jprdonnelly/docs
1
0
Fork 0
mirror of synced 2026-01-05 21:04:17 -05:00
Code Issues Projects Releases Wiki Activity

Merge pull request #18997 from github/repo-sync

Browse Source 
repo sync
This commit is contained in:
Octomerger Bot
2022-07-13 15:55:46 -05:00
committed by GitHub
parent 03796286bc 17facbeea7
commit 7c2ba6331e
30 changed files with 3553 additions and 2862 deletions
Download Patch File Download Diff File Expand all files Collapse all files

73
.github/workflows/dry-run-elasticsearch-indexing.yml vendored Normal file
View File

@@ -0,0 +1,73 @@
name: Dry run Elasticsearch indexing
# **What it does**: Tests to index records into a local Elasticsearch
# **Why we have it**: To make sure the indexing code works.
# **Who does it impact**: Docs engineering.
on:
push:
branches:
- gh-readonly-queue/main/**
pull_request:
paths:
- script/search/index-elasticsearch.mjs
- 'package*.json'
- .github/workflows/dry-run-elasticsearch-indexing.yml
permissions:
contents: read
jobs:
dry-run-elasticsearch-indexing:
# Avoid github/docs and forks of it
if: github.repository == 'github/docs-internal'
runs-on: ubuntu-latest
steps:
- uses: getong/elasticsearch-action@95b501ab0c83dee0aac7c39b7cea3723bef14954
with:
elasticsearch version: '8.2.0'
host port: 9200
container port: 9200
host node port: 9300
node port: 9300
discovery type: 'single-node'
- name: Checkout
uses: actions/checkout@dcd71f646680f2efd8db4afa5ad64fdcba30e748
with:
lfs: 'true'
- name: Check out LFS objects
run: git lfs checkout
- name: Setup node
uses: actions/setup-node@1f8c6b94b26d0feae1e387ca63ccbdc44d27b561
with:
node-version: 16.15.x
cache: npm
- name: Install
run: npm ci
# Serves two purposes;
# 1. Be confident that the Elasticsearch server start-up worked at all
# 2. Sometimes Elasticsearch will bind to the port but still not
# technically be ready. By using `curl --retry` we can know it's
# also genuinely ready to use.
- name: Ping Elasticsearch
run: curl --retry-connrefused --retry 5 -I http://localhost:9200/
- name: Index some
env:
ELASTICSEARCH_URL: 'http://localhost:9200'
run: |
./script/search/index-elasticsearch.mjs --verbose \
-l en -l ja \
-V dotcom -V ghes-3.5
- name: Show created indexes and aliases
run: |
curl http://localhost:9200/_cat/indices?v
curl http://localhost:9200/_cat/aliases?v

5875
package-lock.json generated
View File

File diff suppressed because it is too large Load Diff

1
package.json
View File

@@ -9,6 +9,7 @@
".next/cache"
],
"dependencies": {
"@elastic/elasticsearch": "8.2.1",
"@github/failbot": "0.8.0",
"@primer/css": "^19.8.2",
"@primer/octicons": "17.3.0",

