|
||||
* `Should -Be $true` - Uses Pester to define an expected result. If the result is unexpected, then {% data variables.product.prodname_actions %} flags this as a failed test. For example:
|
||||
|
||||
{% ifversion fpt or ghes > 3.0 or ghae or ghec %}
|
||||
|
||||
|
||||
{% else %}
|
||||
|
||||
{% endif %}
|
||||
|
||||
|
||||
* `Invoke-Pester Unit.Tests.ps1 -Passthru` - Uses Pester to execute tests defined in a file called `Unit.Tests.ps1`. For example, to perform the same test described above, the `Unit.Tests.ps1` will contain the following:
|
||||
```
|
||||
|
||||
@@ -73,7 +73,6 @@ Storing an action in its own repository makes it easier for the {% data variable
|
||||
|
||||
{% ifversion fpt or ghec %}If you're building an action that you don't plan to make available to others, you {% else %} You{% endif %} can store the action's files in any location in your repository. If you plan to combine action, workflow, and application code in a single repository, we recommend storing actions in the `.github` directory. For example, `.github/actions/action-a` and `.github/actions/action-b`.
|
||||
|
||||
|
||||
## Compatibility with {% data variables.product.prodname_ghe_server %}
|
||||
|
||||
To ensure that your action is compatible with {% data variables.product.prodname_ghe_server %}, you should make sure that you do not use any hard-coded references to {% ifversion fpt or ghec %}{% data variables.product.prodname_dotcom %}{% else %}{% data variables.product.product_name %}{% endif %} API URLs. You should instead use environment variables to refer to the {% ifversion fpt or ghec %}{% data variables.product.prodname_dotcom %}{% else %}{% data variables.product.product_name %}{% endif %} API:
|
||||
@@ -130,7 +129,7 @@ steps:
|
||||
|
||||
### Using a commit's SHA for release management
|
||||
|
||||
Each Git commit receives a calculated SHA value, which is unique and immutable. Your action's users might prefer to rely on a commit's SHA value, as this approach can be more reliable than specifying a tag, which could be deleted or moved. However, this means that users will not receive further updates made to the action. {% ifversion fpt or ghes > 3.0 or ghae or ghec %}You must use a commit's full SHA value, and not an abbreviated value.{% else %}Using a commit's full SHA value instead of the abbreviated value can help prevent people from using a malicious commit that uses the same abbreviation.{% endif %}
|
||||
Each Git commit receives a calculated SHA value, which is unique and immutable. Your action's users might prefer to rely on a commit's SHA value, as this approach can be more reliable than specifying a tag, which could be deleted or moved. However, this means that users will not receive further updates made to the action. You must use a commit's full SHA value, and not an abbreviated value.
|
||||
|
||||
```yaml
|
||||
steps:
|
||||
|
||||
@@ -237,10 +237,7 @@ jobs:
|
||||
```
|
||||
{% endraw %}
|
||||
|
||||
From your repository, click the **Actions** tab, and select the latest workflow run. {% ifversion fpt or ghes > 3.0 or ghae or ghec %}Under **Jobs** or in the visualization graph, click **A job to say hello**. {% endif %}You should see "Hello Mona the Octocat" or the name you used for the `who-to-greet` input and the timestamp printed in the log.
|
||||
From your repository, click the **Actions** tab, and select the latest workflow run. Under **Jobs** or in the visualization graph, click **A job to say hello**. You should see "Hello Mona the Octocat" or the name you used for the `who-to-greet` input and the timestamp printed in the log.
|
||||
|
||||
{% ifversion fpt or ghes > 3.0 or ghae or ghec %}
|
||||
|
||||
{% else %}
|
||||
|
||||
{% endif %}
|
||||
|
||||
|
||||
@@ -268,12 +268,6 @@ jobs:
|
||||
```
|
||||
{% endraw %}
|
||||
|
||||
From your repository, click the **Actions** tab, and select the latest workflow run. {% ifversion fpt or ghes > 3.0 or ghae or ghec %}Under **Jobs** or in the visualization graph, click **A job to say hello**. {% endif %}You should see "Hello Mona the Octocat" or the name you used for the `who-to-greet` input and the timestamp printed in the log.
|
||||
From your repository, click the **Actions** tab, and select the latest workflow run. Under **Jobs** or in the visualization graph, click **A job to say hello**. You should see "Hello Mona the Octocat" or the name you used for the `who-to-greet` input and the timestamp printed in the log.
|
||||
|
||||
{% ifversion fpt or ghes > 3.0 or ghae or ghec %}
|
||||
|
||||
{% elsif ghes %}
|
||||
|
||||
{% else %}
|
||||
|
||||
{% endif %}
|
||||
|
||||
@@ -1,8 +1,8 @@
|
||||
---
|
||||
title: Sharing actions and workflows with your enterprise
|
||||
intro: 'You can share an action or workflow with your enterprise without publishing the action or workflow publicly.'
|
||||
intro: You can share an action or workflow with your enterprise without publishing the action or workflow publicly.
|
||||
versions:
|
||||
feature: 'internal-actions'
|
||||
feature: internal-actions
|
||||
type: tutorial
|
||||
topics:
|
||||
- Actions
|
||||
|
||||
@@ -29,8 +29,7 @@ You can set up a {% data variables.product.prodname_actions %} workflow to deplo
|
||||
|
||||
You can configure your CD workflow to run when a {% data variables.product.product_name %} event occurs (for example, when new code is pushed to the default branch of your repository), on a set schedule, manually, or when an external event occurs using the repository dispatch webhook. For more information about when your workflow can run, see "[Events that trigger workflows](/actions/reference/events-that-trigger-workflows)."
|
||||
|
||||
{% ifversion fpt or ghae or ghes > 3.0 or ghec %}
|
||||
{% data variables.product.prodname_actions %} provides features that give you more control over deployments. For example, you can use environments to require approval for a job to proceed, restrict which branches can trigger a workflow, or limit access to secrets. {% ifversion fpt or ghae or ghes > 3.1 or ghec %}You can use concurrency to limit your CD pipeline to a maximum of one in-progress deployment and one pending deployment. {% endif %}For more information about these features, see "[Deploying with GitHub Actions](/actions/deployment/deploying-with-github-actions)" and "[Using environments for deployment](/actions/deployment/using-environments-for-deployment)."{% endif %}
|
||||
{% data variables.product.prodname_actions %} provides features that give you more control over deployments. For example, you can use environments to require approval for a job to proceed, restrict which branches can trigger a workflow, or limit access to secrets. {% ifversion fpt or ghae or ghes > 3.1 or ghec %}You can use concurrency to limit your CD pipeline to a maximum of one in-progress deployment and one pending deployment. {% endif %}For more information about these features, see "[Deploying with GitHub Actions](/actions/deployment/deploying-with-github-actions)" and "[Using environments for deployment](/actions/deployment/using-environments-for-deployment)."
|
||||
|
||||
{% ifversion fpt or ghec or ghae-issue-4856 %}
|
||||
|
||||
@@ -44,12 +43,9 @@ You can configure your CD workflow to run when a {% data variables.product.produ
|
||||
|
||||
{% data reusables.actions.cd-templates-actions %}
|
||||
|
||||
{% ifversion fpt or ghae or ghes > 3.0 or ghec %}
|
||||
|
||||
## Further reading
|
||||
|
||||
- [Deploying with GitHub Actions](/actions/deployment/deploying-with-github-actions)
|
||||
- [Using environments for deployment](/actions/deployment/using-environments-for-deployment){% ifversion fpt or ghec %}
|
||||
- "[Managing billing for {% data variables.product.prodname_actions %}](/billing/managing-billing-for-github-actions)"{% endif %}
|
||||
|
||||
{% endif %}
|
||||
|
||||
@@ -3,7 +3,7 @@ title: Deploying with GitHub Actions
|
||||
intro: Learn how to control deployments with features like environments and concurrency.
|
||||
versions:
|
||||
fpt: '*'
|
||||
ghes: '>=3.1'
|
||||
ghes: '*'
|
||||
ghae: '*'
|
||||
ghec: '*'
|
||||
type: overview
|
||||
|
||||
@@ -4,9 +4,10 @@ shortTitle: About deployments
|
||||
intro: 'Learn how deployments can run with {% data variables.product.prodname_actions %} workflows.'
|
||||
versions:
|
||||
fpt: '*'
|
||||
ghae: 'issue-4856'
|
||||
ghae: issue-4856
|
||||
ghec: '*'
|
||||
children:
|
||||
- /about-continuous-deployment
|
||||
- /deploying-with-github-actions
|
||||
---
|
||||
|
||||
|
||||
@@ -78,9 +78,7 @@ Before creating your {% data variables.product.prodname_actions %} workflow, you
|
||||
|
||||
See the documentation for each action used below for the recommended IAM policies for the IAM user, and methods for handling the access key credentials.
|
||||
|
||||
{% ifversion fpt or ghes > 3.0 or ghae or ghec %}
|
||||
5. Optionally, configure a deployment environment. {% data reusables.actions.about-environments %}
|
||||
{% endif %}
|
||||
|
||||
## Creating the workflow
|
||||
|
||||
|
||||
@@ -66,9 +66,7 @@ Before creating your {% data variables.product.prodname_actions %} workflow, you
|
||||
--settings DOCKER_REGISTRY_SERVER_URL=https://ghcr.io DOCKER_REGISTRY_SERVER_USERNAME=MY_REPOSITORY_OWNER DOCKER_REGISTRY_SERVER_PASSWORD=MY_PERSONAL_ACCESS_TOKEN
|
||||
```
|
||||
|
||||
{% ifversion fpt or ghes > 3.0 or ghae or ghec %}
|
||||
5. Optionally, configure a deployment environment. {% data reusables.actions.about-environments %}
|
||||
{% endif %}
|
||||
|
||||
## Creating the workflow
|
||||
|
||||
|
||||
@@ -16,7 +16,6 @@ topics:
|
||||
{% data reusables.actions.enterprise-beta %}
|
||||
{% data reusables.actions.enterprise-github-hosted-runners %}
|
||||
|
||||
|
||||
## Introduction
|
||||
|
||||
This guide explains how to use {% data variables.product.prodname_actions %} to build and deploy a Java project to [Azure App Service](https://azure.microsoft.com/services/app-service/).
|
||||
@@ -53,9 +52,7 @@ Before creating your {% data variables.product.prodname_actions %} workflow, you
|
||||
|
||||
{% data reusables.actions.create-azure-publish-profile %}
|
||||
|
||||
{% ifversion fpt or ghes > 3.0 or ghae or ghec %}
|
||||
1. Optionally, configure a deployment environment. {% data reusables.actions.about-environments %}
|
||||
{% endif %}
|
||||
|
||||
## Creating the workflow
|
||||
|
||||
|
||||
@@ -15,7 +15,6 @@ topics:
|
||||
{% data reusables.actions.enterprise-beta %}
|
||||
{% data reusables.actions.enterprise-github-hosted-runners %}
|
||||
|
||||
|
||||
## Introduction
|
||||
|
||||
This guide explains how to use {% data variables.product.prodname_actions %} to build and deploy a .NET project to [Azure App Service](https://azure.microsoft.com/services/app-service/).
|
||||
@@ -52,9 +51,7 @@ Before creating your {% data variables.product.prodname_actions %} workflow, you
|
||||
|
||||
{% data reusables.actions.create-azure-publish-profile %}
|
||||
|
||||
{% ifversion fpt or ghes > 3.0 or ghae or ghec %}
|
||||
5. Optionally, configure a deployment environment. {% data reusables.actions.about-environments %}
|
||||
{% endif %}
|
||||
|
||||
## Creating the workflow
|
||||
|
||||
|
||||
@@ -21,7 +21,6 @@ topics:
|
||||
{% data reusables.actions.enterprise-beta %}
|
||||
{% data reusables.actions.enterprise-github-hosted-runners %}
|
||||
|
||||
|
||||
## Introduction
|
||||
|
||||
This guide explains how to use {% data variables.product.prodname_actions %} to build, test, and deploy a Node.js project to [Azure App Service](https://azure.microsoft.com/services/app-service/).
