jprdonnelly/docs
1
0
Fork 0
mirror of synced 2026-01-08 03:01:54 -05:00
Code Issues Projects Releases Wiki Activity

Merge branch 'main' into patch-1

Browse Source
This commit is contained in:
Courtney Wilson
2022-10-20 13:53:42 -05:00
committed by GitHub
parent 27919efe1d f373ad9ab6
commit 7b0f2deddf
219 changed files with 4047 additions and 2045 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.npmrc
View File

@@ -1,2 +1,2 @@
# skip installing optional dependencies to avoid issues with troublesome `fsevents` module
optional=false
omit=optional

BIN
assets/images/enterprise/security/secret-scanning-enable-push-protection-enterprise.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 44 KiB

BIN
assets/images/help/codespaces/add-constraint-dropdown-image.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 114 KiB

BIN
assets/images/help/codespaces/add-constraint-dropdown-retention.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 69 KiB

After

Width:  |  Height:  |  Size: 85 KiB

BIN
assets/images/help/codespaces/add-constraint-dropdown-timeout.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 59 KiB

After

Width:  |  Height:  |  Size: 71 KiB

BIN
assets/images/help/codespaces/edit-image-constraint.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 19 KiB

BIN
assets/images/help/codespaces/image-allowed-values.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 40 KiB

BIN
assets/images/help/codespaces/selected-repositories.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 69 KiB

BIN
assets/images/help/profile/set-status-on-profile.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 10 KiB

After

Width:  |  Height:  |  Size: 75 KiB

BIN
assets/images/help/repository/actions-cache-delete.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 102 KiB

BIN
assets/images/help/repository/actions-cache-entry-list.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 91 KiB

BIN
assets/images/help/repository/last-pusher-review-required.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 78 KiB

BIN
assets/images/help/repository/lock-branch-forksync.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 9.4 KiB

BIN
assets/images/help/repository/lock-branch.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 4.7 KiB

2
content/actions/using-github-hosted-runners/using-larger-runners.md
View File

@@ -12,6 +12,8 @@ versions:
In addition to the [standard {% data variables.product.prodname_dotcom %}-hosted runners](/actions/using-github-hosted-runners/about-github-hosted-runners#supported-runners-and-hardware-resources), {% data variables.product.prodname_dotcom %} also offers customers on {% data variables.product.prodname_team %} and {% data variables.product.prodname_ghe_cloud %} plans a range of {% data variables.actions.hosted_runner %}s with more RAM and CPU. These runners are hosted by {% data variables.product.prodname_dotcom %} and have the runner application and other tools preinstalled.
When {% data variables.actions.hosted_runner %}s are enabled for your organization, a default runner group is automatically created for you with a set of four pre-configured {% data variables.actions.hosted_runner %}s.
When you add a {% data variables.actions.hosted_runner %} to an organization, you are defining a type of machine from a selection of available hardware specifications and operating system images. {% data variables.product.prodname_dotcom %} will then create multiple instances of this runner that scale up and down to match the job demands of your organization, based on the autoscaling limits you define.
## Machine specs for {% data variables.actions.hosted_runner %}s

54
content/actions/using-workflows/caching-dependencies-to-speed-up-workflows.md
View File

@@ -240,18 +240,68 @@ For example, if a pull request contains a `feature` branch and targets the defau
{% data variables.product.prodname_dotcom %} will remove any cache entries that have not been accessed in over 7 days. There is no limit on the number of caches you can store, but the total size of all caches in a repository is limited{% ifversion actions-cache-policy-apis %}. By default, the limit is 10 GB per repository, but this limit might be different depending on policies set by your enterprise owners or repository administrators.{% else %} to 10 GB.{% endif %}
{% data reusables.actions.cache-eviction-process %}
{% data reusables.actions.cache-eviction-process %} {% ifversion actions-cache-ui %}The cache eviction process may cause cache thrashing, where caches are created and deleted at a high frequency. To reduce this, you can review the caches for a repository and take corrective steps, such as removing caching from specific workflows. For more information, see "[Managing caches](#managing-caches)."{% endif %}{% ifversion actions-cache-admin-ui %} You can also increase the cache size limit for a repository. For more information, see "[Managing {% data variables.product.prodname_actions %} settings for a repository](/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#configuring-cache-storage-for-a-repository)."
{% elsif actions-cache-policy-apis %}
{% ifversion actions-cache-policy-apis %}
For information on changing the policies for the repository cache size limit, see "[Enforcing policies for {% data variables.product.prodname_actions %} in your enterprise](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise#enforcing-a-policy-for-cache-storage-in-your-enterprise)" and "[Managing {% data variables.product.prodname_actions %} settings for a repository](/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#configuring-cache-storage-for-a-repository)."
{% endif %}
{% ifversion actions-cache-management %}
## Managing caches
{% ifversion actions-cache-ui %}
To manage caches created from your workflows, you can:
- View a list of all cache entries for a repository.
- Filter and sort the list of caches using specific metadata such as cache size, creation time, or last accessed time.
- Delete cache entries from a repository.
- Monitor aggregate cache usage for repositories and organizations.
There are multiple ways to manage caches for your repositories:
- Using the {% data variables.product.prodname_dotcom %} web interface, as shown below.
- Using the REST API. For more information, see the "[{% data variables.product.prodname_actions %} Cache](/rest/actions/cache)" REST API documentation.
- Installing a {% data variables.product.prodname_cli %} extension to manage your caches from the command line. For more information, see the [gh-actions-cache](https://github.com/actions/gh-actions-cache) extension.
{% else %}
You can use the {% data variables.product.product_name %} REST API to manage your caches. {% ifversion actions-cache-list-delete-apis %}You can use the API to list and delete cache entries, and see your cache usage.{% elsif actions-cache-management %}At present, you can use the API to see your cache usage, with more functionality expected in future updates.{% endif %} For more information, see the "[{% data variables.product.prodname_actions %} Cache](/rest/actions/cache)" REST API documentation.
You can also install a {% data variables.product.prodname_cli %} extension to manage your caches from the command line. For more information about the extension, see [the extension documentation](https://github.com/actions/gh-actions-cache#readme). For more information about {% data variables.product.prodname_cli %} extensions, see "[Using GitHub CLI extensions](/github-cli/github-cli/using-github-cli-extensions)."
{% endif %}
{% ifversion actions-cache-ui %}
### Viewing cache entries
You can use the web interface to view a list of cache entries for a repository. In the cache list, you can see how much disk space each cache is using, when the cache was created, and when the cache was last used.
{% data reusables.repositories.navigate-to-repo %}
{% data reusables.repositories.actions-tab %}
{% data reusables.repositories.actions-cache-list %}
1. Review the list of cache entries for the repository.
* To search for cache entries used for a specific branch, click the **Branch** dropdown menu and select a branch. The cache list will display all of the caches used for the selected branch.
* To search for cache entries with a specific cache key, use the syntax `key: key-name` in the **Filter caches** field. The cache list will display caches from all branches where the key was used.
![Screenshot of the list of cache entries](/assets/images/help/repository/actions-cache-entry-list.png)
### Deleting cache entries
Users with `write` access to a repository can use the {% data variables.product.prodname_dotcom %} web interface to delete cache entries.
{% data reusables.repositories.navigate-to-repo %}
{% data reusables.repositories.actions-tab %}
{% data reusables.repositories.actions-cache-list %}
1. To the right of the cache entry you want to delete, click {% octicon "trash" aria-label="The trash icon" %}.
![Screenshot of the list of cache entries](/assets/images/help/repository/actions-cache-delete.png)
{% endif %}
{% endif %}

13
content/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise.md
View File

@@ -45,4 +45,15 @@ When you enable one or more security and analysis features for existing reposito
1. Optionally, to enable or disable a feature automatically when new repositories are added, select the checkbox below the feature.
![Screenshot of a checkbox for enabling a feature for new repositories](/assets/images/enterprise/security/enterprise-security-and-analysis-enable-or-disable-feature-checkbox.png)
![Screenshot of a checkbox for enabling a feature for new repositories](/assets/images/enterprise/security/enterprise-security-and-analysis-enable-or-disable-feature-checkbox.png){% ifversion secret-scanning-custom-link-on-block %}
1. Optionally, to include a resource link in the message that members will see when they attempt to push a secret, select **Add a resource link in the CLI and web UI when a commit is blocked**, then type a URL, and click **Save link**.
{% note %}
**Note**: When a custom link is configured for an organization, the organization-level value overrides the custom link set for the enterprise. For more information, see "[Protecting pushes with secret scanning](/code-security/secret-scanning/protecting-pushes-with-secret-scanning)".
{% endnote %}
![Screenshot showing checkbox and text field for enabling a custom link](/assets/images/help/organizations/secret-scanning-custom-link.png){% endif %}

2
content/admin/enterprise-management/configuring-clustering/cluster-network-configuration.md
View File

@@ -19,7 +19,7 @@ shortTitle: Configure a cluster network
The simplest network design for clustering is to place the nodes on a single LAN. If a cluster must span subnetworks, we do not recommend configuring any firewall rules between the networks. The latency between nodes should be less than 1 millisecond.
{% ifversion ghes %}For high availability, the latency between the network with the active nodes and the network with the passive nodes must be less than 70 milliseconds. We don't recommend configuring a firewall between the two networks.{% endif %}
{% data reusables.enterprise_clustering.network-latency %}
### Application ports for end users

2
content/admin/enterprise-management/configuring-clustering/configuring-high-availability-replication-for-a-cluster.md
View File

@@ -41,7 +41,7 @@ On each new virtual machine, install the same version of {% data variables.produ
You must assign a static IP address to each new node that you provision, and you must configure a load balancer to accept connections and direct them to the nodes in your cluster's front-end tier.
We don't recommend configuring a firewall between the network with your active cluster and the network with your passive cluster. The latency between the network with the active nodes and the network with the passive nodes must be less than 70 milliseconds. For more information about network connectivity between nodes in the passive cluster, see "[Cluster network configuration](/enterprise/admin/enterprise-management/cluster-network-configuration)."
{% data reusables.enterprise_clustering.network-latency %} For more information about network connectivity between nodes in the passive cluster, see "[Cluster network configuration](/enterprise/admin/enterprise-management/cluster-network-configuration)."
## Creating a high availability replica for a cluster

2
content/admin/enterprise-management/configuring-high-availability/creating-a-high-availability-replica.md
View File

@@ -39,6 +39,8 @@ shortTitle: Create HA replica
This example configuration uses a primary and two replicas, which are located in three different geographic regions. While the three nodes can be in different networks, all nodes are required to be reachable from all the other nodes. At the minimum, the required administrative ports should be open to all the other nodes. For more information about the port requirements, see "[Network Ports](/enterprise/admin/guides/installation/network-ports/#administrative-ports)."
{% data reusables.enterprise_clustering.network-latency %}{% ifversion ghes > 3.2 %} If latency is more than 70 milliseconds, we recommend cache replica nodes instead. For more information, see "[Configuring a repository cache](/admin/enterprise-management/caching-repositories/configuring-a-repository-cache)."{% endif %}
1. Create the first replica the same way you would for a standard two node configuration by running `ghe-repl-setup` on the first replica.
```shell
(replica1)$ ghe-repl-setup PRIMARY_IP

27
content/admin/identity-and-access-management/managing-iam-for-your-enterprise/username-considerations-for-external-authentication.md
View File

@@ -36,7 +36,9 @@ When you use external authentication, {% data variables.location.product_locatio
If you use an enterprise with {% data variables.product.prodname_emus %}, members of your enterprise authenticate to access {% data variables.product.prodname_dotcom %} through your SAML identity provider (IdP). For more information, see "[About {% data variables.product.prodname_emus %}](/admin/identity-and-access-management/using-enterprise-managed-users-and-saml-for-iam/about-enterprise-managed-users)" and "[About authentication for your enterprise](/admin/identity-and-access-management/managing-iam-for-your-enterprise/about-authentication-for-your-enterprise#authentication-methods-for-github-enterprise-server)."
{% data variables.product.product_name %} automatically creates a username for each person when their user account is provisioned via SCIM, by normalizing an identifier provided by your IdP. If multiple identifiers are normalized into the same username, a username conflict occurs, and only the first user account is created. {% data reusables.enterprise-accounts.emu-only-emails-within-the-enterprise-can-conflict %} You can resolve username conflicts by making a change in your IdP so that the normalized usernames will be unique.
{% data variables.product.prodname_dotcom %} automatically creates a username for each person when their user account is provisioned via SCIM, by normalizing an identifier provided by your IdP, then adding an underscore and short code. If multiple identifiers are normalized into the same username, a username conflict occurs, and only the first user account is created. You can resolve username problems by making a change in your IdP so that the normalized usernames will be unique and within the 39-character limit.
{% data reusables.enterprise-accounts.emu-only-emails-within-the-enterprise-can-conflict %}
{% elsif ghae %}
@@ -62,7 +64,7 @@ These rules may result in your IdP providing the same _IDP-USERNAME_ for multipl
- `bob@fabrikam.com`
- `bob#EXT#fabrikamcom@contoso.com`
This will cause a username conflict, and only the first user will be provisioned. For more information, see "[Resolving username conflicts](#resolving-username-conflicts)."
This will cause a username conflict, and only the first user will be provisioned. For more information, see "[Resolving username problems](#resolving-username-problems)."
{% endif %}
Usernames{% ifversion ghec %}, including underscore and short code,{% endif %} must not exceed 39 characters.
@@ -83,7 +85,7 @@ When you configure SAML authentication, {% data variables.product.product_name %
1. Usernames created from email addresses are created from the normalized characters that precede the `@` character.
1. If multiple accounts are normalized into the same {% data variables.product.product_name %} username, only the first user account is created. Subsequent users with the same username won't be able to sign in. {% ifversion ghec %}For more information, see "[Resolving username conflicts](#resolving-username-conflicts)."{% endif %}
1. If multiple accounts are normalized into the same {% data variables.product.product_name %} username, only the first user account is created. Subsequent users with the same username won't be able to sign in. {% ifversion ghec %}For more information, see "[Resolving username problems](#resolving-username-problems)."{% endif %}
### Examples of username normalization
@@ -121,11 +123,16 @@ When you configure SAML authentication, {% data variables.product.product_name %
{% endif %}
{% ifversion ghec %}
## Resolving username conflicts
## Resolving username problems
When a new user is being provisioned, if the user's normalized username conflicts with an existing user in the enterprise, the provisioning attempt will fail with a `409` error.
When a new user is being provisioned, if the username is longer than 39 characters (including underscore and short code), or conflicts with an existing user in the enterprise, the provisioning attempt will fail with a `409` error.
To resolve this problem, you must make a change in your IdP so that the normalized usernames will be unique. If you cannot change the identifier that's being normalized, you can change the attribute mapping for the `userName` attribute. If you change the attribute mapping, usernames of existing {% data variables.enterprise.prodname_managed_users %} will be updated, but nothing else about the accounts will change, including activity history.
To resolve this problem, you must make one of the following changes in your IdP so that all normalized usernames will be within the character limit and unique.
- Change the `userName` attribute value for individual users that are causing problems
- Change the `userName` attribute mapping for all users
- Configure a custom `userName` attribute for all users
When you change the attribute mapping, usernames of existing {% data variables.enterprise.prodname_managed_users %} will be updated, but nothing else about the accounts will change, including activity history.
{% note %}
@@ -133,9 +140,9 @@ To resolve this problem, you must make a change in your IdP so that the normaliz
{% endnote %}
### Resolving username conflicts with Azure AD
### Resolving username problems with Azure AD
To resolve username conflicts in Azure AD, either modify the User Principal Name value for the conflicting user or modify the attribute mapping for the `userName` attribute. If you modify the attribute mapping, you can choose an existing attribute or use an expression to ensure that all provisioned users have a unique normalized alias.
To resolve username problems in Azure AD, either modify the User Principal Name value for the conflicting user or modify the attribute mapping for the `userName` attribute. If you modify the attribute mapping, you can choose an existing attribute or use an expression to ensure that all provisioned users have a unique normalized alias.
1. In Azure AD, open the {% data variables.product.prodname_emu_idp_application %} application.
1. In the left sidebar, click **Provisioning**.
@@ -146,9 +153,9 @@ To resolve username conflicts in Azure AD, either modify the User Principal Name
- To map an existing attribute in Azure AD to the `userName` attribute in {% data variables.product.prodname_dotcom %}, click your desired attribute field. Then, save and wait for a provisioning cycle to occur within about 40 minutes.
- To use an expression instead of an existing attribute, change the Mapping type to "Expression", then add a custom expression that will make this value unique for all users. For example, you could use `[FIRST NAME]-[LAST NAME]-[EMPLOYEE ID]`. For more information, see [Reference for writing expressions for attribute mappings in Azure Active Directory](https://docs.microsoft.com/en-us/azure/active-directory/app-provisioning/functions-for-customizing-application-data) in Microsoft Docs.
### Resolving username conflicts with Okta
### Resolving username problems with Okta
To resolve username conflicts in Okta, update the attribute mapping settings for the {% data variables.product.prodname_emu_idp_application %} application.
To resolve username problems in Okta, update the attribute mapping settings for the {% data variables.product.prodname_emu_idp_application %} application.
1. In Okta, open the {% data variables.product.prodname_emu_idp_application %} application.
1. Click **Sign On**.

4
content/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/about-enterprise-managed-users.md
View File

@@ -136,7 +136,9 @@ By default, when an unauthenticated user attempts to access an enterprise that u
{% data variables.product.product_name %} automatically creates a username for each person by normalizing an identifier provided by your IdP. For more information, see "[Username considerations for external authentication](/admin/identity-and-access-management/managing-iam-for-your-enterprise/username-considerations-for-external-authentication)."
A conflict may occur when provisioning users if the unique parts of the identifier provided by your IdP are removed during normalization. {% data reusables.enterprise-accounts.emu-only-emails-within-the-enterprise-can-conflict %} If you're unable to provision a user due to a username conflict, you should modify the username provided by your IdP. For more information, see "[Resolving username conflicts](/admin/identity-and-access-management/managing-iam-for-your-enterprise/username-considerations-for-external-authentication#resolving-username-conflicts)."
A conflict may occur when provisioning users if the unique parts of the identifier provided by your IdP are removed during normalization. If you're unable to provision a user due to a username conflict, you should modify the username provided by your IdP. For more information, see "[Resolving username problems](/admin/identity-and-access-management/managing-iam-for-your-enterprise/username-considerations-for-external-authentication#resolving-username-problems)."
{% data reusables.enterprise-accounts.emu-only-emails-within-the-enterprise-can-conflict %}
The profile name and email address of a {% data variables.enterprise.prodname_managed_user %} is also provided by the IdP. {% data variables.enterprise.prodname_managed_users_caps %} cannot change their profile name or email address on {% data variables.product.prodname_dotcom %}, and the IdP can only provide a single email address.

16
content/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise.md
View File

@@ -168,9 +168,19 @@ By default, when you create a new enterprise, workflows are not allowed to creat
{% data reusables.actions.cache-default-size %} {% data reusables.actions.cache-eviction-process %}
However, you can set an enterprise policy to customize both the default total cache size for each repository, as well as the maximum total cache size allowed for a repository. For example, you might want the default total cache size for each repository to be 5 GB, but also allow repository administrators to configure a total cache size up to 15 GB if necessary.
However, you can set an enterprise policy to customize both the default total cache size for each repository, as well as the maximum total cache size allowed for a repository. For example, you might want the default total cache size for each repository to be 5 GB, but also allow {% ifversion actions-cache-admin-ui %}organization owners and{% endif %} repository administrators to configure a total cache size up to 15 GB if necessary.
People with admin access to a repository can set a total cache size for their repository up to the maximum cache size allowed by the enterprise policy setting.
{% ifversion actions-cache-admin-ui %}Organization owners can set a lower total cache size that applies to each repository in their organization. {% endif %}People with admin access to a repository can set a total cache size for their repository up to the maximum cache size allowed by the enterprise {% ifversion actions-cache-admin-ui %}or organization{% endif %} policy setting.
{% ifversion actions-cache-admin-ui %}
{% data reusables.enterprise-accounts.access-enterprise %}
{% data reusables.enterprise-accounts.policies-tab %}
{% data reusables.enterprise-accounts.actions-tab %}
1. In the "Artifact, cache and log settings" section, under **Maximum cache size limit**, enter a value, then click **Save** to apply the setting.
1. In the "Artifact, cache and log settings" section, under **Default cache size limit**, enter a value, then click **Save** to apply the setting.
{% else %}
The policy settings for {% data variables.product.prodname_actions %} cache storage can currently only be modified using the REST API:
@@ -180,3 +190,5 @@ The policy settings for {% data variables.product.prodname_actions %} cache stor
{% data reusables.actions.cache-no-org-policy %}
{% endif %}
{% endif %}

6
content/authentication/connecting-to-github-with-ssh/generating-a-new-ssh-key-and-adding-it-to-the-ssh-agent.md
View File

@@ -125,7 +125,7 @@ Before adding a new SSH key to the ssh-agent to manage your keys, you should hav
* Open your `~/.ssh/config` file, then modify the file to contain the following lines. If your SSH key file has a different name or path than the example code, modify the filename or path to match your current setup.
```
Host *
Host *.{% ifversion ghes or ghae %}HOSTNAME{% else %}github.com{% endif %}
AddKeysToAgent yes
UseKeychain yes
IdentityFile ~/.ssh/id_{% ifversion ghae %}ecdsa{% else %}ed25519{% endif %}
@@ -137,10 +137,10 @@ Before adding a new SSH key to the ssh-agent to manage your keys, you should hav
- If you chose not to add a passphrase to your key, you should omit the `UseKeychain` line.
- If you see a `Bad configuration option: usekeychain` error, add an additional line to the configuration's' `Host *` section.
- If you see a `Bad configuration option: usekeychain` error, add an additional line to the configuration's' `Host *.{% ifversion ghes or ghae %}HOSTNAME{% else %}github.com{% endif %}` section.
```
Host *
Host *.{% ifversion ghes or ghae %}HOSTNAME{% else %}github.com{% endif %}
IgnoreUnknown UseKeychain
```
{% endnote %}

2
content/authentication/keeping-your-account-and-data-secure/token-expiration-and-revocation.md
View File

@@ -35,8 +35,6 @@ When you create a {% data variables.product.pat_generic %}, we recommend that yo
If a valid OAuth token, {% data variables.product.prodname_github_app %} token, or {% data variables.product.pat_generic %} is pushed to a public repository or public gist, the token will be automatically revoked.
OAuth tokens and personal {% data variables.product.pat_v1_plural %} pushed to public repositories and public gists will only be revoked if the token has scopes.{% ifversion pat-v2 %} {% data variables.product.pat_v2_caps %}s will always be revoked.{% endif %}
{% endif %}
{% ifversion fpt or ghec %}

4
content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md
View File

@@ -860,7 +860,7 @@ registries:
The `npm-registry` type supports username and password, or token.
When using username and password, your `.npmrc`'s auth token may contain a `base64` encoded `_password`; however, the password referenced in your {% data variables.product.prodname_dependabot %} configuration file must be the original (unencoded) password.
When using username and password, your `.npmrc`'s auth token may contain a `base64` encoded `_password`; however, the password referenced in your {% data variables.product.prodname_dependabot %} configuration file must be the original (unencoded) password.
{% raw %}
```yaml
@@ -882,6 +882,8 @@ registries:
token: ${{secrets.MY_GITHUB_PERSONAL_TOKEN}}
```
{% endraw %}
{% ifversion dependabot-yarn-v3-update %}
For security reasons, {% data variables.product.prodname_dependabot %} does not set environment variables. Yarn (v2 and later) requires that any accessed environment variables are set. When accessing environment variables in your `.yarnrc.yml` file, you should provide a fallback value such as {% raw %}`${ENV_VAR-fallback}`{% endraw %} or {% raw %}`${ENV_VAR:-fallback}`{% endraw %}. For more information, see [Yarnrc files](https://yarnpkg.com/configuration/yarnrc) in the Yarn documentation.{% endif %}
### `nuget-feed`

17
content/code-security/secret-scanning/protecting-pushes-with-secret-scanning.md
View File

@@ -1,6 +1,6 @@
---
title: Protecting pushes with secret scanning
intro: 'You can use {% data variables.product.prodname_secret_scanning %} to prevent supported secrets from being pushed into your organization or repository by enabling push protection.'
intro: 'You can use {% data variables.product.prodname_secret_scanning %} to prevent supported secrets from being pushed into your {% ifversion secret-scanning-enterprise-level %}enterprise,{% endif %} organization{% ifversion secret-scanning-enterprise-level %},{% endif %} or repository by enabling push protection.'
product: '{% data reusables.gated-features.secret-scanning %}'
miniTocMaxHeadingLevel: 3
versions:
@@ -34,10 +34,18 @@ For information on the secrets and service providers supported for push protecti
## Enabling {% data variables.product.prodname_secret_scanning %} as a push protection
For you to use {% data variables.product.prodname_secret_scanning %} as a push protection, the organization or repository needs to have both {% data variables.product.prodname_GH_advanced_security %} and {% data variables.product.prodname_secret_scanning %} enabled. For more information, see "[Managing security and analysis settings for your organization](/organizations/keeping-your-organization-secure/managing-security-and-analysis-settings-for-your-organization)," "[Managing security and analysis settings for your repository](/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository)," and "[About {% data variables.product.prodname_GH_advanced_security %}](/get-started/learning-about-github/about-github-advanced-security)."
For you to use {% data variables.product.prodname_secret_scanning %} as a push protection, the {% ifversion secret-scanning-enterprise-level %}enterprise,{% endif %} organization{% ifversion secret-scanning-enterprise-level %},{% endif %} or repository needs to have both {% data variables.product.prodname_GH_advanced_security %} and {% data variables.product.prodname_secret_scanning %} enabled. For more information, see {% ifversion secret-scanning-enterprise-level %}"[Managing security and analysis settings for your enterprise](/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise),"{% endif %} "[Managing security and analysis settings for your organization](/organizations/keeping-your-organization-secure/managing-security-and-analysis-settings-for-your-organization)," "[Managing security and analysis settings for your repository](/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository)," and "[About {% data variables.product.prodname_GH_advanced_security %}](/get-started/learning-about-github/about-github-advanced-security)."
Organization owners, security managers, and repository administrators can enable push protection for {% data variables.product.prodname_secret_scanning %} via the UI and API. For more information, see "[Repositories](/rest/reference/repos#update-a-repository)" and expand the "Properties of the `security_and_analysis` object" section in the REST API documentation.
{% ifversion secret-scanning-enterprise-level %}
### Enabling {% data variables.product.prodname_secret_scanning %} as a push protection for your enterprise
{% data reusables.enterprise-accounts.access-enterprise %}
{% data reusables.enterprise-accounts.settings-tab %}
1. In the left sidebar, click **Code security and analysis**.
{% data reusables.advanced-security.secret-scanning-push-protection-enterprise %}
{% endif %}
### Enabling {% data variables.product.prodname_secret_scanning %} as a push protection for an organization
{% data reusables.organizations.navigate-to-org %}
@@ -64,8 +72,6 @@ Up to five detected secrets will be displayed at a time on the command line. If
Organization admins can provide a custom link that will be displayed when a push is blocked. This custom link can contain organization-specific resources and advice, such as directions on using a recommended secrets vault or who to contact for questions relating to the blocked secret.
{% ifversion push-protection-custom-link-orgs-beta %}{% data reusables.advanced-security.custom-link-beta %}{% endif %}
![Screenshot showing that a push is blocked when a user attempts to push a secret to a repository](/assets/images/help/repository/secret-scanning-push-protection-with-custom-link.png)
{% else %}
@@ -104,9 +110,6 @@ If {% data variables.product.prodname_dotcom %} blocks a secret that you believe
{% ifversion push-protection-custom-link-orgs %}
Organization admins can provide a custom link that will be displayed when a push is blocked. This custom link can contain resources and advice specific to your organization. For example, the custom link can point to a README file with information about the organization's secret vault, which teams and individuals to escalate questions to, or the organization's approved policy for working with secrets and rewriting commit history.
{% ifversion push-protection-custom-link-orgs-beta %}{% data reusables.advanced-security.custom-link-beta %}{% endif %}
{% endif %}
You can remove the secret from the file using the web UI. Once you remove the secret, the banner at the top of the page will change and tell you that you can now commit your changes.