287
script/search/index-elasticsearch.mjs Executable file
View File

@@ -0,0 +1,287 @@
#!/usr/bin/env node
// [start-readme]
//
// Creates Elasticsearch index, populates from records,
// moves the index alias, deletes old indexes.
//
// [end-readme]
import fs from 'fs/promises'
import path from 'path'
import { Client } from '@elastic/elasticsearch'
import { program, Option } from 'commander'
import chalk from 'chalk'
import { languageKeys } from '../../lib/languages.js'
import { allVersions } from '../../lib/all-versions.js'
import { decompress } from '../../lib/search/compress.js'
// Create an object that maps the "short name" of a version to
// all information about it. E.g
//
// {
// 'ghes-3.5': {
// hasNumberedReleases: true,
// currentRelease: '3.5',
// version: 'enterprise-server@3.5',
// miscBaseName: 'ghes-'
// ...
// },
// ...
//
// We need this later to be able to map CLI arguments to what the
// records are called when found on disk.
const shortNames = Object.fromEntries(
Object.values(allVersions).map((info) => {
const shortName = info.hasNumberedReleases
? info.miscBaseName + info.currentRelease
: info.miscBaseName
return [shortName, info]
})
)
console.log({ shortNames })
const allVersionKeys = Object.keys(shortNames)
program
.description('Creates Elasticsearch index from records')
.option('-v, --verbose', 'Verbose outputs')
.addOption(new Option('-V, --version <VERSION...>', 'Specific versions').choices(allVersionKeys))
.addOption(
new Option('-l, --language <LANGUAGE...>', 'Which languages to focus on').choices(languageKeys)
)
.addOption(
new Option('--not-language <LANGUAGE...>', 'Specific language to omit').choices(languageKeys)
)
.option('-u, --elasticsearch-url <url>', 'If different from $ELASTICSEARCH_URL')
.parse(process.argv)
main(program.opts())
async function main(opts) {
if (!opts.elasticsearchUrl && !process.env.ELASTICSEARCH_URL) {
throw new Error(
'Must passed the elasticsearch URL option or ' +
'set the environment variable ELASTICSEARCH_URL'
)
}
let node = opts.elasticsearchUrl || process.env.ELASTICSEARCH_URL
// Allow the user to lazily set it to `localhost:9200` for example.
if (!node.startsWith('http') && !node.startsWith('://') && node.split(':').length === 2) {
node = `http://${node}`
}
try {
const parsed = new URL(node)
if (!parsed.hostname) throw new Error('no valid hostname')
} catch (err) {
console.error(chalk.bold('URL for Elasticsearch not a valid URL', err))
}
const { verbose, language, notLanguage } = opts
// The notLanguage is useful you want to, for example, index all languages
// *except* English.
if (language && notLanguage) {
throw new Error("Can't combine --language and --not-language")
}
if (verbose) {
console.log(`Connecting to ${chalk.bold(safeUrlDisplay(node))}`)
}
const client = new Client({
node,
sniffOnStart: true,
})
// This will throw if it can't ping
await client.ping()
const versionKeys = opts.version || allVersionKeys
const languages =
opts.language || languageKeys.filter((lang) => !notLanguage || !notLanguage.includes(lang))
if (verbose) {
console.log(`Indexing on languages ${chalk.bold(languages.join(', '))}`)
}
for (const language of languages) {
for (const versionKey of versionKeys) {
console.log(chalk.yellow(`Indexing ${chalk.bold(versionKey)} in ${chalk.bold(language)}`))
const indexName = `github-docs-${versionKey}-${language}`
console.time(`Indexing ${indexName}`)
await indexVersion(client, indexName, versionKey, language, verbose)
console.timeEnd(`Indexing ${indexName}`)
if (verbose) {
console.log(`To view index: ${safeUrlDisplay(node + `/${indexName}`)}`)
console.log(`To search index: ${safeUrlDisplay(node + `/${indexName}/_search`)}`)
}
}
}
}
function safeUrlDisplay(url) {
const parsed = new URL(url)
if (parsed.password) {
parsed.password = '***'
}
if (parsed.username) {
parsed.username = parsed.username.slice(0, 4) + '***'
}
return parsed.toString()
}
function utcTimestamp() {
const d = new Date()
return [
d.getUTCFullYear(),
d.getUTCMonth(),
d.getUTCDate(),
d.getUTCHours(),
d.getUTCMinutes(),
d.getUTCSeconds(),
]
.map((x) => x.toString())
.join('')
}
// Consider moving this to lib
async function indexVersion(client, indexName, version, language, verbose = false) {
// Note, it's a bit "weird" that numbered releases versions are
// called the number but that's how the lib/search/indexes
// files are named at the moment.
const indexVersion = shortNames[version].hasNumberedReleases
? shortNames[version].currentRelease
: shortNames[version].miscBaseName
const recordsName = `github-docs-${indexVersion}-${language}`
const records = await loadRecords(recordsName)
const thisAlias = `${indexName}__${utcTimestamp()}`
// CREATE INDEX
const settings = {
analysis: {
analyzer: {
text_analyzer: {
filter: ['lowercase', 'stop', 'asciifolding'],
tokenizer: 'standard',
type: 'custom',
},
},
filter: {
// Will later, conditionally, put the snowball configuration here.
},
},
}
const snowballLanguage = getSnowballLanguage(language)
if (snowballLanguage) {
settings.analysis.analyzer.text_analyzer.filter.push('languaged_snowball')
settings.analysis.filter.languaged_snowball = {
type: 'snowball',
language: snowballLanguage,
}
} else {
if (verbose) {
console.warn(`No snowball language for '${language}'`)
}
}
await client.indices.create({
index: thisAlias,
mappings: {
properties: {
url: { type: 'keyword' },
title: { type: 'text', analyzer: 'text_analyzer', norms: false },
title_autocomplete: {
type: 'search_as_you_type',
doc_values: false,
max_shingle_size: 3,
},
content: { type: 'text', analyzer: 'text_analyzer' },
headings: { type: 'text' },
breadcrumbs: { type: 'text' },
topics: { type: 'text' },
popularity: { type: 'float' },
},
},
settings,
})
// POPULATE
const operations = Object.values(records).flatMap((doc) => {
const { title, objectID, content, breadcrumbs, headings, topics } = doc
const record = {
url: objectID,
title,
title_autocomplete: title,
content,
breadcrumbs,
headings,
topics: topics.filter(Boolean),
// This makes sure the popularities are always greater than 1.
// Generally the 'popularity' is a ratio where the most popular
// one of all is 1.0.
// By making it >=1.0 when we multiply a relevance score,
// you never get a product of 0.0.
popularity: doc.popularity + 1,
}
return [{ index: { _index: thisAlias } }, record]
})
const bulkResponse = await client.bulk({ refresh: true, operations })
if (bulkResponse.errors) {
// Some day, when we're more confident how and why this might happen
// we can rewrite this code to "massage" the errors better.
// For now, if it fails, it's "OK". It means we won't be proceeding,
// an error is thrown in Actions and we don't have to worry about
// an incompletion index.
console.error(bulkResponse.errors)
throw new Error('Bulk errors happened.')
}
const { count } = await client.count({ index: thisAlias })
console.log(`Documents now in ${chalk.bold(thisAlias)}: ${chalk.bold(count.toLocaleString())}`)
// POINT THE ALIAS
await client.indices.putAlias({
index: thisAlias,
name: indexName,
})
console.log(`Alias ${indexName} -> ${thisAlias}`)
// DELETE ALL OTHER OLDER INDEXES
const indices = await client.cat.indices({ format: 'json' })
for (const index of indices) {
if (index.index !== thisAlias && index.index.startsWith(indexName)) {
await client.indices.delete({ index: index.index })
console.log('Deleted', index.index)
}
}
}
async function loadRecords(indexName) {
const filePath = path.join('lib', 'search', 'indexes', `${indexName}-records.json.br`)
// Do not set to 'utf8' on file reads
return fs.readFile(filePath).then(decompress).then(JSON.parse)
}
function getSnowballLanguage(language) {
// Based on https://www.elastic.co/guide/en/elasticsearch/reference/current/analysis-snowball-tokenfilter.html
// Note, not all languages are supported. So this function might return
// undefined. That implies that you can't use snowballing.
return {
en: 'English',
fr: 'French',
es: 'Spanish',
ru: 'Russian',
it: 'Italian',
de: 'German',
pt: 'Portuguese',
}[language]
}