|
||||
@@ -58,9 +57,7 @@ Before creating your {% data variables.product.prodname_actions %} workflow, you
|
||||
|
||||
{% data reusables.actions.create-azure-publish-profile %}
|
||||
|
||||
{% ifversion fpt or ghes > 3.0 or ghae or ghec %}
|
||||
5. Optionally, configure a deployment environment. {% data reusables.actions.about-environments %}
|
||||
{% endif %}
|
||||
|
||||
## Creating the workflow
|
||||
|
||||
|
||||
@@ -15,7 +15,6 @@ topics:
|
||||
{% data reusables.actions.enterprise-beta %}
|
||||
{% data reusables.actions.enterprise-github-hosted-runners %}
|
||||
|
||||
|
||||
## Introduction
|
||||
|
||||
This guide explains how to use {% data variables.product.prodname_actions %} to build and deploy a PHP project to [Azure App Service](https://azure.microsoft.com/services/app-service/).
|
||||
@@ -52,9 +51,7 @@ Before creating your {% data variables.product.prodname_actions %} workflow, you
|
||||
|
||||
{% data reusables.actions.create-azure-publish-profile %}
|
||||
|
||||
{% ifversion fpt or ghes > 3.0 or ghae or ghec %}
|
||||
5. Optionally, configure a deployment environment. {% data reusables.actions.about-environments %}
|
||||
{% endif %}
|
||||
|
||||
## Creating the workflow
|
||||
|
||||
|
||||
@@ -16,7 +16,6 @@ topics:
|
||||
{% data reusables.actions.enterprise-beta %}
|
||||
{% data reusables.actions.enterprise-github-hosted-runners %}
|
||||
|
||||
|
||||
## Introduction
|
||||
|
||||
This guide explains how to use {% data variables.product.prodname_actions %} to build and deploy a Python project to [Azure App Service](https://azure.microsoft.com/services/app-service/).
|
||||
@@ -55,9 +54,7 @@ Before creating your {% data variables.product.prodname_actions %} workflow, you
|
||||
|
||||
1. Add an app setting called `SCM_DO_BUILD_DURING_DEPLOYMENT` and set the value to `1`.
|
||||
|
||||
{% ifversion fpt or ghes > 3.0 or ghae or ghec %}
|
||||
5. Optionally, configure a deployment environment. {% data reusables.actions.about-environments %}
|
||||
{% endif %}
|
||||
|
||||
## Creating the workflow
|
||||
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
---
|
||||
title: Deploying to Azure
|
||||
shortTitle: Deploy to Azure
|
||||
intro: Learn how to deploy to Azure App Service, Azure Kubernetes, and Azure Static Web App as part of your continuous deployment (CD) workflows.
|
||||
intro: 'Learn how to deploy to Azure App Service, Azure Kubernetes, and Azure Static Web App as part of your continuous deployment (CD) workflows.'
|
||||
versions:
|
||||
fpt: '*'
|
||||
ghes: '*'
|
||||
@@ -17,3 +17,4 @@ children:
|
||||
- /deploying-to-azure-static-web-app
|
||||
- /deploying-to-azure-kubernetes-service
|
||||
---
|
||||
|
||||
|
||||
@@ -120,11 +120,9 @@ Store the name of your project as a secret named `GKE_PROJECT`. For more informa
|
||||
### (Optional) Configuring kustomize
|
||||
Kustomize is an optional tool used for managing YAML specs. After creating a `kustomization` file, the workflow below can be used to dynamically set fields of the image and pipe in the result to `kubectl`. For more information, see [kustomize usage](https://github.com/kubernetes-sigs/kustomize#usage).
|
||||
|
||||
{% ifversion fpt or ghes > 3.0 or ghae or ghec %}
|
||||
### (Optional) Configure a deployment environment
|
||||
|
||||
{% data reusables.actions.about-environments %}
|
||||
{% endif %}
|
||||
|
||||
## Creating the workflow
|
||||
|
||||
|
||||
@@ -12,3 +12,4 @@ children:
|
||||
- /deploying-to-azure
|
||||
- /deploying-to-google-kubernetes-engine
|
||||
---
|
||||
|
||||
|
||||
@@ -4,8 +4,9 @@ shortTitle: Deploying Xcode applications
|
||||
intro: 'You can sign Xcode apps within your continuous integration (CI) workflow by installing an Apple code signing certificate on {% data variables.product.prodname_actions %} runners.'
|
||||
versions:
|
||||
fpt: '*'
|
||||
ghae: 'issue-4856'
|
||||
ghae: issue-4856
|
||||
ghec: '*'
|
||||
children:
|
||||
- /installing-an-apple-certificate-on-macos-runners-for-xcode-development
|
||||
---
|
||||
|
||||
|
||||
@@ -1,11 +1,12 @@
|
||||
---
|
||||
title: Managing your deployments
|
||||
shortTitle: Managing your deployments
|
||||
intro: 'You can review the past activity of your deployments.'
|
||||
intro: You can review the past activity of your deployments.
|
||||
versions:
|
||||
fpt: '*'
|
||||
ghae: 'issue-4856'
|
||||
ghae: issue-4856
|
||||
ghec: '*'
|
||||
children:
|
||||
- /viewing-deployment-history
|
||||
---
|
||||
|
||||
|
||||
@@ -15,7 +15,7 @@ redirect_from:
|
||||
---
|
||||
|
||||
|
||||
You can deliver deployments through {% ifversion fpt or ghae or ghes > 3.0 or ghec %}{% data variables.product.prodname_actions %} and environments or with {% endif %}the REST API and third party apps. {% ifversion fpt or ghae ghes > 3.0 or ghec %}For more information about using environments to deploy with {% data variables.product.prodname_actions %}, see "[Using environments for deployment](/actions/deployment/using-environments-for-deployment)." {% endif %}For more information about deployments with the REST API, see "[Repositories](/rest/reference/repos#deployments)."
|
||||
You can deliver deployments through {% data variables.product.prodname_actions %} and environments or with the REST API and third party apps. {% ifversion fpt or ghae ghes > 3.0 or ghec %}For more information about using environments to deploy with {% data variables.product.prodname_actions %}, see "[Using environments for deployment](/actions/deployment/using-environments-for-deployment)." {% endif %}For more information about deployments with the REST API, see "[Repositories](/rest/reference/repos#deployments)."
|
||||
|
||||
To view current and past deployments, click **Environments** on the home page of your repository.
|
||||
{% ifversion ghae %}
|
||||
|
||||
@@ -1,11 +1,11 @@
|
||||
---
|
||||
title: About security hardening with OpenID Connect
|
||||
shortTitle: About security hardening with OpenID Connect
|
||||
intro: 'OpenID Connect allows your workflows to exchange short-lived tokens directly from your cloud provider.'
|
||||
intro: OpenID Connect allows your workflows to exchange short-lived tokens directly from your cloud provider.
|
||||
miniTocMaxHeadingLevel: 4
|
||||
versions:
|
||||
fpt: '*'
|
||||
ghae: 'issue-4856'
|
||||
ghae: issue-4856
|
||||
ghec: '*'
|
||||
type: tutorial
|
||||
topics:
|
||||
|
||||
@@ -1,11 +1,11 @@
|
||||
---
|
||||
title: Configuring OpenID Connect in Amazon Web Services
|
||||
shortTitle: Configuring OpenID Connect in Amazon Web Services
|
||||
intro: 'Use OpenID Connect within your workflows to authenticate with Amazon Web Services.'
|
||||
intro: Use OpenID Connect within your workflows to authenticate with Amazon Web Services.
|
||||
miniTocMaxHeadingLevel: 3
|
||||
versions:
|
||||
fpt: '*'
|
||||
ghae: 'issue-4856'
|
||||
ghae: issue-4856
|
||||
ghec: '*'
|
||||
type: tutorial
|
||||
topics:
|
||||
|
||||
@@ -1,11 +1,11 @@
|
||||
---
|
||||
title: Configuring OpenID Connect in Azure
|
||||
shortTitle: Configuring OpenID Connect in Azure
|
||||
intro: 'Use OpenID Connect within your workflows to authenticate with Azure.'
|
||||
intro: Use OpenID Connect within your workflows to authenticate with Azure.
|
||||
miniTocMaxHeadingLevel: 3
|
||||
versions:
|
||||
fpt: '*'
|
||||
ghae: 'issue-4856'
|
||||
ghae: issue-4856
|
||||
ghec: '*'
|
||||
type: tutorial
|
||||
topics:
|
||||
|
||||
@@ -1,11 +1,11 @@
|
||||
---
|
||||
title: Configuring OpenID Connect in cloud providers
|
||||
shortTitle: Configuring OpenID Connect in cloud providers
|
||||
intro: 'Use OpenID Connect within your workflows to authenticate with cloud providers.'
|
||||
intro: Use OpenID Connect within your workflows to authenticate with cloud providers.
|
||||
miniTocMaxHeadingLevel: 3
|
||||
versions:
|
||||
fpt: '*'
|
||||
ghae: 'issue-4856'
|
||||
ghae: issue-4856
|
||||
ghec: '*'
|
||||
type: tutorial
|
||||
topics:
|
||||
|
||||
@@ -1,11 +1,11 @@
|
||||
---
|
||||
title: Configuring OpenID Connect in Google Cloud Platform
|
||||
shortTitle: Configuring OpenID Connect in Google Cloud Platform
|
||||
intro: 'Use OpenID Connect within your workflows to authenticate with Google Cloud Platform.'
|
||||
intro: Use OpenID Connect within your workflows to authenticate with Google Cloud Platform.
|
||||
miniTocMaxHeadingLevel: 3
|
||||
versions:
|
||||
fpt: '*'
|
||||
ghae: 'issue-4856'
|
||||
ghae: issue-4856
|
||||
ghec: '*'
|
||||
type: tutorial
|
||||
topics:
|
||||
|
||||
@@ -1,11 +1,11 @@
|
||||
---
|
||||
title: Configuring OpenID Connect in HashiCorp Vault
|
||||
shortTitle: Configuring OpenID Connect in HashiCorp Vault
|
||||
intro: 'Use OpenID Connect within your workflows to authenticate with HashiCorp Vault.'
|
||||
intro: Use OpenID Connect within your workflows to authenticate with HashiCorp Vault.
|
||||
miniTocMaxHeadingLevel: 3
|
||||
versions:
|
||||
fpt: '*'
|
||||
ghae: 'issue-4856'
|
||||
ghae: issue-4856
|
||||
ghec: '*'
|
||||
type: tutorial
|
||||
topics:
|
||||
|
||||
@@ -1,10 +1,10 @@
|
||||
---
|
||||
title: Security hardening your deployments
|
||||
shortTitle: Security hardening your deployments
|
||||
intro: 'Use OpenID Connect within your workflows to authenticate with your cloud provider.'
|
||||
intro: Use OpenID Connect within your workflows to authenticate with your cloud provider.
|
||||
versions:
|
||||
fpt: '*'
|
||||
ghae: 'issue-4856'
|
||||
ghae: issue-4856
|
||||
ghec: '*'
|
||||
children:
|
||||
- /about-security-hardening-with-openid-connect
|
||||
@@ -15,3 +15,4 @@ children:
|
||||
- /configuring-openid-connect-in-cloud-providers
|
||||
- /using-openid-connect-with-reusable-workflows
|
||||
---
|
||||
|
||||
|
||||
@@ -1,13 +1,13 @@
|
||||
---
|
||||
title: Using OpenID Connect with reusable workflows
|
||||
shortTitle: Using OpenID Connect with reusable workflows
|
||||
intro: 'You can use reusable workflows with OIDC to standardize and security harden your deployment steps.'