3
content/code-security/secret-scanning/pushing-a-branch-blocked-by-push-protection.md
View File

@@ -30,9 +30,6 @@ If {% data variables.product.prodname_dotcom %} blocks a secret that you believe
{% ifversion push-protection-custom-link-orgs %}
Organization admins can provide a custom link that will be included in the message from {% data variables.product.product_name %} when your push is blocked. This custom link can contain resources and advice specific to your organization and its policies.
{% ifversion push-protection-custom-link-orgs-beta %}{% data reusables.advanced-security.custom-link-beta %}{% endif %}
{% endif %}
## Resolving a blocked push on the command line

1
content/codespaces/customizing-your-codespace/index.md
View File

@@ -11,6 +11,7 @@ topics:
- Codespaces
children:
- /personalizing-github-codespaces-for-your-account
- /renaming-a-codespace
- /changing-the-machine-type-for-your-codespace
- /setting-your-default-editor-for-github-codespaces
- /setting-your-default-region-for-github-codespaces

6
content/codespaces/developing-in-codespaces/renaming-a-codespace.md → content/codespaces/customizing-your-codespace/renaming-a-codespace.md
View File

@@ -50,7 +50,9 @@ Changing the display name of a codespace can be useful if you have multiple code
To rename a codespace, use the `gh codespace edit` subcommand:
```shell
gh codespace edit -c PERMANENT-NAME-OF-CODESPACE -d NEW-DISPLAY-NAME
gh codespace edit -c PERMANENT-CODESPACE-NAME -d NEW-DISPLAY-NAME
```
In this example, replace `permanent name of the codespace` with the permanent name of the codespace. Replace `new display name` with the desired display name.
In this example, replace `PERMANENT-CODESPACE-NAME` with the permanent name of the codespace whose display name you want to change. Replace `NEW-DISPLAY-NAME` with the display name you want to use for this codespace.
For more information, see "[Using {% data variables.product.prodname_github_codespaces %} with {% data variables.product.prodname_cli %}](/codespaces/developing-in-codespaces/using-github-codespaces-with-github-cli#rename-a-codespace)."

2
content/codespaces/developing-in-codespaces/codespaces-lifecycle.md
View File

@@ -59,6 +59,8 @@ In the example `postCreate.sh` file below, the contents of the `config` director
ln -sf $PWD/.devcontainer/config $HOME/config && set +x
```
For more information, see "[Introduction to dev containers](/codespaces/setting-up-your-project-for-codespaces/introduction-to-dev-containers#applying-configuration-changes-to-a-codespace)."
## Stopping a codespace
{% data reusables.codespaces.stopping-a-codespace %} For more information, see "[Stopping and starting a codespace](/codespaces/developing-in-codespaces/stopping-and-starting-a-codespace)."

1
content/codespaces/developing-in-codespaces/index.md
View File

@@ -16,7 +16,6 @@ children:
- /using-source-control-in-your-codespace
- /using-github-codespaces-for-pull-requests
- /stopping-and-starting-a-codespace
- /renaming-a-codespace
- /forwarding-ports-in-your-codespace
- /default-environment-variables-for-your-codespace
- /connecting-to-a-private-network

14
content/codespaces/developing-in-codespaces/using-github-codespaces-with-github-cli.md
View File

@@ -6,6 +6,7 @@ product: '{% data reusables.gated-features.codespaces %}'
miniTocMaxHeadingLevel: 3
versions:
fpt: '*'
ghec: '*'
type: how_to
topics:
- Codespaces
@@ -24,6 +25,7 @@ You can work with {% data variables.product.prodname_github_codespaces %} in the
- [Create a new codespace](#create-a-new-codespace)
- [Stop a codespace](#stop-a-codespace)
- [Delete a codespace](#delete-a-codespace)
- [Rename a codespace](#rename-a-codespace)
- [SSH into a codespace](#ssh-into-a-codespace)
- [Open a codespace in {% data variables.product.prodname_vscode %}](#open-a-codespace-in--data-variablesproductprodname_vscode-)
- [Open a codespace in JupyterLab](#open-a-codespace-in-jupyterlab)
@@ -74,6 +76,8 @@ gh codespace list
The list includes the unique name of each codespace, which you can use in other `gh codespace` commands.
An asterisk at the end of the branch name for a codespace indicates that there are uncommitted or unpushed changes in that codespace.
### Create a new codespace
```shell
@@ -98,6 +102,14 @@ gh codespace delete -c CODESPACE-NAME
For more information, see "[Deleting a codespace](/codespaces/developing-in-codespaces/deleting-a-codespace)."
### Rename a codespace
```shell
gh codespace edit -c CODESPACE-NAME -d DISPLAY-NAME
```
For more information, see "[Renaming a codespace](/codespaces/customizing-your-codespace/renaming-a-codespace)."
### SSH into a codespace
To run commands on the remote codespace machine, from your terminal, you can SSH into the codespace.
@@ -215,4 +227,4 @@ You can use the {% data variables.product.prodname_cli %} extension to create a
gh codespace edit -m <em>machine-type-name</em>
```
For more information, see the "{% data variables.product.prodname_cli %}" tab of "[Changing the machine type for your codespace](/codespaces/customizing-your-codespace/changing-the-machine-type-for-your-codespace)."
For more information, see the "{% data variables.product.prodname_cli %}" tab of "[Changing the machine type for your codespace](/codespaces/customizing-your-codespace/changing-the-machine-type-for-your-codespace)."

2
content/codespaces/getting-started/deep-dive.md
View File

@@ -35,7 +35,7 @@ When you create a codespace, a [shallow clone](https://github.blog/2020-12-21-ge
### Step 2: Container is created
{% data variables.product.prodname_github_codespaces %} uses a container as the development environment. This container is created based on the configurations that you can define in a `devcontainer.json` file and/or Dockerfile in your repository. If you don't [configure a container](/codespaces/customizing-your-codespace/configuring-codespaces-for-your-project), {% data variables.product.prodname_github_codespaces %} uses a [default image](/codespaces/customizing-your-codespace/configuring-codespaces-for-your-project#using-the-default-configuration), which has many languages and runtimes available. For information on what the default image contains, see the [`vscode-dev-containers`](https://github.com/microsoft/vscode-dev-containers/tree/main/containers/codespaces-linux) repository.
{% data variables.product.prodname_github_codespaces %} uses a container as the development environment. This container is created based on the configurations that you can define in a `devcontainer.json` file and/or Dockerfile in your repository. If you don't specify a custom Docker image in your configuration, {% data variables.product.prodname_codespaces %} uses a default image, which has many languages and runtimes available. For information, see "[Introduction to dev containers](/codespaces/setting-up-your-project-for-codespaces/introduction-to-dev-containers#using-the-default-dev-container-configuration)." For details of what the default image contains, see the [`vscode-dev-containers`](https://github.com/microsoft/vscode-dev-containers/tree/main/containers/codespaces-linux) repository.
{% note %}

3
content/codespaces/getting-started/quickstart.md
View File

@@ -92,11 +92,10 @@ Within a codespace, you have access to the {% data variables.product.prodname_vs
1. In the left sidebar, click the Extensions icon.
1. In the search bar, enter `fairyfloss` and install the fairyfloss extension.
1. In the search bar, type `fairyfloss` and click **Install**.
![Add an extension](/assets/images/help/codespaces/add-extension.png)
1. Click **Install in Codespaces**.
1. Select the `fairyfloss` theme by selecting it from the list.
![Select the fairyfloss theme](/assets/images/help/codespaces/fairyfloss.png)

3
content/codespaces/guides.md
View File

@@ -44,7 +44,8 @@ includeGuides:
- /codespaces/managing-codespaces-for-your-organization/managing-billing-for-codespaces-in-your-organization
- /codespaces/managing-codespaces-for-your-organization/managing-encrypted-secrets-for-your-repository-and-organization-for-codespaces
- /codespaces/managing-codespaces-for-your-organization/restricting-access-to-machine-types
- /codespaces/managing-codespaces-for-your-organization/retricting-the-idle-timeout-period
- /codespaces/managing-codespaces-for-your-organization/restricting-the-base-image-for-codespaces.md
- /codespaces/managing-codespaces-for-your-organization/restricting-the-idle-timeout-period
- /codespaces/managing-codespaces-for-your-organization/restricting-the-retention-period-for-codespaces
- /codespaces/managing-codespaces-for-your-organization/restricting-the-visibility-of-forwarded-ports
- /codespaces/managing-codespaces-for-your-organization/reviewing-your-organizations-audit-logs-for-codespaces

1
content/codespaces/managing-codespaces-for-your-organization/index.md
View File

@@ -17,6 +17,7 @@ children:
- /managing-repository-access-for-your-organizations-codespaces
- /reviewing-your-organizations-audit-logs-for-github-codespaces
- /restricting-access-to-machine-types
- /restricting-the-base-image-for-codespaces
- /restricting-the-visibility-of-forwarded-ports
- /restricting-the-idle-timeout-period
- /restricting-the-retention-period-for-codespaces

20
content/codespaces/managing-codespaces-for-your-organization/restricting-access-to-machine-types.md
View File

@@ -14,7 +14,9 @@ topics:
## Overview
Typically, when you create a codespace you are offered a choice of specifications for the machine that will run your codespace. You can choose the machine type that best suits your needs. For more information, see "[Creating a codespace](/codespaces/developing-in-codespaces/creating-a-codespace#creating-a-codespace)." If you pay for using {% data variables.product.prodname_github_codespaces %} then your choice of machine type will affect how much your are billed. For more information about pricing, see "[About billing for {% data variables.product.prodname_github_codespaces %}](/billing/managing-billing-for-github-codespaces/about-billing-for-github-codespaces)."
Typically, when you create a codespace you are offered a choice of specifications for the machine that will run your codespace. You can choose the machine type that best suits your needs. For more information, see "[Creating a codespace](/codespaces/developing-in-codespaces/creating-a-codespace#creating-a-codespace)."
If you pay for using {% data variables.product.prodname_github_codespaces %} then your choice of machine type will affect how much your are billed. The compute cost for a codespace is proportional to the number of processor cores in the machine type you choose. For example, the compute cost of using a codespace for an hour on a 16-core machine is eight times greater than a 2-core machine. For more information about pricing, see "[About billing for {% data variables.product.prodname_github_codespaces %}](/billing/managing-billing-for-github-codespaces/about-billing-for-github-codespaces)."
As an organization owner, you may want to configure constraints on the types of machine that are available. For example, if the work in your organization doesn't require significant compute power or storage space, you can remove the highly resourced machines from the list of options that people can choose from. You do this by defining one or more policies in the {% data variables.product.prodname_github_codespaces %} settings for your organization.
@@ -52,21 +54,29 @@ If you add an organization-wide policy, you should set it to the largest choice
{% data reusables.codespaces.codespaces-org-policies %}
1. Click **Add constraint** and choose **Machine types**.
![Add a constraint for machine types](/assets/images/help/codespaces/add-constraint-dropdown.png)
![Screenshot of the 'Add constraint' dropdown menu](/assets/images/help/codespaces/add-constraint-dropdown.png)
1. Click {% octicon "pencil" aria-label="The edit icon" %} to edit the constraint, then clear the selection of any machine types that you don't want to be available.
![Edit the machine type constraint](/assets/images/help/codespaces/edit-machine-constraint.png)
![Screenshot of the pencil icon for editing the constraint](/assets/images/help/codespaces/edit-machine-constraint.png)
{% data reusables.codespaces.codespaces-policy-targets %}
1. If you want to add another constraint to the policy, click **Add constraint** and choose another constraint. For information about other constraints, see "[Restricting the visibility of forwarded ports](/codespaces/managing-codespaces-for-your-organization/restricting-the-visibility-of-forwarded-ports)," "[Restricting the idle timeout period](/codespaces/managing-codespaces-for-your-organization/restricting-the-idle-timeout-period)," and "[Restricting the retention period for codespaces](/codespaces/managing-codespaces-for-your-organization/restricting-the-retention-period-for-codespaces)."
1. If you want to add another constraint to the policy, click **Add constraint** and choose another constraint. For information about other constraints, see:
* "[Restricting the base image for codespaces](/codespaces/managing-codespaces-for-your-organization/restricting-the-base-image-for-codespaces)"
* "[Restricting the visibility of forwarded ports](/codespaces/managing-codespaces-for-your-organization/restricting-the-visibility-of-forwarded-ports)"
* "[Restricting the idle timeout period](/codespaces/managing-codespaces-for-your-organization/restricting-the-idle-timeout-period)"
* "[Restricting the retention period for codespaces](/codespaces/managing-codespaces-for-your-organization/restricting-the-retention-period-for-codespaces)"
1. After you've finished adding constraints to your policy, click **Save**.
The policy will be applied to all new codespaces that are billable to your organization. The machine type constraint is also applied to existing codespaces when someone attempts to restart a stopped codespace or reconnect to an active codespace.
## Editing a policy
You can edit an existing policy. For example, you may want to add or remove constraints to or from a policy.
1. Display the "Codespace policies" page. For more information, see "[Adding a policy to limit the available machine types](#adding-a-policy-to-limit-the-available-machine-types)."
1. Click the name of the policy you want to edit.
1. Click the pencil icon ({% octicon "pencil" aria-label="The edit icon" %}) beside the "Machine types" constraint.
1. Make the required changes then click **Save**.
## Deleting a policy
@@ -74,7 +84,7 @@ You can edit an existing policy. For example, you may want to add or remove cons
1. Display the "Codespace policies" page. For more information, see "[Adding a policy to limit the available machine types](#adding-a-policy-to-limit-the-available-machine-types)."
1. Click the delete button to the right of the policy you want to delete.
![The delete button for a policy](/assets/images/help/codespaces/policy-delete.png)
![Screenshot of the delete button for a policy](/assets/images/help/codespaces/policy-delete.png)
## Further reading

101
content/codespaces/managing-codespaces-for-your-organization/restricting-the-base-image-for-codespaces.md Normal file
View File

@@ -0,0 +1,101 @@
---
title: Restricting the base image for codespaces
shortTitle: Restrict base image
intro: You can specify which base images can be used for new codespaces created within your organization.
product: '{% data reusables.gated-features.codespaces %}'
permissions: 'To manage image constraints for an organization''s codespaces, you must be an owner of the organization.'
versions:
fpt: '*'
ghec: '*'
type: how_to
topics:
- Codespaces
---
## Overview
When you create a codespace, a Docker container is automatically created on a remote virtual machine. The Docker container is created from a Docker image. The image is effectively a template for Docker containers and it determines many aspects of the resulting environment provided by the codespace.
You can choose which image you want to use for your codespaces by specifying it in the dev container configuration for a repository. You can do this, for example, by using the `image` property in the `devcontainer.json` file.
```json{:copy}
"image": "mcr.microsoft.com/vscode/devcontainers/javascript-node:18",
```
For more information, see the [dev containers specification](https://containers.dev/implementors/json_reference/) on containers.dev.
If you don't specify an image in the dev container configuration for a repository, the default image is used. The default image contains a number of runtime versions for popular languages and commonly used tools. For more information, see "[Introduction to dev containers](/codespaces/setting-up-your-project-for-codespaces/introduction-to-dev-containers#using-the-default-dev-container-configuration)."
As an organization owner, you can add a policy to restrict which images can be used for codespaces created within your organization.
If the image specified in the dev container configuration does not match one of the allowed images, the following message is displayed when someone tries to create a codespace for the repository:
> Codespace could not be created: Base image 'DETAILS FROM DEV CONTAINER CONFIGURATION' is not allowed based on an organization policy set by your organization administrator.
{% note %}
**Notes**:
* The base image policy is only applied when a codespace is created. It is currently not applied when you rebuild a container. This will change in a future release. For more information, see "[Codespaces lifecycle](/codespaces/developing-in-codespaces/codespaces-lifecycle#rebuilding-a-codespace)."
* The base image policy does not apply to the default image, or the image that's used to recover a codespace if an error is introduced into a dev container configuration which prevents the container from being rebuilt.
{% endnote %}
### Setting organization-wide and repository-specific policies
When you create a policy you choose whether it applies to all repositories in your organization, or only to specified repositories. If you set an organization-wide policy then any policies you set for individual repositories must fall within the restriction set at the organization level. Adding policies makes the choice of image more, not less, restrictive.
For example, you could create an organization-wide policy that restricts the base image to any of ten specified images. You can then set a policy for Repository A that restricts the image to a subset of just two of the images specified at the organization level. Specifying additional images for Repository A will have no effect because these images are not specified in the organization-level policy. If you add an organization-wide policy, you should set it to the largest choice of images that will be available for any repository in your organization. You can then add repository-specific policies to further restrict the choice.
{% data reusables.codespaces.codespaces-org-policies-note %}
## Adding a policy to define the allowed images
{% data reusables.profile.access_org %}
{% data reusables.profile.org_settings %}
{% data reusables.codespaces.codespaces-org-policies %}
1. Click **Add constraint** and choose **Base images**.
![Screenshot of the 'Add constraint' dropdown menu](/assets/images/help/codespaces/add-constraint-dropdown-image.png)
1. Click {% octicon "pencil" aria-label="The edit icon" %} to edit the constraint.
![Screenshot of the pencil icon for editing the constraint](/assets/images/help/codespaces/edit-image-constraint.png)
1. In the "Allowed values" field, enter the complete URL of an image you want to allow.
![Screenshot of an entry in the 'Allowed values' field](/assets/images/help/codespaces/image-allowed-values.png)
{% note %}
**Note**: You must specify an image URL that exactly matches the value specified in a dev container configuration.
{% endnote %}
1. Click the plus button ({% octicon "plus" aria-label="The plus icon" %}) to add the value.
1. If required, repeat the previous two steps to add more image URLs.
{% data reusables.codespaces.codespaces-policy-targets %}
1. If you want to add another constraint to the policy, click **Add constraint** and choose another constraint. For information about other constraints, see:
* "[Restricting access to machine types](/codespaces/managing-codespaces-for-your-organization/restricting-access-to-machine-types)"
* "[Restricting the visibility of forwarded ports](/codespaces/managing-codespaces-for-your-organization/restricting-the-visibility-of-forwarded-ports)"
* "[Restricting the idle timeout period](/codespaces/managing-codespaces-for-your-organization/restricting-the-idle-timeout-period)"
* "[Restricting the retention period for codespaces](/codespaces/managing-codespaces-for-your-organization/restricting-the-retention-period-for-codespaces)"
1. After you've finished adding constraints to your policy, click **Save**.
The policy is applied when anyone attempts to create a new codespace that is billable to your organization. The base image constraint does not affect existing codespaces, either active or stopped.
## Editing a policy
You can edit an existing policy. For example, you may want to add or remove constraints to or from a policy.
1. Display the "Codespace policies" page. For more information, see "[Adding a policy to define the allowed images](#adding-a-policy-to-define-the-allowed-images)."
1. Click the name of the policy you want to edit.
1. Click the pencil icon ({% octicon "pencil" aria-label="The edit icon" %}) beside the "Base images" constraint.
1. Add or remove image URLs.
1. Click **Save**.
## Deleting a policy
1. Display the "Codespace policies" page. For more information, see "[Adding a policy to define the allowed images](#adding-a-policy-to-define-the-allowed-images)."
1. Click the delete button to the right of the policy you want to delete.
![Screenshot of the delete button for a policy](/assets/images/help/codespaces/policy-delete.png)

17
content/codespaces/managing-codespaces-for-your-organization/restricting-the-idle-timeout-period.md
View File

@@ -49,21 +49,25 @@ If you add an organization-wide policy with a timeout constraint, you should set
{% data reusables.codespaces.codespaces-org-policies %}
1. Click **Add constraint** and choose **Maximum idle timeout**.
![Add a constraint for idle timeout](/assets/images/help/codespaces/add-constraint-dropdown-timeout.png)
![Screenshot of the 'Add constraint' dropdown menu](/assets/images/help/codespaces/add-constraint-dropdown-timeout.png)
1. Click {% octicon "pencil" aria-label="The edit icon" %} to edit the constraint.
![Edit the timeout constraint](/assets/images/help/codespaces/edit-timeout-constraint.png)
![Screenshot of the pencil icon for editing the constraint](/assets/images/help/codespaces/edit-timeout-constraint.png)
1. Enter the maximum number of minutes codespaces can remain inactive before they time out, then click **Save**.
![Set the maximum timeout in minutes](/assets/images/help/codespaces/maximum-minutes-timeout.png)
![Screenshot of setting the maximum timeout in minutes](/assets/images/help/codespaces/maximum-minutes-timeout.png)
{% data reusables.codespaces.codespaces-policy-targets %}
1. If you want to add another constraint to the policy, click **Add constraint** and choose another constraint. For information about other constraints, see "[Restricting access to machine types](/codespaces/managing-codespaces-for-your-organization/restricting-access-to-machine-types)," "[Restricting the visibility of forwarded ports](/codespaces/managing-codespaces-for-your-organization/restricting-the-visibility-of-forwarded-ports)," and "[Restricting the retention period for codespaces](/codespaces/managing-codespaces-for-your-organization/restricting-the-retention-period-for-codespaces)."
1. If you want to add another constraint to the policy, click **Add constraint** and choose another constraint. For information about other constraints, see:
* "[Restricting access to machine types](/codespaces/managing-codespaces-for-your-organization/restricting-access-to-machine-types)"
* "[Restricting the base image for codespaces](/codespaces/managing-codespaces-for-your-organization/restricting-the-base-image-for-codespaces)"
* "[Restricting the visibility of forwarded ports](/codespaces/managing-codespaces-for-your-organization/restricting-the-visibility-of-forwarded-ports)"
* "[Restricting the retention period for codespaces](/codespaces/managing-codespaces-for-your-organization/restricting-the-retention-period-for-codespaces)"
1. After you've finished adding constraints to your policy, click **Save**.
The policy will be applied to all new codespaces that are created, and to existing codespaces the next time they are started.
The policy will be applied to all new codespaces that are billable to your organization. The timeout constraint is also applied to existing codespaces the next time they are started.
## Editing a policy
@@ -71,6 +75,7 @@ You can edit an existing policy. For example, you may want to add or remove cons
1. Display the "Codespace policies" page. For more information, see "[Adding a policy to set a maximum idle timeout period](#adding-a-policy-to-set-a-maximum-idle-timeout-period)."
1. Click the name of the policy you want to edit.
1. Click the pencil icon ({% octicon "pencil" aria-label="The edit icon" %}) beside the "Maximum idle timeout" constraint.
1. Make the required changes then click **Save**.
## Deleting a policy
@@ -78,4 +83,4 @@ You can edit an existing policy. For example, you may want to add or remove cons
1. Display the "Codespace policies" page. For more information, see "[Adding a policy to set a maximum idle timeout period](#adding-a-policy-to-set-a-maximum-idle-timeout-period)."
1. Click the delete button to the right of the policy you want to delete.
![The delete button for a policy](/assets/images/help/codespaces/policy-delete.png)
![Screenshot of the delete button for a policy](/assets/images/help/codespaces/policy-delete.png)

17
content/codespaces/managing-codespaces-for-your-organization/restricting-the-retention-period-for-codespaces.md
View File

@@ -35,15 +35,15 @@ If you add an organization-wide policy with a retention constraint, you should s
{% data reusables.codespaces.codespaces-org-policies %}
1. Click **Add constraint** and choose **Retention period**.
![Add a constraint for retention periods](/assets/images/help/codespaces/add-constraint-dropdown-retention.png)
![Screenshot of the 'Add constraint' dropdown menu](/assets/images/help/codespaces/add-constraint-dropdown-retention.png)
1. Click {% octicon "pencil" aria-label="The edit icon" %} to edit the constraint.
![Edit the timeout constraint](/assets/images/help/codespaces/edit-timeout-constraint.png)
![Screenshot of the pencil icon for editing the constraint](/assets/images/help/codespaces/edit-timeout-constraint.png)
1. Enter the maximum number of days codespaces can remain stopped before they are automatically deleted, then click **Save**.
![Set the retention period in days](/assets/images/help/codespaces/maximum-days-retention.png)
![Screenshot of setting the retention period in days](/assets/images/help/codespaces/maximum-days-retention.png)
{% note %}
@@ -55,10 +55,14 @@ If you add an organization-wide policy with a retention constraint, you should s
{% endnote %}
{% data reusables.codespaces.codespaces-policy-targets %}
1. If you want to add another constraint to the policy, click **Add constraint** and choose another constraint. For information about other constraints, see "[Restricting access to machine types](/codespaces/managing-codespaces-for-your-organization/restricting-access-to-machine-types)," "[Restricting the visibility of forwarded ports](/codespaces/managing-codespaces-for-your-organization/restricting-the-visibility-of-forwarded-ports)," and "[Restricting the idle timeout period](/codespaces/managing-codespaces-for-your-organization/restricting-the-idle-timeout-period)."
1. If you want to add another constraint to the policy, click **Add constraint** and choose another constraint. For information about other constraints, see:
* "[Restricting access to machine types](/codespaces/managing-codespaces-for-your-organization/restricting-access-to-machine-types)"
* "[Restricting the base image for codespaces](/codespaces/managing-codespaces-for-your-organization/restricting-the-base-image-for-codespaces)"
* "[Restricting the visibility of forwarded ports](/codespaces/managing-codespaces-for-your-organization/restricting-the-visibility-of-forwarded-ports)"
* "[Restricting the idle timeout period](/codespaces/managing-codespaces-for-your-organization/restricting-the-idle-timeout-period)"
1. After you've finished adding constraints to your policy, click **Save**.
The policy will be applied to all new codespaces that are created.
The policy will be applied to all new codespaces that are billable to your organization. The retention period constraint is only applied on codespace creation.
## Editing a policy
@@ -68,6 +72,7 @@ The retention period constraint is only applied to codespaces when they are crea
1. Display the "Codespace policies" page. For more information, see "[Adding a policy to set a maximum codespace retention period](#adding-a-policy-to-set-a-maximum-codespace-retention-period)."
1. Click the name of the policy you want to edit.
1. Click the pencil icon ({% octicon "pencil" aria-label="The edit icon" %}) beside the "Retention period" constraint.
1. Make the required changes then click **Save**.
## Deleting a policy
@@ -77,4 +82,4 @@ You can delete a policy at any time. Deleting a policy has no effect on existing
1. Display the "Codespace policies" page. For more information, see "[Adding a policy to set a maximum codespace retention period](#adding-a-policy-to-set-a-maximum-codespace-retention-period)."
1. Click the delete button to the right of the policy you want to delete.
![The delete button for a policy](/assets/images/help/codespaces/policy-delete.png)
![Screenshot of the delete button for a policy](/assets/images/help/codespaces/policy-delete.png)

18
content/codespaces/managing-codespaces-for-your-organization/restricting-the-visibility-of-forwarded-ports.md
View File

@@ -45,25 +45,33 @@ If you add an organization-wide policy, you should set it to the most lenient vi
{% data reusables.codespaces.codespaces-org-policies %}
1. Click **Add constraint** and choose **Port visibility**.
![Add a constraint for port visibility](/assets/images/help/codespaces/add-constraint-dropdown-ports.png)
![Screenshot of the 'Add constraint' dropdown menu](/assets/images/help/codespaces/add-constraint-dropdown-ports.png)
1. Click {% octicon "pencil" aria-label="The edit icon" %} to edit the constraint.
![Edit the port visibility constraint](/assets/images/help/codespaces/edit-port-visibility-constraint.png)
![Screenshot of the pencil icon for editing the constraint](/assets/images/help/codespaces/edit-port-visibility-constraint.png)
1. Clear the selection of the port visibility options (**Org** or **Public**) that you don't want to be available.
![Choose the port visibility options](/assets/images/help/codespaces/choose-port-visibility-options.png)
![Screenshot of clearing a port visibility option](/assets/images/help/codespaces/choose-port-visibility-options.png)
{% data reusables.codespaces.codespaces-policy-targets %}
1. If you want to add another constraint to the policy, click **Add constraint** and choose another constraint. For information about other constraints, see "[Restricting access to machine types](/codespaces/managing-codespaces-for-your-organization/restricting-access-to-machine-types)," "[Restricting the idle timeout period](/codespaces/managing-codespaces-for-your-organization/restricting-the-idle-timeout-period)," and "[Restricting the retention period for codespaces](/codespaces/managing-codespaces-for-your-organization/restricting-the-retention-period-for-codespaces)."
1. If you want to add another constraint to the policy, click **Add constraint** and choose another constraint. For information about other constraints, see:
* "[Restricting access to machine types](/codespaces/managing-codespaces-for-your-organization/restricting-access-to-machine-types)"
* "[Restricting the base image for codespaces](/codespaces/managing-codespaces-for-your-organization/restricting-the-base-image-for-codespaces)"
* "[Restricting the idle timeout period](/codespaces/managing-codespaces-for-your-organization/restricting-the-idle-timeout-period)"
* "[Restricting the retention period for codespaces](/codespaces/managing-codespaces-for-your-organization/restricting-the-retention-period-for-codespaces)"
1. After you've finished adding constraints to your policy, click **Save**.
The policy will be applied to all new codespaces that are billable to your organization. The port visibility constraint is also applied to existing codespaces the next time they are started.
## Editing a policy
You can edit an existing policy. For example, you may want to add or remove constraints to or from a policy.
1. Display the "Codespace policies" page. For more information, see "[Adding a policy to limit the port visibility options](#adding-a-policy-to-limit-the-port-visibility-options)."
1. Click the name of the policy you want to edit.
1. Click the pencil icon ({% octicon "pencil" aria-label="The edit icon" %}) beside the "Port visibility" constraint.
1. Make the required changes then click **Save**.
## Deleting a policy
@@ -71,4 +79,4 @@ You can edit an existing policy. For example, you may want to add or remove cons
1. Display the "Codespace policies" page. For more information, see "[Adding a policy to limit the port visibility options](#adding-a-policy-to-limit-the-port-visibility-options)."
1. Click the delete button to the right of the policy you want to delete.
![The delete button for a policy](/assets/images/help/codespaces/policy-delete.png)
![Screenshot of the delete button for a policy](/assets/images/help/codespaces/policy-delete.png)

6
content/codespaces/managing-your-codespaces/managing-encrypted-secrets-for-your-codespaces.md
View File

@@ -93,10 +93,10 @@ You can use secrets in a codespace after the codespace is built and is running.
* When launching an application from the integrated terminal or ssh session.
* Within a dev container lifecycle script that is run after the codespace is running. For more information about dev container lifecycle scripts, see the documentation on containers.dev: [Specification](https://containers.dev/implementors/json_reference/#lifecycle-scripts).
Codespace secrets cannot be used during:
Codespace secrets cannot be used:
* Codespace build time (that is, within a Dockerfile or custom entry point).
* Within a dev container feature. For more information, see the `features` attribute in the documentation on containers.dev: [Specification](https://containers.dev/implementors/json_reference/#general-properties).
* During codespace build time (that is, within a Dockerfile or custom entry point).
* Within a dev container feature. For more information, see the `features` property in the [dev containers specification](https://containers.dev/implementors/json_reference/#general-properties) on containers.dev.
## Further reading

2
content/codespaces/setting-up-your-project-for-codespaces/introduction-to-dev-containers.md
View File

@@ -65,7 +65,7 @@ The Dockerfile for a dev container is typically located in the `.devcontainer` f
{% note %}
**Note**: As an alternative to using a Dockerfile you can use the `image` property in the `devcontainer.json` file to refer directly to an existing image you want to use. If neither a Dockerfile nor an image is found then the default container image is used. For more information, see "[Using the default dev container configuration](#using-the-default-dev-container-configuration)."
**Note**: As an alternative to using a Dockerfile you can use the `image` property in the `devcontainer.json` file to refer directly to an existing image you want to use. The image you specify here must be allowed by any organization image policy that has been set. For more information, see "[Restricting the base image for codespaces](/codespaces/managing-codespaces-for-your-organization/restricting-the-base-image-for-codespaces)." If neither a Dockerfile nor an image is found then the default container image is used. For more information, see "[Using the default dev container configuration](#using-the-default-dev-container-configuration)."
{% endnote %}

2
content/codespaces/setting-up-your-project-for-codespaces/setting-a-minimum-specification-for-codespace-machines.md
View File

@@ -15,7 +15,7 @@ product: '{% data reusables.gated-features.codespaces %}'
## Overview
Each codespace that you create is hosted on a separate virtual machine, and you can usually choose from different types of virtual machines. Each machine type has different resources (CPUs, memory, storage) and, by default, the machine type with the least resources is used. For more information, see "[Changing the machine type for your codespace](/codespaces/customizing-your-codespace/changing-the-machine-type-for-your-codespace#about-machine-types)."
Each codespace that you create is hosted on a separate virtual machine, and you can usually choose from different types of virtual machines. Each machine type has different resources (processor cores, memory, storage) and, by default, the machine type with the least resources is used. For more information, see "[Changing the machine type for your codespace](/codespaces/customizing-your-codespace/changing-the-machine-type-for-your-codespace#about-machine-types)."
If your project needs a certain level of compute power, you can configure {% data variables.product.prodname_github_codespaces %} so that only machine types that meet these requirements can be used by default, or selected by users. You configure this in a `devcontainer.json` file.

12
content/codespaces/setting-up-your-project-for-codespaces/setting-up-your-dotnet-project-for-codespaces.md
View File

@@ -104,14 +104,12 @@ The newly added `devcontainer.json` file defines a few properties that are descr
// "ASPNETCORE_Kestrel__Certificates__Default__Path": "/home/vscode/.aspnet/https/aspnetapp.pfx",
// },
//
// 3. Do one of the following depending on your scenario:
// * When using GitHub Codespaces and/or Remote - Containers:
// 1. Start the container
// 2. Drag ~/.aspnet/https/aspnetapp.pfx into the root of the file explorer
// 3. Open a terminal in VS Code and run "mkdir -p /home/vscode/.aspnet/https && mv aspnetapp.pfx /home/vscode/.aspnet/https"
// 3. Start the container.
//
// 4. Drag ~/.aspnet/https/aspnetapp.pfx into the root of the file explorer.
//
// 5. Open a terminal in VS Code and run "mkdir -p /home/vscode/.aspnet/https && mv aspnetapp.pfx /home/vscode/.aspnet/https".
//
// * If only using Remote - Containers with a local container, uncomment this line instead:
// "mounts": [ "source=${env:HOME}${env:USERPROFILE}/.aspnet/https,target=/home/vscode/.aspnet/https,type=bind" ],
// Use 'postCreateCommand' to run commands after the container is created.
// "postCreateCommand": "dotnet restore",

2
content/codespaces/setting-up-your-project-for-codespaces/setting-up-your-java-project-for-codespaces.md
View File

@@ -32,7 +32,7 @@ This guide shows you how to set up your Java project in {% data variables.produc
If you dont see this option, {% data variables.product.prodname_github_codespaces %} isn't available for your project. See [Access to {% data variables.product.prodname_github_codespaces %}](/codespaces/developing-in-codespaces/creating-a-codespace#access-to-github-codespaces) for more information.
When you create a codespace, your project is created on a remote VM that is dedicated to you. By default, the container for your codespace has many languages and runtimes including Java, nvm, npm, and Yarn. It also includes a common set of tools like git, wget, rsync, openssh, and nano.
When you create a codespace, your project is created on a remote VM that is dedicated to you. By default, the container for your codespace has many languages and runtimes including Java, nvm, npm, and Yarn. It also includes a set of commonly used tools such as git, wget, rsync, openssh, and nano.
{% data reusables.codespaces.customize-vcpus-and-ram %}

34
content/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization.md
View File

@@ -154,3 +154,37 @@ By default, when you create a new organization, workflows are not allowed to {%
1. Click **Save** to apply the settings.
{% endif %}
{% ifversion actions-cache-org-ui %}
## Managing {% data variables.product.prodname_actions %} cache storage for your organization
Organization administrators can view {% ifversion actions-cache-admin-ui %}and manage {% endif %}{% data variables.product.prodname_actions %} cache storage for all repositories in the organization.
### Viewing {% data variables.product.prodname_actions %} cache storage by repository
For each repository in your organization, you can see how much cache storage a repository is using, the number of active caches, and if a repository is near the total cache size limit. For more information about the cache usage and eviction process, see "[Caching dependencies to speed up workflows](/actions/using-workflows/caching-dependencies-to-speed-up-workflows#usage-limits-and-eviction-policy)."
{% data reusables.profile.access_profile %}
{% data reusables.profile.access_org %}
{% data reusables.profile.org_settings %}
1. In the left sidebar, click {% octicon "play" aria-label="The {% data variables.product.prodname_actions %} icon" %} **Actions**, then click **Caches**.
1. Review the list of repositories for information about their {% data variables.product.prodname_actions %} caches. You can click on a repository name to see more detail about the repository's caches.
{% ifversion actions-cache-admin-ui %}
### Configuring {% data variables.product.prodname_actions %} cache storage for your organization
{% data reusables.actions.cache-default-size %}
You can configure the size limit for {% data variables.product.prodname_actions %} caches that will apply to each repository in your organization. The cache size limit for an organization cannot exceed the cache size limit set in the enterprise policy. Repository admins will be able to set a smaller limit in their repositories.
{% data reusables.profile.access_profile %}
{% data reusables.profile.access_org %}
{% data reusables.profile.org_settings %}
{% data reusables.organizations.settings-sidebar-actions-general %}
{% data reusables.actions.change-cache-size-limit %}
{% endif %}
{% endif %}

1
content/pages/configuring-a-custom-domain-for-your-github-pages-site/about-custom-domains-and-github-pages.md
View File

@@ -31,6 +31,7 @@ You can set up either or both of apex and `www` subdomain configurations for you
We recommend always using a `www` subdomain, even if you also use an apex domain. When you create a new site with an apex domain, we automatically attempt to secure the `www` subdomain for use when serving your site's content, but you need to make the DNS changes to use the `www` subdomain. If you configure a `www` subdomain, we automatically attempt to secure the associated apex domain. For more information, see "[Managing a custom domain for your {% data variables.product.prodname_pages %} site](/articles/managing-a-custom-domain-for-your-github-pages-site)."
After you configure a custom domain for a user or organization site, the custom domain will replace the `<user>.github.io` or `<organization>.github.io` portion of the URL for any project sites owned by the account that do not have a custom domain configured. For example, if the custom domain for your user site is `www.octocat.com`, and you have a project site with no custom domain configured that is published from a repository called `octo-project`, the {% data variables.product.prodname_pages %} site for that repository will be available at `www.octocat.com/octo-project`.
For more information about each type of site and handling custom domains, see "[Types of {% data variables.product.prodname_pages %} sites](/pages/getting-started-with-github-pages/about-github-pages#types-of-github-pages-sites)."
## Using a subdomain for your {% data variables.product.prodname_pages %} site

14
content/repositories/configuring-branches-and-merges-in-your-repository/defining-the-mergeability-of-pull-requests/about-protected-branches.md
View File

@@ -54,6 +54,9 @@ For each branch protection rule, you can choose to enable or disable the followi
{%- ifversion required-deployments %}
- [Require deployments to succeed before merging](#require-deployments-to-succeed-before-merging)
{%- endif %}
{%- ifversion lock-branch %}
- [Lock branch](#lock-branch)
{%- endif %}
{% ifversion bypass-branch-protections %}- [Do not allow bypassing the above settings](#do-not-allow-bypassing-the-above-settings){% else %}- [Include administrators](#include-administrators){% endif %}
- [Restrict who can push to matching branches](#restrict-who-can-push-to-matching-branches)
- [Allow force pushes](#allow-force-pushes)
@@ -84,6 +87,10 @@ Optionally, you can restrict the ability to dismiss pull request reviews to spec
Optionally, you can choose to require reviews from code owners. If you do, any pull request that affects code with a code owner must be approved by that code owner before the pull request can be merged into the protected branch.
{% ifversion last-pusher-require-approval %}
Optionally, you can require approvals from someone other than the last person to push to a branch before a pull request can be merged. This ensures more than one person sees pull requests in their final state before they are merged into a protected branch. If you enable this feature, the most recent user to push their changes will need an approval regardless of the required approvals branch protection. Users who have already reviewed a pull request can reapprove after the most recent push to meet this requirement.
{% endif %}
### Require status checks before merging
Required status checks ensure that all required CI tests are passing before collaborators can make changes to a protected branch. Required status checks can be checks or statuses. For more information, see "[About status checks](/github/collaborating-with-issues-and-pull-requests/about-status-checks)."
@@ -151,6 +158,13 @@ Before you can require a linear commit history, your repository must allow squas
You can require that changes are successfully deployed to specific environments before a branch can be merged. For example, you can use this rule to ensure that changes are successfully deployed to a staging environment before the changes merge to your default branch.
{% ifversion lock-branch %}
### Lock branch
Locking a branch ensures that no commits can be made to the branch.
By default, a forked repository does not support syncing from its upstream repository. You can enable **Allow fork syncing** to pull changes from the upstream repository while preventing other contributions to the fork's branch.
{% endif %}
{% ifversion bypass-branch-protections %}### Do not allow bypassing the above settings{% else %}
### Include administrators{% endif %}

10
content/repositories/configuring-branches-and-merges-in-your-repository/defining-the-mergeability-of-pull-requests/managing-a-branch-protection-rule.md
View File

@@ -73,6 +73,10 @@ When you create a branch rule, the branch you specify doesn't have to exist yet
{% endif %}
- Optionally, if the repository is part of an organization, select **Restrict who can dismiss pull request reviews**. Then, search for and select the actors who are allowed to dismiss pull request reviews. For more information, see "[Dismissing a pull request review](/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/dismissing-a-pull-request-review)."
![Restrict who can dismiss pull request reviews checkbox]{% ifversion integration-branch-protection-exceptions %}(/assets/images/help/repository/PR-review-required-dismissals-with-apps.png){% else %}(/assets/images/help/repository/PR-review-required-dismissals.png){% endif %}
{% ifversion last-pusher-require-approval %}
- Optionally, to require someone other than the last person to push to a branch to approve a pull request prior to merging, select **Require approval from someone other than the last pusher**. For more information, see "[About protected branches](/repositories/configuring-branches-and-merges-in-your-repository/defining-the-mergeability-of-pull-requests/about-protected-branches#require-pull-request-reviews-before-merging)."
![Require review from someone other than the last pusher](/assets/images/help/repository/last-pusher-review-required.png)
{% endif %}
1. Optionally, enable required status checks. For more information, see "[About status checks](/pull-requests/collaborating-with-pull-requests/collaborating-on-repositories-with-code-quality-features/about-status-checks)."
- Select **Require status checks to pass before merging**.
![Required status checks option](/assets/images/help/repository/required-status-checks.png)
@@ -99,6 +103,12 @@ When you create a branch rule, the branch you specify doesn't have to exist yet
1. Optionally, to choose which environments the changes must be successfully deployed to before merging, select **Require deployments to succeed before merging**, then select the environments.
![Require successful deployment option](/assets/images/help/repository/require-successful-deployment.png)
{%- endif %}
{% ifversion lock-branch %}
1. Optionally, select **Lock branch** to make branch read-only.
![Screenshot of the checkbox to lock a branch](/assets/images/help/repository/lock-branch.png)
- Optionally, to allow fork syncing, select **Allow fork syncing**.
![Screenshot of the checkbox to allow fork syncing](/assets/images/help/repository/lock-branch-forksync.png)
{%- endif %}
1. Optionally, select {% ifversion bypass-branch-protections %}**Do not allow bypassing the above settings**.
![Do not allow bypassing the above settings checkbox](/assets/images/help/repository/do-not-allow-bypassing-the-above-settings.png){% else %}**Apply the rules above to administrators**.
![Apply the rules above to administrators checkbox](/assets/images/help/repository/include-admins-protected-branches.png){% endif %}

2
content/repositories/configuring-branches-and-merges-in-your-repository/defining-the-mergeability-of-pull-requests/troubleshooting-required-status-checks.md
View File

@@ -97,7 +97,7 @@ jobs:
build:
runs-on: ubuntu-latest
steps:
- run: 'echo "No build required" '
- run: 'echo "No build required"'
```
Now the checks will always pass whenever someone sends a pull request that doesn't change the files listed under `paths` in the first workflow.