|
||||
intro: You can use reusable workflows with OIDC to standardize and security harden your deployment steps.
|
||||
miniTocMaxHeadingLevel: 3
|
||||
redirect_from:
|
||||
- /actions/deployment/security-hardening-your-deployments/using-oidc-with-your-reusable-workflows
|
||||
versions:
|
||||
fpt: '*'
|
||||
ghae: 'issue-4757-and-5856'
|
||||
ghae: issue-4757-and-5856
|
||||
ghec: '*'
|
||||
ghes: '>=3.5'
|
||||
type: how_to
|
||||
|
||||
@@ -4,8 +4,9 @@ shortTitle: Targeting different environments
|
||||
intro: You can configure environments with protection rules and secrets. A workflow job that references an environment must follow any protection rules for the environment before running or accessing the environment's secrets.
|
||||
versions:
|
||||
fpt: '*'
|
||||
ghae: 'issue-4856'
|
||||
ghae: issue-4856
|
||||
ghec: '*'
|
||||
children:
|
||||
- /using-environments-for-deployment
|
||||
---
|
||||
|
||||
|
||||
@@ -10,7 +10,7 @@ redirect_from:
|
||||
- /actions/deployment/using-environments-for-deployment
|
||||
versions:
|
||||
fpt: '*'
|
||||
ghes: '>=3.1'
|
||||
ghes: '*'
|
||||
ghae: '*'
|
||||
ghec: '*'
|
||||
---
|
||||
|
||||
@@ -25,11 +25,11 @@ featuredLinks:
|
||||
- /actions/learn-github-actions/environment-variables
|
||||
- /actions/security-guides/encrypted-secrets
|
||||
videos:
|
||||
- title: "Inside GitHub: How we use GitHub Actions – Brian Douglas"
|
||||
- title: 'Inside GitHub: How we use GitHub Actions – Brian Douglas'
|
||||
href: 'https://www.youtube-nocookie.com/embed/MW0V5Q9WJu4'
|
||||
- title: "Advanced GitHub Actions – Jennifer Schelkopf"
|
||||
- title: Advanced GitHub Actions – Jennifer Schelkopf
|
||||
href: 'https://www.youtube-nocookie.com/embed/wWOH44Lscoc'
|
||||
- title: "GitHub Actions in action – Karan MV"
|
||||
- title: GitHub Actions in action – Karan MV
|
||||
href: 'https://www.youtube-nocookie.com/embed/4SWO0Pc76CU'
|
||||
videosHeading: GitHub Universe 2021 videos
|
||||
product_video: 'https://www.youtube-nocookie.com/embed/cP0I9w2coGU'
|
||||
|
||||
@@ -225,7 +225,7 @@ In this diagram, you can see the workflow file you just created and how the {% d
|
||||
|
||||
## Viewing the workflow's activity
|
||||
|
||||
Once your workflow has started running, you can {% ifversion fpt or ghes > 3.0 or ghae or ghec %}see a visualization graph of the run's progress and {% endif %}view each step's activity on {% data variables.product.prodname_dotcom %}.
|
||||
Once your workflow has started running, you can see a visualization graph of the run's progress and view each step's activity on {% data variables.product.prodname_dotcom %}.
|
||||
|
||||
{% data reusables.repositories.navigate-to-repo %}
|
||||
1. Under your repository name, click **Actions**.
|
||||
@@ -234,20 +234,10 @@ Once your workflow has started running, you can {% ifversion fpt or ghes > 3.0 o
|
||||
|
||||
1. Under "Workflow runs", click the name of the run you want to see.
|
||||
|
||||
{% ifversion fpt or ghes > 3.0 or ghae or ghec %}
|
||||
1. Under **Jobs** or in the visualization graph, click the job you want to see.
|
||||
|
||||
{% endif %}
|
||||
{% ifversion fpt or ghes > 3.0 or ghae or ghec %}
|
||||
1. View the results of each step.
|
||||
|
||||
{% elsif ghes %}
|
||||
1. Click on the job name to see the results of each step.
|
||||
|
||||
{% else %}
|
||||
1. Click on the job name to see the results of each step.
|
||||
|
||||
{% endif %}
|
||||
|
||||
## Next steps
|
||||
|
||||
|
||||
@@ -21,11 +21,7 @@ versions:
|
||||
1. From the list of workflow runs, click the name of the `queued` or `in progress` run that you want to cancel.
|
||||
|
||||
1. In the upper-right corner of the workflow, click **Cancel workflow**.
|
||||
{% ifversion fpt or ghes > 3.0 or ghae or ghec %}
|
||||
|
||||
{% else %}
|
||||
|
||||
{% endif %}
|
||||
|
||||
|
||||
## Steps {% data variables.product.prodname_dotcom %} takes to cancel a workflow run
|
||||
|
||||
|
||||
@@ -23,11 +23,9 @@ By default, {% data variables.product.product_name %} stores build logs and arti
|
||||
{% data reusables.repositories.navigate-to-workflow %}
|
||||
{% data reusables.repositories.view-run %}
|
||||
1. Under **Artifacts**, click the artifact you want to download.
|
||||
{% ifversion fpt or ghes > 3.0 or ghae or ghec %}
|
||||
|
||||
|
||||
{% else %}
|
||||
|
||||
{% endif %}
|
||||
|
||||
|
||||
{% endwebui %}
|
||||
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
---
|
||||
title: Managing workflow runs
|
||||
shortTitle: Managing workflow runs
|
||||
intro: 'You can re-run or cancel a workflow, {% ifversion fpt or ghes > 3.0 or ghae %}review deployments, {% endif %}view billable job execution minutes, and download artifacts.'
|
||||
intro: 'You can re-run or cancel a workflow, {% ifversion fpt or ghes or ghae %}review deployments, {% endif %}view billable job execution minutes, and download artifacts.'
|
||||
redirect_from:
|
||||
- /actions/configuring-and-managing-workflows/managing-a-workflow-run
|
||||
- /articles/managing-a-workflow-run
|
||||
|
||||
@@ -29,11 +29,9 @@ shortTitle: Remove workflow artifacts
|
||||
{% data reusables.repositories.navigate-to-workflow %}
|
||||
{% data reusables.repositories.view-run %}
|
||||
1. Under **Artifacts**, click {% octicon "trash" aria-label="The trash icon" %} next to the artifact you want to remove.
|
||||
{% ifversion fpt or ghes > 3.0 or ghae or ghec %}
|
||||
|
||||
|
||||
{% else %}
|
||||
|
||||
{% endif %}
|
||||
|
||||
|
||||
## Setting the retention period for an artifact
|
||||
|
||||
|
||||
@@ -4,7 +4,7 @@ intro: You can approve or reject jobs awaiting review.
|
||||
product: '{% data reusables.gated-features.environments %}'
|
||||
versions:
|
||||
fpt: '*'
|
||||
ghes: '>=3.1'
|
||||
ghes: '*'
|
||||
ghae: '*'
|
||||
ghec: '*'
|
||||
---
|
||||
|
||||
@@ -188,7 +188,7 @@ When migrating from Travis CI, consider the following key features in {% data va
|
||||
|
||||
### Storing secrets
|
||||
|
||||
{% data variables.product.prodname_actions %} allows you to store secrets and reference them in your jobs. {% data variables.product.prodname_actions %} organizations can limit which repositories can access organization secrets. {% ifversion fpt or ghes > 3.0 or ghae or ghec %}Environment protection rules can require manual approval for a workflow to access environment secrets. {% endif %}For more information, see "[Encrypted secrets](/actions/reference/encrypted-secrets)."
|
||||
{% data variables.product.prodname_actions %} allows you to store secrets and reference them in your jobs. {% data variables.product.prodname_actions %} organizations can limit which repositories can access organization secrets. Environment protection rules can require manual approval for a workflow to access environment secrets. For more information, see "[Encrypted secrets](/actions/reference/encrypted-secrets)."
|
||||
|
||||
### Sharing files between jobs and workflows
|
||||
|
||||
|
||||
@@ -16,9 +16,7 @@ versions:
|
||||
These extra logs are enabled by setting secrets in the repository containing the workflow, so the same permissions requirements will apply:
|
||||
|
||||
- {% data reusables.actions.permissions-statement-secrets-repository %}
|
||||
{% ifversion fpt or ghes > 3.0 or ghae or ghec %}
|
||||
- {% data reusables.actions.permissions-statement-secrets-environment %}
|
||||
{% endif %}
|
||||
- {% data reusables.actions.permissions-statement-secrets-organization %}
|
||||
- {% data reusables.actions.permissions-statement-secrets-api %}
|
||||
|
||||
|
||||
@@ -5,7 +5,7 @@ redirect_from:
|
||||
- /actions/managing-workflow-runs/using-the-visualization-graph
|
||||
versions:
|
||||
fpt: '*'
|
||||
ghes: '>=3.1'
|
||||
ghes: '*'
|
||||
ghae: '*'
|
||||
ghec: '*'
|
||||
shortTitle: Use the visualization graph
|
||||
|
||||
@@ -47,11 +47,7 @@ You can search the build logs for a particular step. When you search logs, only
|
||||
{% data reusables.repositories.view-run-superlinter %}
|
||||
{% data reusables.repositories.navigate-to-job-superlinter %}
|
||||
1. In the upper-right corner of the log output, in the **Search logs** search box, type a search query.
|
||||
{% ifversion fpt or ghes > 3.0 or ghae or ghec %}
|
||||
|
||||
{% else %}
|
||||
|
||||
{% endif %}
|
||||
|
||||
|
||||
## Downloading logs
|
||||
|
||||
@@ -62,12 +58,10 @@ You can download the log files from your workflow run. You can also download a w
|
||||
{% data reusables.repositories.navigate-to-workflow-superlinter %}
|
||||
{% data reusables.repositories.view-run-superlinter %}
|
||||
{% data reusables.repositories.navigate-to-job-superlinter %}
|
||||
1. In the upper right corner, click {% ifversion fpt or ghes > 3.0 or ghae or ghec %}{% octicon "gear" aria-label="The gear icon" %}{% else %}{% octicon "kebab-horizontal" aria-label="The horizontal kebab icon" %}{% endif %} and select **Download log archive**.
|
||||
{% ifversion fpt or ghes > 3.0 or ghae or ghec %}
|
||||
1. In the upper right corner, click {% octicon "gear" aria-label="The gear icon" %} and select **Download log archive**.
|
||||
|
||||
|
||||
{% else %}
|
||||
|
||||
{% endif %}
|
||||
|
||||
|
||||
## Deleting logs
|
||||
|
||||
@@ -78,17 +72,13 @@ You can delete the log files from your workflow run. {% data reusables.repositor
|
||||
{% data reusables.repositories.navigate-to-workflow-superlinter %}
|
||||
{% data reusables.repositories.view-run-superlinter %}
|
||||
1. In the upper right corner, click {% octicon "kebab-horizontal" aria-label="The horizontal kebab icon" %}.
|
||||
{% ifversion fpt or ghes > 3.0 or ghae or ghec %}
|
||||
|
||||
|
||||
{% else %}
|
||||
|
||||
{% endif %}
|
||||
|
||||
2. To delete the log files, click the **Delete all logs** button and review the confirmation prompt.
|
||||
{% ifversion fpt or ghes > 3.0 or ghae or ghec %}
|
||||
|
||||
|
||||
{% else %}
|
||||
|
||||
{% endif %}
|
||||
|
||||
After deleting logs, the **Delete all logs** button is removed to indicate that no log files remain in the workflow run.
|
||||
|
||||
## Viewing logs with {% data variables.product.prodname_cli %}
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
---
|
||||
title: Encrypted secrets
|
||||
intro: 'Encrypted secrets allow you to store sensitive information in your organization{% ifversion fpt or ghes > 3.0 or ghec %}, repository, or repository environments{% else %} or repository{% endif %}.'