13
content/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository.md
View File

@@ -185,7 +185,16 @@ You can also define a custom retention period for a specific artifact created by
{% data reusables.actions.cache-default-size %} However, these default sizes might be different if an enterprise owner has changed them. {% data reusables.actions.cache-eviction-process %}
You can set a total cache storage size for your repository up to the maximum size allowed by the enterprise policy setting.
You can set a total cache storage size for your repository up to the maximum size allowed by the {% ifversion actions-cache-admin-ui %}organization or{% endif %} enterprise policy setting{% ifversion actions-cache-admin-ui %}s{% endif %}.
{% ifversion actions-cache-admin-ui %}
{% data reusables.repositories.navigate-to-repo %}
{% data reusables.repositories.sidebar-settings %}
{% data reusables.repositories.settings-sidebar-actions-general %}
{% data reusables.actions.change-cache-size-limit %}
{% else %}
The repository settings for {% data variables.product.prodname_actions %} cache storage can currently only be modified using the REST API:
@@ -195,3 +204,5 @@ The repository settings for {% data variables.product.prodname_actions %} cache
{% data reusables.actions.cache-no-org-policy %}
{% endif %}
{% endif %}

6
data/features/actions-cache-admin-ui.yml Normal file
View File

@@ -0,0 +1,6 @@
# Reference: #8112
# Documentation for GitHub Actions cache admin settings for repositories, organizations, and enterprises
# Related feature flags include actions-cache-org-ui and actions-cache-ui
# All features released at the same time, but have different versions
versions:
ghes: '>= 3.8'

8
data/features/actions-cache-org-ui.yml Normal file
View File

@@ -0,0 +1,8 @@
# Reference: #8112
# Documentation for the Actions cache list UI for organizations
# Related feature flags are actions-cache-admin-ui and actions-cache-ui
# All features released at the same time, but have different versions
versions:
fpt: '*'
ghec: '*'
ghes: '>= 3.8'

8
data/features/actions-cache-ui.yml Normal file
View File

@@ -0,0 +1,8 @@
# Reference: #8112
# Documentation for Actions cache management via the UI for repositories
# Related feature flags are actions-cache-admin-ui and actions-cache-org-ui
# All features released at the same time, but have different versions
versions:
fpt: '*'
ghec: '*'
ghes: '>= 3.8'

7
data/features/dependabot-yarn-v3-update.yml Normal file
View File

@@ -0,0 +1,7 @@
# Reference: issue #8323
# Updating supported versions of yarn
versions:
fpt: '*'
ghec: '*'
ghes: '>=3.8'
ghae: '>= 3.8'

7
data/features/last-pusher-require-approval.yml Normal file
View File

@@ -0,0 +1,7 @@
# Issue: 8263
# Description: Require the last pusher on a branch to get an approving review before merging
versions:
fpt: '*'
ghec: '*'
ghes: '>=3.8'
ghae: '>=3.8'

7
data/features/lock-branch.yml Normal file
View File

@@ -0,0 +1,7 @@
# Reference: #8288
# Documentation for locking branch with protected branch rule.
versions:
fpt: '*'
ghec: '*'
ghes: '>=3.8'
ghae: '>= 3.8'

6
data/features/secret-scanning-custom-link-on-block.yml Normal file
View File

@@ -0,0 +1,6 @@
# Reference: #8384.
# Documentation for secret scanning: custom link on block.
versions:
ghec: '*'
ghes: '>=3.8'
ghae: '>=3.8'

2
data/reusables/actions/change-cache-size-limit.md Normal file
View File

@@ -0,0 +1,2 @@
1. Under **Cache size limit**, enter a new value.
1. Click **Save** to apply the change.

8
data/reusables/advanced-security/secret-scanning-push-protection-enterprise.md Normal file
View File

@@ -0,0 +1,8 @@
1. Under "{% data variables.product.prodname_secret_scanning_caps %}", under "Push protection", click **Enable all**.
![Screenshot showing how to enable push protection for {% data variables.product.prodname_secret_scanning %} for an enterprise](/assets/images/enterprise/security/secret-scanning-enable-push-protection-enterprise.png)
2. Optionally, click "Automatically enable for repositories added to {% data variables.product.prodname_secret_scanning %}."{% ifversion secret-scanning-custom-link-on-block %}
3. Optionally, to include a custom link in the message that members will see when they attempt to push a secret, click **Add a resource link in the CLI and web UI when a commit is blocked**, then type a URL, and click **Save link**.
![Screenshot showing checkbox and text field for enabling a custom link](/assets/images/help/organizations/secret-scanning-custom-link.png){% endif %}

1
data/reusables/advanced-security/secret-scanning-push-protection-org.md
View File

@@ -2,6 +2,5 @@
{% ifversion ghec %}![Screenshot showing how to enable push protection for {% data variables.product.prodname_secret_scanning %} for an organization](/assets/images/help/organizations/secret-scanning-enable-push-protection-org.png){% elsif ghes > 3.4 or ghae > 3.4 %} ![Screenshot showing how to enable push protection for {% data variables.product.prodname_secret_scanning %} for an organization](/assets/images/help/organizations/secret-scanning-enable-push-protection-org-ghes.png){% endif %}
1. Optionally, click "Automatically enable for repositories added to {% data variables.product.prodname_secret_scanning %}."{% ifversion push-protection-custom-link-orgs %}
1. Optionally, to include a custom link in the message that members will see when they attempt to push a secret, select **Add a resource link in the CLI and web UI when a commit is blocked**, then type a URL, and click **Save link**.
{% ifversion push-protection-custom-link-orgs-beta %}{% indented_data_reference reusables.advanced-security.custom-link-beta spaces=3 %}{% endif %}
![Screenshot showing checkbox and text field for enabling a custom link](/assets/images/help/organizations/secret-scanning-custom-link.png){% endif %}

2
data/reusables/codespaces/codespaces-org-policies-note.md
View File

@@ -1,5 +1,5 @@
{% note %}
**Note**: Organization policies you define for {% data variables.product.prodname_codespaces %} only apply to codespaces for which your organization will be billed. If an individual user creates a codespace for a repository in your organization, and the organization is not billed, then the codespace will not be bound by these policies. For information on how to choose who can create codespaces that are billed to your organization, see "[Enabling {% data variables.product.prodname_github_codespaces %} for your organization](/codespaces/managing-codespaces-for-your-organization/enabling-github-codespaces-for-your-organization#choose-who-can-create-codespaces-that-are-billed-to-your-organization)."
**Note**: Codespace policies only apply to codespaces for which your organization will be billed. If an individual user creates a codespace for a repository in your organization, and the organization is not billed, then the codespace will not be bound by these policies. For information on how to choose who can create codespaces that are billed to your organization, see "[Enabling {% data variables.product.prodname_github_codespaces %} for your organization](/codespaces/managing-codespaces-for-your-organization/enabling-github-codespaces-for-your-organization#choose-who-can-create-codespaces-that-are-billed-to-your-organization)."
{% endnote %}

13
data/reusables/codespaces/codespaces-policy-targets.md
View File

@@ -1,11 +1,14 @@
1. In the "Change policy target" area, click the dropdown button.
1. Choose either **All repositories** or **Selected repositories** to determine which repositories this policy will apply to.
1. If you chose **Selected repositories**:
1. Click outside of the dialog box to close it.
1. By default the policy is set to apply to all repositories, if you want it to apply only to some of the repositories in your organization, click **All repositories** and then click **Selected repositories** in the dropdown menu.
![Screenshot of choosing 'Selected repositories'](/assets/images/help/codespaces/selected-repositories.png)
With **Selected repositories** selected:
1. Click {% octicon "gear" aria-label="The settings icon" %}.
![Edit the settings for the policy](/assets/images/help/codespaces/policy-edit.png)
![Screenshot of the gear icon for editing the settings](/assets/images/help/codespaces/policy-edit.png)
2. Select the repositories you want this policy to apply to.
3. At the bottom of the repository list, click **Select repositories**.
![Select repositories for this policy](/assets/images/help/codespaces/policy-select-repos.png)
![Screenshot of selected repositories for this policy](/assets/images/help/codespaces/policy-select-repos.png)

6
data/reusables/dependabot/supported-package-managers.md
View File

@@ -25,7 +25,8 @@ pip-compile | `pip` | 6.1.0 | | **✓** | |
poetry | `pip` | v1 | | **✓** | |{% ifversion fpt or ghec or ghes > 3.4 %}
pub | `pub` | v2 <sup>[4]</sup> | | | |{% endif %}
Terraform | `terraform` | >= 0.13, <= 1.2.x | **✓** | **✓** | |
yarn | `npm` | v1 | **✓** | **✓** | |
{% ifversion dependabot-yarn-v3-update %}yarn | `npm` | v1, v2, v3 | **✓** | **✓** | **✓**<sup>[5]</sup> |{% else %}yarn | `npm` | v1 | **✓** | **✓** | |
{% endif %}
{% tip %}
@@ -47,3 +48,6 @@ yarn | `npm` | v1 | **✓** | **✓** | |
For information about configuring your _dependabot.yml_ file for `pub`, see "[Enabling support for beta-level ecosystems](/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#enable-beta-ecosystems)."
{%- else %}{% data variables.product.prodname_dependabot %} won't perform an update for `pub` when the version that it tries to update to is ignored, even if an earlier version is available.{% endif %}
{% endif %}
{% ifversion dependabot-yarn-v3-update %}
[5] Dependabot supports vendored dependencies for v2 onwards.{% endif %}

6
data/reusables/enterprise-accounts/emu-only-emails-within-the-enterprise-can-conflict.md
View File

@@ -1 +1,5 @@
{% data variables.product.prodname_dotcom %} only checks for conflicts within an {% data variables.enterprise.prodname_emu_enterprise %}. {% data variables.enterprise.prodname_managed_users_caps %} can have the same username or email address as a user account outside of the enterprise on {% data variables.product.prodname_dotcom_the_website %}.
{% note %}
**Note:** Because {% data variables.product.prodname_dotcom %} adds an underscore and short code to the normalized identifier provided by your IdP when creating each username, conflicts can only occur within each {% data variables.enterprise.prodname_emu_enterprise %}. {% data variables.enterprise.prodname_managed_users_caps %} can share IdP identifiers or email addresses with other user accounts on {% data variables.product.prodname_dotcom_the_website %} that are outside the enterprise.
{% endnote %}

1
data/reusables/enterprise_clustering/network-latency.md Normal file
View File

@@ -0,0 +1 @@
For high availability, the latency between the network with the active nodes and the network with the passive nodes must be less than 70 milliseconds. We don't recommend configuring a firewall between the two networks.

16
data/reusables/release-notes/2022-09-hotpatch-issue.md
View File

@@ -1,13 +1,7 @@
Hotpatch upgrades to GitHub Enterprise Server {% ifversion ghes = 3.4 %}3.4.9{% elsif ghes = 3.5 %}3.5.6{% elsif ghes = 3.6 %}3.6.2{% endif %} may fail. Upgrades with the full `.pkg` are unaffected. If the upgrade fails for your instance, either run the full `.pkg` upgrade, or work around the issue by performing the following steps.
Hotpatch upgrades to GitHub Enterprise Server {% ifversion ghes = 3.4 %}3.4.9{% elsif ghes = 3.5 %}3.5.6{% elsif ghes = 3.6 %}3.6.2{% endif %} may fail. Upgrades with the full `.pkg` are unaffected. If the upgrade fails for your instance, workaround this issue by connecting to the administrative shell (ssh) and running the following non-interactive command:
1. SSH into the affected node.
1. To launch GRUB, run the following command.
```
echo "grub-pc grub-pc/install_devices_empty boolean true" | sudo debconf-set-selections
```
```
sudo dpkg --configure -a
```
1. In the first GRUB window, you will see a list of devices. Do not modify the selection. Press the <kbd>Tab</kbd> key to highlight `<Ok>`, then press <kbd>Return/Enter</kbd> to accept.
1. In the second GRUB window, to continue without installing GRUB, use the arrow keys to highlight `<Yes>`, then press <kbd>Return/Enter</kbd> to accept.
1. After you are returned to the prompt, use `ghe-upgrade` to start the hotpatch installation again.
If you're unable to upgrade, or if you need further assistance, contact GitHub Support. For more information, see "[Creating a support ticket](/support/contacting-github-support/creating-a-support-ticket)." [Updated: 2022-09-27]
If you're unable to upgrade, or if you need further assistance, contact GitHub Support. For more information, see "[Creating a support ticket](/support/contacting-github-support/creating-a-support-ticket)." [Updated: 2022-10-14]

1
data/reusables/repositories/actions-cache-list.md Normal file
View File

@@ -0,0 +1 @@
1. In the left sidebar, under the "Management" section, click {% octicon "cache" aria-label="The Cache icon" %} **Caches**.

13
lib/create-tree.js
View File

@@ -56,6 +56,7 @@ export default async function createTree(originalPath, langObj) {
// Process frontmatter children recursively.
if (item.page.children) {
assertUniqueChildren(item.page)
item.childPages = (
await Promise.all(
item.page.children.map(
@@ -67,3 +68,15 @@ export default async function createTree(originalPath, langObj) {
return item
}
function assertUniqueChildren(page) {
if (page.children.length !== new Set(page.children).size) {
const count = {}
page.children.forEach((entry) => (count[entry] = 1 + (count[entry] || 0)))
let msg = `${page.relativePath} has duplicates in the 'children' key.`
for (const [entry, times] of Object.entries(count)) {
if (times > 1) msg += ` '${entry}' is repeated ${times} times. `
}
throw new Error(msg)
}
}

6
lib/get-redirect.js
View File

@@ -1,12 +1,12 @@
import { languageKeys } from './languages.js'
import nonEnterpriseDefaultVersion from './non-enterprise-default-version.js'
import { allVersions } from './all-versions.js'
import {
latest,
supported,
deprecatedWithFunctionalRedirects,
} from './enterprise-server-releases.js'
import { getPathWithLanguage } from './path-utils.js'
const languagePrefixRegex = new RegExp(`^/(${languageKeys.join('|')})/`)
const nonEnterpriseDefaultVersionPrefix = `/${nonEnterpriseDefaultVersion}`
@@ -33,7 +33,7 @@ export default function getRedirect(uri, context) {
// `redirects` is sourced from more than one thing. The primary use
// case is gathering up the `redirect_from` frontmatter key.
// But we also has `developer.json` which contains legacy redirects.
// But we also have `developer.json` which contains legacy redirects.
// For example, the `developer.json` will have entries such
// `/enterprise/v4/enum/auditlogorderfield` which clearly is using
// the old formatting of the version. So to leverage the redirects
@@ -43,7 +43,7 @@ export default function getRedirect(uri, context) {
if (redirects[withoutLanguage].includes('://')) {
return redirects[withoutLanguage]
}
return `/${language}` + redirects[withoutLanguage]
return getPathWithLanguage(redirects[withoutLanguage], language)
}
let basicCorrection

2
lib/graphql/static/previews.json
View File

@@ -1097,4 +1097,4 @@
"href": "/graphql/overview/schema-previews#team-review-assignments-preview"
}
]
}
}

2
lib/graphql/static/schema-dotcom.json
View File

@@ -92221,4 +92221,4 @@
"description": "<p>A valid x509 certificate string.</p>"
}
]
}
}

2
lib/graphql/static/schema-ghec.json
View File

@@ -92221,4 +92221,4 @@
"description": "<p>A valid x509 certificate string.</p>"
}
]
}
}

107
lib/rest/static/decorated/api.github.com.json
View File

@@ -130069,6 +130069,11 @@
"contentType": "application/json",
"description": "Example",
"acceptHeader": "application/vnd.github.v3+json",
"bodyParameters": {
"apps": [
"octoapp"
]
},
"parameters": {
"owner": "OWNER",
"repo": "REPO",
@@ -130520,6 +130525,11 @@
"contentType": "application/json",
"description": "Example",
"acceptHeader": "application/vnd.github.v3+json",
"bodyParameters": {
"apps": [
"octoapp"
]
},
"parameters": {
"owner": "OWNER",
"repo": "REPO",
@@ -130971,6 +130981,11 @@
"contentType": "application/json",
"description": "Example",
"acceptHeader": "application/vnd.github.v3+json",
"bodyParameters": {
"apps": [
"my-app"
]
},
"parameters": {
"owner": "OWNER",
"repo": "REPO",
@@ -139176,7 +139191,16 @@
},
"response": {
"statusCode": "201",
"description": "<p>Response</p>"
"contentType": "application/json",
"description": "<p>Response</p>",
"example": null,
"schema": {
"title": "Empty Object",
"description": "An object without any properties.",
"type": "object",
"properties": {},
"additionalProperties": false
}
}
}
],
@@ -148134,7 +148158,16 @@
},
"response": {
"statusCode": "201",
"description": "<p>Response</p>"
"contentType": "application/json",
"description": "<p>Response</p>",
"example": null,
"schema": {
"title": "Empty Object",
"description": "An object without any properties.",
"type": "object",
"properties": {},
"additionalProperties": false
}
}
}
],
@@ -161895,6 +161928,10 @@
{
"httpStatusCode": "404",
"description": "<p>Resource not found</p>"
},
{
"httpStatusCode": "503",
"description": "<p>Service unavailable</p>"
}
],
"subcategory": "codespaces"
@@ -165666,6 +165703,10 @@
{
"httpStatusCode": "404",
"description": "<p>Resource not found</p>"
},
{
"httpStatusCode": "503",
"description": "<p>Service unavailable</p>"
}
],
"subcategory": "codespaces"
@@ -170977,6 +171018,10 @@
{
"httpStatusCode": "404",
"description": "<p>Resource not found</p>"
},
{
"httpStatusCode": "503",
"description": "<p>Service unavailable</p>"
}
],
"subcategory": "codespaces"
@@ -186264,7 +186309,7 @@
"enabledForGitHubApps": true,
"codeExamples": [
{
"key": "201",
"key": "default",
"request": {
"contentType": "application/json",
"description": "Example 1: Status Code 201",
@@ -186281,7 +186326,16 @@
},
"response": {
"statusCode": "201",
"description": "<p>Response when creating a secret</p>"
"contentType": "application/json",
"description": "<p>Response when creating a secret</p>",
"example": null,
"schema": {
"title": "Empty Object",
"description": "An object without any properties.",
"type": "object",
"properties": {},
"additionalProperties": false
}
}
},
{
@@ -186723,7 +186777,7 @@
"enabledForGitHubApps": false,
"codeExamples": [
{
"key": "201",
"key": "default",
"request": {
"contentType": "application/json",
"description": "Example 1: Status Code 201",
@@ -186742,7 +186796,16 @@
},
"response": {
"statusCode": "201",
"description": "<p>Response after successfully creaing a secret</p>"
"contentType": "application/json",
"description": "<p>Response after successfully creating a secret</p>",
"example": null,
"schema": {
"title": "Empty Object",
"description": "An object without any properties.",
"type": "object",
"properties": {},
"additionalProperties": false
}
}
},
{
@@ -186773,7 +186836,7 @@
"statusCodes": [
{
"httpStatusCode": "201",
"description": "<p>Response after successfully creaing a secret</p>"
"description": "<p>Response after successfully creating a secret</p>"
},
{
"httpStatusCode": "204",
@@ -243911,7 +243974,11 @@
"request": {
"contentType": "application/json",
"description": "Example",
"acceptHeader": "application/vnd.github.v3+json"
"acceptHeader": "application/vnd.github.v3+json",
"bodyParameters": {
"limit": "collaborators_only",
"expiry": "one_month"
}
},
"response": {
"statusCode": "200",
@@ -480845,8 +480912,11 @@
"key": "default",
"request": {
"contentType": "application/json",
"description": "Example",
"description": "Example of setting permission to read",
"acceptHeader": "application/vnd.github.v3+json",
"bodyParameters": {
"permission": "read"
},
"parameters": {
"team_id": "TEAM_ID",
"project_id": "PROJECT_ID"
@@ -484594,8 +484664,11 @@
"key": "default",
"request": {
"contentType": "application/json",
"description": "Example",
"description": "Example of setting permission to pull",
"acceptHeader": "application/vnd.github.v3+json",
"bodyParameters": {
"permission": "push"
},
"parameters": {
"team_id": "TEAM_ID",
"owner": "OWNER",
@@ -496707,8 +496780,12 @@
"key": "default",
"request": {
"contentType": "application/json",
"description": "Example",
"acceptHeader": "application/vnd.github.v3+json"
"description": "Example of updating blog and name",
"acceptHeader": "application/vnd.github.v3+json",
"bodyParameters": {
"blog": "https://github.com/blog",
"name": "monalisa octocat"
}
},
"response": {
"statusCode": "200",
@@ -503487,8 +503564,12 @@
"key": "default",
"request": {
"contentType": "application/json",
"description": "Example",
"description": "Example of updating content type and URL",
"acceptHeader": "application/vnd.github.v3+json",
"bodyParameters": {
"content_type": "json",
"url": "https://example.com/webhook"
},
"parameters": {
"owner": "OWNER",
"repo": "REPO",

107
lib/rest/static/decorated/ghec.json
View File

@@ -130519,6 +130519,11 @@
"contentType": "application/json",
"description": "Example",
"acceptHeader": "application/vnd.github.v3+json",
"bodyParameters": {
"apps": [
"octoapp"
]
},
"parameters": {
"owner": "OWNER",
"repo": "REPO",
@@ -130970,6 +130975,11 @@
"contentType": "application/json",
"description": "Example",
"acceptHeader": "application/vnd.github.v3+json",
"bodyParameters": {
"apps": [
"octoapp"
]
},
"parameters": {
"owner": "OWNER",
"repo": "REPO",
@@ -131421,6 +131431,11 @@
"contentType": "application/json",
"description": "Example",
"acceptHeader": "application/vnd.github.v3+json",
"bodyParameters": {
"apps": [
"my-app"
]
},
"parameters": {
"owner": "OWNER",
"repo": "REPO",
@@ -139626,7 +139641,16 @@
},
"response": {
"statusCode": "201",
"description": "<p>Response</p>"
"contentType": "application/json",
"description": "<p>Response</p>",
"example": null,
"schema": {
"title": "Empty Object",
"description": "An object without any properties.",
"type": "object",
"properties": {},
"additionalProperties": false
}
}
}
],
@@ -148584,7 +148608,16 @@
},
"response": {
"statusCode": "201",
"description": "<p>Response</p>"
"contentType": "application/json",
"description": "<p>Response</p>",
"example": null,
"schema": {
"title": "Empty Object",
"description": "An object without any properties.",
"type": "object",
"properties": {},
"additionalProperties": false
}
}
}
],
@@ -162345,6 +162378,10 @@
{
"httpStatusCode": "404",
"description": "<p>Resource not found</p>"
},
{
"httpStatusCode": "503",
"description": "<p>Service unavailable</p>"
}
],
"subcategory": "codespaces"
@@ -166116,6 +166153,10 @@
{
"httpStatusCode": "404",
"description": "<p>Resource not found</p>"
},
{
"httpStatusCode": "503",
"description": "<p>Service unavailable</p>"
}
],
"subcategory": "codespaces"
@@ -171427,6 +171468,10 @@
{
"httpStatusCode": "404",
"description": "<p>Resource not found</p>"
},
{
"httpStatusCode": "503",
"description": "<p>Service unavailable</p>"
}
],
"subcategory": "codespaces"
@@ -186714,7 +186759,7 @@
"enabledForGitHubApps": true,
"codeExamples": [
{
"key": "201",
"key": "default",
"request": {
"contentType": "application/json",
"description": "Example 1: Status Code 201",
@@ -186731,7 +186776,16 @@
},
"response": {
"statusCode": "201",
"description": "<p>Response when creating a secret</p>"
"contentType": "application/json",
"description": "<p>Response when creating a secret</p>",
"example": null,
"schema": {
"title": "Empty Object",
"description": "An object without any properties.",
"type": "object",
"properties": {},
"additionalProperties": false
}
}
},
{
@@ -187173,7 +187227,7 @@
"enabledForGitHubApps": false,
"codeExamples": [
{
"key": "201",
"key": "default",
"request": {
"contentType": "application/json",
"description": "Example 1: Status Code 201",
@@ -187192,7 +187246,16 @@
},
"response": {
"statusCode": "201",
"description": "<p>Response after successfully creaing a secret</p>"
"contentType": "application/json",
"description": "<p>Response after successfully creating a secret</p>",
"example": null,
"schema": {
"title": "Empty Object",
"description": "An object without any properties.",
"type": "object",
"properties": {},
"additionalProperties": false
}
}
},
{
@@ -187223,7 +187286,7 @@
"statusCodes": [
{
"httpStatusCode": "201",
"description": "<p>Response after successfully creaing a secret</p>"
"description": "<p>Response after successfully creating a secret</p>"
},
{
"httpStatusCode": "204",
@@ -245296,7 +245359,11 @@
"request": {
"contentType": "application/json",
"description": "Example",
"acceptHeader": "application/vnd.github.v3+json"
"acceptHeader": "application/vnd.github.v3+json",
"bodyParameters": {
"limit": "collaborators_only",
"expiry": "one_month"
}
},
"response": {
"statusCode": "200",
@@ -485163,8 +485230,11 @@
"key": "default",
"request": {
"contentType": "application/json",
"description": "Example",
"description": "Example of setting permission to read",
"acceptHeader": "application/vnd.github.v3+json",
"bodyParameters": {
"permission": "read"
},
"parameters": {
"team_id": "TEAM_ID",
"project_id": "PROJECT_ID"
@@ -488912,8 +488982,11 @@
"key": "default",
"request": {
"contentType": "application/json",
"description": "Example",
"description": "Example of setting permission to pull",
"acceptHeader": "application/vnd.github.v3+json",
"bodyParameters": {
"permission": "push"
},
"parameters": {
"team_id": "TEAM_ID",
"owner": "OWNER",
@@ -502593,8 +502666,12 @@
"key": "default",
"request": {
"contentType": "application/json",
"description": "Example",
"acceptHeader": "application/vnd.github.v3+json"
"description": "Example of updating blog and name",
"acceptHeader": "application/vnd.github.v3+json",
"bodyParameters": {
"blog": "https://github.com/blog",
"name": "monalisa octocat"
}
},
"response": {
"statusCode": "200",
@@ -509373,8 +509450,12 @@
"key": "default",
"request": {
"contentType": "application/json",
"description": "Example",
"description": "Example of updating content type and URL",
"acceptHeader": "application/vnd.github.v3+json",
"bodyParameters": {
"content_type": "json",
"url": "https://example.com/webhook"
},
"parameters": {
"owner": "OWNER",
"repo": "REPO",

61
lib/rest/static/decorated/ghes-3.2.json
View File

@@ -111907,6 +111907,11 @@
"contentType": "application/json",
"description": "Example",
"acceptHeader": "application/vnd.github.v3+json",
"bodyParameters": {
"apps": [
"octoapp"
]
},
"parameters": {
"owner": "OWNER",
"repo": "REPO",
@@ -112358,6 +112363,11 @@
"contentType": "application/json",
"description": "Example",
"acceptHeader": "application/vnd.github.v3+json",
"bodyParameters": {
"apps": [
"octoapp"
]
},
"parameters": {
"owner": "OWNER",
"repo": "REPO",
@@ -112809,6 +112819,11 @@
"contentType": "application/json",
"description": "Example",
"acceptHeader": "application/vnd.github.v3+json",
"bodyParameters": {
"apps": [
"my-app"
]
},
"parameters": {
"owner": "OWNER",
"repo": "REPO",
@@ -129847,7 +129862,16 @@
},
"response": {
"statusCode": "201",
"description": "<p>Response</p>"
"contentType": "application/json",
"description": "<p>Response</p>",
"example": null,
"schema": {
"title": "Empty Object",
"description": "An object without any properties.",
"type": "object",
"properties": {},
"additionalProperties": false
}
}
}
],
@@ -273510,8 +273534,17 @@
"key": "default",
"request": {
"contentType": "application/json",
"description": "Example",
"description": "Example of updating scopes and note",
"acceptHeader": "application/vnd.github.v3+json",
"bodyParameters": {
"add_scopes": [
"public_repo"
],
"remove_scopes": [
"user"
],
"note": "optional note"
},
"parameters": {
"authorization_id": "AUTHORIZATION_ID"
}
@@ -402227,8 +402260,11 @@
"key": "default",
"request": {
"contentType": "application/json",
"description": "Example",
"description": "Example of setting permission to read",
"acceptHeader": "application/vnd.github.v3+json",
"bodyParameters": {
"permission": "read"
},
"parameters": {
"team_id": "TEAM_ID",
"project_id": "PROJECT_ID"
@@ -405857,8 +405893,11 @@
"key": "default",
"request": {
"contentType": "application/json",
"description": "Example",
"description": "Example of setting permission to pull",
"acceptHeader": "application/vnd.github.v3+json",
"bodyParameters": {
"permission": "push"
},
"parameters": {
"team_id": "TEAM_ID",
"owner": "OWNER",
@@ -417318,8 +417357,12 @@
"key": "default",
"request": {
"contentType": "application/json",
"description": "Example",
"acceptHeader": "application/vnd.github.v3+json"
"description": "Example of updating blog and name",
"acceptHeader": "application/vnd.github.v3+json",
"bodyParameters": {
"blog": "https://github.com/blog",
"name": "monalisa octocat"
}
},
"response": {
"statusCode": "200",
@@ -422954,8 +422997,12 @@
"key": "default",
"request": {
"contentType": "application/json",
"description": "Example",
"description": "Example of updating content type and URL",
"acceptHeader": "application/vnd.github.v3+json",
"bodyParameters": {
"content_type": "json",
"url": "https://example.com/webhook"
},
"parameters": {
"owner": "OWNER",
"repo": "REPO",

72
lib/rest/static/decorated/ghes-3.3.json
View File

@@ -112383,6 +112383,11 @@
"contentType": "application/json",
"description": "Example",
"acceptHeader": "application/vnd.github.v3+json",
"bodyParameters": {
"apps": [
"octoapp"
]
},
"parameters": {
"owner": "OWNER",
"repo": "REPO",
@@ -112834,6 +112839,11 @@
"contentType": "application/json",
"description": "Example",
"acceptHeader": "application/vnd.github.v3+json",
"bodyParameters": {
"apps": [
"octoapp"
]
},
"parameters": {
"owner": "OWNER",
"repo": "REPO",
@@ -113285,6 +113295,11 @@
"contentType": "application/json",
"description": "Example",
"acceptHeader": "application/vnd.github.v3+json",
"bodyParameters": {
"apps": [
"my-app"
]
},
"parameters": {
"owner": "OWNER",
"repo": "REPO",
@@ -121490,7 +121505,16 @@
},
"response": {
"statusCode": "201",
"description": "<p>Response</p>"
"contentType": "application/json",
"description": "<p>Response</p>",
"example": null,
"schema": {
"title": "Empty Object",
"description": "An object without any properties.",
"type": "object",
"properties": {},
"additionalProperties": false
}
}
}
],
@@ -130402,7 +130426,16 @@
},
"response": {
"statusCode": "201",
"description": "<p>Response</p>"
"contentType": "application/json",
"description": "<p>Response</p>",
"example": null,
"schema": {
"title": "Empty Object",
"description": "An object without any properties.",
"type": "object",
"properties": {},
"additionalProperties": false
}
}
}
],
@@ -274468,8 +274501,17 @@
"key": "default",
"request": {
"contentType": "application/json",
"description": "Example",
"description": "Example of updating scopes and note",
"acceptHeader": "application/vnd.github.v3+json",
"bodyParameters": {
"add_scopes": [
"public_repo"
],
"remove_scopes": [
"user"
],
"note": "optional note"
},
"parameters": {
"authorization_id": "AUTHORIZATION_ID"
}
@@ -399955,8 +399997,11 @@
"key": "default",
"request": {
"contentType": "application/json",
"description": "Example",
"description": "Example of setting permission to read",
"acceptHeader": "application/vnd.github.v3+json",
"bodyParameters": {
"permission": "read"
},
"parameters": {
"team_id": "TEAM_ID",
"project_id": "PROJECT_ID"
@@ -403594,8 +403639,11 @@
"key": "default",
"request": {
"contentType": "application/json",
"description": "Example",
"description": "Example of setting permission to pull",
"acceptHeader": "application/vnd.github.v3+json",
"bodyParameters": {
"permission": "push"
},
"parameters": {
"team_id": "TEAM_ID",
"owner": "OWNER",
@@ -415023,8 +415071,12 @@
"key": "default",
"request": {
"contentType": "application/json",
"description": "Example",
"acceptHeader": "application/vnd.github.v3+json"
"description": "Example of updating blog and name",
"acceptHeader": "application/vnd.github.v3+json",
"bodyParameters": {
"blog": "https://github.com/blog",
"name": "monalisa octocat"
}
},
"response": {
"statusCode": "200",
@@ -420659,8 +420711,12 @@
"key": "default",
"request": {
"contentType": "application/json",
"description": "Example",
"description": "Example of updating content type and URL",
"acceptHeader": "application/vnd.github.v3+json",
"bodyParameters": {
"content_type": "json",
"url": "https://example.com/webhook"
},
"parameters": {
"owner": "OWNER",
"repo": "REPO",

72
lib/rest/static/decorated/ghes-3.4.json
View File

@@ -117679,6 +117679,11 @@
"contentType": "application/json",
"description": "Example",
"acceptHeader": "application/vnd.github.v3+json",
"bodyParameters": {
"apps": [
"octoapp"
]
},
"parameters": {
"owner": "OWNER",
"repo": "REPO",
@@ -118130,6 +118135,11 @@
"contentType": "application/json",
"description": "Example",
"acceptHeader": "application/vnd.github.v3+json",
"bodyParameters": {
"apps": [
"octoapp"
]
},
"parameters": {
"owner": "OWNER",
"repo": "REPO",
@@ -118581,6 +118591,11 @@
"contentType": "application/json",
"description": "Example",
"acceptHeader": "application/vnd.github.v3+json",
"bodyParameters": {
"apps": [
"my-app"
]
},
"parameters": {
"owner": "OWNER",
"repo": "REPO",
@@ -126786,7 +126801,16 @@
},
"response": {
"statusCode": "201",
"description": "<p>Response</p>"
"contentType": "application/json",
"description": "<p>Response</p>",
"example": null,
"schema": {
"title": "Empty Object",
"description": "An object without any properties.",
"type": "object",
"properties": {},
"additionalProperties": false
}
}
}
],
@@ -135696,7 +135720,16 @@
},
"response": {
"statusCode": "201",
"description": "<p>Response</p>"
"contentType": "application/json",
"description": "<p>Response</p>",
"example": null,
"schema": {
"title": "Empty Object",
"description": "An object without any properties.",
"type": "object",
"properties": {},
"additionalProperties": false
}
}
}
],
@@ -292558,8 +292591,17 @@
"key": "default",
"request": {
"contentType": "application/json",
"description": "Example",
"description": "Example of updating scopes and note",
"acceptHeader": "application/vnd.github.v3+json",
"bodyParameters": {
"add_scopes": [
"public_repo"
],
"remove_scopes": [
"user"
],
"note": "optional note"
},
"parameters": {
"authorization_id": "AUTHORIZATION_ID"
}
@@ -419496,8 +419538,11 @@
"key": "default",
"request": {
"contentType": "application/json",
"description": "Example",
"description": "Example of setting permission to read",
"acceptHeader": "application/vnd.github.v3+json",
"bodyParameters": {
"permission": "read"
},
"parameters": {
"team_id": "TEAM_ID",
"project_id": "PROJECT_ID"
@@ -423135,8 +423180,11 @@
"key": "default",
"request": {
"contentType": "application/json",
"description": "Example",
"description": "Example of setting permission to pull",
"acceptHeader": "application/vnd.github.v3+json",
"bodyParameters": {
"permission": "push"
},
"parameters": {
"team_id": "TEAM_ID",
"owner": "OWNER",
@@ -434573,8 +434621,12 @@
"key": "default",
"request": {
"contentType": "application/json",
"description": "Example",
"acceptHeader": "application/vnd.github.v3+json"
"description": "Example of updating blog and name",
"acceptHeader": "application/vnd.github.v3+json",
"bodyParameters": {
"blog": "https://github.com/blog",
"name": "monalisa octocat"
}
},
"response": {
"statusCode": "200",
@@ -440209,8 +440261,12 @@
"key": "default",
"request": {
"contentType": "application/json",
"description": "Example",
"description": "Example of updating content type and URL",
"acceptHeader": "application/vnd.github.v3+json",
"bodyParameters": {
"content_type": "json",
"url": "https://example.com/webhook"
},
"parameters": {
"owner": "OWNER",
"repo": "REPO",

72
lib/rest/static/decorated/ghes-3.5.json
View File

@@ -123351,6 +123351,11 @@
"contentType": "application/json",
"description": "Example",
"acceptHeader": "application/vnd.github.v3+json",
"bodyParameters": {
"apps": [
"octoapp"
]
},
"parameters": {
"owner": "OWNER",
"repo": "REPO",
@@ -123802,6 +123807,11 @@
"contentType": "application/json",
"description": "Example",
"acceptHeader": "application/vnd.github.v3+json",
"bodyParameters": {
"apps": [
"octoapp"
]
},
"parameters": {
"owner": "OWNER",
"repo": "REPO",
@@ -124253,6 +124263,11 @@
"contentType": "application/json",
"description": "Example",
"acceptHeader": "application/vnd.github.v3+json",
"bodyParameters": {
"apps": [
"my-app"
]
},
"parameters": {
"owner": "OWNER",
"repo": "REPO",
@@ -132458,7 +132473,16 @@
},
"response": {
"statusCode": "201",
"description": "<p>Response</p>"
"contentType": "application/json",
"description": "<p>Response</p>",
"example": null,
"schema": {
"title": "Empty Object",
"description": "An object without any properties.",
"type": "object",
"properties": {},
"additionalProperties": false
}
}
}
],
@@ -141392,7 +141416,16 @@
},
"response": {
"statusCode": "201",
"description": "<p>Response</p>"
"contentType": "application/json",
"description": "<p>Response</p>",
"example": null,
"schema": {
"title": "Empty Object",
"description": "An object without any properties.",
"type": "object",
"properties": {},
"additionalProperties": false
}
}
}
],
@@ -299720,8 +299753,17 @@
"key": "default",
"request": {
"contentType": "application/json",
"description": "Example",
"description": "Example of updating scopes and note",
"acceptHeader": "application/vnd.github.v3+json",
"bodyParameters": {
"add_scopes": [
"public_repo"
],
"remove_scopes": [
"user"
],
"note": "optional note"
},
"parameters": {
"authorization_id": "AUTHORIZATION_ID"
}
@@ -427150,8 +427192,11 @@
"key": "default",
"request": {
"contentType": "application/json",
"description": "Example",
"description": "Example of setting permission to read",
"acceptHeader": "application/vnd.github.v3+json",
"bodyParameters": {
"permission": "read"
},
"parameters": {
"team_id": "TEAM_ID",
"project_id": "PROJECT_ID"
@@ -430803,8 +430848,11 @@
"key": "default",
"request": {
"contentType": "application/json",
"description": "Example",
"description": "Example of setting permission to pull",
"acceptHeader": "application/vnd.github.v3+json",
"bodyParameters": {
"permission": "push"
},
"parameters": {
"team_id": "TEAM_ID",
"owner": "OWNER",
@@ -442241,8 +442289,12 @@
"key": "default",
"request": {
"contentType": "application/json",
"description": "Example",
"acceptHeader": "application/vnd.github.v3+json"
"description": "Example of updating blog and name",
"acceptHeader": "application/vnd.github.v3+json",
"bodyParameters": {
"blog": "https://github.com/blog",
"name": "monalisa octocat"
}
},
"response": {
"statusCode": "200",
@@ -447877,8 +447929,12 @@
"key": "default",
"request": {
"contentType": "application/json",
"description": "Example",
"description": "Example of updating content type and URL",
"acceptHeader": "application/vnd.github.v3+json",
"bodyParameters": {
"content_type": "json",
"url": "https://example.com/webhook"
},
"parameters": {
"owner": "OWNER",
"repo": "REPO",

72
lib/rest/static/decorated/ghes-3.6.json
View File

@@ -125868,6 +125868,11 @@
"contentType": "application/json",
"description": "Example",
"acceptHeader": "application/vnd.github.v3+json",
"bodyParameters": {
"apps": [
"octoapp"
]
},
"parameters": {
"owner": "OWNER",
"repo": "REPO",
@@ -126319,6 +126324,11 @@
"contentType": "application/json",
"description": "Example",
"acceptHeader": "application/vnd.github.v3+json",
"bodyParameters": {
"apps": [
"octoapp"
]
},
"parameters": {
"owner": "OWNER",
"repo": "REPO",
@@ -126770,6 +126780,11 @@
"contentType": "application/json",
"description": "Example",
"acceptHeader": "application/vnd.github.v3+json",
"bodyParameters": {
"apps": [
"my-app"
]
},
"parameters": {
"owner": "OWNER",
"repo": "REPO",
@@ -134975,7 +134990,16 @@
},
"response": {
"statusCode": "201",
"description": "<p>Response</p>"
"contentType": "application/json",
"description": "<p>Response</p>",
"example": null,
"schema": {
"title": "Empty Object",
"description": "An object without any properties.",
"type": "object",
"properties": {},
"additionalProperties": false
}
}
}
],
@@ -143933,7 +143957,16 @@
},
"response": {
"statusCode": "201",
"description": "<p>Response</p>"
"contentType": "application/json",
"description": "<p>Response</p>",
"example": null,
"schema": {
"title": "Empty Object",
"description": "An object without any properties.",
"type": "object",
"properties": {},
"additionalProperties": false
}
}
}
],
@@ -309051,8 +309084,17 @@
"key": "default",
"request": {
"contentType": "application/json",
"description": "Example",
"description": "Example of updating scopes and note",
"acceptHeader": "application/vnd.github.v3+json",
"bodyParameters": {
"add_scopes": [
"public_repo"
],
"remove_scopes": [
"user"
],
"note": "optional note"
},
"parameters": {
"authorization_id": "AUTHORIZATION_ID"
}
@@ -439531,8 +439573,11 @@
"key": "default",
"request": {
"contentType": "application/json",
"description": "Example",
"description": "Example of setting permission to read",
"acceptHeader": "application/vnd.github.v3+json",
"bodyParameters": {
"permission": "read"
},
"parameters": {
"team_id": "TEAM_ID",
"project_id": "PROJECT_ID"
@@ -443280,8 +443325,11 @@
"key": "default",
"request": {
"contentType": "application/json",
"description": "Example",
"description": "Example of setting permission to pull",
"acceptHeader": "application/vnd.github.v3+json",
"bodyParameters": {
"permission": "push"
},
"parameters": {
"team_id": "TEAM_ID",
"owner": "OWNER",
@@ -455482,8 +455530,12 @@
"key": "default",
"request": {
"contentType": "application/json",
"description": "Example",
"acceptHeader": "application/vnd.github.v3+json"
"description": "Example of updating blog and name",
"acceptHeader": "application/vnd.github.v3+json",
"bodyParameters": {
"blog": "https://github.com/blog",
"name": "monalisa octocat"
}
},
"response": {
"statusCode": "200",
@@ -461216,8 +461268,12 @@
"key": "default",
"request": {
"contentType": "application/json",
"description": "Example",
"description": "Example of updating content type and URL",
"acceptHeader": "application/vnd.github.v3+json",
"bodyParameters": {
"content_type": "json",
"url": "https://example.com/webhook"
},
"parameters": {
"owner": "OWNER",
"repo": "REPO",