|
||||
intro: 'Encrypted secrets allow you to store sensitive information in your organization{% ifversion fpt or ghes or ghec %}, repository, or repository environments{% else %} or repository{% endif %}.'
|
||||
redirect_from:
|
||||
- /github/automating-your-workflow-with-github-actions/creating-and-using-encrypted-secrets
|
||||
- /actions/automating-your-workflow-with-github-actions/creating-and-using-encrypted-secrets
|
||||
@@ -19,13 +19,11 @@ versions:
|
||||
|
||||
## About encrypted secrets
|
||||
|
||||
Secrets are encrypted environment variables that you create in an organization{% ifversion fpt or ghes > 3.0 or ghae or ghec %}, repository, or repository environment{% else %} or repository{% endif %}. The secrets that you create are available to use in {% data variables.product.prodname_actions %} workflows. {% data variables.product.prodname_dotcom %} uses a [libsodium sealed box](https://libsodium.gitbook.io/doc/public-key_cryptography/sealed_boxes) to help ensure that secrets are encrypted before they reach {% data variables.product.prodname_dotcom %} and remain encrypted until you use them in a workflow.
|
||||
Secrets are encrypted environment variables that you create in an organization, repository, or repository environment. The secrets that you create are available to use in {% data variables.product.prodname_actions %} workflows. {% data variables.product.prodname_dotcom %} uses a [libsodium sealed box](https://libsodium.gitbook.io/doc/public-key_cryptography/sealed_boxes) to help ensure that secrets are encrypted before they reach {% data variables.product.prodname_dotcom %} and remain encrypted until you use them in a workflow.
|
||||
|
||||
{% data reusables.actions.secrets-org-level-overview %}
|
||||
|
||||
{% ifversion fpt or ghes > 3.0 or ghae or ghec %}
|
||||
For secrets stored at the environment level, you can enable required reviewers to control access to the secrets. A workflow job cannot access environment secrets until approval is granted by required approvers.
|
||||
{% endif %}
|
||||
|
||||
{% ifversion fpt or ghec or ghae-issue-4856 %}
|
||||
|
||||
@@ -41,9 +39,9 @@ For secrets stored at the environment level, you can enable required reviewers t
|
||||
|
||||
{% data reusables.codespaces.secrets-naming %}
|
||||
|
||||
For example, {% ifversion fpt or ghes > 3.0 or ghae or ghec %}a secret created at the environment level must have a unique name in that environment, {% endif %}a secret created at the repository level must have a unique name in that repository, and a secret created at the organization level must have a unique name at that level.
|
||||
For example, a secret created at the environment level must have a unique name in that environment, a secret created at the repository level must have a unique name in that repository, and a secret created at the organization level must have a unique name at that level.
|
||||
|
||||
{% data reusables.codespaces.secret-precedence %}{% ifversion fpt or ghes > 3.0 or ghae or ghec %} Similarly, if an organization, repository, and environment all have a secret with the same name, the environment-level secret takes precedence.{% endif %}
|
||||
{% data reusables.codespaces.secret-precedence %} Similarly, if an organization, repository, and environment all have a secret with the same name, the environment-level secret takes precedence.
|
||||
|
||||
To help ensure that {% data variables.product.prodname_dotcom %} redacts your secret in logs, avoid using structured data as the values of secrets. For example, avoid creating secrets that contain JSON or encoded Git blobs.
|
||||
|
||||
@@ -55,9 +53,7 @@ You can use and read encrypted secrets in a workflow file if you have access to
|
||||
|
||||
{% data reusables.actions.secrets-redaction-warning %}
|
||||
|
||||
{% ifversion fpt or ghes > 3.0 or ghae or ghec %}
|
||||
Organization and repository secrets are read when a workflow run is queued, and environment secrets are read when a job referencing the environment starts.
|
||||
{% endif %}
|
||||
|
||||
You can also manage secrets using the REST API. For more information, see "[Secrets](/rest/reference/actions#secrets)."
|
||||
|
||||
@@ -85,7 +81,7 @@ When generating credentials, we recommend that you grant the minimum permissions
|
||||
1. Enter the value for your secret.
|
||||
1. Click **Add secret**.
|
||||
|
||||
If your repository {% ifversion fpt or ghes > 3.0 or ghae or ghec %}has environment secrets or {% endif %}can access secrets from the parent organization, then those secrets are also listed on this page.
|
||||
If your repository has environment secrets or can access secrets from the parent organization, then those secrets are also listed on this page.
|
||||
|
||||
{% endwebui %}
|
||||
|
||||
@@ -109,8 +105,6 @@ To list all secrets for the repository, use the `gh secret list` subcommand.
|
||||
|
||||
{% endcli %}
|
||||
|
||||
{% ifversion fpt or ghes > 3.0 or ghae or ghec %}
|
||||
|
||||
## Creating encrypted secrets for an environment
|
||||
|
||||
{% data reusables.actions.permissions-statement-secrets-environment %}
|
||||
@@ -144,8 +138,6 @@ gh secret list --env <em>environment-name</em>
|
||||
|
||||
{% endcli %}
|
||||
|
||||
{% endif %}
|
||||
|
||||
## Creating encrypted secrets for an organization
|
||||
|
||||
When creating a secret in an organization, you can use a policy to limit which repositories can access that secret. For example, you can grant access to all repositories, or limit access to only private repositories or a specified list of repositories.
|
||||
@@ -280,13 +272,13 @@ steps:
|
||||
|
||||
## Limits for secrets
|
||||
|
||||
You can store up to 1,000 organization secrets{% ifversion fpt or ghes > 3.0 or ghae or ghec %}, 100 repository secrets, and 100 environment secrets{% else %} and 100 repository secrets{% endif %}.
|
||||
You can store up to 1,000 organization secrets, 100 repository secrets, and 100 environment secrets.
|
||||
|
||||
A workflow created in a repository can access the following number of secrets:
|
||||
|
||||
* All 100 repository secrets.
|
||||
* If the repository is assigned access to more than 100 organization secrets, the workflow can only use the first 100 organization secrets (sorted alphabetically by secret name).
|
||||
{% ifversion fpt or ghes > 3.0 or ghae or ghec %}* All 100 environment secrets.{% endif %}
|
||||
* All 100 environment secrets.
|
||||
|
||||
Secrets are limited to 64 KB in size. To use secrets that are larger than 64 KB, you can store encrypted secrets in your repository and save the decryption passphrase as a secret on {% data variables.product.prodname_dotcom %}. For example, you can use `gpg` to encrypt your credentials locally before checking the file in to your repository on {% data variables.product.prodname_dotcom %}. For more information, see the "[gpg manpage](https://www.gnupg.org/gph/de/manual/r1023.html)."
|
||||
|
||||
@@ -356,7 +348,6 @@ Secrets are limited to 64 KB in size. To use secrets that are larger than 64 KB,
|
||||
```
|
||||
{% endraw %}
|
||||
|
||||
|
||||
## Storing Base64 binary blobs as secrets
|
||||
|
||||
You can use Base64 encoding to store small binary blobs as secrets. You can then reference the secret in your workflow and decode it for use on the runner. For the size limits, see ["Limits for secrets"](/actions/security-guides/encrypted-secrets#limits-for-secrets).
|
||||
|
||||
@@ -25,7 +25,7 @@ This guide explains how to configure security hardening for certain {% data vari
|
||||
|
||||
## Using secrets
|
||||
|
||||
Sensitive values should never be stored as plaintext in workflow files, but rather as secrets. [Secrets](/actions/configuring-and-managing-workflows/creating-and-storing-encrypted-secrets) can be configured at the organization{% ifversion fpt or ghes > 3.0 or ghae or ghec %}, repository, or environment{% else %} or repository{% endif %} level, and allow you to store sensitive information in {% data variables.product.product_name %}.
|
||||
Sensitive values should never be stored as plaintext in workflow files, but rather as secrets. [Secrets](/actions/configuring-and-managing-workflows/creating-and-storing-encrypted-secrets) can be configured at the organization, repository, or environment level, and allow you to store sensitive information in {% data variables.product.product_name %}.
|
||||
|
||||
Secrets use [Libsodium sealed boxes](https://libsodium.gitbook.io/doc/public-key_cryptography/sealed_boxes), so that they are encrypted before reaching {% data variables.product.product_name %}. This occurs when the secret is submitted [using the UI](/actions/configuring-and-managing-workflows/creating-and-storing-encrypted-secrets#creating-encrypted-secrets-for-a-repository) or through the [REST API](/rest/reference/actions#secrets). This client-side encryption helps minimize the risks related to accidental logging (for example, exception logs and request logs, among others) within {% data variables.product.product_name %}'s infrastructure. Once the secret is uploaded, {% data variables.product.product_name %} is then able to decrypt it so that it can be injected into the workflow runtime.
|
||||
|
||||
@@ -45,10 +45,8 @@ To help prevent accidental disclosure, {% data variables.product.product_name %}
|
||||
- **Audit and rotate registered secrets**
|
||||
- Periodically review the registered secrets to confirm they are still required. Remove those that are no longer needed.
|
||||
- Rotate secrets periodically to reduce the window of time during which a compromised secret is valid.
|
||||
{% ifversion fpt or ghes > 3.0 or ghae or ghec %}
|
||||
- **Consider requiring review for access to secrets**
|
||||
- You can use required reviewers to protect environment secrets. A workflow job cannot access environment secrets until approval is granted by a reviewer. For more information about storing secrets in environments or requiring reviews for environments, see "[Encrypted secrets](/actions/reference/encrypted-secrets)" and "[Using environments for deployment](/actions/deployment/using-environments-for-deployment)."
|
||||
{% endif %}
|
||||
|
||||
## Using `CODEOWNERS` to monitor changes
|
||||
|
||||
@@ -175,13 +173,7 @@ You can help mitigate this risk by following these good practices:
|
||||
|
||||
Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps mitigate the risk of a bad actor adding a backdoor to the action's repository, as they would need to generate a SHA-1 collision for a valid Git object payload.
|
||||
|
||||
{% ifversion ghes < 3.1 %}
|
||||
{% warning %}
|
||||
|
||||
**Warning:** The short version of the commit SHA is insecure and should never be used for specifying an action's Git reference. Because of how repository networks work, any user can fork the repository and push a crafted commit to it that collides with the short SHA. This causes subsequent clones at that SHA to fail because it becomes an ambiguous commit. As a result, any workflows that use the shortened SHA will immediately fail.
|
||||
|
||||
{% endwarning %}
|
||||
{% endif %}
|
||||
|
||||
* **Audit the source code of the action**
|
||||
|
||||
|
||||
@@ -2,7 +2,7 @@
|
||||
title: Monitoring your current jobs
|
||||
intro: 'Monitor how {% data variables.product.prodname_dotcom %}-hosted runners are processing jobs in your organization or enterprise, and identify any related constraints.'
|
||||
versions:
|
||||
feature: 'github-runner-dashboard'
|
||||
feature: github-runner-dashboard
|
||||
shortTitle: Monitoring your current jobs
|
||||
---
|
||||
|
||||
|
||||
@@ -21,3 +21,4 @@ children:
|
||||
- /assigning-permissions-to-jobs
|
||||
- /defining-outputs-for-jobs
|
||||
---
|
||||
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
---
|
||||
title: Setting default values for jobs
|
||||
shortTitle: Setting default values for jobs
|
||||
intro: Define the default settings that will apply to all jobs in the workflow, or all steps in a job.
|
||||
intro: 'Define the default settings that will apply to all jobs in the workflow, or all steps in a job.'