61
lib/rest/static/decorated/github.ae.json
View File

@@ -89279,6 +89279,11 @@
"contentType": "application/json",
"description": "Example",
"acceptHeader": "application/vnd.github.v3+json",
"bodyParameters": {
"apps": [
"octoapp"
]
},
"parameters": {
"owner": "OWNER",
"repo": "REPO",
@@ -89730,6 +89735,11 @@
"contentType": "application/json",
"description": "Example",
"acceptHeader": "application/vnd.github.v3+json",
"bodyParameters": {
"apps": [
"octoapp"
]
},
"parameters": {
"owner": "OWNER",
"repo": "REPO",
@@ -90181,6 +90191,11 @@
"contentType": "application/json",
"description": "Example",
"acceptHeader": "application/vnd.github.v3+json",
"bodyParameters": {
"apps": [
"my-app"
]
},
"parameters": {
"owner": "OWNER",
"repo": "REPO",
@@ -98386,7 +98401,16 @@
},
"response": {
"statusCode": "201",
"description": "<p>Response</p>"
"contentType": "application/json",
"description": "<p>Response</p>",
"example": null,
"schema": {
"title": "Empty Object",
"description": "An object without any properties.",
"type": "object",
"properties": {},
"additionalProperties": false
}
}
}
],
@@ -107344,7 +107368,16 @@
},
"response": {
"statusCode": "201",
"description": "<p>Response</p>"
"contentType": "application/json",
"description": "<p>Response</p>",
"example": null,
"schema": {
"title": "Empty Object",
"description": "An object without any properties.",
"type": "object",
"properties": {},
"additionalProperties": false
}
}
}
],
@@ -372689,8 +372722,11 @@
"key": "default",
"request": {
"contentType": "application/json",
"description": "Example",
"description": "Example of setting permission to read",
"acceptHeader": "application/vnd.github.v3+json",
"bodyParameters": {
"permission": "read"
},
"parameters": {
"team_id": "TEAM_ID",
"project_id": "PROJECT_ID"
@@ -376361,8 +376397,11 @@
"key": "default",
"request": {
"contentType": "application/json",
"description": "Example",
"description": "Example of setting permission to pull",
"acceptHeader": "application/vnd.github.v3+json",
"bodyParameters": {
"permission": "push"
},
"parameters": {
"team_id": "TEAM_ID",
"owner": "OWNER",
@@ -388442,8 +388481,12 @@
"key": "default",
"request": {
"contentType": "application/json",
"description": "Example",
"acceptHeader": "application/vnd.github.v3+json"
"description": "Example of updating blog and name",
"acceptHeader": "application/vnd.github.v3+json",
"bodyParameters": {
"blog": "https://github.com/blog",
"name": "monalisa octocat"
}
},
"response": {
"statusCode": "200",
@@ -393637,8 +393680,12 @@
"key": "default",
"request": {
"contentType": "application/json",
"description": "Example",
"description": "Example of updating content type and URL",
"acceptHeader": "application/vnd.github.v3+json",
"bodyParameters": {
"content_type": "json",
"url": "https://example.com/webhook"
},
"parameters": {
"owner": "OWNER",
"repo": "REPO",

168
lib/rest/static/dereferenced/api.github.com.deref.json
View File

@@ -191066,6 +191066,15 @@
}
}
]
},
"examples": {
"default": {
"value": {
"apps": [
"octoapp"
]
}
}
}
}
}
@@ -191611,6 +191620,15 @@
}
}
]
},
"examples": {
"default": {
"value": {
"apps": [
"octoapp"
]
}
}
}
}
}
@@ -192155,6 +192173,15 @@
}
}
]
},
"examples": {
"default": {
"value": {
"apps": [
"my-app"
]
}
}
}
}
}
@@ -203022,10 +203049,17 @@
"content": {
"application/json": {
"schema": {
"title": "Empty Object",
"description": "An object without any properties.",
"type": "object",
"properties": {
},
"additionalProperties": false
},
"examples": {
"default": {
"value": null
}
}
}
}
@@ -210762,10 +210796,17 @@
"content": {
"application/json": {
"schema": {
"title": "Empty Object",
"description": "An object without any properties.",
"type": "object",
"properties": {
},
"additionalProperties": false
},
"examples": {
"default": {
"value": null
}
}
}
}
@@ -220868,6 +220909,27 @@
}
}
}
},
"503": {
"description": "Service unavailable",
"content": {
"application/json": {
"schema": {
"type": "object",
"properties": {
"code": {
"type": "string"
},
"message": {
"type": "string"
},
"documentation_url": {
"type": "string"
}
}
}
}
}
}
},
"x-github": {
@@ -222221,10 +222283,17 @@
"content": {
"application/json": {
"schema": {
"title": "Empty Object",
"description": "An object without any properties.",
"type": "object",
"properties": {
},
"additionalProperties": false
},
"examples": {
"default": {
"value": null
}
}
}
}
@@ -274869,12 +274938,15 @@
}
]
}
},
"example": {
"content_type": "json",
"insecure_ssl": "0",
"secret": "********",
"url": "https://example.com/webhook"
}
},
"examples": {
"default": {
"summary": "Example of updating content type and URL",
"value": {
"content_type": "json",
"url": "https://example.com/webhook"
}
}
}
}
@@ -381538,6 +381610,27 @@
}
}
}
},
"503": {
"description": "Service unavailable",
"content": {
"application/json": {
"schema": {
"type": "object",
"properties": {
"code": {
"type": "string"
},
"message": {
"type": "string"
},
"documentation_url": {
"type": "string"
}
}
}
}
}
}
},
"x-github": {
@@ -437893,6 +437986,14 @@
]
}
}
},
"examples": {
"default": {
"summary": "Example of setting permission to read",
"value": {
"permission": "read"
}
}
}
}
}
@@ -441868,6 +441969,14 @@
]
}
}
},
"examples": {
"default": {
"summary": "Example of setting permission to pull",
"value": {
"permission": "push"
}
}
}
}
}
@@ -443305,6 +443414,15 @@
"type": "string"
}
}
},
"examples": {
"default": {
"summary": "Example of updating blog and name",
"value": {
"blog": "https://github.com/blog",
"name": "monalisa octocat"
}
}
}
}
}
@@ -450091,6 +450209,27 @@
}
}
}
},
"503": {
"description": "Service unavailable",
"content": {
"application/json": {
"schema": {
"type": "object",
"properties": {
"code": {
"type": "string"
},
"message": {
"type": "string"
},
"documentation_url": {
"type": "string"
}
}
}
}
}
}
},
"x-github": {
@@ -450469,14 +450608,21 @@
},
"responses": {
"201": {
"description": "Response after successfully creaing a secret",
"description": "Response after successfully creating a secret",
"content": {
"application/json": {
"schema": {
"title": "Empty Object",
"description": "An object without any properties.",
"type": "object",
"properties": {
},
"additionalProperties": false
},
"examples": {
"default": {
"value": null
}
}
}
}
@@ -466740,6 +466886,14 @@
"required": [
"limit"
]
},
"examples": {
"default": {
"value": {
"limit": "collaborators_only",
"expiry": "one_month"
}
}
}
}
}

168
lib/rest/static/dereferenced/ghec.deref.json
View File

@@ -194559,6 +194559,15 @@
}
}
]
},
"examples": {
"default": {
"value": {
"apps": [
"octoapp"
]
}
}
}
}
}
@@ -195104,6 +195113,15 @@
}
}
]
},
"examples": {
"default": {
"value": {
"apps": [
"octoapp"
]
}
}
}
}
}
@@ -195648,6 +195666,15 @@
}
}
]
},
"examples": {
"default": {
"value": {
"apps": [
"my-app"
]
}
}
}
}
}
@@ -206515,10 +206542,17 @@
"content": {
"application/json": {
"schema": {
"title": "Empty Object",
"description": "An object without any properties.",
"type": "object",
"properties": {
},
"additionalProperties": false
},
"examples": {
"default": {
"value": null
}
}
}
}
@@ -214255,10 +214289,17 @@
"content": {
"application/json": {
"schema": {
"title": "Empty Object",
"description": "An object without any properties.",
"type": "object",
"properties": {
},
"additionalProperties": false
},
"examples": {
"default": {
"value": null
}
}
}
}
@@ -224361,6 +224402,27 @@
}
}
}
},
"503": {
"description": "Service unavailable",
"content": {
"application/json": {
"schema": {
"type": "object",
"properties": {
"code": {
"type": "string"
},
"message": {
"type": "string"
},
"documentation_url": {
"type": "string"
}
}
}
}
}
}
},
"x-github": {
@@ -225714,10 +225776,17 @@
"content": {
"application/json": {
"schema": {
"title": "Empty Object",
"description": "An object without any properties.",
"type": "object",
"properties": {
},
"additionalProperties": false
},
"examples": {
"default": {
"value": null
}
}
}
}
@@ -278362,12 +278431,15 @@
}
]
}
},
"example": {
"content_type": "json",
"insecure_ssl": "0",
"secret": "********",
"url": "https://example.com/webhook"
}
},
"examples": {
"default": {
"summary": "Example of updating content type and URL",
"value": {
"content_type": "json",
"url": "https://example.com/webhook"
}
}
}
}
@@ -385031,6 +385103,27 @@
}
}
}
},
"503": {
"description": "Service unavailable",
"content": {
"application/json": {
"schema": {
"type": "object",
"properties": {
"code": {
"type": "string"
},
"message": {
"type": "string"
},
"documentation_url": {
"type": "string"
}
}
}
}
}
}
},
"x-github": {
@@ -445074,6 +445167,14 @@
]
}
}
},
"examples": {
"default": {
"summary": "Example of setting permission to read",
"value": {
"permission": "read"
}
}
}
}
}
@@ -449049,6 +449150,14 @@
]
}
}
},
"examples": {
"default": {
"summary": "Example of setting permission to pull",
"value": {
"permission": "push"
}
}
}
}
}
@@ -450975,6 +451084,15 @@
"type": "string"
}
}
},
"examples": {
"default": {
"summary": "Example of updating blog and name",
"value": {
"blog": "https://github.com/blog",
"name": "monalisa octocat"
}
}
}
}
}
@@ -457761,6 +457879,27 @@
}
}
}
},
"503": {
"description": "Service unavailable",
"content": {
"application/json": {
"schema": {
"type": "object",
"properties": {
"code": {
"type": "string"
},
"message": {
"type": "string"
},
"documentation_url": {
"type": "string"
}
}
}
}
}
}
},
"x-github": {
@@ -458139,14 +458278,21 @@
},
"responses": {
"201": {
"description": "Response after successfully creaing a secret",
"description": "Response after successfully creating a secret",
"content": {
"application/json": {
"schema": {
"title": "Empty Object",
"description": "An object without any properties.",
"type": "object",
"properties": {
},
"additionalProperties": false
},
"examples": {
"default": {
"value": null
}
}
}
}
@@ -474410,6 +474556,14 @@
"required": [
"limit"
]
},
"examples": {
"default": {
"value": {
"limit": "collaborators_only",
"expiry": "one_month"
}
}
}
}
}

88
lib/rest/static/dereferenced/ghes-3.2.deref.json
View File

@@ -26777,6 +26777,20 @@
"type": "string"
}
}
},
"examples": {
"default": {
"summary": "Example of updating scopes and note",
"value": {
"add_scopes": [
"public_repo"
],
"remove_scopes": [
"user"
],
"note": "optional note"
}
}
}
}
}
@@ -156354,6 +156368,15 @@
}
}
]
},
"examples": {
"default": {
"value": {
"apps": [
"octoapp"
]
}
}
}
}
}
@@ -156899,6 +156922,15 @@
}
}
]
},
"examples": {
"default": {
"value": {
"apps": [
"octoapp"
]
}
}
}
}
}
@@ -157443,6 +157475,15 @@
}
}
]
},
"examples": {
"default": {
"value": {
"apps": [
"my-app"
]
}
}
}
}
}
@@ -175134,10 +175175,17 @@
"content": {
"application/json": {
"schema": {
"title": "Empty Object",
"description": "An object without any properties.",
"type": "object",
"properties": {
},
"additionalProperties": false
},
"examples": {
"default": {
"value": null
}
}
}
}
@@ -226295,12 +226343,15 @@
}
]
}
},
"example": {
"content_type": "json",
"insecure_ssl": "0",
"secret": "********",
"url": "https://example.com/webhook"
}
},
"examples": {
"default": {
"summary": "Example of updating content type and URL",
"value": {
"content_type": "json",
"url": "https://example.com/webhook"
}
}
}
}
@@ -380592,6 +380643,14 @@
]
}
}
},
"examples": {
"default": {
"summary": "Example of setting permission to read",
"value": {
"permission": "read"
}
}
}
}
}
@@ -384451,6 +384510,14 @@
]
}
}
},
"examples": {
"default": {
"summary": "Example of setting permission to pull",
"value": {
"permission": "push"
}
}
}
}
}
@@ -385886,6 +385953,15 @@
"type": "string"
}
}
},
"examples": {
"default": {
"summary": "Example of updating blog and name",
"value": {
"blog": "https://github.com/blog",
"name": "monalisa octocat"
}
}
}
}
}

95
lib/rest/static/dereferenced/ghes-3.3.deref.json
View File

@@ -26642,6 +26642,20 @@
"type": "string"
}
}
},
"examples": {
"default": {
"summary": "Example of updating scopes and note",
"value": {
"add_scopes": [
"public_repo"
],
"remove_scopes": [
"user"
],
"note": "optional note"
}
}
}
}
}
@@ -158227,6 +158241,15 @@
}
}
]
},
"examples": {
"default": {
"value": {
"apps": [
"octoapp"
]
}
}
}
}
}
@@ -158772,6 +158795,15 @@
}
}
]
},
"examples": {
"default": {
"value": {
"apps": [
"octoapp"
]
}
}
}
}
}
@@ -159316,6 +159348,15 @@
}
}
]
},
"examples": {
"default": {
"value": {
"apps": [
"my-app"
]
}
}
}
}
}
@@ -169457,10 +169498,17 @@
"content": {
"application/json": {
"schema": {
"title": "Empty Object",
"description": "An object without any properties.",
"type": "object",
"properties": {
},
"additionalProperties": false
},
"examples": {
"default": {
"value": null
}
}
}
}
@@ -177155,10 +177203,17 @@
"content": {
"application/json": {
"schema": {
"title": "Empty Object",
"description": "An object without any properties.",
"type": "object",
"properties": {
},
"additionalProperties": false
},
"examples": {
"default": {
"value": null
}
}
}
}
@@ -228266,12 +228321,15 @@
}
]
}
},
"example": {
"content_type": "json",
"insecure_ssl": "0",
"secret": "********",
"url": "https://example.com/webhook"
}
},
"examples": {
"default": {
"summary": "Example of updating content type and URL",
"value": {
"content_type": "json",
"url": "https://example.com/webhook"
}
}
}
}
@@ -382953,6 +383011,14 @@
]
}
}
},
"examples": {
"default": {
"summary": "Example of setting permission to read",
"value": {
"permission": "read"
}
}
}
}
}
@@ -386818,6 +386884,14 @@
]
}
}
},
"examples": {
"default": {
"summary": "Example of setting permission to pull",
"value": {
"permission": "push"
}
}
}
}
}
@@ -388253,6 +388327,15 @@
"type": "string"
}
}
},
"examples": {
"default": {
"summary": "Example of updating blog and name",
"value": {
"blog": "https://github.com/blog",
"name": "monalisa octocat"
}
}
}
}
}

95
lib/rest/static/dereferenced/ghes-3.4.deref.json
View File

@@ -24645,6 +24645,20 @@
"type": "string"
}
}
},
"examples": {
"default": {
"summary": "Example of updating scopes and note",
"value": {
"add_scopes": [
"public_repo"
],
"remove_scopes": [
"user"
],
"note": "optional note"
}
}
}
}
}
@@ -172480,6 +172494,15 @@
}
}
]
},
"examples": {
"default": {
"value": {
"apps": [
"octoapp"
]
}
}
}
}
}
@@ -173025,6 +173048,15 @@
}
}
]
},
"examples": {
"default": {
"value": {
"apps": [
"octoapp"
]
}
}
}
}
}
@@ -173569,6 +173601,15 @@
}
}
]
},
"examples": {
"default": {
"value": {
"apps": [
"my-app"
]
}
}
}
}
}
@@ -184436,10 +184477,17 @@
"content": {
"application/json": {
"schema": {
"title": "Empty Object",
"description": "An object without any properties.",
"type": "object",
"properties": {
},
"additionalProperties": false
},
"examples": {
"default": {
"value": null
}
}
}
}
@@ -192128,10 +192176,17 @@
"content": {
"application/json": {
"schema": {
"title": "Empty Object",
"description": "An object without any properties.",
"type": "object",
"properties": {
},
"additionalProperties": false
},
"examples": {
"default": {
"value": null
}
}
}
}
@@ -243493,12 +243548,15 @@
}
]
}
},
"example": {
"content_type": "json",
"insecure_ssl": "0",
"secret": "********",
"url": "https://example.com/webhook"
}
},
"examples": {
"default": {
"summary": "Example of updating content type and URL",
"value": {
"content_type": "json",
"url": "https://example.com/webhook"
}
}
}
}
@@ -398398,6 +398456,14 @@
]
}
}
},
"examples": {
"default": {
"summary": "Example of setting permission to read",
"value": {
"permission": "read"
}
}
}
}
}
@@ -402263,6 +402329,14 @@
]
}
}
},
"examples": {
"default": {
"summary": "Example of setting permission to pull",
"value": {
"permission": "push"
}
}
}
}
}
@@ -403698,6 +403772,15 @@
"type": "string"
}
}
},
"examples": {
"default": {
"summary": "Example of updating blog and name",
"value": {
"blog": "https://github.com/blog",
"name": "monalisa octocat"
}
}
}
}
}

95
lib/rest/static/dereferenced/ghes-3.5.deref.json
View File

@@ -24645,6 +24645,20 @@
"type": "string"
}
}
},
"examples": {
"default": {
"summary": "Example of updating scopes and note",
"value": {
"add_scopes": [
"public_repo"
],
"remove_scopes": [
"user"
],
"note": "optional note"
}
}
}
}
}
@@ -179605,6 +179619,15 @@
}
}
]
},
"examples": {
"default": {
"value": {
"apps": [
"octoapp"
]
}
}
}
}
}
@@ -180150,6 +180173,15 @@
}
}
]
},
"examples": {
"default": {
"value": {
"apps": [
"octoapp"
]
}
}
}
}
}
@@ -180694,6 +180726,15 @@
}
}
]
},
"examples": {
"default": {
"value": {
"apps": [
"my-app"
]
}
}
}
}
}
@@ -191561,10 +191602,17 @@
"content": {
"application/json": {
"schema": {
"title": "Empty Object",
"description": "An object without any properties.",
"type": "object",
"properties": {
},
"additionalProperties": false
},
"examples": {
"default": {
"value": null
}
}
}
}
@@ -199277,10 +199325,17 @@
"content": {
"application/json": {
"schema": {
"title": "Empty Object",
"description": "An object without any properties.",
"type": "object",
"properties": {
},
"additionalProperties": false
},
"examples": {
"default": {
"value": null
}
}
}
}
@@ -250856,12 +250911,15 @@
}
]
}
},
"example": {
"content_type": "json",
"insecure_ssl": "0",
"secret": "********",
"url": "https://example.com/webhook"
}
},
"examples": {
"default": {
"summary": "Example of updating content type and URL",
"value": {
"content_type": "json",
"url": "https://example.com/webhook"
}
}
}
}
@@ -406249,6 +406307,14 @@
]
}
}
},
"examples": {
"default": {
"summary": "Example of setting permission to read",
"value": {
"permission": "read"
}
}
}
}
}
@@ -410128,6 +410194,14 @@
]
}
}
},
"examples": {
"default": {
"summary": "Example of setting permission to pull",
"value": {
"permission": "push"
}
}
}
}
}
@@ -411563,6 +411637,15 @@
"type": "string"
}
}
},
"examples": {
"default": {
"summary": "Example of updating blog and name",
"value": {
"blog": "https://github.com/blog",
"name": "monalisa octocat"
}
}
}
}
}

95
lib/rest/static/dereferenced/ghes-3.6.deref.json
View File

@@ -24727,6 +24727,20 @@
"type": "string"
}
}
},
"examples": {
"default": {
"summary": "Example of updating scopes and note",
"value": {
"add_scopes": [
"public_repo"
],
"remove_scopes": [
"user"
],
"note": "optional note"
}
}
}
}
}
@@ -183639,6 +183653,15 @@
}
}
]
},
"examples": {
"default": {
"value": {
"apps": [
"octoapp"
]
}
}
}
}
}
@@ -184184,6 +184207,15 @@
}
}
]
},
"examples": {
"default": {
"value": {
"apps": [
"octoapp"
]
}
}
}
}
}
@@ -184728,6 +184760,15 @@
}
}
]
},
"examples": {
"default": {
"value": {
"apps": [
"my-app"
]
}
}
}
}
}
@@ -195595,10 +195636,17 @@
"content": {
"application/json": {
"schema": {
"title": "Empty Object",
"description": "An object without any properties.",
"type": "object",
"properties": {
},
"additionalProperties": false
},
"examples": {
"default": {
"value": null
}
}
}
}
@@ -203335,10 +203383,17 @@
"content": {
"application/json": {
"schema": {
"title": "Empty Object",
"description": "An object without any properties.",
"type": "object",
"properties": {
},
"additionalProperties": false
},
"examples": {
"default": {
"value": null
}
}
}
}
@@ -255821,12 +255876,15 @@
}
]
}
},
"example": {
"content_type": "json",
"insecure_ssl": "0",
"secret": "********",
"url": "https://example.com/webhook"
}
},
"examples": {
"default": {
"summary": "Example of updating content type and URL",
"value": {
"content_type": "json",
"url": "https://example.com/webhook"
}
}
}
}
@@ -420541,6 +420599,14 @@
]
}
}
},
"examples": {
"default": {
"summary": "Example of setting permission to read",
"value": {
"permission": "read"
}
}
}
}
}
@@ -424516,6 +424582,14 @@
]
}
}
},
"examples": {
"default": {
"summary": "Example of setting permission to pull",
"value": {
"permission": "push"
}
}
}
}
}
@@ -425951,6 +426025,15 @@
"type": "string"
}
}
},
"examples": {
"default": {
"summary": "Example of updating blog and name",
"value": {
"blog": "https://github.com/blog",
"name": "monalisa octocat"
}
}
}
}
}

81
lib/rest/static/dereferenced/github.ae.deref.json
View File

@@ -144141,6 +144141,15 @@
}
}
]
},
"examples": {
"default": {
"value": {
"apps": [
"octoapp"
]
}
}
}
}
}
@@ -144686,6 +144695,15 @@
}
}
]
},
"examples": {
"default": {
"value": {
"apps": [
"octoapp"
]
}
}
}
}
}
@@ -145230,6 +145248,15 @@
}
}
]
},
"examples": {
"default": {
"value": {
"apps": [
"my-app"
]
}
}
}
}
}
@@ -153115,10 +153142,17 @@
"content": {
"application/json": {
"schema": {
"title": "Empty Object",
"description": "An object without any properties.",
"type": "object",
"properties": {
},
"additionalProperties": false
},
"examples": {
"default": {
"value": null
}
}
}
}
@@ -160855,10 +160889,17 @@
"content": {
"application/json": {
"schema": {
"title": "Empty Object",
"description": "An object without any properties.",
"type": "object",
"properties": {
},
"additionalProperties": false
},
"examples": {
"default": {
"value": null
}
}
}
}
@@ -212001,12 +212042,15 @@
}
]
}
},
"example": {
"content_type": "json",
"insecure_ssl": "0",
"secret": "********",
"url": "https://example.com/webhook"
}
},
"examples": {
"default": {
"summary": "Example of updating content type and URL",
"value": {
"content_type": "json",
"url": "https://example.com/webhook"
}
}
}
}
@@ -361879,6 +361923,14 @@
]
}
}
},
"examples": {
"default": {
"summary": "Example of setting permission to read",
"value": {
"permission": "read"
}
}
}
}
}
@@ -365777,6 +365829,14 @@
]
}
}
},
"examples": {
"default": {
"summary": "Example of setting permission to pull",
"value": {
"permission": "push"
}
}
}
}
}
@@ -367214,6 +367274,15 @@
"type": "string"
}
}
},
"examples": {
"default": {
"summary": "Example of updating blog and name",
"value": {
"blog": "https://github.com/blog",
"name": "monalisa octocat"
}
}
}
}
}

2
middleware/api/search.js
View File

@@ -277,7 +277,7 @@ async function handleGetSearchResultsError(req, res, error, options) {
// where you might not have a HATSTACK_URL configured.
if (reports) await Promise.all(reports)
}
res.status(500).send(error.message)
res.status(500).json({ error: error.message })
}
// Alias for the latest version

2
script/rest/utils/webhook.js
View File

@@ -28,7 +28,7 @@ export default class Webhook {
`requestBody.content['application/json'].schema.properties.action.enum[0]`,
null
)
this.category = webhook.tags[0]
this.category = webhook['x-github'].subcategory
return this
}

27
tests/unit/pages.js
View File

@@ -1,6 +1,6 @@
import { jest } from '@jest/globals'
import path from 'path'
import { loadPages, loadPageMap, correctTranslationOrphans } from '../../lib/page-data.js'
import { loadPages, correctTranslationOrphans } from '../../lib/page-data.js'
import libLanguages from '../../lib/languages.js'
import { liquid } from '../../lib/render-content/index.js'
import patterns from '../../lib/patterns.js'
@@ -152,29 +152,4 @@ describe('pages module', () => {
expect(liquidErrors.length, failureMessage).toBe(0)
})
})
describe('loadPageMap', () => {
let pageMap
beforeAll(async () => {
pageMap = await loadPageMap(pages)
})
test('yields a non-empty object with more unique entries than pages', async () => {
// Why does it contain MORE unique entries, you ask?
// TL;DR: The pages array contains one item per Page + language, with a `permalinks` array
// property for each product version supported (free-pro-team, enterprise-server@3.0, etc.)
// The pageMap, on the other hand, is keyed by unique URLs, so it has 1-N (where N is the
// number of product versions supported) keys pointing to the same Page + language object
expect(Array.isArray(pageMap)).toBe(false)
expect(Object.keys(pageMap).length).toBeGreaterThan(pages.length)
})
test('has an identical key list to the deep permalinks of the array', async () => {
const allPermalinks = pages.flatMap((page) => page.permalinks.map((pl) => pl.href)).sort()
const allPageUrls = Object.keys(pageMap).sort()
expect(allPageUrls).toEqual(allPermalinks)
})
})
})

2
translations/ja-JP/content/actions/using-github-hosted-runners/using-larger-runners.md
View File

@@ -12,6 +12,8 @@ versions:
In addition to the [standard {% data variables.product.prodname_dotcom %}-hosted runners](/actions/using-github-hosted-runners/about-github-hosted-runners#supported-runners-and-hardware-resources), {% data variables.product.prodname_dotcom %} also offers customers on {% data variables.product.prodname_team %} and {% data variables.product.prodname_ghe_cloud %} plans a range of {% data variables.actions.hosted_runner %}s with more RAM and CPU. These runners are hosted by {% data variables.product.prodname_dotcom %} and have the runner application and other tools preinstalled.
When {% data variables.actions.hosted_runner %}s are enabled for your organization, a default runner group is automatically created for you with a set of four pre-configured {% data variables.actions.hosted_runner %}s.
When you add a {% data variables.actions.hosted_runner %} to an organization, you are defining a type of machine from a selection of available hardware specifications and operating system images. {% data variables.product.prodname_dotcom %} will then create multiple instances of this runner that scale up and down to match the job demands of your organization, based on the autoscaling limits you define.
## Machine specs for {% data variables.actions.hosted_runner %}s

208
translations/ja-JP/content/actions/using-workflows/caching-dependencies-to-speed-up-workflows.md
View File

@@ -1,7 +1,7 @@
---
title: 依存関係をキャッシュしてワークフローのスピードを上げる
shortTitle: Caching dependencies
intro: ワークフローを高速化して効率を上げるために、依存関係や広く再利用されるファイルに対するキャッシュを作成して利用できます。
title: Caching dependencies to speed up workflows
shortTitle: Cache dependencies
intro: 'To make your workflows faster and more efficient, you can create and use caches for dependencies and other commonly reused files.'
redirect_from:
- /github/automating-your-workflow-with-github-actions/caching-dependencies-to-speed-up-workflows
- /actions/automating-your-workflow-with-github-actions/caching-dependencies-to-speed-up-workflows
@@ -14,65 +14,60 @@ type: tutorial
topics:
- Workflows
miniTocMaxHeadingLevel: 3
ms.openlocfilehash: efae730b48d2423821bb95ac639df355e6b9b5d9
ms.sourcegitcommit: 47bd0e48c7dba1dde49baff60bc1eddc91ab10c5
ms.translationtype: HT
ms.contentlocale: ja-JP
ms.lasthandoff: 09/05/2022
ms.locfileid: '147710308'
---
## ワークフローの依存関係のキャッシングについて
ワークフローの実行は、しばしば他の実行と同じ出力あるいはダウンロードされた依存関係を再利用します。 たとえばMaven、Gradle、npm、Yarnといったパッケージ及び依存関係管理ツールは、ダウンロードされた依存関係のローカルキャッシュを保持します。
## About caching workflow dependencies
{% ifversion fpt or ghec %} {% data variables.product.prodname_dotcom %} ホステッド ランナー上のジョブは、クリーンなランナー イメージで開始されますが、依存関係を毎回ダウンロードする必要があるため、ネットワークの利用率が増大し、実行時間が長くなり、コストが高くなります。 {% endif %}依存関係などのファイルの再生成にかかる時間を短縮しやすくするために、{% data variables.product.prodname_dotcom %} ではワークフロー内で頻繁に使われるファイルをキャッシュできます。
Workflow runs often reuse the same outputs or downloaded dependencies from one run to another. For example, package and dependency management tools such as Maven, Gradle, npm, and Yarn keep a local cache of downloaded dependencies.
ジョブの依存関係をキャッシュするには、{% data variables.product.prodname_dotcom %} の [`cache` アクション](https://github.com/actions/cache)を使用できます。 このアクションは、一意のキーによって識別されるキャッシュを作成し、復元します。 なお、以下に示すパッケージ マネージャーをキャッシュする場合、それぞれの setup-* アクションを使用するには、最小構成が必要となります。これにより、依存関係キャッシュが作成され、復元されます。
{% ifversion fpt or ghec %} Jobs on {% data variables.product.prodname_dotcom %}-hosted runners start in a clean runner image and must download dependencies each time, causing increased network utilization, longer runtime, and increased cost. {% endif %}To help speed up the time it takes to recreate files like dependencies, {% data variables.product.prodname_dotcom %} can cache files you frequently use in workflows.
| パッケージ マネージャー | キャッシュの setup-* アクション |
To cache dependencies for a job, you can use {% data variables.product.prodname_dotcom %}'s [`cache` action](https://github.com/actions/cache). The action creates and restores a cache identified by a unique key. Alternatively, if you are caching the package managers listed below, using their respective setup-* actions requires minimal configuration and will create and restore dependency caches for you.
| Package managers | setup-* action for caching |
|---|---|
| npmYarnpnpm | [setup-node](https://github.com/actions/setup-node#caching-global-packages-data) |
| pippipenvPoetry | [setup-python](https://github.com/actions/setup-python#caching-packages-dependencies) |
| GradleMaven | [setup-java](https://github.com/actions/setup-java#caching-packages-dependencies) |
| npm, Yarn, pnpm | [setup-node](https://github.com/actions/setup-node#caching-global-packages-data) |
| pip, pipenv, Poetry | [setup-python](https://github.com/actions/setup-python#caching-packages-dependencies) |
| Gradle, Maven | [setup-java](https://github.com/actions/setup-java#caching-packages-dependencies) |
| RubyGems | [setup-ruby](https://github.com/ruby/setup-ruby#caching-bundle-install-automatically) |
| Go `go.sum` | [setup-go](https://github.com/actions/setup-go#caching-dependency-files-and-build-outputs) |
{% warning %}
**警告**: {% ifversion fpt or ghec %}{% data variables.product.prodname_actions %} でキャッシュを使用する場合は、次の点に注意してください。
**Warning**: {% ifversion fpt or ghec %}Be mindful of the following when using caching with {% data variables.product.prodname_actions %}:
* {% endif %}キャッシュには、機密情報を保存しないことをお勧めします。 たとえばキャッシュパス内のファイルに保存されたアクセストークンあるいはログインクレデンシャルなどがセンシティブな情報です。 また、`docker login` のようなコマンド ライン インターフェイス (CLI) プログラムでは、アクセス資格情報を構成ファイルに保存できます。 読み取りアクセスを持つ人は誰でも、リポジトリに pull request を作成し、キャッシュの内容にアクセスできます。 リポジトリのフォークも、ベースブランチ上にPull Requestを作成し、ベースブランチ上のキャッシュにアクセスできます。
* {% endif %}We recommend that you don't store any sensitive information in the cache. For example, sensitive information can include access tokens or login credentials stored in a file in the cache path. Also, command line interface (CLI) programs like `docker login` can save access credentials in a configuration file. Anyone with read access can create a pull request on a repository and access the contents of a cache. Forks of a repository can also create pull requests on the base branch and access caches on the base branch.
{%- ifversion fpt or ghec %}
* セルフホステッド ランナーを使用する場合、ワークフロー実行のキャッシュは、{% data variables.product.company_short %} 所有のクラウド ストレージに保存されます。 顧客所有のストレージ ソリューションは、{% data variables.product.prodname_ghe_server %} でのみ使用できます。
* When using self-hosted runners, caches from workflow runs are stored on {% data variables.product.company_short %}-owned cloud storage. A customer-owned storage solution is only available with {% data variables.product.prodname_ghe_server %}.
{%- endif %}
{% endwarning %}
{% data reusables.actions.comparing-artifacts-caching %}
ワークフロー実行のアーティファクトについて詳しくは、「[アーティファクトを使用してワークフロー データを永続化する](/github/automating-your-workflow-with-github-actions/persisting-workflow-data-using-artifacts)」を参照してください。
For more information on workflow run artifacts, see "[Persisting workflow data using artifacts](/github/automating-your-workflow-with-github-actions/persisting-workflow-data-using-artifacts)."
## キャッシュへのアクセスについての制限
## Restrictions for accessing a cache
ワークフローは、現在のブランチ、ベース ブランチ (フォークされたリポジトリのベース ブランチを含む)、または既定のブランチ (通常 `main`) で作成されたキャッシュにアクセスして復元できます。 たとえば、デフォルトブランチで作成されたキャッシュは、どのPull Requestからもアクセスできます。 また、ブランチ `feature-b` にベース ブランチ `feature-a` がある場合、`feature-b` でトリガーされたワークフローは、既定のブランチ (`main`)`feature-a`、および `feature-b` で作成されたキャッシュにアクセスすることができます。
A workflow can access and restore a cache created in the current branch, the base branch (including base branches of forked repositories), or the default branch (usually `main`). For example, a cache created on the default branch would be accessible from any pull request. Also, if the branch `feature-b` has the base branch `feature-a`, a workflow triggered on `feature-b` would have access to caches created in the default branch (`main`), `feature-a`, and `feature-b`.
アクセス制限を使用すると、さまざまなブランチまたはタグ間に論理境界を作成することで、キャッシュを分離しセキュリティで保護することができます。 たとえば、ブランチ `feature-a` (ベース `main` を使用) のために作成されたキャッシュは、ブランチ `feature-c` (ベース`main` を使用) の pull request にはアクセスできません。 同様の行上で、(ベースの `main` からの) タグ `release-a` 用に作成されるキャッシュは、(ベース `main` を使用して) タグ `release-b` に対してトリガーされるワークフローにアクセスできません。
Access restrictions provide cache isolation and security by creating a logical boundary between different branches or tags. For example, a cache created for the branch `feature-a` (with the base `main`) would not be accessible to a pull request for the branch `feature-c` (with the base `main`). On similar lines, a cache created for the tag `release-a` (from the base `main`) would not be accessible to a workflow triggered for the tag `release-b` (with the base `main`).
リポジトリ内の複数のワークフローは、キャッシュ エントリを共有します。 ワークフロー内のブランチ用に作成されたキャッシュは、同じリポジトリとブランチの別のワークフローからアクセスおよび復元できます。
Multiple workflows within a repository share cache entries. A cache created for a branch within a workflow can be accessed and restored from another workflow for the same repository and branch.
## `cache` アクションの使用
## Using the `cache` action
[`cache` action](https://github.com/actions/cache) アクションは、指定した `key` に基づいてキャッシュの復元を試みます。 アクションでキャッシュが見つかると、アクションは、キャッシュされたファイルを構成した `path` に復元します。
The [`cache` action](https://github.com/actions/cache) will attempt to restore a cache based on the `key` you provide. When the action finds a cache, the action restores the cached files to the `path` you configure.
完全に一致するものがない場合、ジョブが正常に完了すると、このアクションによって新しいキャッシュが自動的に作成されます。 新しいキャッシュでは、指定した `key` が使用され、`path` で指定したファイルが含められます。
If there is no exact match, the action automatically creates a new cache if the job completes successfully. The new cache will use the `key` you provided and contains the files you specify in `path`.
必要に応じて、`key` が既存のキャッシュと一致しない場合に使用する `restore-keys` のリストを指定できます。 `restore-keys` はキャッシュ キーと部分的に一致する可能性があるため、`restore-keys` のリストは別のブランチからキャッシュを復元する場合に便利です。 `restore-keys` の照合の詳細については、「[キャッシュ キーのマッチング](#matching-a-cache-key)」を参照してください。
You can optionally provide a list of `restore-keys` to use when the `key` doesn't match an existing cache. A list of `restore-keys` is useful when you are restoring a cache from another branch because `restore-keys` can partially match cache keys. For more information about matching `restore-keys`, see "[Matching a cache key](#matching-a-cache-key)."
### `cache` アクションの入力パラメーター
### Input parameters for the `cache` action
- `key`: **必須** キャッシュの保存時に作成されたキーと、キャッシュの検索に使用されるキー。 変数、コンテキスト値、静的な文字列、関数の任意の組み合わせが使えます。 キーの長さは最大で512文字であり、キーが最大長よりも長いとアクションは失敗します。
- `path`: **必須** キャッシュまたは復元するランナー上のパス。
- 1 つのパスを指定することも、複数のパスを別々の行に追加することもできます。 たとえば次のような点です。
- `key`: **Required** The key created when saving a cache and the key used to search for a cache. It can be any combination of variables, context values, static strings, and functions. Keys have a maximum length of 512 characters, and keys longer than the maximum length will cause the action to fail.
- `path`: **Required** The path(s) on the runner to cache or restore.
- You can specify a single path, or you can add multiple paths on separate lines. For example:
```
- name: Cache Gradle packages
@@ -82,9 +77,9 @@ ms.locfileid: '147710308'
~/.gradle/caches
~/.gradle/wrapper
```
- ディレクトリまたは単一ファイルのいずれかを指定できます。glob パターンがサポートされています。
- 絶対パス、またはワークスペース ディレクトリに対する相対パスを指定できます。
- `restore-keys`: **オプション** 代替の復元キーを含んだ文字列。各復元キーは新しい行に配置されます。 `key` に対するキャッシュ ヒットが発生しない場合は、キャッシュを検索して復元するために、これらの復元キーが指定された順序で使用されます。 たとえば次のような点です。
- You can specify either directories or single files, and glob patterns are supported.
- You can specify absolute paths, or paths relative to the workspace directory.
- `restore-keys`: **Optional** A string containing alternative restore keys, with each restore key placed on a new line. If no cache hit occurs for `key`, these restore keys are used sequentially in the order provided to find and restore a cache. For example:
{% raw %}
```yaml
@@ -95,13 +90,13 @@ ms.locfileid: '147710308'
```
{% endraw %}
### `cache` アクションの出力パラメーター
### Output parameters for the `cache` action
- `cache-hit`: キーに対して完全一致が見つかったかどうかを示すブール値。
- `cache-hit`: A boolean value to indicate an exact match was found for the key.
### `cache` アクションの使用例
### Example using the `cache` action
次の例では、`package-lock.json` ファイル内のパッケージが変更されたとき、またはランナーのオペレーティング システムが変更されたときに、新しいキャッシュを作成します。 キャッシュ キーは、コンテキストと式を使用して、ランナーのオペレーティング システムと `package-lock.json` ファイルの SHA-256 ハッシュを含むキーを生成します。
This example creates a new cache when the packages in `package-lock.json` file change, or when the runner's operating system changes. The cache key uses contexts and expressions to generate a key that includes the runner's operating system and a SHA-256 hash of the `package-lock.json` file.
```yaml{:copy}
name: Caching with npm
@@ -141,27 +136,27 @@ jobs:
run: npm test
```
`key` が既存のキャッシュと一致した場合 (これは _キャッシュ ヒット_ と呼ばれます)、アクションはキャッシュされたファイルを `path` ディレクトリに復元します。
When `key` matches an existing cache, it's called a _cache hit_, and the action restores the cached files to the `path` directory.
`key` が既存のキャッシュと一致しない場合 (これは _キャッシュ ミス_ と呼ばれます)、ジョブが正常に完了すると、新しいキャッシュが作成されます。
When `key` doesn't match an existing cache, it's called a _cache miss_, and a new cache is automatically created if the job completes successfully.
キャッシュ ミスが発生した場合、アクションはユーザーが指定した `restore-keys` の一致も検索します。
When a cache miss occurs, the action also searches your specified `restore-keys` for any matches:
1. `restore-keys` を指定した場合、`cache` アクションは `restore-keys` のリストに一致するすべてのキャッシュを順次検索します。
- 完全に一致する場合、アクションはキャッシュ内のファイルを `path` ディレクトリに復元します。
- 完全なマッチがなかった場合、アクションはリストアキーに対する部分一致を検索します。 アクションで部分的な一致が見つかると、最新のキャッシュが `path` ディレクトリに復元されます。
1. `cache` アクションが完了し、ジョブの次のステップが実行されます。
1. ジョブが正常に完了すると、アクションは `path` ディレクトリのコンテンツを含んだ新しいキャッシュを自動的に作成します。
1. If you provide `restore-keys`, the `cache` action sequentially searches for any caches that match the list of `restore-keys`.
- When there is an exact match, the action restores the files in the cache to the `path` directory.
- If there are no exact matches, the action searches for partial matches of the restore keys. When the action finds a partial match, the most recent cache is restored to the `path` directory.
1. The `cache` action completes and the next step in the job runs.
1. If the job completes successfully, the action automatically creates a new cache with the contents of the `path` directory.
キャッシュ照合プロセスの詳細については、「[キャッシュキーのマッチング](#matching-a-cache-key)」を参照してください。 キャッシュをいったん作成すると、既存のキャッシュの内容を変更することはできませんが、新しいキーで新しいキャッシュを作成することはできます。
For a more detailed explanation of the cache matching process, see "[Matching a cache key](#matching-a-cache-key)." Once you create a cache, you cannot change the contents of an existing cache but you can create a new cache with a new key.
### コンテキストを使ったキャッシュキーの作成
### Using contexts to create cache keys
キャッシュキーには、コンテキスト、関数、リテラル、{% data variables.product.prodname_actions %}がサポートする演算子を含めることができます。 詳細については、「[コンテキスト](/actions/learn-github-actions/contexts)」および「[](/actions/learn-github-actions/expressions)」を参照してください。
A cache key can include any of the contexts, functions, literals, and operators supported by {% data variables.product.prodname_actions %}. For more information, see "[Contexts](/actions/learn-github-actions/contexts)" and "[Expressions](/actions/learn-github-actions/expressions)."
式を使用して `key` を作成すると、依存関係が変更されたときに新しいキャッシュを自動的に作成できます。
Using expressions to create a `key` allows you to automatically create a new cache when dependencies change.
たとえば、npm `package-lock.json` ファイルのハッシュを計算する式を使用して `key` を作成できます。 その場合、`package-lock.json` ファイルを構成する依存関係が変更されると、キャッシュ キーが変更され、新しいキャッシュが自動的に作成されます。
For example, you can create a `key` using an expression that calculates the hash of an npm `package-lock.json` file. So, when the dependencies that make up the `package-lock.json` file change, the cache key changes and a new cache is automatically created.
{% raw %}
```yaml
@@ -169,17 +164,17 @@ npm-${{ hashFiles('package-lock.json') }}
```
{% endraw %}
{% data variables.product.prodname_dotcom %} は、式 `hash "package-lock.json"` を評価して最終的な `key` を導き出します。
{% data variables.product.prodname_dotcom %} evaluates the expression `hash "package-lock.json"` to derive the final `key`.
```yaml
npm-d5ea0750
```
### `cache` アクションの出力の使用
### Using the output of the `cache` action
`cache` アクションの出力を使用すると、キャッシュ ヒットやキャッシュ ミスが発生したどうかに基づいて操作を実行することができます。 指定した `key` のキャッシュに完全一致が見つかった場合、`cache-hit` の出力は `true` に設定されます。
You can use the output of the `cache` action to do something based on whether a cache hit or miss occurred. When an exact match is found for a cache for the specified `key`, the `cache-hit` output is set to `true`.
上記のワークフロー例では、キャッシュ ミスが発生した場合に、Node モジュールの状態をリストする手順があります。
In the example workflow above, there is a step that lists the state of the Node modules if a cache miss occurred:
```yaml
- if: {% raw %}${{ steps.cache-npm.outputs.cache-hit != 'true' }}{% endraw %}
@@ -188,13 +183,13 @@ npm-d5ea0750
run: npm list
```
## キャッシュキーのマッチング
## Matching a cache key
`cache` アクションは、最初にワークフロー実行を含むブランチで、`key` および `restore-keys` のキャッシュ ヒットを検索します。 現在のブランチにヒットがない場合、`cache` アクションは親ブランチとアップストリーム ブランチの `key` および `restore-keys` を検索します。
The `cache` action first searches for cache hits for `key` and `restore-keys` in the branch containing the workflow run. If there are no hits in the current branch, the `cache` action searches for `key` and `restore-keys` in the parent branch and upstream branches.
`restore-keys` では、`key` でキャッシュ ミスが発生した場合に使用する代替復元キーのリストを指定できます。 特定の度合いが強いものから弱いものへ並べて複数のリストアキーを作成できます。 `cache` アクションは `restore-keys` を順番に検索します。 キーが直接マッチしなかった場合、アクションはリストアキーでプレフィックスされたキーを検索します。 リストアキーに対して複数の部分一致があった場合、アクションは最も最近に作成されたキャッシュを返します。
`restore-keys` allows you to specify a list of alternate restore keys to use when there is a cache miss on `key`. You can create multiple restore keys ordered from the most specific to least specific. The `cache` action searches the `restore-keys` in sequential order. When a key doesn't match directly, the action searches for keys prefixed with the restore key. If there are multiple partial matches for a restore key, the action returns the most recently created cache.
### 複数のリストアキーの利用例
### Example using multiple restore keys
{% raw %}
```yaml
@@ -205,7 +200,7 @@ restore-keys: |
```
{% endraw %}
ランナーは式を評価し、次の `restore-keys` に解決します。
The runner evaluates the expressions, which resolve to these `restore-keys`:
{% raw %}
```yaml
@@ -216,13 +211,13 @@ restore-keys: |
```
{% endraw %}
復元キー `npm-feature-` は、文字列 `npm-feature-` で始まるすべてのキーと一致します。 たとえば、`npm-feature-fd3052de` および `npm-feature-a9b253ff` の両方のキーと復元キーが一致します。 最も最近の期日に作成されたキャッシュが使われます。 この例でのキーは、以下の順序で検索されます。
The restore key `npm-feature-` matches any key that starts with the string `npm-feature-`. For example, both of the keys `npm-feature-fd3052de` and `npm-feature-a9b253ff` match the restore key. The cache with the most recent creation date would be used. The keys in this example are searched in the following order:
1. **`npm-feature-d5ea0750`** は特定のハッシュと一致します。
1. **`npm-feature-`** `npm-feature-` というプレフィックスが付いたキャッシュ キーと一致します。
1. **`npm-`** `npm-` というプレフィックスが付いたすべてのキーと一致します。
1. **`npm-feature-d5ea0750`** matches a specific hash.
1. **`npm-feature-`** matches cache keys prefixed with `npm-feature-`.
1. **`npm-`** matches any keys prefixed with `npm-`.
#### 検索の優先度の例
#### Example of search priority
```yaml
key:
@@ -232,30 +227,81 @@ restore-keys: |
npm-
```
たとえば、pull request `feature` ブランチを含んでいて、既定のブランチ (`main`) をターゲットとしている場合、アクションは `key` `restore-keys` を次の順序で検索します。
For example, if a pull request contains a `feature` branch and targets the default branch (`main`), the action searches for `key` and `restore-keys` in the following order:
1. `feature` ブランチ内のキー `npm-feature-d5ea0750`
1. `feature` ブランチ内のキー `npm-feature-`
1. `feature` ブランチ内のキー `npm-`
1. `main` ブランチ内のキー `npm-feature-d5ea0750`
1. `main` ブランチ内のキー `npm-feature-`
1. `main` ブランチ内のキー `npm-`
1. Key `npm-feature-d5ea0750` in the `feature` branch
1. Key `npm-feature-` in the `feature` branch
1. Key `npm-` in the `feature` branch
1. Key `npm-feature-d5ea0750` in the `main` branch
1. Key `npm-feature-` in the `main` branch
1. Key `npm-` in the `main` branch
## 利用制限と退去のポリシー
## Usage limits and eviction policy
{% data variables.product.prodname_dotcom %}は、7日間以上アクセスされていないキャッシュエントリを削除します。 保存できるキャッシュの数に制限はありませんが、リポジトリ内のすべてのキャッシュの合計サイズは制限されています{% ifversion actions-cache-policy-apis %}。 既定では、リポジトリあたり 10 GB の制限ですが、この制限は、エンタープライズ所有者やリポジトリ管理者が設定したポリシーによって変わる場合があります。{% else %} (最大 10 GB)。{% endif %}
{% data variables.product.prodname_dotcom %} will remove any cache entries that have not been accessed in over 7 days. There is no limit on the number of caches you can store, but the total size of all caches in a repository is limited{% ifversion actions-cache-policy-apis %}. By default, the limit is 10 GB per repository, but this limit might be different depending on policies set by your enterprise owners or repository administrators.{% else %} to 10 GB.{% endif %}
{% data reusables.actions.cache-eviction-process %}
{% data reusables.actions.cache-eviction-process %} {% ifversion actions-cache-ui %}The cache eviction process may cause cache thrashing, where caches are created and deleted at a high frequency. To reduce this, you can review the caches for a repository and take corrective steps, such as removing caching from specific workflows. For more information, see "[Managing caches](#managing-caches)."{% endif %}{% ifversion actions-cache-admin-ui %} You can also increase the cache size limit for a repository. For more information, see "[Managing {% data variables.product.prodname_actions %} settings for a repository](/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#configuring-cache-storage-for-a-repository)."
{% elsif actions-cache-policy-apis %}
For information on changing the policies for the repository cache size limit, see "[Enforcing policies for {% data variables.product.prodname_actions %} in your enterprise](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise#enforcing-a-policy-for-cache-storage-in-your-enterprise)" and "[Managing {% data variables.product.prodname_actions %} settings for a repository](/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#configuring-cache-storage-for-a-repository)."
{% ifversion actions-cache-policy-apis %} リポジトリのキャッシュ サイズ制限のポリシー変更については、「[エンタープライズで {% data variables.product.prodname_actions %} のポリシーを適用する](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise#enforcing-a-policy-for-cache-storage-in-your-enterprise)」および「[リポジトリの {% data variables.product.prodname_actions %} の設定を管理する](/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#configuring-cache-storage-for-a-repository)」をご覧ください。
{% endif %}
{% ifversion actions-cache-management %}
## キャッシュの管理
## Managing caches
{% data variables.product.product_name %} REST API を使用してキャッシュを管理できます。 {% ifversion actions-cache-list-delete-apis %}API を使って、キャッシュ エントリの一覧表示と削除を行い、キャッシュの使用状況を確認できます。{% elsif actions-cache-management %}現時点では、API を使ってキャッシュの使用状況を確認できます。今後の更新で、さらに多くの機能が追加される予定です。{% endif %}詳しくは、REST API のドキュメント「[{% data variables.product.prodname_actions %} キャッシュ](/rest/actions/cache)」をご覧ください。
{% ifversion actions-cache-ui %}
{% data variables.product.prodname_cli %} 拡張機能をインストールして、コマンド ラインからキャッシュを管理することもできます。 拡張機能について詳しくは、[拡張機能のドキュメント](https://github.com/actions/gh-actions-cache#readme)を参照してください。 {% data variables.product.prodname_cli %} 拡張機能について詳しくは、「[GitHub CLI 拡張機能を使用する](/github-cli/github-cli/using-github-cli-extensions)」を参照してください。
To manage caches created from your workflows, you can:
- View a list of all cache entries for a repository.
- Filter and sort the list of caches using specific metadata such as cache size, creation time, or last accessed time.
- Delete cache entries from a repository.
- Monitor aggregate cache usage for repositories and organizations.
There are multiple ways to manage caches for your repositories:
- Using the {% data variables.product.prodname_dotcom %} web interface, as shown below.
- Using the REST API. For more information, see the "[{% data variables.product.prodname_actions %} Cache](/rest/actions/cache)" REST API documentation.
- Installing a {% data variables.product.prodname_cli %} extension to manage your caches from the command line. For more information, see the [gh-actions-cache](https://github.com/actions/gh-actions-cache) extension.
{% else %}
You can use the {% data variables.product.product_name %} REST API to manage your caches. {% ifversion actions-cache-list-delete-apis %}You can use the API to list and delete cache entries, and see your cache usage.{% elsif actions-cache-management %}At present, you can use the API to see your cache usage, with more functionality expected in future updates.{% endif %} For more information, see the "[{% data variables.product.prodname_actions %} Cache](/rest/actions/cache)" REST API documentation.
You can also install a {% data variables.product.prodname_cli %} extension to manage your caches from the command line. For more information about the extension, see [the extension documentation](https://github.com/actions/gh-actions-cache#readme). For more information about {% data variables.product.prodname_cli %} extensions, see "[Using GitHub CLI extensions](/github-cli/github-cli/using-github-cli-extensions)."
{% endif %}
{% ifversion actions-cache-ui %}
### Viewing cache entries
You can use the web interface to view a list of cache entries for a repository. In the cache list, you can see how much disk space each cache is using, when the cache was created, and when the cache was last used.
{% data reusables.repositories.navigate-to-repo %}
{% data reusables.repositories.actions-tab %}
{% data reusables.repositories.actions-cache-list %}
1. Review the list of cache entries for the repository.
* To search for cache entries used for a specific branch, click the **Branch** dropdown menu and select a branch. The cache list will display all of the caches used for the selected branch.
* To search for cache entries with a specific cache key, use the syntax `key: key-name` in the **Filter caches** field. The cache list will display caches from all branches where the key was used.
![Screenshot of the list of cache entries](/assets/images/help/repository/actions-cache-entry-list.png)
### Deleting cache entries
Users with `write` access to a repository can use the {% data variables.product.prodname_dotcom %} web interface to delete cache entries.
{% data reusables.repositories.navigate-to-repo %}
{% data reusables.repositories.actions-tab %}
{% data reusables.repositories.actions-cache-list %}
1. To the right of the cache entry you want to delete, click {% octicon "trash" aria-label="The trash icon" %}.
![Screenshot of the list of cache entries](/assets/images/help/repository/actions-cache-delete.png)
{% endif %}
{% endif %}

101
translations/ja-JP/content/admin/enterprise-management/configuring-clustering/cluster-network-configuration.md
View File