|
||||
versions:
|
||||
fpt: '*'
|
||||
ghes: '*'
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
---
|
||||
title: Advanced workflow features
|
||||
shortTitle: Advanced workflow features
|
||||
intro: 'This guide shows you how to use the advanced features of {% data variables.product.prodname_actions %}, with secret management, dependent jobs, caching, build matrices,{% ifversion fpt or ghes > 3.0 or ghae or ghec %} environments,{% endif %} and labels.'
|
||||
intro: 'This guide shows you how to use the advanced features of {% data variables.product.prodname_actions %}, with secret management, dependent jobs, caching, build matrices, environments, and labels.'
|
||||
redirect_from:
|
||||
- /actions/learn-github-actions/managing-complex-workflows
|
||||
versions:
|
||||
@@ -169,12 +169,9 @@ To learn more about {% data variables.product.prodname_dotcom %}-hosted runner l
|
||||
{% data reusables.actions.reusable-workflows %}
|
||||
{% endif %}
|
||||
|
||||
{% ifversion fpt or ghes > 3.0 or ghae or ghec %}
|
||||
|
||||
## Using environments
|
||||
|
||||
You can configure environments with protection rules and secrets. Each job in a workflow can reference a single environment. Any protection rules configured for the environment must pass before a job referencing the environment is sent to a runner. For more information, see "[Using environments for deployment](/actions/deployment/using-environments-for-deployment)."
|
||||
{% endif %}
|
||||
|
||||
## Using starter workflows
|
||||
|
||||
|
||||
@@ -41,7 +41,6 @@ Some events have multiple activity types. For these events, you can specify whic
|
||||
|
||||
Runs your workflow when branch protection rules in the workflow repository are changed. For more information about branch protection rules, see "[About protected branches](/repositories/configuring-branches-and-merges-in-your-repository/defining-the-mergeability-of-pull-requests/about-protected-branches)." For information about the branch protection rule APIs, see "[BranchProtectionRule](/graphql/reference/objects#branchprotectionrule)" in the GraphQL API documentation or "[Branches](/rest/reference/branches)" in the REST API documentation.
|
||||
|
||||
|
||||
For example, you can run a workflow when a branch protection rule has been `created` or `deleted`:
|
||||
|
||||
```yaml
|
||||
@@ -560,7 +559,7 @@ on:
|
||||
|
||||
| Webhook event payload | Activity types | `GITHUB_SHA` | `GITHUB_REF` |
|
||||
| --------------------- | -------------- | ------------ | -------------|
|
||||
| [`pull_request`](/developers/webhooks-and-events/webhooks/webhook-events-and-payloads/#pull_request) | - `assigned`<br/>- `unassigned`<br/>- `labeled`<br/>- `unlabeled`<br/>- `opened`<br/>- `edited`<br/>- `closed`<br/>- `reopened`<br/>- `synchronize`<br/>- `converted_to_draft`<br/>- `ready_for_review`<br/>- `locked`<br/>- `unlocked` <br/>- `review_requested` <br/>- `review_request_removed`{% ifversion fpt or ghes > 3.0 or ghae or ghec %} <br/>- `auto_merge_enabled` <br/>- `auto_merge_disabled`{% endif %} | Last merge commit on the `GITHUB_REF` branch | PR merge branch `refs/pull/:prNumber/merge` |
|
||||
| [`pull_request`](/developers/webhooks-and-events/webhooks/webhook-events-and-payloads/#pull_request) | - `assigned`<br/>- `unassigned`<br/>- `labeled`<br/>- `unlabeled`<br/>- `opened`<br/>- `edited`<br/>- `closed`<br/>- `reopened`<br/>- `synchronize`<br/>- `converted_to_draft`<br/>- `ready_for_review`<br/>- `locked`<br/>- `unlocked` <br/>- `review_requested` <br/>- `review_request_removed` <br/>- `auto_merge_enabled` <br/>- `auto_merge_disabled` | Last merge commit on the `GITHUB_REF` branch | PR merge branch `refs/pull/:prNumber/merge` |
|
||||
|
||||
{% note %}
|
||||
|
||||
@@ -779,7 +778,7 @@ on:
|
||||
|
||||
| Webhook event payload | Activity types | `GITHUB_SHA` | `GITHUB_REF` |
|
||||
| --------------------- | -------------- | ------------ | -------------|
|
||||
| [`pull_request`](/developers/webhooks-and-events/webhooks/webhook-events-and-payloads/#pull_request) | - `assigned`<br/>- `unassigned`<br/>- `labeled`<br/>- `unlabeled`<br/>- `opened`<br/>- `edited`<br/>- `closed`<br/>- `reopened`<br/>- `synchronize`<br/>- `converted_to_draft`<br/>- `ready_for_review`<br/>- `locked`<br/>- `unlocked` <br/>- `review_requested` <br/>- `review_request_removed`{% ifversion fpt or ghes > 3.0 or ghae or ghec %} <br/>- `auto_merge_enabled` <br/>- `auto_merge_disabled`{% endif %} | Last commit on the PR base branch | PR base branch |
|
||||
| [`pull_request`](/developers/webhooks-and-events/webhooks/webhook-events-and-payloads/#pull_request) | - `assigned`<br/>- `unassigned`<br/>- `labeled`<br/>- `unlabeled`<br/>- `opened`<br/>- `edited`<br/>- `closed`<br/>- `reopened`<br/>- `synchronize`<br/>- `converted_to_draft`<br/>- `ready_for_review`<br/>- `locked`<br/>- `unlocked` <br/>- `review_requested` <br/>- `review_request_removed` <br/>- `auto_merge_enabled` <br/>- `auto_merge_disabled` | Last commit on the PR base branch | PR base branch |
|
||||
|
||||
{% note %}
|
||||
|
||||
@@ -1300,7 +1299,6 @@ gh workflow run run-tests.yml -f logLevel=warning -f tags=false -f environment=s
|
||||
|
||||
For more information, see the {% data variables.product.prodname_cli %} information in "[Manually running a workflow](/actions/managing-workflow-runs/manually-running-a-workflow)."
|
||||
|
||||
|
||||
{% else %}
|
||||
This example defines the `name` and `home` inputs and prints them using the `github.event.inputs.name` and `github.event.inputs.home` contexts. If a `home` isn't provided, the default value 'The Octoverse' is printed.
|
||||
|
||||
|
||||
@@ -34,3 +34,4 @@ children:
|
||||
- /storing-workflow-data-as-artifacts
|
||||
- /using-github-cli-in-workflows
|
||||
---
|
||||
|
||||
|
||||
@@ -241,11 +241,7 @@ jobs:
|
||||
```
|
||||
|
||||
The workflow run will archive any artifacts that it generated. For more information on downloading archived artifacts, see "[Downloading workflow artifacts](/actions/managing-workflow-runs/downloading-workflow-artifacts)."
|
||||
{% ifversion fpt or ghes > 3.0 or ghae or ghec %}
|
||||
|
||||
{% else %}
|
||||
|
||||
{% endif %}
|
||||
|
||||
{% ifversion fpt or ghec %}
|
||||
|
||||
|
||||
@@ -166,7 +166,6 @@ A string identifier to associate with the secret.
|
||||
A boolean specifying whether the secret must be supplied.
|
||||
{% endif %}
|
||||
|
||||
|
||||
## `on.workflow_run.<branches|branches-ignore>`
|
||||
|
||||
{% data reusables.actions.workflows.section-specifying-branches %}
|
||||
@@ -240,13 +239,10 @@ env:
|
||||
|
||||
{% data reusables.actions.jobs.section-choosing-the-runner-for-a-job %}
|
||||
|
||||
{% ifversion fpt or ghes > 3.0 or ghae or ghec %}
|
||||
## `jobs.<job_id>.environment`
|
||||
|
||||
{% data reusables.actions.jobs.section-using-environments-for-jobs %}
|
||||
|
||||
{% endif %}
|
||||
|
||||
{% ifversion fpt or ghae or ghes > 3.1 or ghec %}
|
||||
## `jobs.<job_id>.concurrency`
|
||||
|
||||
|
||||
@@ -11,3 +11,4 @@ children:
|
||||
- /managing-github-advanced-security-for-your-enterprise
|
||||
- /managing-supply-chain-security-for-your-enterprise
|
||||
---
|
||||
|
||||
|
||||
@@ -34,7 +34,7 @@ You can configure {% data variables.product.prodname_code_scanning %} to run {%
|
||||
|
||||
## Prerequisites for {% data variables.product.prodname_code_scanning %}
|
||||
|
||||
- A license for {% data variables.product.prodname_GH_advanced_security %}{% ifversion ghes > 3.0 %} (see "[About billing for {% data variables.product.prodname_GH_advanced_security %}](/billing/managing-billing-for-github-advanced-security/about-billing-for-github-advanced-security)"){% endif %}
|
||||
- A license for {% data variables.product.prodname_GH_advanced_security %}{% ifversion ghes %} (see "[About billing for {% data variables.product.prodname_GH_advanced_security %}](/billing/managing-billing-for-github-advanced-security/about-billing-for-github-advanced-security)"){% endif %}
|
||||
|
||||
- {% data variables.product.prodname_code_scanning_capc %} enabled in the management console (see "[Enabling {% data variables.product.prodname_GH_advanced_security %} for your enterprise](/admin/advanced-security/enabling-github-advanced-security-for-your-enterprise)")
|
||||
|
||||
@@ -64,21 +64,18 @@ If you set up the {% data variables.product.prodname_codeql %} action sync tool,
|
||||
|
||||
{% endif %}
|
||||
|
||||
|
||||
### Configuring {% data variables.product.prodname_github_connect %} to sync {% data variables.product.prodname_actions %}
|
||||
1. If you want to download action workflows on demand from {% data variables.product.prodname_dotcom_the_website %}, you need to enable {% data variables.product.prodname_github_connect %}. For more information, see "[Enabling {% data variables.product.prodname_github_connect %}](/admin/configuration/managing-connections-between-your-enterprise-accounts/connecting-your-enterprise-account-to-github-enterprise-cloud#enabling-github-connect)."
|
||||
2. You'll also need to enable {% data variables.product.prodname_actions %} for {% data variables.product.product_location %}. For more information, see "[Getting started with {% data variables.product.prodname_actions %} for {% data variables.product.prodname_ghe_server %}](/admin/github-actions/getting-started-with-github-actions-for-github-enterprise-server)."
|
||||
3. The next step is to configure access to actions on {% data variables.product.prodname_dotcom_the_website %} using {% data variables.product.prodname_github_connect %}. For more information, see "[Enabling automatic access to {% data variables.product.prodname_dotcom_the_website %} actions using {% data variables.product.prodname_github_connect %}](/enterprise/admin/github-actions/enabling-automatic-access-to-githubcom-actions-using-github-connect)."
|
||||
4. Add a self-hosted runner to your repository, organization, or enterprise account. For more information, see "[Adding self-hosted runners](/actions/hosting-your-own-runners/adding-self-hosted-runners)."
|
||||
|
||||
|
||||
## Running code scanning using the {% data variables.product.prodname_codeql_cli %}
|
||||
|
||||
If you don't want to use {% data variables.product.prodname_actions %}, you should run {% data variables.product.prodname_code_scanning %} using the {% data variables.product.prodname_codeql_cli %}.
|
||||
|
||||
The {% data variables.product.prodname_codeql_cli %} is a command-line tool that you use to analyze codebases on any machine, including a third-party CI/CD system. For more information, see "[Installing CodeQL CLI in your CI system](/code-security/code-scanning/using-codeql-code-scanning-with-your-existing-ci-system/installing-codeql-cli-in-your-ci-system)."