@@ -1,6 +1,6 @@
---
title: クラスタのネットワーク設定
intro: '{% data variables.product.prodname_ghe_server %} クラスタリングが適切に動作するためには、DNS の名前解決、ロードバランシング、ノード間の通信が適切に行われなければなりません。'
title: Cluster network configuration
intro: '{% data variables.product.prodname_ghe_server %} clustering relies on proper DNS name resolution, load balancing, and communication between nodes to operate properly.'
redirect_from:
- /enterprise/admin/clustering/cluster-network-configuration
- /enterprise/admin/enterprise-management/cluster-network-configuration
@@ -14,68 +14,62 @@ topics:
- Infrastructure
- Networking
shortTitle: Configure a cluster network
ms.openlocfilehash: d6e4d50077cccc3e5582be0af39bdae0046cd8c8
ms.sourcegitcommit: fcf3546b7cc208155fb8acdf68b81be28afc3d2d
ms.translationtype: HT
ms.contentlocale: ja-JP
ms.lasthandoff: 09/10/2022
ms.locfileid: '145112765'
---
## ネットワークに関する考慮事項
## Network considerations
クラスタリングのための最もシンプルなネットワーク設計は、ード群を単一のLANに置くことです。 クラスタがサブネットワークにまたがる必要がある場合は、ネットワーク間にファイアウォールルールを設定することはお勧めしません。 ノード間の遅延は 1 ミリ秒未満である必要があります。
The simplest network design for clustering is to place the nodes on a single LAN. If a cluster must span subnetworks, we do not recommend configuring any firewall rules between the networks. The latency between nodes should be less than 1 millisecond.
{% ifversion ghes %}高可用性を実現するには、アクティブ ノードを備えたネットワークとパッシブ ノードを備えたネットワーク間の待ち時間が 70 ミリ秒未満である必要があります。 2 つのネットワーク間にファイアウォールを設定することはお勧めしません。{% endif %}
{% data reusables.enterprise_clustering.network-latency %}
### エンドユーザーのためのアプリケーションポート
### Application ports for end users
アプリケーションのポートは、エンドユーザーにWebアプリケーションとGitへのアクセスを提供します。
Application ports provide web application and Git access for end users.
| Port | 説明 | Encrypted |
| Port | Description | Encrypted |
| :------------- | :------------- | :------------- |
| 22/TCP | Git over SSH | Yes |
| 25/TCP | SMTP | STARTTLSが必要 |
| 80/TCP | HTTP | No<br>(SSL が有効になっている場合、このポートは HTTPS にリダイレクトされます) |
| 25/TCP | SMTP | Requires STARTTLS |
| 80/TCP | HTTP | No<br>(When SSL is enabled this port redirects to HTTPS) |
| 443/TCP | HTTPS | Yes |
| 9418/TCP | 単純な Git プロトコル ポート<br>(プライベート モードでは無効) | No |
| 9418/TCP | Simple Git protocol port<br>(Disabled in private mode) | No |
### 管理ポート
### Administrative ports
管理ポートは、エンドユーザが基本的なアプリケーションを利用するためには必要ありません。
Administrative ports are not required for basic application use by end users.
| Port | 説明 | Encrypted |
| Port | Description | Encrypted |
| :------------- | :------------- | :------------- |
| ICMP | ICMP Ping | No |
| 122/TCP | 管理SSH | Yes |
| 122/TCP | Administrative SSH | Yes |
| 161/UDP | SNMP | No |
| 8080/TCP | Management Console HTTP | No<br>(SSL が有効になっている場合、このポートは HTTPS にリダイレクトされます) |
| 8080/TCP | Management Console HTTP | No<br>(When SSL is enabled this port redirects to HTTPS) |
| 8443/TCP | Management Console HTTPS | Yes |
### クラスタ通信ポート
### Cluster communication ports
ネットワークレベルのファイアウォールがノード間にある場合は、これらのポートがアクセス可能である必要があります。 ノード間の通信は暗号化されていません。 これらのポートは外部からアクセスできません。
If a network level firewall is in place between nodes, these ports will need to be accessible. The communication between nodes is not encrypted. These ports should not be accessible externally.
| Port | 説明 |
| Port | Description |
| :------------- | :------------- |
| 1336/TCP | 内部 API |
| 3033/TCP | 内部 SVN アクセス |
| 3037/TCP | 内部 SVN アクセス |
| 1336/TCP | Internal API |
| 3033/TCP | Internal SVN access |
| 3037/TCP | Internal SVN access |
| 3306/TCP | MySQL |
| 4486/TCP | Governor アクセス |
| 5115/TCP | ストレージ バックエンド |
| 5208/TCP | 内部 SVN アクセス |
| 4486/TCP | Governor access |
| 5115/TCP | Storage backend |
| 5208/TCP | Internal SVN access |
| 6379/TCP | Redis |
| 8001/TCP | Grafana |
| 8090/TCP | 内部 GPG アクセス |
| 8149/TCP | GitRPC ファイルサーバーアクセス |
| 8090/TCP | Internal GPG access |
| 8149/TCP | GitRPC file server access |
| 8300/TCP | Consul |
| 8301/TCP | Consul |
| 8302/TCP | Consul |
| 9000/TCP | Git デーモン |
| 9102/TCP | Pages ファイルサーバー |
| 9105/TCP | LFS サーバー |
| 9000/TCP | Git Daemon |
| 9102/TCP | Pages file server |
| 9105/TCP | LFS server |
| 9200/TCP | Elasticsearch |
| 9203/TCP | セマンティックコードサービス |
| 9203/TCP | Semantic code service |
| 9300/TCP | Elasticsearch |
| 11211/TCP | Memcache |
| 161/UDP | SNMP |
@@ -84,42 +78,42 @@ ms.locfileid: '145112765'
| 8302/UDP | Consul |
| 25827/UDP | Collectd |
## ロードバランサの設定
## Configuring a load balancer
ード間のトラフィックの分配には、PROXY プロトコルをサポートする TCP ベースの外部ロードバランサをおすすめします。 以下のロードバランサ設定を検討してください:
We recommend an external TCP-based load balancer that supports the PROXY protocol to distribute traffic across nodes. Consider these load balancer configurations:
- TCP ポート (以下に示す) は、`web-server` サービスを実行しているノードに転送する必要があります。 これらは、外部クライアント要求を処理する唯一のノードです。
- スティッキーセッションは有効化してはなりません。
- TCP ports (shown below) should be forwarded to nodes running the `web-server` service. These are the only nodes that serve external client requests.
- Sticky sessions shouldn't be enabled.
{% data reusables.enterprise_installation.terminating-tls %}
## クライアントの接続情報の処理
## Handling client connection information
クラスタへのクライアント接続はロードバランサから行われるため、クライアントの IP アドレスが失われる可能性があります。 クライアント接続情報を正しく取り込むには、追加の検討が必要です。
Because client connections to the cluster come from the load balancer, the client IP address can be lost. To properly capture the client connection information, additional consideration is required.
{% data reusables.enterprise_clustering.proxy_preference %}
{% data reusables.enterprise_clustering.proxy_xff_firewall_warning %}
### {% data variables.product.prodname_ghe_server %}での PROXY サポートの有効化
### Enabling PROXY support on {% data variables.product.prodname_ghe_server %}
インスタンスとロードバランサの双方でPROXYサポートを有効化することを強くおすすめします。
We strongly recommend enabling PROXY support for both your instance and the load balancer.
{% data reusables.enterprise_installation.proxy-incompatible-with-aws-nlbs %}
- インスタンスにはこのコマンドを使用してください:
- For your instance, use this command:
```shell
$ ghe-config 'loadbalancer.proxy-protocol' 'true' && ghe-cluster-config-apply
```
- ロードバランサでは、ベンダーから提供された手順書に従ってください。
- For the load balancer, use the instructions provided by your vendor.
{% data reusables.enterprise_clustering.proxy_protocol_ports %}
### {% data variables.product.prodname_ghe_server %}での X-Forwarded-For サポートの有効化
### Enabling X-Forwarded-For support on {% data variables.product.prodname_ghe_server %}
{% data reusables.enterprise_clustering.x-forwarded-for %}
`X-Forwarded-For` ヘッダーを有効にするには、次のコマンドを使用します。
To enable the `X-Forwarded-For` header, use this command:
```shell
$ ghe-config 'loadbalancer.http-forward' 'true' && ghe-cluster-config-apply
@@ -127,11 +121,12 @@ $ ghe-config 'loadbalancer.http-forward' 'true' && ghe-cluster-config-apply
{% data reusables.enterprise_clustering.without_proxy_protocol_ports %}
### ヘルスチェックの設定
ロードバランサは健全性チェックによって、事前に設定されたチェックが失敗するようになったノードがあれば、反応しなくなったノードへのトラフィックの送信を止めます。 クラスタのノードに障害が起きた場合、冗長なノードと組み合わさったヘルスチェックが高可用性を提供してくれます。
### Configuring Health Checks
Health checks allow a load balancer to stop sending traffic to a node that is not responding if a pre-configured check fails on that node. If a cluster node fails, health checks paired with redundant nodes provides high availability.
{% data reusables.enterprise_clustering.health_checks %} {% data reusables.enterprise_site_admin_settings.maintenance-mode-status %}
{% data reusables.enterprise_clustering.health_checks %}
{% data reusables.enterprise_site_admin_settings.maintenance-mode-status %}
## DNS の要件
## DNS Requirements
{% data reusables.enterprise_clustering.load_balancer_dns %}

250
translations/ja-JP/content/admin/enterprise-management/configuring-clustering/configuring-high-availability-replication-for-a-cluster.md
View File

@@ -1,6 +1,6 @@
---
title: クラスタの High Availability レプリケーションを設定する
intro: '{% data variables.product.prodname_ghe_server %} クラスタ全体のパッシブレプリカを別の場所に設定することで、クラスタを冗長ノードにフェイルオーバーできるようにします。'
title: Configuring high availability replication for a cluster
intro: 'You can configure a passive replica of your entire {% data variables.product.prodname_ghe_server %} cluster in a different location, allowing your cluster to fail over to redundant nodes.'
miniTocMaxHeadingLevel: 3
redirect_from:
- /enterprise/admin/enterprise-management/configuring-high-availability-replication-for-a-cluster
@@ -14,86 +14,80 @@ topics:
- High availability
- Infrastructure
shortTitle: Configure HA replication
ms.openlocfilehash: 3663fe290fab6644c5650c3f1ff435dfae87bcf4
ms.sourcegitcommit: fb047f9450b41b24afc43d9512a5db2a2b750a2a
ms.translationtype: HT
ms.contentlocale: ja-JP
ms.lasthandoff: 09/11/2022
ms.locfileid: '145120630'
---
## クラスタの High Availability レプリケーションについて
## About high availability replication for clusters
High Availability を実現するために、{% data variables.product.prodname_ghe_server %} のクラスタデプロイメントを設定できます。この場合、パッシブノードの同一のセットがアクティブクラスタ内のノードと同期されます。 ハードウェアまたはソフトウェアの障害がアクティブなクラスタのデータセンターに影響を与える場合は、手動でレプリカノードにフェイルオーバーし、ユーザリクエストの処理を続行して、停止の影響を最小限に抑えることができます。
You can configure a cluster deployment of {% data variables.product.prodname_ghe_server %} for high availability, where an identical set of passive nodes sync with the nodes in your active cluster. If hardware or software failures affect the datacenter with your active cluster, you can manually fail over to the replica nodes and continue processing user requests, minimizing the impact of the outage.
High Availability モードでは、各アクティブノードは対応するパッシブノードと定期的に同期します。 パッシブノードはスタンバイで実行され、アプリケーションへのサービス提供や、ユーザ要求の処理は行われません。
In high availability mode, each active node syncs regularly with a corresponding passive node. The passive node runs in standby and does not serve applications or process user requests.
{% data variables.product.prodname_ghe_server %} の包括的なシステム災害復旧計画の一部として High Availability を設定することをお勧めします。 また、定期的なバックアップを実行することをお勧めします。 詳細については、「[アプライアンスでのバックアップの設定](/enterprise/admin/configuration/configuring-backups-on-your-appliance)」を参照してください。
We recommend configuring high availability as a part of a comprehensive disaster recovery plan for {% data variables.product.prodname_ghe_server %}. We also recommend performing regular backups. For more information, see "[Configuring backups on your appliance](/enterprise/admin/configuration/configuring-backups-on-your-appliance)."
## 前提条件
## Prerequisites
### ハードウェアとソフトウェア
### Hardware and software
アクティブなクラスタ内の既存のードごとに、同一のハードウェアリソースを使用して2番目の仮想マシンをプロビジョニングする必要があります。 たとえば、クラスターに 11 個のノードがあり、各ノードに 12 個の vCPU96 GB RAM、および 750 GB の接続ストレージがある場合、それぞれが 12 個の vCPU96 GB RAM、および 750 GB の接続ストレージを備えた 11 個の新しい仮想マシンをプロビジョニングする必要があります。
For each existing node in your active cluster, you'll need to provision a second virtual machine with identical hardware resources. For example, if your cluster has 11 nodes and each node has 12 vCPUs, 96 GB of RAM, and 750 GB of attached storage, you must provision 11 new virtual machines that each have 12 vCPUs, 96 GB of RAM, and 750 GB of attached storage.
新しい仮想マシンごとに、アクティブクラスタ内のノードで実行されているものと同じバージョンの {% data variables.product.prodname_ghe_server %} をインストールします。 ライセンスをアップロードしたり、追加の設定を実行したりする必要はありません。 詳細については、「[{% data variables.product.prodname_ghe_server %} インスタンスをセットアップする](/enterprise/admin/installation/setting-up-a-github-enterprise-server-instance)」を参照してください。
On each new virtual machine, install the same version of {% data variables.product.prodname_ghe_server %} that runs on the nodes in your active cluster. You don't need to upload a license or perform any additional configuration. For more information, see "[Setting up a {% data variables.product.prodname_ghe_server %} instance](/enterprise/admin/installation/setting-up-a-github-enterprise-server-instance)."
{% note %}
**注**: High Availability レプリケーションに使用する予定のノードは、スタンドアロンの {% data variables.product.prodname_ghe_server %} インスタンスである必要があります。 パッシブードを2番目のクラスタとして初期化しないでください。
**Note**: The nodes that you intend to use for high availability replication should be standalone {% data variables.product.prodname_ghe_server %} instances. Don't initialize the passive nodes as a second cluster.
{% endnote %}
### ネットワーク
### Network
プロビジョニングする新しいノードごとに静的 IP アドレスを割り当てる必要があります。また、接続を受け入れてクラスタのフロントエンド層のノードに転送するようにロードバランサを設定する必要があります。
You must assign a static IP address to each new node that you provision, and you must configure a load balancer to accept connections and direct them to the nodes in your cluster's front-end tier.
アクティブクラスタを使用するネットワークとパッシブクラスタを使用するネットワークの間にファイアウォールを設定することはお勧めしません。 アクティブードのあるネットワークとパッシブードのあるネットワークの間の遅延は、70 ミリ秒未満である必要があります。 パッシブ クラスター内のノード間のネットワーク接続の詳細については、「[クラスターのネットワーク構成](/enterprise/admin/enterprise-management/cluster-network-configuration)」を参照してください。
{% data reusables.enterprise_clustering.network-latency %} For more information about network connectivity between nodes in the passive cluster, see "[Cluster network configuration](/enterprise/admin/enterprise-management/cluster-network-configuration)."
## クラスタの High Availability レプリカを作成する
## Creating a high availability replica for a cluster
- [アクティブ ノードをプライマリ データセンターに割り当てる](#assigning-active-nodes-to-the-primary-datacenter)
- [パッシブ ノードをクラスター構成ファイルに追加する](#adding-passive-nodes-to-the-cluster-configuration-file)
- [構成例](#example-configuration)
- [Assigning active nodes to the primary datacenter](#assigning-active-nodes-to-the-primary-datacenter)
- [Adding passive nodes to the cluster configuration file](#adding-passive-nodes-to-the-cluster-configuration-file)
- [Example configuration](#example-configuration)
### アクティブノードをプライマリデータセンターに割り当てる
### Assigning active nodes to the primary datacenter
パッシブノードのセカンダリデータセンターを定義する前に、アクティブノードをプライマリデータセンターに割り当てていることを確認してください。
Before you define a secondary datacenter for your passive nodes, ensure that you assign your active nodes to the primary datacenter.
{% data reusables.enterprise_clustering.ssh-to-a-node %}
{% data reusables.enterprise_clustering.open-configuration-file %}
3. クラスタのプライマリデータセンターの名前に注意します。 クラスター構成ファイルの上部にある `[cluster]` セクションでは、キーと値のペア `primary-datacenter` を使用して、プライマリ データセンターの名前を定義します。 既定では、クラスターのプライマリ データセンターの名前は `default` です。
3. Note the name of your cluster's primary datacenter. The `[cluster]` section at the top of the cluster configuration file defines the primary datacenter's name, using the `primary-datacenter` key-value pair. By default, the primary datacenter for your cluster is named `default`.
```shell
[cluster]
mysql-master = <em>HOSTNAME</em>
redis-master = <em>HOSTNAME</em>
mysql-master = HOSTNAME
redis-master = HOSTNAME
<strong>primary-datacenter = default</strong>
```
- 必要に応じて、`primary-datacenter` の値を編集して、プライマリ データセンター名をよりわかりやすい名前に変更します。
- Optionally, change the name of the primary datacenter to something more descriptive or accurate by editing the value of `primary-datacenter`.
4. {% data reusables.enterprise_clustering.configuration-file-heading %} 各ノードの見出しの下に、新しいキー/値ペアのペアを追加して、ノードをデータセンターに割り当てます。 上記のステップ 3 と同じ値 `primary-datacenter` を使用します。 たとえば、既定の名前 (`default`) を使用する場合は、次のキーと値のペアを各ノードのセクションに追加します。
4. {% data reusables.enterprise_clustering.configuration-file-heading %} Under each node's heading, add a new key-value pair to assign the node to a datacenter. Use the same value as `primary-datacenter` from step 3 above. For example, if you want to use the default name (`default`), add the following key-value pair to the section for each node.
```
datacenter = default
```
完了すると、クラスタ設定ファイルの各ノードのセクションは次の例のようになります。 {% data reusables.enterprise_clustering.key-value-pair-order-irrelevant %}
When you're done, the section for each node in the cluster configuration file should look like the following example. {% data reusables.enterprise_clustering.key-value-pair-order-irrelevant %}
```shell
[cluster "<em>HOSTNAME</em>"]
[cluster "HOSTNAME"]
<strong>datacenter = default</strong>
hostname = <em>HOSTNAME</em>
ipv4 = <em>IP ADDRESS</em>
hostname = HOSTNAME
ipv4 = IP-ADDRESS
...
...
```
{% note %}
****: ステップ 3 でプライマリ データセンター名を変更した場合は、各ノードのセクションでキーと値のペア `consul-datacenter` を見つけ、その値を名前変更したプライマリ データセンターに変更します。 たとえば、プライマリ データセンターに `primary` という名前を付けた場合は、ノードごとに次のキーと値のペアを使用します。
**Note**: If you changed the name of the primary datacenter in step 3, find the `consul-datacenter` key-value pair in the section for each node and change the value to the renamed primary datacenter. For example, if you named the primary datacenter `primary`, use the following key-value pair for each node.
```
consul-datacenter = primary
@@ -105,123 +99,123 @@ High Availability モードでは、各アクティブノードは対応する
{% data reusables.enterprise_clustering.configuration-finished %}
{% data variables.product.prodname_ghe_server %} がプロンプトに戻ったら、ノードをクラスタのプライマリデータセンターに割り当てます。
After {% data variables.product.prodname_ghe_server %} returns you to the prompt, you've finished assigning your nodes to the cluster's primary datacenter.
### パッシブノードをクラスタ設定ファイルに追加する
### Adding passive nodes to the cluster configuration file
High Availability を設定するには、クラスタ内のすべてのアクティブノードに対応するパッシブノードを定義する必要があります。 次の手順では、アクティブノードとパッシブノードの両方を定義する新しいクラスタ設定を作成します。 このチュートリアルの内容は次のとおりです。
To configure high availability, you must define a corresponding passive node for every active node in your cluster. The following instructions create a new cluster configuration that defines both active and passive nodes. You will:
- アクティブなクラスタ設定ファイルのコピーを作成します。
- コピーを編集して、アクティブノードに対応するパッシブノードを定義し、プロビジョニングした新しい仮想マシンの IP アドレスを追加します。
- クラスタ設定の変更されたコピーをアクティブな設定にマージします。
- 新しい設定を適用してレプリケーションを開始します。
- Create a copy of the active cluster configuration file.
- Edit the copy to define passive nodes that correspond to the active nodes, adding the IP addresses of the new virtual machines that you provisioned.
- Merge the modified copy of the cluster configuration back into your active configuration.
- Apply the new configuration to start replication.
構成例については、「[構成例](#example-configuration)」を参照してください。
For an example configuration, see "[Example configuration](#example-configuration)."
1. クラスタ内のノードごとに、同じバージョンの {% data variables.product.prodname_ghe_server %} を実行して、同じ仕様で一致する仮想マシンをプロビジョニングします。 新しい各クラスターノードの IPv4 アドレスとホスト名に注意してください。 詳しい情報については、「[前提条件](#prerequisites)」を参照してください。
1. For each node in your cluster, provision a matching virtual machine with identical specifications, running the same version of {% data variables.product.prodname_ghe_server %}. Note the IPv4 address and hostname for each new cluster node. For more information, see "[Prerequisites](#prerequisites)."
{% note %}
****: フェイルオーバー後に High Availability を再構成する場合は、代わりにプライマリ データセンターの古いノードを使用できます。
**Note**: If you're reconfiguring high availability after a failover, you can use the old nodes from the primary datacenter instead.
{% endnote %}
{% data reusables.enterprise_clustering.ssh-to-a-node %}
3. 既存のクラスタ設定をバックアップします。
3. Back up your existing cluster configuration.
```
cp /data/user/common/cluster.conf ~/$(date +%Y-%m-%d)-cluster.conf.backup
```
4. _/home/admin/cluster-passive.conf_ などの一時的な場所に、既存のクラスター設定ファイルのコピーを作成します。 IP アドレス (`ipv*`)UUID (`uuid`)WireGuard の公開キー (`wireguard-pubkey`) に対するキーと値のペアを削除します。
4. Create a copy of your existing cluster configuration file in a temporary location, like _/home/admin/cluster-passive.conf_. Delete unique key-value pairs for IP addresses (`ipv*`), UUIDs (`uuid`), and public keys for WireGuard (`wireguard-pubkey`).
```
grep -Ev "(?:|ipv|uuid|vpn|wireguard\-pubkey)" /data/user/common/cluster.conf > ~/cluster-passive.conf
```
5. 前のステップでコピーした一時クラスター構成ファイルから `[cluster]` セクションを削除します。
5. Remove the `[cluster]` section from the temporary cluster configuration file that you copied in the previous step.
```
git config -f ~/cluster-passive.conf --remove-section cluster
```
6. パッシブノードをプロビジョニングしたセカンダリデータセンターの名前を決定してから、一時クラスタ設定ファイルを新しいデータセンター名で更新します。 `SECONDARY` を、選んだ名前に置き換えます。
6. Decide on a name for the secondary datacenter where you provisioned your passive nodes, then update the temporary cluster configuration file with the new datacenter name. Replace `SECONDARY` with the name you choose.
```shell
sed -i 's/datacenter = default/datacenter = <em>SECONDARY</em>/g' ~/cluster-passive.conf
sed -i 's/datacenter = default/datacenter = SECONDARY/g' ~/cluster-passive.conf
```
7. パッシブノードのホスト名のパターンを決定します。
7. Decide on a pattern for the passive nodes' hostnames.
{% warning %}
**警告**: パッシブ ノードのホスト名は一意であり、対応するアクティブ ノードのホスト名とは違うものにする必要があります。
**Warning**: Hostnames for passive nodes must be unique and differ from the hostname for the corresponding active node.
{% endwarning %}
8. ステップ 3 の一時クラスタ設定ファイルをテキストエディタで開きます。 たとえばVimを利用できます。
8. Open the temporary cluster configuration file from step 3 in a text editor. For example, you can use Vim.
```shell
sudo vim ~/cluster-passive.conf
```
9. 一時クラスタ設定ファイル内の各セクションで、ノードの設定を更新します。 {% data reusables.enterprise_clustering.configuration-file-heading %}
9. In each section within the temporary cluster configuration file, update the node's configuration. {% data reusables.enterprise_clustering.configuration-file-heading %}
- 上記のステップ 7 で選んだパターンに従って、セクション見出しの引用符で囲まれたホスト名とセクション内の `hostname` の値をパッシブ ノードのホスト名に変更します。
- `ipv4` という名前の新しいキーを追加し、その値をパッシブノードの静的 IPv4 アドレスに設定します。
- 新しいキーと値のペア `replica = enabled` を追加します。
- Change the quoted hostname in the section heading and the value for `hostname` within the section to the passive node's hostname, per the pattern you chose in step 7 above.
- Add a new key named `ipv4`, and set the value to the passive node's static IPv4 address.
- Add a new key-value pair, `replica = enabled`.
```shell
[cluster "<em>NEW PASSIVE NODE HOSTNAME</em>"]
[cluster "NEW PASSIVE NODE HOSTNAME"]
...
hostname = <em>NEW PASSIVE NODE HOSTNAME</em>
ipv4 = <em>NEW PASSIVE NODE IPV4 ADDRESS</em>
hostname = NEW PASSIVE NODE HOSTNAME
ipv4 = NEW PASSIVE NODE IPV4 ADDRESS
<strong>replica = enabled</strong>
...
...
```
10. ステップ 4 で作成した一時クラスタ設定ファイルの内容をアクティブ設定ファイルに追加します。
10. Append the contents of the temporary cluster configuration file that you created in step 4 to the active configuration file.
```shell
cat ~/cluster-passive.conf >> /data/user/common/cluster.conf
```
11. セカンダリデータセンターのプライマリ MySQL ノードと Redis ノードを指定します。 `REPLICA MYSQL PRIMARY HOSTNAME` `REPLICA REDIS PRIMARY HOSTNAME` を、既存の MySQL および Redis プライマリと一致するようにプロビジョニングしたパッシブ ノードのホスト名に置き換えます。
11. Designate the primary MySQL and Redis nodes in the secondary datacenter. Replace `REPLICA MYSQL PRIMARY HOSTNAME` and `REPLICA REDIS PRIMARY HOSTNAME` with the hostnames of the passives node that you provisioned to match your existing MySQL and Redis primaries.
```shell
git config -f /data/user/common/cluster.conf cluster.mysql-master-replica <em>REPLICA MYSQL PRIMARY HOSTNAME</em>
git config -f /data/user/common/cluster.conf cluster.redis-master-replica <em>REPLICA REDIS PRIMARY HOSTNAME</em>
git config -f /data/user/common/cluster.conf cluster.mysql-master-replica REPLICA-MYSQL-PRIMARY-HOSTNAME
git config -f /data/user/common/cluster.conf cluster.redis-master-replica REPLICA-REDIS-PRIMARY-HOSTNAME
```
{% warning %}
**警告**: 続ける前に、クラスター構成ファイルを確認してください。
**Warning**: Review your cluster configuration file before proceeding.
- トップレベルの `[cluster]` セクションで、`mysql-master-replica` `redis-master-replica` の値が、フェイルオーバー後に MySQL Redis のプライマリとして機能するセカンダリ データセンター内のパッシブ ノードに対する正しいホスト名であることを保証します。
- <code>[cluster "<em>ACTIVE NODE HOSTNAME</em>"]</code> という名前の付いたアクティブ ノードの各セクションで、次のキーと値のペアをもう一度確認します。
- `datacenter` は、最上位セクション `primary-datacenter` `[cluster]` 値と一致する必要があります。
- `consul-datacenter` は、`datacenter` の値と一致する必要があります。これは、最上位セクション `[cluster]` にある `primary-datacenter` の値と同じです。
- アクティブ ノードごとに、構成には、同じロールを持つ **1 つ** のパッシブ ノードに対応するセクションが構成に **1 つ** 確実に存在するようにします。 パッシブノードの各セクションで、各キー/値ペアを再確認します。
- `datacenter` は、他のすべてのパッシブ ノードと一致する必要があります。
- `consul-datacenter` は、他のすべてのパッシブ ノードと一致する必要があります。
- `hostname` は、セクション見出しのホスト名と一致する必要があります。
- `ipv4` は、ノードの一意の静的 IPv4 アドレスと一致する必要があります。
- `replica` `enabled` として構成する必要があります。
- 必要に応じて、使用されなくなったオフラインノードのセクションを削除してください。
- In the top-level `[cluster]` section, ensure that the values for `mysql-master-replica` and `redis-master-replica` are the correct hostnames for the passive nodes in the secondary datacenter that will serve as the MySQL and Redis primaries after a failover.
- In each section for an active node named <code>[cluster "ACTIVE NODE HOSTNAME"]</code>, double-check the following key-value pairs.
- `datacenter` should match the value of `primary-datacenter` in the top-level `[cluster]` section.
- `consul-datacenter` should match the value of `datacenter`, which should be the same as the value for `primary-datacenter` in the top-level `[cluster]` section.
- Ensure that for each active node, the configuration has **one** corresponding section for **one** passive node with the same roles. In each section for a passive node, double-check each key-value pair.
- `datacenter` should match all other passive nodes.
- `consul-datacenter` should match all other passive nodes.
- `hostname` should match the hostname in the section heading.
- `ipv4` should match the node's unique, static IPv4 address.
- `replica` should be configured as `enabled`.
- Take the opportunity to remove sections for offline nodes that are no longer in use.
構成例を確認するには、「[構成例](#example-configuration)」を参照してください。
To review an example configuration, see "[Example configuration](#example-configuration)."
{% endwarning %}
13. 新しいクラスタ設定を初期化します。 {% data reusables.enterprise.use-a-multiplexer %}
13. Initialize the new cluster configuration. {% data reusables.enterprise.use-a-multiplexer %}
```shell
ghe-cluster-config-init
```
14. 初期化が完了すると、{% data variables.product.prodname_ghe_server %} は次のメッセージを表示します。
14. After the initialization finishes, {% data variables.product.prodname_ghe_server %} displays the following message.
```shell
Finished cluster initialization
@@ -231,33 +225,33 @@ High Availability を設定するには、クラスタ内のすべてのアク
{% data reusables.enterprise_clustering.configuration-finished %}
17. パッシブノードにフェイルオーバーした場合にユーザからの接続を受け入れるロードバランサを設定します。 詳細については、[クラスター ネットワーク構成](/enterprise/admin/enterprise-management/cluster-network-configuration#configuring-a-load-balancer)に関する記事を参照してください。
17. Configure a load balancer that will accept connections from users if you fail over to the passive nodes. For more information, see "[Cluster network configuration](/enterprise/admin/enterprise-management/cluster-network-configuration#configuring-a-load-balancer)."
クラスタ内のノードの High Availability レプリケーションの設定が完了しました。 各アクティブノードは、対応するパッシブノードへの設定とデータの複製を開始します。障害が発生した場合は、トラフィックをセカンダリデータセンターのロードバランサに転送できます。 フェールオーバーの詳細については、「[レプリカ クラスターへのフェールオーバーの開始](/enterprise/admin/enterprise-management/initiating-a-failover-to-your-replica-cluster)」を参照してください。
You've finished configuring high availability replication for the nodes in your cluster. Each active node begins replicating configuration and data to its corresponding passive node, and you can direct traffic to the load balancer for the secondary datacenter in the event of a failure. For more information about failing over, see "[Initiating a failover to your replica cluster](/enterprise/admin/enterprise-management/initiating-a-failover-to-your-replica-cluster)."
### 構成例
### Example configuration
最上位の `[cluster]` 構成は、次の例のようになります。
The top-level `[cluster]` configuration should look like the following example.
```shell
[cluster]
mysql-master = <em>HOSTNAME OF ACTIVE MYSQL MASTER</em>
redis-master = <em>HOSTNAME OF ACTIVE REDIS MASTER</em>
primary-datacenter = <em>PRIMARY DATACENTER NAME</em>
mysql-master-replica = <em>HOSTNAME OF PASSIVE MYSQL MASTER</em>
redis-master-replica = <em>HOSTNAME OF PASSIVE REDIS MASTER</em>
mysql-master = HOSTNAME-OF-ACTIVE-MYSQL-MASTER
redis-master = HOSTNAME-OF-ACTIVE-REDIS-MASTER
primary-datacenter = PRIMARY-DATACENTER-NAME
mysql-master-replica = HOSTNAME-OF-PASSIVE-MYSQL-MASTER
redis-master-replica = HOSTNAME-OF-PASSIVE-REDIS-MASTER
mysql-auto-failover = false
...
```
クラスタのストレージ層のアクティブノードの設定は、次の例のようになります。
The configuration for an active node in your cluster's storage tier should look like the following example.
```shell
...
[cluster "<em>UNIQUE ACTIVE NODE HOSTNAME</em>"]
[cluster "UNIQUE ACTIVE NODE HOSTNAME"]
datacenter = default
hostname = <em>UNIQUE ACTIVE NODE HOSTNAME</em>
ipv4 = <em>IPV4 ADDRESS</em>
hostname = UNIQUE-ACTIVE-NODE-HOSTNAME
ipv4 = IPV4-ADDRESS
consul-datacenter = default
consul-server = true
git-server = true
@@ -268,26 +262,26 @@ High Availability を設定するには、クラスタ内のすべてのアク
memcache-server = true
metrics-server = true
storage-server = true
vpn = <em>IPV4 ADDRESS SET AUTOMATICALLY</em>
uuid = <em>UUID SET AUTOMATICALLY</em>
wireguard-pubkey = <em>PUBLIC KEY SET AUTOMATICALLY</em>
vpn = IPV4 ADDRESS SET AUTOMATICALLY
uuid = UUID SET AUTOMATICALLY
wireguard-pubkey = PUBLIC KEY SET AUTOMATICALLY
...
```
ストレージ層内の対応するパッシブノードの設定は、次の例のようになります。
The configuration for the corresponding passive node in the storage tier should look like the following example.
- 対応するアクティブ ノードとの大きな違いは **太字** であることです。
- {% data variables.product.prodname_ghe_server %} は、`vpn``uuid`、および `wireguard-pubkey` の値を自動的に割り当てるため、初期化するパッシブ ノードの値を定義しないでください。
- `*-server` キーで定義されたサーバー ロールは、対応するアクティブ ノードと一致します。
- Important differences from the corresponding active node are **bold**.
- {% data variables.product.prodname_ghe_server %} assigns values for `vpn`, `uuid`, and `wireguard-pubkey` automatically, so you shouldn't define the values for passive nodes that you will initialize.
- The server roles, defined by `*-server` keys, match the corresponding active node.
```shell
...
<strong>[cluster "<em>UNIQUE PASSIVE NODE HOSTNAME</em>"]</strong>
<strong>[cluster "UNIQUE PASSIVE NODE HOSTNAME"]</strong>
<strong>replica = enabled</strong>
<strong>ipv4 = <em>IPV4 ADDRESS OF NEW VM WITH IDENTICAL RESOURCES</em></strong>
<strong>datacenter = <em>SECONDARY DATACENTER NAME</em></strong>
<strong>hostname = <em>UNIQUE PASSIVE NODE HOSTNAME</em></strong>
<strong>consul-datacenter = <em>SECONDARY DATACENTER NAME</em></strong>
<strong>ipv4 = IPV4 ADDRESS OF NEW VM WITH IDENTICAL RESOURCES</strong>
<strong>datacenter = SECONDARY DATACENTER NAME</strong>
<strong>hostname = UNIQUE PASSIVE NODE HOSTNAME</strong>
<strong>consul-datacenter = SECONDARY DATACENTER NAME</strong>
consul-server = true
git-server = true
pages-server = true
@@ -297,73 +291,73 @@ High Availability を設定するには、クラスタ内のすべてのアク
memcache-server = true
metrics-server = true
storage-server = true
<strong>vpn = <em>DO NOT DEFINE</em></strong>
<strong>uuid = <em>DO NOT DEFINE</em></strong>
<strong>wireguard-pubkey = <em>DO NOT DEFINE</em></strong>
<strong>vpn = DO NOT DEFINE</strong>
<strong>uuid = DO NOT DEFINE</strong>
<strong>wireguard-pubkey = DO NOT DEFINE</strong>
...
```
## アクティブクラスターノードとパッシブクラスターノード間のレプリケーションを監視する
## Monitoring replication between active and passive cluster nodes
クラスタ内のアクティブノードとパッシブノード間の初期レプリケーションには時間がかかります。 時間は、複製するデータの量と {% data variables.product.prodname_ghe_server %} のアクティビティレベルによって異なります。
Initial replication between the active and passive nodes in your cluster takes time. The amount of time depends on the amount of data to replicate and the activity levels for {% data variables.product.prodname_ghe_server %}.
{% data variables.product.prodname_ghe_server %} 管理シェルから利用できるコマンドラインツールを使用して、クラスタ内の任意のノードの進行状況を監視できます。 管理シェルの詳細については、「[管理シェル (SSH) にアクセスする](/enterprise/admin/configuration/accessing-the-administrative-shell-ssh)」を参照してください。
You can monitor the progress on any node in the cluster, using command-line tools available via the {% data variables.product.prodname_ghe_server %} administrative shell. For more information about the administrative shell, see "[Accessing the administrative shell (SSH)](/enterprise/admin/configuration/accessing-the-administrative-shell-ssh)."
- データベースのレプリケーションの監視する:
- Monitor replication of databases:
```
/usr/local/share/enterprise/ghe-cluster-status-mysql
```
- リポジトリと Gist データのレプリケーションを監視する:
- Monitor replication of repository and Gist data:
```
ghe-spokes status
```
- 添付ファイルと LFS データのレプリケーションを監視する:
- Monitor replication of attachment and LFS data:
```
ghe-storage replication-status
```
- Pages データのレプリケーションを監視する:
- Monitor replication of Pages data:
```
ghe-dpages replication-status
```
`ghe-cluster-status` を使用すると、クラスターの全体的な正常性を確認することができます。 詳細については、「[コマンド ライン ユーティリティ](/enterprise/admin/configuration/command-line-utilities#ghe-cluster-status)」を参照してください。
You can use `ghe-cluster-status` to review the overall health of your cluster. For more information, see "[Command-line utilities](/enterprise/admin/configuration/command-line-utilities#ghe-cluster-status)."
## フェイルオーバー後の High Availability レプリケーションを再設定する
## Reconfiguring high availability replication after a failover
クラスタのアクティブードからクラスタのパッシブードにフェイルオーバーした後、2 つの方法で High Availability レプリケーションを再設定できます。
After you fail over from the cluster's active nodes to the cluster's passive nodes, you can reconfigure high availability replication in two ways.
### 新しいパッシブノードのプロビジョニングと設定
### Provisioning and configuring new passive nodes
フェイルオーバー後、2 つの方法で High Availability を再設定できます。 選択する方法は、フェイルオーバーした理由と元のアクティブノードの状態によって異なります。
After a failover, you can reconfigure high availability in two ways. The method you choose will depend on the reason that you failed over, and the state of the original active nodes.
1. セカンダリデータセンターの新しいアクティブノードごとに、パッシブノードの新しいセットをプロビジョニングして設定します。
1. Provision and configure a new set of passive nodes for each of the new active nodes in your secondary datacenter.
2. 古いアクティブノードを新しいパッシブノードとして使用します。
2. Use the old active nodes as the new passive nodes.
High Availability を再設定するプロセスは、High Availability の初期設定と同じです。 詳細については、「[クラスターの High Availability レプリカを作成する](#creating-a-high-availability-replica-for-a-cluster)」を参照してください。
The process for reconfiguring high availability is identical to the initial configuration of high availability. For more information, see "[Creating a high availability replica for a cluster](#creating-a-high-availability-replica-for-a-cluster)."
## クラスタの High Availability レプリケーションを無効化する
## Disabling high availability replication for a cluster
{% data variables.product.prodname_ghe_server %} のクラスタデプロイメントのパッシブノードへのレプリケーションを停止できます。
You can stop replication to the passive nodes for your cluster deployment of {% data variables.product.prodname_ghe_server %}.
{% data reusables.enterprise_clustering.ssh-to-a-node %}
{% data reusables.enterprise_clustering.open-configuration-file %}
3. 最上位のセクション `[cluster]` で、`redis-master-replica` `mysql-master-replica` のキーと値のペアを削除します。
3. In the top-level `[cluster]` section, delete the `redis-master-replica`, and `mysql-master-replica` key-value pairs.
4. パッシブノードの各セクションを削除します。 パッシブ ノードの場合、`replica` `enabled` として構成されます。
4. Delete each section for a passive node. For passive nodes, `replica` is configured as `enabled`.
{% data reusables.enterprise_clustering.apply-configuration %}
{% data reusables.enterprise_clustering.configuration-finished %}
{% data variables.product.prodname_ghe_server %} がプロンプトに戻ったら、High Availability レプリケーションの無効化が完了したことになります。
After {% data variables.product.prodname_ghe_server %} returns you to the prompt, you've finished disabling high availability replication.

90
translations/ja-JP/content/admin/enterprise-management/configuring-high-availability/creating-a-high-availability-replica.md
View File

@@ -1,6 +1,6 @@
---
title: High Availabilityレプリカの作成
intro: アクティブ/パッシブ設定では、レプリカアプライアンスはプライマリアプライアンスの冗長コピーです。 プライマリアプライアンスに障害が起こると、High Availabilityモードではレプリカがプライマリアプライアンスとして動作し、サービスの中断を最小限にできます。
title: Creating a high availability replica
intro: 'In an active/passive configuration, the replica appliance is a redundant copy of the primary appliance. If the primary appliance fails, high availability mode allows the replica to act as the primary appliance, allowing minimal service disruption.'
redirect_from:
- /enterprise/admin/installation/creating-a-high-availability-replica
- /enterprise/admin/enterprise-management/creating-a-high-availability-replica
@@ -13,94 +13,92 @@ topics:
- High availability
- Infrastructure
shortTitle: Create HA replica
ms.openlocfilehash: 115295bd685284c9bd96eab9990c7619c1a0a8d3
ms.sourcegitcommit: 47bd0e48c7dba1dde49baff60bc1eddc91ab10c5
ms.translationtype: HT
ms.contentlocale: ja-JP
ms.lasthandoff: 09/05/2022
ms.locfileid: '147648224'
---
{% data reusables.enterprise_installation.replica-limit %}
## High Availabilityレプリカの作成
## Creating a high availability replica
1. 新しい {% data variables.product.prodname_ghe_server %} アプライアンスを希望するプラットフォームにセットアップします。 レプリカアプライアンスのCPURAM、ストレージ設定は、プライマリアプライアンスと同じにするべきです。 レプリカアプライアンスは、独立した環境にインストールすることをお勧めします。 下位層のハードウェア、ソフトウェア、ネットワークコンポーネントは、プライマリアプライアンスのそれらとは分離されているべきです。 クラウドプロバイダを利用している場合には、別個のリージョンもしくはゾーンを使ってください。 詳細については、「[{% data variables.product.prodname_ghe_server %} インスタンスをセットアップする](/enterprise/admin/guides/installation/setting-up-a-github-enterprise-server-instance)」を参照してください。
1. 新しいアプライアンスが、ポート 122/TCP 1194/UDP 経由で、この高可用性環境の他のすべてのアプライアンスと通信できることを確認します。 詳細については、「[ネットワーク ポート](/admin/configuration/configuring-network-settings/network-ports#administrative-ports)」を参照してください。
1. ブラウザで新しいレプリカアプライアンスのIPアドレスにアクセスして、所有する{% data variables.product.prodname_enterprise %}のライセンスをアップロードしてください。
1. Set up a new {% data variables.product.prodname_ghe_server %} appliance on your desired platform. The replica appliance should mirror the primary appliance's CPU, RAM, and storage settings. We recommend that you install the replica appliance in an independent environment. The underlying hardware, software, and network components should be isolated from those of the primary appliance. If you are a using a cloud provider, use a separate region or zone. For more information, see ["Setting up a {% data variables.product.prodname_ghe_server %} instance"](/enterprise/admin/guides/installation/setting-up-a-github-enterprise-server-instance).
1. Ensure that the new appliance can communicate with all other appliances in this high availability environment over ports 122/TCP and 1194/UDP. For more information, see "[Network ports](/admin/configuration/configuring-network-settings/network-ports#administrative-ports)."
1. In a browser, navigate to the new replica appliance's IP address and upload your {% data variables.product.prodname_enterprise %} license.
{% data reusables.enterprise_installation.replica-steps %}
1. SSHを使ってレプリカアプライアンスのIPアドレスに接続してください。
1. Connect to the replica appliance's IP address using SSH.
```shell
$ ssh -p 122 admin@<em>REPLICA IP</em>
$ ssh -p 122 admin@REPLICA_IP
```
{% data reusables.enterprise_installation.generate-replication-key-pair %} {% data reusables.enterprise_installation.add-ssh-key-to-primary %}
1. 新しいレプリカに対して、プライマリへの接続を確認してレプリカ モードを有効にするには、`ghe-repl-setup` をもう一度実行します。
{% data reusables.enterprise_installation.generate-replication-key-pair %}
{% data reusables.enterprise_installation.add-ssh-key-to-primary %}
1. To verify the connection to the primary and enable replica mode for the new replica, run `ghe-repl-setup` again.
```shell
$ ghe-repl-setup <em>PRIMARY IP</em>
$ ghe-repl-setup PRIMARY_IP
```
{% data reusables.enterprise_installation.replication-command %} {% data reusables.enterprise_installation.verify-replication-channel %}
{% data reusables.enterprise_installation.replication-command %}
{% data reusables.enterprise_installation.verify-replication-channel %}
## Geo-replicationレプリカの作成
## Creating geo-replication replicas
レプリカを作成する以下の例の設定では、1 つのプライマリと 2 つのレプリカを使用しており、これらは 3 つの異なる地域にあります。 3 つのノードは別のネットワークに配置できますが、すべてのノードは他のすべてのノードから到達可能である必要があります。 最低限、必要な管理ポートは他のすべてのノードに対して開かれている必要があります。 ポート要件の詳細については、「[ネットワーク ポート](/enterprise/admin/guides/installation/network-ports/#administrative-ports)」を参照してください。
This example configuration uses a primary and two replicas, which are located in three different geographic regions. While the three nodes can be in different networks, all nodes are required to be reachable from all the other nodes. At the minimum, the required administrative ports should be open to all the other nodes. For more information about the port requirements, see "[Network Ports](/enterprise/admin/guides/installation/network-ports/#administrative-ports)."
1. 最初のレプリカで `ghe-repl-setup` を実行することで、標準の 2 ノード構成の場合と同じ方法で最初のレプリカを作成します。
{% data reusables.enterprise_clustering.network-latency %}{% ifversion ghes > 3.2 %} If latency is more than 70 milliseconds, we recommend cache replica nodes instead. For more information, see "[Configuring a repository cache](/admin/enterprise-management/caching-repositories/configuring-a-repository-cache)."{% endif %}
1. Create the first replica the same way you would for a standard two node configuration by running `ghe-repl-setup` on the first replica.
```shell
(replica1)$ ghe-repl-setup <em>PRIMARY IP</em>
(replica1)$ ghe-repl-setup PRIMARY_IP
(replica1)$ ghe-repl-start
```
2. 2 つ目のレプリカを作成し、`ghe-repl-setup --add` コマンドを使用します。 `--add` フラグは、既存のレプリケーション構成を上書きするのを防ぎ、新しいレプリカを構成に追加します。
2. Create a second replica and use the `ghe-repl-setup --add` command. The `--add` flag prevents it from overwriting the existing replication configuration and adds the new replica to the configuration.
```shell
(replica2)$ ghe-repl-setup --add <em>PRIMARY IP</em>
(replica2)$ ghe-repl-setup --add PRIMARY_IP
(replica2)$ ghe-repl-start
```
3. デフォルトでは、レプリカは同じデータセンターに設定され、同じノードにある既存のノードからシードを試行します。 レプリカを別のデータセンターに設定するには、datacenter オプションに異なる値を設定します。 具体的な値は、それらが互いに異なる限り、どのようなものでもかまいません。 各ノードで `ghe-repl-node` コマンドを実行し、データセンターを指定します。
3. By default, replicas are configured to the same datacenter, and will now attempt to seed from an existing node in the same datacenter. Configure the replicas for different datacenters by setting a different value for the datacenter option. The specific values can be anything you would like as long as they are different from each other. Run the `ghe-repl-node` command on each node and specify the datacenter.
プライマリでは以下のコマンドを実行します。
On the primary:
```shell
(primary)$ ghe-repl-node --datacenter <em>[PRIMARY DC NAME]</em>
(primary)$ ghe-repl-node --datacenter [PRIMARY DC NAME]
```
1 番目のレプリカでは以下のコマンドを実行します。
On the first replica:
```shell
(replica1)$ ghe-repl-node --datacenter <em>[FIRST REPLICA DC NAME]</em>
(replica1)$ ghe-repl-node --datacenter [FIRST REPLICA DC NAME]
```
2 番目のレプリカでは以下のコマンドを実行します。
On the second replica:
```shell
(replica2)$ ghe-repl-node --datacenter <em>[SECOND REPLICA DC NAME]</em>
(replica2)$ ghe-repl-node --datacenter [SECOND REPLICA DC NAME]
```
{% tip %}
**ヒント:** `--datacenter` および `--active` オプションは同時に設定できます。
**Tip:** You can set the `--datacenter` and `--active` options at the same time.
{% endtip %}
4. アクティブなレプリカノードは、アプライアンスデータのコピーを保存し、エンドユーザーのリクエストに応じます。 アクティブではないノードは、アプライアンスデータのコピーを保存しますが、エンドユーザーのリクエストに応じることはできません。 `--active` フラグを使用してアクティブ モードを有効にするか、`--inactive` フラグを使用して非アクティブ モードを有効にします。
4. An active replica node will store copies of the appliance data and service end user requests. An inactive node will store copies of the appliance data but will be unable to service end user requests. Enable active mode using the `--active` flag or inactive mode using the `--inactive` flag.
1 番目のレプリカでは以下のコマンドを実行します。
On the first replica:
```shell
(replica1)$ ghe-repl-node --active
```
2 番目のレプリカでは以下のコマンドを実行します。
On the second replica:
```shell
(replica2)$ ghe-repl-node --active
```
5. 構成を適用するには、プライマリで `ghe-config-apply` コマンドを使用します。
5. To apply the configuration, use the `ghe-config-apply` command on the primary.
```shell
(primary)$ ghe-config-apply
```
## Geo-replicationのためのDNSの設定
## Configuring DNS for geo-replication
プライマリとレプリカノードの IP アドレスを使って、Geo DNS を設定します。 SSH でプライマリ ノードにアクセスしたり、`backup-utils` でバックアップしたりするために、プライマリ ノード (たとえば、`primary.github.example.com`) に対して DNS CNAME を作成することもできます。
Configure Geo DNS using the IP addresses of the primary and replica nodes. You can also create a DNS CNAME for the primary node (e.g. `primary.github.example.com`) to access the primary node via SSH or to back it up via `backup-utils`.
テストのために、ローカル ワークステーションの `hosts` ファイル (たとえば、`/etc/hosts`) にエントリを追加することができます。 以下の例のエントリでは、`HOSTNAME` に対する要求が `replica2` に解決されることになります。 別の行をコメントアウトすることで、特定のホストをターゲットにすることができます。
For testing, you can add entries to the local workstation's `hosts` file (for example, `/etc/hosts`). These example entries will resolve requests for `HOSTNAME` to `replica2`. You can target specific hosts by commenting out different lines.
```
# <primary IP> <em>HOSTNAME</em>
# <replica1 IP> <em>HOSTNAME</em>
<replica2 IP> <em>HOSTNAME</em>
# <primary IP> HOSTNAME
# <replica1 IP> HOSTNAME
<replica2 IP> HOSTNAME
```
## 参考資料
## Further reading
- "[高可用性構成について](/enterprise/admin/guides/installation/about-high-availability-configuration)"
- [Utilities for replication management](/enterprise/admin/guides/installation/about-high-availability-configuration/#utilities-for-replication-management)」 (レプリケーション管理のユーティリティ)
- "[geo レプリケーションについて](/enterprise/admin/guides/installation/about-geo-replication/)"
- "[About high availability configuration](/enterprise/admin/guides/installation/about-high-availability-configuration)"
- "[Utilities for replication management](/enterprise/admin/guides/installation/about-high-availability-configuration/#utilities-for-replication-management)"
- "[About geo-replication](/enterprise/admin/guides/installation/about-geo-replication/)"

27
translations/ja-JP/content/admin/identity-and-access-management/managing-iam-for-your-enterprise/username-considerations-for-external-authentication.md
View File

@@ -36,7 +36,9 @@ When you use external authentication, {% data variables.location.product_locatio
If you use an enterprise with {% data variables.product.prodname_emus %}, members of your enterprise authenticate to access {% data variables.product.prodname_dotcom %} through your SAML identity provider (IdP). For more information, see "[About {% data variables.product.prodname_emus %}](/admin/identity-and-access-management/using-enterprise-managed-users-and-saml-for-iam/about-enterprise-managed-users)" and "[About authentication for your enterprise](/admin/identity-and-access-management/managing-iam-for-your-enterprise/about-authentication-for-your-enterprise#authentication-methods-for-github-enterprise-server)."
{% data variables.product.product_name %} automatically creates a username for each person when their user account is provisioned via SCIM, by normalizing an identifier provided by your IdP. If multiple identifiers are normalized into the same username, a username conflict occurs, and only the first user account is created. {% data reusables.enterprise-accounts.emu-only-emails-within-the-enterprise-can-conflict %} You can resolve username conflicts by making a change in your IdP so that the normalized usernames will be unique.
{% data variables.product.prodname_dotcom %} automatically creates a username for each person when their user account is provisioned via SCIM, by normalizing an identifier provided by your IdP, then adding an underscore and short code. If multiple identifiers are normalized into the same username, a username conflict occurs, and only the first user account is created. You can resolve username problems by making a change in your IdP so that the normalized usernames will be unique and within the 39-character limit.
{% data reusables.enterprise-accounts.emu-only-emails-within-the-enterprise-can-conflict %}
{% elsif ghae %}
@@ -62,7 +64,7 @@ These rules may result in your IdP providing the same _IDP-USERNAME_ for multipl
- `bob@fabrikam.com`
- `bob#EXT#fabrikamcom@contoso.com`
This will cause a username conflict, and only the first user will be provisioned. For more information, see "[Resolving username conflicts](#resolving-username-conflicts)."
This will cause a username conflict, and only the first user will be provisioned. For more information, see "[Resolving username problems](#resolving-username-problems)."
{% endif %}
Usernames{% ifversion ghec %}, including underscore and short code,{% endif %} must not exceed 39 characters.
@@ -83,7 +85,7 @@ When you configure SAML authentication, {% data variables.product.product_name %
1. Usernames created from email addresses are created from the normalized characters that precede the `@` character.
1. If multiple accounts are normalized into the same {% data variables.product.product_name %} username, only the first user account is created. Subsequent users with the same username won't be able to sign in. {% ifversion ghec %}For more information, see "[Resolving username conflicts](#resolving-username-conflicts)."{% endif %}
1. If multiple accounts are normalized into the same {% data variables.product.product_name %} username, only the first user account is created. Subsequent users with the same username won't be able to sign in. {% ifversion ghec %}For more information, see "[Resolving username problems](#resolving-username-problems)."{% endif %}
### Examples of username normalization
@@ -121,11 +123,16 @@ When you configure SAML authentication, {% data variables.product.product_name %
{% endif %}
{% ifversion ghec %}
## Resolving username conflicts
## Resolving username problems
When a new user is being provisioned, if the user's normalized username conflicts with an existing user in the enterprise, the provisioning attempt will fail with a `409` error.
When a new user is being provisioned, if the username is longer than 39 characters (including underscore and short code), or conflicts with an existing user in the enterprise, the provisioning attempt will fail with a `409` error.
To resolve this problem, you must make a change in your IdP so that the normalized usernames will be unique. If you cannot change the identifier that's being normalized, you can change the attribute mapping for the `userName` attribute. If you change the attribute mapping, usernames of existing {% data variables.enterprise.prodname_managed_users %} will be updated, but nothing else about the accounts will change, including activity history.
To resolve this problem, you must make one of the following changes in your IdP so that all normalized usernames will be within the character limit and unique.
- Change the `userName` attribute value for individual users that are causing problems
- Change the `userName` attribute mapping for all users
- Configure a custom `userName` attribute for all users
When you change the attribute mapping, usernames of existing {% data variables.enterprise.prodname_managed_users %} will be updated, but nothing else about the accounts will change, including activity history.
{% note %}
@@ -133,9 +140,9 @@ To resolve this problem, you must make a change in your IdP so that the normaliz
{% endnote %}
### Resolving username conflicts with Azure AD
### Resolving username problems with Azure AD
To resolve username conflicts in Azure AD, either modify the User Principal Name value for the conflicting user or modify the attribute mapping for the `userName` attribute. If you modify the attribute mapping, you can choose an existing attribute or use an expression to ensure that all provisioned users have a unique normalized alias.
To resolve username problems in Azure AD, either modify the User Principal Name value for the conflicting user or modify the attribute mapping for the `userName` attribute. If you modify the attribute mapping, you can choose an existing attribute or use an expression to ensure that all provisioned users have a unique normalized alias.
1. In Azure AD, open the {% data variables.product.prodname_emu_idp_application %} application.
1. In the left sidebar, click **Provisioning**.
@@ -146,9 +153,9 @@ To resolve username conflicts in Azure AD, either modify the User Principal Name
- To map an existing attribute in Azure AD to the `userName` attribute in {% data variables.product.prodname_dotcom %}, click your desired attribute field. Then, save and wait for a provisioning cycle to occur within about 40 minutes.
- To use an expression instead of an existing attribute, change the Mapping type to "Expression", then add a custom expression that will make this value unique for all users. For example, you could use `[FIRST NAME]-[LAST NAME]-[EMPLOYEE ID]`. For more information, see [Reference for writing expressions for attribute mappings in Azure Active Directory](https://docs.microsoft.com/en-us/azure/active-directory/app-provisioning/functions-for-customizing-application-data) in Microsoft Docs.
### Resolving username conflicts with Okta
### Resolving username problems with Okta
To resolve username conflicts in Okta, update the attribute mapping settings for the {% data variables.product.prodname_emu_idp_application %} application.
To resolve username problems in Okta, update the attribute mapping settings for the {% data variables.product.prodname_emu_idp_application %} application.
1. In Okta, open the {% data variables.product.prodname_emu_idp_application %} application.
1. Click **Sign On**.

Some files were not shown because too many files have changed in this diff Show More