|
||||
|
||||
|
||||
{% if codeql-runner-supported %}
|
||||
|
||||
## Running {% data variables.product.prodname_code_scanning %} using the {% data variables.product.prodname_codeql_runner %}
|
||||
|
||||
@@ -29,10 +29,9 @@ If someone checks a secret with a known pattern into a repository, {% data varia
|
||||
|
||||
## Prerequisites for {% data variables.product.prodname_secret_scanning %}
|
||||
|
||||
|
||||
- The [SSSE3](https://www.intel.com/content/dam/www/public/us/en/documents/manuals/64-ia-32-architectures-optimization-manual.pdf#G3.1106470) (Supplemental Streaming SIMD Extensions 3) CPU flag needs to be enabled on the VM/KVM that runs {% data variables.product.product_location %}.
|
||||
|
||||
- A license for {% data variables.product.prodname_GH_advanced_security %}{% ifversion ghes > 3.0 %} (see "[About billing for {% data variables.product.prodname_GH_advanced_security %}](/billing/managing-billing-for-github-advanced-security/about-billing-for-github-advanced-security)"){% endif %}
|
||||
- A license for {% data variables.product.prodname_GH_advanced_security %}{% ifversion ghes %} (see "[About billing for {% data variables.product.prodname_GH_advanced_security %}](/billing/managing-billing-for-github-advanced-security/about-billing-for-github-advanced-security)"){% endif %}
|
||||
|
||||
- {% data variables.product.prodname_secret_scanning_caps %} enabled in the management console (see "[Enabling {% data variables.product.prodname_GH_advanced_security %} for your enterprise](/admin/advanced-security/enabling-github-advanced-security-for-your-enterprise)")
|
||||
|
||||
|
||||
@@ -20,10 +20,10 @@ topics:
|
||||
|
||||
{% data reusables.advanced-security.ghas-helps-developers %}
|
||||
|
||||
{% ifversion ghes > 3.0 %}
|
||||
{% ifversion ghes %}
|
||||
When you enable {% data variables.product.prodname_GH_advanced_security %} for your enterprise, repository administrators in all organizations can enable the features unless you set up a policy to restrict access. For more information, see "[Enforcing policies for {% data variables.product.prodname_advanced_security %} in your enterprise](/admin/policies/enforcing-policies-for-advanced-security-in-your-enterprise)."
|
||||
{% else %}
|
||||
When you enable {% data variables.product.prodname_GH_advanced_security %} for your enterprise, repository administrators in all organizations can enable the features. {% ifversion ghes = 3.0 %}For more information, see "[Managing security and analysis settings for your organization](/organizations/keeping-your-organization-secure/managing-security-and-analysis-settings-for-your-organization)" and "[Managing security and analysis settings for your repository](/github/administering-a-repository/managing-security-and-analysis-settings-for-your-repository)."{% endif %}
|
||||
When you enable {% data variables.product.prodname_GH_advanced_security %} for your enterprise, repository administrators in all organizations can enable the features.
|
||||
{% endif %}
|
||||
|
||||
{% ifversion ghes %}
|
||||
@@ -32,7 +32,7 @@ For guidance on a phased deployment of GitHub Advanced Security, see "[Deploying
|
||||
|
||||
## Checking whether your license includes {% data variables.product.prodname_GH_advanced_security %}
|
||||
|
||||
{% ifversion ghes > 3.0 %}
|
||||
{% ifversion ghes %}
|
||||
{% data reusables.enterprise-accounts.access-enterprise %}
|
||||
{% data reusables.enterprise-accounts.settings-tab %}
|
||||
{% data reusables.enterprise-accounts.license-tab %}
|
||||
@@ -40,18 +40,9 @@ For guidance on a phased deployment of GitHub Advanced Security, see "[Deploying
|
||||
|
||||
{% endif %}
|
||||
|
||||
{% ifversion ghes = 3.0 %}
|
||||
{% data reusables.enterprise_site_admin_settings.access-settings %}
|
||||
{% data reusables.enterprise_site_admin_settings.management-console %}
|
||||
1. If your license includes {% data variables.product.prodname_GH_advanced_security %}, there is an **{% data variables.product.prodname_advanced_security %}** entry in the left sidebar.
|
||||
|
||||
|
||||
{% data reusables.enterprise_management_console.advanced-security-license %}
|
||||
{% endif %}
|
||||
|
||||
## Prerequisites for enabling {% data variables.product.prodname_GH_advanced_security %}
|
||||
|
||||
1. Upgrade your license for {% data variables.product.product_name %} to include {% data variables.product.prodname_GH_advanced_security %}.{% ifversion ghes > 3.0 %} For information about licensing, see "[About billing for {% data variables.product.prodname_GH_advanced_security %}](/billing/managing-billing-for-github-advanced-security/about-billing-for-github-advanced-security)."{% endif %}
|
||||
1. Upgrade your license for {% data variables.product.product_name %} to include {% data variables.product.prodname_GH_advanced_security %}.{% ifversion ghes %} For information about licensing, see "[About billing for {% data variables.product.prodname_GH_advanced_security %}](/billing/managing-billing-for-github-advanced-security/about-billing-for-github-advanced-security)."{% endif %}
|
||||
2. Download the new license file. For more information, see "[Downloading your license for {% data variables.product.prodname_enterprise %}](/billing/managing-your-license-for-github-enterprise/downloading-your-license-for-github-enterprise)."
|
||||
3. Upload the new license file to {% data variables.product.product_location %}. For more information, see "[Uploading a new license to {% data variables.product.prodname_ghe_server %}](/billing/managing-your-license-for-github-enterprise/uploading-a-new-license-to-github-enterprise-server)."{% ifversion ghes %}
|
||||
4. Review the prerequisites for the features you plan to enable.
|
||||
|
||||
@@ -19,3 +19,4 @@ children:
|
||||
- /overview-of-github-advanced-security-deployment
|
||||
- /deploying-github-advanced-security-in-your-enterprise
|
||||
---
|
||||
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
---
|
||||
title: About supply chain security for your enterprise
|
||||
intro: 'You can enable features that help your developers understand and update the dependencies their code relies on.'
|
||||
intro: You can enable features that help your developers understand and update the dependencies their code relies on.
|
||||
shortTitle: About supply chain security
|
||||
permissions: ''
|
||||
versions:
|
||||
|
||||
@@ -1,8 +1,8 @@
|
||||
---
|
||||
title: Enabling the dependency graph for your enterprise
|
||||
intro: "You can allow users to identify their projects' dependencies by enabling the dependency graph."
|
||||
intro: You can allow users to identify their projects' dependencies by enabling the dependency graph.
|
||||
shortTitle: Enable dependency graph
|
||||
permissions: 'Site administrators can enable the dependency graph.'
|
||||
permissions: Site administrators can enable the dependency graph.
|
||||
versions:
|
||||
ghes: '*'
|
||||
type: how_to
|
||||
|
||||
@@ -12,3 +12,4 @@ children:
|
||||
- /enabling-the-dependency-graph-for-your-enterprise
|
||||
- /viewing-the-vulnerability-data-for-your-enterprise
|
||||
---
|
||||
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
---
|
||||
title: About GitHub Connect
|
||||
intro: "{% data variables.product.prodname_github_connect %} enhances {% data variables.product.product_name %} by giving you access to additional features and workflows that rely on the power of {% data variables.product.prodname_dotcom_the_website %}."
|
||||
intro: '{% data variables.product.prodname_github_connect %} enhances {% data variables.product.product_name %} by giving you access to additional features and workflows that rely on the power of {% data variables.product.prodname_dotcom_the_website %}.'
|
||||
versions:
|
||||
ghes: '*'
|
||||
ghae: '*'
|
||||
|
||||
@@ -7,7 +7,7 @@ redirect_from:
|
||||
- /admin/configuration/enabling-automatic-user-license-sync-between-github-enterprise-server-and-github-enterprise-cloud
|
||||
- /admin/configuration/managing-connections-between-github-enterprise-server-and-github-enterprise-cloud/enabling-automatic-user-license-sync-between-github-enterprise-server-and-github-enterprise-cloud
|
||||
- /admin/configuration/managing-connections-between-your-enterprise-accounts/enabling-automatic-user-license-sync-between-github-enterprise-server-and-github-enterprise-cloud
|
||||
permissions: 'Enterprise owners can enable automatic user license synchronization.'
|
||||
permissions: Enterprise owners can enable automatic user license synchronization.
|
||||
versions:
|
||||
ghes: '*'
|
||||
type: how_to
|
||||
@@ -27,6 +27,7 @@ You can also manually upload {% data variables.product.prodname_ghe_server %} us
|
||||
|
||||
Before enabling license synchronization on {% data variables.product.product_location %}, you must enable {% data variables.product.prodname_github_connect %}. For more information, see "[Managing {% data variables.product.prodname_github_connect %}](/admin/configuration/configuring-github-connect/managing-github-connect)."
|
||||
|
||||
{% data reusables.enterprise-accounts.access-enterprise %}{% ifversion ghes < 3.1 %}{% data reusables.enterprise-accounts.settings-tab %}{% endif %}{% data reusables.enterprise-accounts.github-connect-tab %}
|
||||
{% data reusables.enterprise-accounts.access-enterprise %}
|
||||
{% data reusables.enterprise-accounts.github-connect-tab %}
|
||||
1. Under "Server can sync user license count and usage", use the drop-down menu and select **Enabled**.
|
||||
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
---
|
||||
title: Enabling Dependabot for your enterprise
|
||||
intro: "You can allow users of {% data variables.product.product_location %} to find and fix vulnerabilities in code dependencies by enabling {% data variables.product.prodname_dependabot_alerts %}{% ifversion ghes > 3.2 %} and {% data variables.product.prodname_dependabot_updates %}{% endif %}."
|
||||
intro: 'You can allow users of {% data variables.product.product_location %} to find and fix vulnerabilities in code dependencies by enabling {% data variables.product.prodname_dependabot_alerts %}{% ifversion ghes > 3.2 %} and {% data variables.product.prodname_dependabot_updates %}{% endif %}.'
|
||||
miniTocMaxHeadingLevel: 3
|
||||
shortTitle: Dependabot
|
||||
redirect_from:
|
||||
@@ -77,7 +77,6 @@ Before you can enable {% data variables.product.prodname_dependabot_alerts %}:
|
||||
- You must enable the dependency graph. For more information, see "[Enabling the dependency graph for your enterprise](/admin/code-security/managing-supply-chain-security-for-your-enterprise/enabling-the-dependency-graph-for-your-enterprise)."{% endif %}
|
||||
|
||||
{% data reusables.enterprise-accounts.access-enterprise %}
|
||||
{%- ifversion ghes < 3.1 %}{% data reusables.enterprise-accounts.settings-tab %}{% endif %}
|
||||
{% data reusables.enterprise-accounts.github-connect-tab %}
|
||||
{%- if dependabot-updates-github-connect %}
|
||||
1. Under "{% data variables.product.prodname_dependabot %}", to the right of "Users can receive vulnerability alerts for open source code dependencies", select the dropdown menu and click **Enabled without notifications**. Optionally, to enable alerts with notifications, click **Enabled with notifications**.
|
||||
|
||||
@@ -43,7 +43,7 @@ Before enabling {% data variables.product.prodname_unified_contributions %} on {
|
||||
{% data reusables.github-connect.access-dotcom-and-enterprise %}
|
||||
{% data reusables.enterprise_site_admin_settings.access-settings %}
|
||||
{% data reusables.enterprise_site_admin_settings.business %}
|
||||
{% ifversion ghes < 3.1 %}{% data reusables.enterprise-accounts.settings-tab %}{% endif %}{% data reusables.enterprise-accounts.github-connect-tab %}{% else %}
|
||||
{% data reusables.enterprise-accounts.github-connect-tab %}{% else %}
|
||||
1. Sign in to {% data variables.product.product_location %} and {% data variables.product.prodname_dotcom_the_website %}.
|
||||
{% data reusables.enterprise-accounts.access-enterprise %}{% data reusables.enterprise-accounts.github-connect-tab %}{% endif %}
|
||||
1. Under "Users can share contribution counts to {% data variables.product.prodname_dotcom_the_website %}", click **Request access**.
|
||||
|
||||
@@ -44,7 +44,7 @@ Before you can enable {% data variables.product.prodname_unified_search %}, you
|
||||
{% data reusables.github-connect.access-dotcom-and-enterprise %}
|
||||
{% data reusables.enterprise_site_admin_settings.access-settings %}
|
||||
{% data reusables.enterprise_site_admin_settings.business %}
|
||||
{% ifversion ghes < 3.1 %}{% data reusables.enterprise-accounts.settings-tab %}{% endif %}{% data reusables.enterprise-accounts.github-connect-tab %}{% else %}
|
||||
{% data reusables.enterprise-accounts.github-connect-tab %}{% else %}
|
||||
1. Sign into {% data variables.product.product_location %} and {% data variables.product.prodname_dotcom_the_website %}.
|
||||
{% data reusables.enterprise-accounts.access-enterprise %}{% data reusables.enterprise-accounts.github-connect-tab %}{% endif %}
|
||||
1. Under "Users can search {% data variables.product.prodname_dotcom_the_website %}", use the drop-down menu and click **Enabled**.
|
||||
|
||||
@@ -54,7 +54,8 @@ If you're connecting {% data variables.product.product_location %} to an organiz
|
||||
|
||||
{% ifversion ghes %}
|
||||
1. Sign in to {% data variables.product.product_location %} and {% data variables.product.prodname_dotcom_the_website %}.
|
||||
{% data reusables.enterprise-accounts.access-enterprise %}{% ifversion ghes < 3.1 %}{% data reusables.enterprise-accounts.settings-tab %}{% endif %}{% data reusables.enterprise-accounts.github-connect-tab %}{% else %}
|
||||
{% data reusables.enterprise-accounts.access-enterprise %}
|
||||
{% data reusables.enterprise-accounts.github-connect-tab %}{% else %}
|
||||
1. Sign in to {% data variables.product.product_location %} and {% data variables.product.prodname_dotcom_the_website %}.
|
||||
{% data reusables.enterprise-accounts.access-enterprise %}{% data reusables.enterprise-accounts.github-connect-tab %}{% endif %}
|
||||
1. Under "{% data variables.product.prodname_github_connect %} is not enabled yet", click **Enable {% data variables.product.prodname_github_connect %}**. By clicking **Enable {% data variables.product.prodname_github_connect %}**, you agree to the "<a href="/github/site-policy/github-terms-for-additional-products-and-features#connect" class="dotcom-only">{% data variables.product.prodname_dotcom %} Terms for Additional Products and Features</a>."
|
||||
@@ -71,7 +72,8 @@ Enterprise owners can disable {% data variables.product.prodname_github_connect
|
||||
|
||||
When you disconnect from {% data variables.product.prodname_ghe_cloud %}, the {% data variables.product.prodname_github_connect %} {% data variables.product.prodname_github_app %} is deleted from your enterprise account or organization and credentials stored on {% data variables.product.product_location %} are deleted.
|
||||
|
||||
{% data reusables.enterprise-accounts.access-enterprise %}{% ifversion ghes < 3.1 %}{% data reusables.enterprise-accounts.settings-tab %}{% endif %}{% data reusables.enterprise-accounts.github-connect-tab %}
|
||||
{% data reusables.enterprise-accounts.access-enterprise %}
|
||||
{% data reusables.enterprise-accounts.github-connect-tab %}
|
||||
1. Next to the enterprise account or organization you'd like to disconnect, click **Disable {% data variables.product.prodname_github_connect %}**.
|
||||
{% ifversion ghes %}
|
||||
|
||||
|
||||
@@ -4,7 +4,7 @@ intro: 'You can give users easy access to enterprise-specific links by adding cu
|
||||
versions:
|
||||
ghec: '*'
|
||||
ghes: '>=3.4'
|
||||
ghae: 'issue-5487'
|
||||
ghae: issue-5487
|
||||
type: how_to
|
||||
topics:
|
||||
- Enterprise
|
||||
|
||||
@@ -11,7 +11,7 @@ topics:
|
||||
redirect_from:
|
||||
- /admin/configuration/configuring-your-enterprise/managing-github-for-mobile-for-your-enterprise
|
||||
- /admin/configuration/managing-github-for-mobile-for-your-enterprise
|
||||
shortTitle: 'Manage GitHub Mobile'
|
||||
shortTitle: Manage GitHub Mobile
|
||||
---
|
||||
{% ifversion ghes %}
|
||||
{% data reusables.mobile.ghes-release-phase %}
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
---
|
||||
title: About repository caching
|
||||
intro: "You can increase the performance of Git read operations for distributed teams and CI farms with repository caching."
|
||||
intro: You can increase the performance of Git read operations for distributed teams and CI farms with repository caching.
|
||||
versions:
|
||||
ghes: '>=3.3'
|
||||
type: overview
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
---
|
||||
title: Configuring a repository cache
|
||||
intro: "You can configure a repository cache by creating a new appliance, connecting the repository cache to your primary appliance, and configuring replication of repository networks to the repository cache."
|
||||
intro: 'You can configure a repository cache by creating a new appliance, connecting the repository cache to your primary appliance, and configuring replication of repository networks to the repository cache.'
|
||||
versions:
|
||||
ghes: '>=3.3'
|
||||
type: how_to
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
---
|
||||
title: Caching repositories
|
||||
intro: "You can improve performance for your geographically-distributed team with repository caching, which provides read-only mirrors close to your users and CI clients."
|
||||
intro: 'You can improve performance for your geographically-distributed team with repository caching, which provides read-only mirrors close to your users and CI clients.'
|
||||
versions:
|
||||
ghes: '>=3.3'
|
||||
topics:
|
||||
|
||||
@@ -33,15 +33,6 @@ This article explains how site administrators can configure {% data variables.pr
|
||||
|
||||
## Review hardware requirements
|
||||
|
||||
{% ifversion ghes = 3.0 %}
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note**: If you're upgrading an existing {% data variables.product.prodname_ghe_server %} instance to 3.0 or later and want to configure {% data variables.product.prodname_actions %}, note that the minimum hardware requirements have increased. For more information, see "[Upgrading {% data variables.product.prodname_ghe_server %}](/admin/enterprise-management/upgrading-github-enterprise-server#about-minimum-requirements-for-github-enterprise-server-30-and-later)."
|
||||
|
||||
{% endnote %}
|
||||
|
||||
{% endif %}
|
||||
|
||||
{%- ifversion ghes < 3.2 %}
|
||||
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
---
|
||||
title: Getting started with GitHub Actions for your enterprise
|
||||
intro: "Learn how to adopt {% data variables.product.prodname_actions %} for your enterprise."
|
||||
intro: 'Learn how to adopt {% data variables.product.prodname_actions %} for your enterprise.'
|
||||
versions:
|
||||
ghec: '*'
|
||||
ghes: '*'
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
---
|
||||
title: Introducing GitHub Actions to your enterprise
|
||||
shortTitle: Introduce Actions
|
||||
intro: "You can plan how to roll out {% data variables.product.prodname_actions %} in your enterprise."
|
||||
intro: 'You can plan how to roll out {% data variables.product.prodname_actions %} in your enterprise.'
|
||||
versions:
|
||||
ghec: '*'
|
||||
ghes: '*'
|
||||
@@ -57,8 +57,7 @@ You should plan where you'll store your secrets. We recommend storing secrets in
|
||||
In {% data variables.product.prodname_dotcom %}, you can store secrets at the repository or organization level. Secrets at the repository level can be limited to workflows in certain environments, such as production or testing. For more information, see "[Encrypted secrets](/actions/security-guides/encrypted-secrets)."
|
||||
|
||||
|
||||
{% ifversion fpt or ghes > 3.0 or ghec or ghae %}
|
||||
You should consider adding manual approval protection for sensitive environments, so that workflows must be approved before getting access to the environments' secrets. For more information, see "[Using environments for deployments](/actions/deployment/targeting-different-environments/using-environments-for-deployment)."{% endif %}
|
||||
You should consider adding manual approval protection for sensitive environments, so that workflows must be approved before getting access to the environments' secrets. For more information, see "[Using environments for deployments](/actions/deployment/targeting-different-environments/using-environments-for-deployment)."
|
||||
|
||||
### Security considerations for third-party actions
|
||||
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
---
|
||||
title: Migrating your enterprise to GitHub Actions
|
||||
shortTitle: Migrate to Actions
|
||||
intro: "Learn how to plan a migration to {% data variables.product.prodname_actions %} for your enterprise from another provider."
|
||||
intro: 'Learn how to plan a migration to {% data variables.product.prodname_actions %} for your enterprise from another provider.'
|
||||
versions:
|
||||
ghec: '*'
|
||||
ghes: '*'
|
||||
|
||||
@@ -36,17 +36,9 @@ Before enabling access to all actions from {% data variables.product.prodname_do
|
||||
{% data reusables.actions.enterprise-github-connect-warning %}
|
||||
|
||||
{% data reusables.enterprise-accounts.access-enterprise %}
|
||||
{%- ifversion ghes < 3.1 %}
|
||||
{% data reusables.enterprise-accounts.settings-tab %}
|
||||
{%- endif %}
|
||||
{% data reusables.enterprise-accounts.github-connect-tab %}
|
||||
{%- ifversion ghes > 3.0 or ghae %}
|
||||
1. Under "Users can utilize actions from GitHub.com in workflow runs", use the drop-down menu and select **Enabled**.
|
||||
|
||||
{%- else %}
|
||||
1. Under "Server can use actions from GitHub.com in workflows runs", use the drop-down menu and select **Enabled**.
|
||||
|
||||
{%- endif %}
|
||||
1. {% data reusables.actions.enterprise-limit-actions-use %}
|
||||
|
||||
{% ifversion ghes > 3.2 or ghae-issue-4815 %}
|
||||
|
||||
@@ -7,7 +7,7 @@ redirect_from:
|
||||
- /enterprise/admin/authentication/using-saml
|
||||
- /admin/authentication/using-saml
|
||||
- /enterprise/admin/authentication/authenticating-users-for-your-github-enterprise-server-instance/using-saml
|
||||
intro: You can configure SAML single sign-on (SSO) for {% data variables.product.product_name %}, which allows users to authenticate through a SAML identity provider (IdP) to access your instance.
|
||||
intro: 'You can configure SAML single sign-on (SSO) for {% data variables.product.product_name %}, which allows users to authenticate through a SAML identity provider (IdP) to access your instance.'
|
||||
versions:
|
||||
ghes: '*'
|
||||
type: how_to
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
---
|
||||
title: Configuring authentication and provisioning with your identity provider
|
||||
intro: 'You can configure user authentication and provisioning by integrating with an identity provider (IdP) that supports SAML single sign-on (SSO) and SCIM.'
|
||||
intro: You can configure user authentication and provisioning by integrating with an identity provider (IdP) that supports SAML single sign-on (SSO) and SCIM.
|
||||
versions:
|
||||
ghae: '*'
|
||||
redirect_from:
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
---
|
||||
title: Accessing your enterprise account if your identity provider is unavailable
|
||||
shortTitle: Access your enterprise account
|
||||
intro: "You can sign into {% data variables.product.product_name %} even if your identity provider is unavailable by bypassing SAML single sign-on (SSO) with a recovery code."
|
||||
intro: 'You can sign into {% data variables.product.product_name %} even if your identity provider is unavailable by bypassing SAML single sign-on (SSO) with a recovery code.'
|
||||
versions:
|
||||
ghec: '*'
|
||||
type: how_to
|
||||
@@ -10,7 +10,7 @@ topics:
|
||||
- Authentication
|
||||
- Enterprise
|
||||
- SSO
|
||||
permissions: "Enterprise owners can use a recovery code to access an enterprise account."
|
||||
permissions: Enterprise owners can use a recovery code to access an enterprise account.
|
||||
---
|
||||
|
||||
You can use a recovery code to access your enterprise account when a SAML configuration error or an issue with your identity provider (IdP) prevents you from using SAML SSO.
|
||||
|
||||
@@ -10,7 +10,7 @@ topics:
|
||||
- Authentication
|
||||
- Enterprise
|
||||
- SSO
|
||||
permissions: "Enterprise owners can download the SAML SSO recovery codes for the enterprise account."
|
||||
permissions: Enterprise owners can download the SAML SSO recovery codes for the enterprise account.
|
||||
---
|
||||
|
||||
In the event that your IdP is unavailable, you can use a recovery code to sign in and access your enterprise on {% data variables.product.product_location %}. For more information, see "[Accessing your enterprise account if your identity provider is unavailable](/admin/identity-and-access-management/managing-recovery-codes-for-your-enterprise/accessing-your-enterprise-account-if-your-identity-provider-is-unavailable)."
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
---
|
||||
title: Managing recovery codes for your enterprise
|
||||
shortTitle: Manage recovery codes
|
||||
intro: "With SAML single sign-on recovery codes, you can access your enterprise account even when your identity provider is unavailable."
|
||||
intro: 'With SAML single sign-on recovery codes, you can access your enterprise account even when your identity provider is unavailable.'
|
||||
versions:
|
||||
ghec: '*'
|
||||
topics:
|
||||
|
||||
@@ -105,11 +105,11 @@ featuredLinks:
|
||||
- /admin/configuration/configuring-github-connect/managing-github-connect
|
||||
- /admin/enterprise-support/about-github-enterprise-support
|
||||
videos:
|
||||
- title: "GitHub in the Enterprise – Maya Ross"
|
||||
- title: GitHub in the Enterprise – Maya Ross
|
||||
href: 'https://www.youtube-nocookie.com/embed/1-i39RqaxRs'
|
||||
- title: "What's new for GitHub Enterprise – Jarryd McCree"
|
||||
- title: What's new for GitHub Enterprise – Jarryd McCree
|
||||
href: 'https://www.youtube-nocookie.com/embed/ZZviWZgrqhM'
|
||||
- title: "Enforcing information security policy through GitHub Enterprise – Thomas Worley"
|
||||
- title: Enforcing information security policy through GitHub Enterprise – Thomas Worley
|
||||
href: 'https://www.youtube-nocookie.com/embed/DCu-ZTT7WTI'
|
||||
videosHeading: GitHub Universe 2021 videos
|
||||
layout: product-landing
|
||||
@@ -132,3 +132,4 @@ children:
|
||||
- /release-notes
|
||||
- /all-releases
|
||||
---
|
||||
|
||||
|
||||
@@ -6,7 +6,7 @@ redirect_from:
|
||||
- /enterprise/admin/installation/installing-github-enterprise-server-on-xenserver
|
||||
- /admin/installation/installing-github-enterprise-server-on-xenserver
|
||||
versions:
|
||||
ghes: '<=3.2'
|
||||
ghes: <=3.2
|
||||
type: tutorial
|
||||
topics:
|
||||
- Administrator
|
||||
|
||||
@@ -19,7 +19,6 @@ shortTitle: Configure package ecosystems
|
||||
|
||||
To prevent new packages from being uploaded, you can set an ecosystem you previously enabled to **Read-Only**, while still allowing existing packages to be downloaded.
|
||||
|
||||
|
||||
{% data reusables.enterprise_site_admin_settings.access-settings %}
|
||||
{% data reusables.enterprise_site_admin_settings.management-console %}
|
||||
{% data reusables.enterprise_site_admin_settings.packages-tab %}
|
||||
@@ -28,7 +27,7 @@ To prevent new packages from being uploaded, you can set an ecosystem you previo
|
||||
{% endif %}
|
||||
{% data reusables.enterprise_management_console.save-settings %}
|
||||
|
||||
{% ifversion ghes = 3.0 or ghes > 3.0 %}
|
||||
{% ifversion ghes %}
|
||||
## Connecting to the official npm registry
|
||||
|
||||
If you've enabled npm packages on your enterprise and want to allow access to the official npm registry as well as the {% data variables.product.prodname_registry %} npm registry, then you must perform some additional configuration.
|
||||
|
||||
@@ -5,7 +5,7 @@ permissions: 'Enterprise owners can enforce policies for {% data variables.produ
|
||||
product: '{% data reusables.gated-features.ghas %}'
|
||||
versions:
|
||||
ghec: '*'
|
||||
ghes: '>=3.1'
|
||||
ghes: '*'
|
||||
ghae: '*'
|
||||
type: how_to
|
||||
topics:
|
||||
|
||||
@@ -53,7 +53,7 @@ You can choose to disable {% data variables.product.prodname_actions %} for all
|
||||
{% data reusables.enterprise-accounts.policies-tab %}
|
||||
{% data reusables.enterprise-accounts.actions-tab %}
|
||||
1. Under **Policies**, select **Allow select actions** and add your required actions to the list.
|
||||
{%- ifversion ghes > 3.0 or ghae-issue-5094 %}
|
||||
{%- ifversion ghes or ghae-issue-5094 %}
|
||||
|
||||
{%- elsif ghae %}
|
||||
|
||||
|
||||
@@ -90,7 +90,7 @@ The `$GITHUB_VIA` variable is available in the pre-receive hook environment when
|
||||
| <pre>git refs delete api</pre> | Deletion of a ref via the API | "[Git database](/rest/reference/git#delete-a-reference)" in the REST API documentation |
|
||||
| <pre>git refs update api</pre> | Update of a ref via the API | "[Git database](/rest/reference/git#update-a-reference)" in the REST API documentation |
|
||||
| <pre>git repo contents api</pre> | Change to a file's contents via the API | "[Create or update file contents](/rest/reference/repos#create-or-update-file-contents)" in the REST API documentation |
|
||||
{%- ifversion ghes > 3.0 %}
|
||||
{%- ifversion ghes %}
|
||||
| `merge ` | Merge of a pull request using auto-merge | "[Automatically merging a pull request](/pull-requests/collaborating-with-pull-requests/incorporating-changes-from-a-pull-request/automatically-merging-a-pull-request)" |
|
||||
{%- endif %}
|
||||
| <pre>merge base into head</pre> | Update of the topic branch from the base branch when the base branch requires strict status checks (via **Update branch** in a pull request, for example) | "[About protected branches](/github/administering-a-repository/about-protected-branches#require-status-checks-before-merging)" |
|
||||
|
||||
@@ -33,3 +33,4 @@ children:
|
||||
- /continuous-integration-using-jenkins
|
||||
shortTitle: Manage organizations
|
||||
---
|
||||
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
---
|
||||
title: Removing organizations from your enterprise
|
||||
intro: 'If an organization should no longer be a part of your enterprise, you can remove the organization.'
|
||||
permissions: 'Enterprise owners can remove any organization from their enterprise.'
|
||||
permissions: Enterprise owners can remove any organization from their enterprise.
|
||||
versions:
|
||||
ghec: '*'
|
||||
type: how_to
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
---
|
||||
title: Impersonating a user
|
||||
intro: 'You can impersonate users and perform actions on their behalf, for troubleshooting, unblocking, and other legitimate reasons.'
|
||||
permissions: 'Enterprise owners can impersonate users within their enterprise.'
|
||||
permissions: Enterprise owners can impersonate users within their enterprise.
|
||||
versions:
|
||||
ghes: '>3.2'
|
||||
ghae: '*'
|
||||
|
||||
@@ -36,3 +36,4 @@ children:
|
||||
- /rebuilding-contributions-data
|
||||
shortTitle: Manage users
|
||||
---
|
||||
|
||||
|
||||
@@ -58,7 +58,7 @@ Action | Description
|
||||
## Enterprise configuration settings
|
||||
|
||||
Action | Description
|
||||
----------------------------------------------- | -------------------------------------------{% ifversion ghes > 3.0 or ghae %}
|
||||
----------------------------------------------- | -------------------------------------------{% ifversion ghes or ghae %}
|
||||
`business.advanced_security_policy_update` | A site admin creates, updates, or removes a policy for {% data variables.product.prodname_GH_advanced_security %}. For more information, see "[Enforcing policies for {% data variables.product.prodname_advanced_security %} in your enterprise](/admin/policies/enforcing-policies-for-advanced-security-in-your-enterprise)."{% endif %}
|
||||
`business.clear_members_can_create_repos` | A site admin clears a restriction on repository creation in organizations in the enterprise. For more information, see "[Enforcing repository management policies in your enterprise](/admin/policies/enforcing-repository-management-policies-in-your-enterprise#setting-a-policy-for-repository-creation)."{% ifversion ghes > 3.1 %}
|
||||
`business.referrer_override_enable` | A site admin enables the referrer policy override. For more information, see "[Configuring the referrer policy for your enterprise](/admin/configuration/configuring-your-enterprise/configuring-the-referrer-policy-for-your-enterprise)."
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
---
|
||||
title: Billing and payments on GitHub
|
||||
shortTitle: Billing and payments
|
||||
intro: '{% ifversion fpt %}{% data variables.product.product_name %} offers free and paid products for every account. You can upgrade or downgrade your account''s subscription and manage your billing settings at any time.{% elsif ghec or ghes or ghae %}{% data variables.product.company_short %} bills for your enterprise members'' {% ifversion ghec or ghae %}usage of {% data variables.product.product_name %}{% elsif ghes %} licence seats for {% data variables.product.product_name %}{% ifversion ghes > 3.0 %} and any additional services that you purchase{% endif %}{% endif %}. {% endif %}{% ifversion ghec %} You can view your subscription and manage your billing settings at any time. {% endif %}{% ifversion fpt or ghec %} You can also view usage and manage spending limits for {% data variables.product.product_name %} features such as {% data variables.product.prodname_actions %}, {% data variables.product.prodname_registry %}, and {% data variables.product.prodname_codespaces %}.{% endif %}'
|
||||
intro: '{% ifversion fpt %}{% data variables.product.product_name %} offers free and paid products for every account. You can upgrade or downgrade your account''s subscription and manage your billing settings at any time.{% elsif ghec or ghes or ghae %}{% data variables.product.company_short %} bills for your enterprise members'' {% ifversion ghec or ghae %}usage of {% data variables.product.product_name %}{% elsif ghes %} licence seats for {% data variables.product.product_name %}{% ifversion ghes %} and any additional services that you purchase{% endif %}{% endif %}. {% endif %}{% ifversion ghec %} You can view your subscription and manage your billing settings at any time. {% endif %}{% ifversion fpt or ghec %} You can also view usage and manage spending limits for {% data variables.product.product_name %} features such as {% data variables.product.prodname_actions %}, {% data variables.product.prodname_registry %}, and {% data variables.product.prodname_codespaces %}.{% endif %}'
|
||||
redirect_from:
|
||||
- /github/setting-up-and-managing-billing-and-payments-on-github
|
||||
- /categories/setting-up-and-managing-billing-and-payments-on-github
|
||||
@@ -54,3 +54,4 @@ children:
|
||||
- /managing-billing-for-git-large-file-storage
|
||||
- /setting-up-paid-organizations-for-procurement-companies
|
||||
---
|
||||
|
||||
|
||||
@@ -9,7 +9,7 @@ redirect_from:
|
||||
- /github/setting-up-and-managing-billing-and-payments-on-github/managing-licensing-for-github-advanced-security/about-licensing-for-github-advanced-security
|
||||
versions:
|
||||
fpt: '*'
|
||||
ghes: '>=3.1'
|
||||
ghes: '*'
|
||||
ghec: '*'
|
||||
type: overview
|
||||
topics:
|
||||
|
||||
Some files were not shown because too many files have changed in this diff Show More
Reference in New Issue
Block a user