3
script/search/parse-page-sections-into-records.js
View File

@@ -66,6 +66,9 @@ export default function parsePageSectionsIntoRecords(page) {
console.warn(`${objectID} has no body and no intro.`)
}
// These below lines can be deleted (along with the `maxContentLength`
// config) once we've stopped generating Lunr indexes on disk that
// we store as Git LFS.
if (languageCode !== 'en' && body.length > maxContentLength) {
body = body.slice(0, maxContentLength)
}

1
translations/ja-JP/content/admin/guides.md
View File

@@ -126,7 +126,6 @@ includeGuides:
- /admin/monitoring-activity-in-your-enterprise/exploring-user-activity/log-forwarding
- /admin/monitoring-activity-in-your-enterprise/exploring-user-activity/managing-global-webhooks
- /admin/user-management/managing-organizations-in-your-enterprise/adding-organizations-to-your-enterprise
- /admin/user-management/managing-organizations-in-your-enterprise/managing-unowned-organizations-in-your-enterprise
- /admin/user-management/managing-projects-using-jira
- /admin/user-management/managing-users-in-your-enterprise/inviting-people-to-manage-your-enterprise
- /admin/user-management/managing-users-in-your-enterprise/managing-support-entitlements-for-your-enterprise

1
translations/ja-JP/content/admin/identity-and-access-management/managing-iam-for-your-enterprise/index.md
View File

@@ -30,6 +30,7 @@ children:
- /username-considerations-for-external-authentication
- /changing-authentication-methods
- /allowing-built-in-authentication-for-users-outside-your-provider
- /troubleshooting-identity-and-access-management-for-your-enterprise
shortTitle: Manage IAM for your enterprise
---

44
translations/ja-JP/content/admin/identity-and-access-management/managing-iam-for-your-enterprise/troubleshooting-identity-and-access-management-for-your-enterprise.md Normal file
View File

@@ -0,0 +1,44 @@
---
title: Troubleshooting identity and access management for your enterprise
shortTitle: Troubleshoot IAM
intro: Review common issues and solutions for identity and access management for your enterprise.
versions:
ghec: '*'
ghes: '*'
type: how_to
topics:
- Accounts
- Authentication
- Enterprise
- Identity
- Security
- SSO
- Troubleshooting
---
## Username conflicts
{% ifversion ghec %}If your enterprise uses {% data variables.product.prodname_emus %}, {% endif %}{% data variables.product.product_name %} normalizes an identifier provided by your identity provider (IdP) to create each person's username on {% data variables.product.prodname_dotcom %}. If multiple accounts are normalized into the same {% data variables.product.prodname_dotcom %} username, a username conflict occurs, and only the first user account is created. For more information, see "[Username considerations for external authentication](/admin/identity-and-access-management/managing-iam-for-your-enterprise/username-considerations-for-external-authentication)."
{% ifversion ghec %}
## Errors when switching authentication configurations
If you're experiencing problems while switching between different authentication configurations, such as changing your SAML SSO configuration from an organization to an enterprise account or migrating from SAML to OIDC for {% data variables.product.prodname_emus %}, ensure you're following our best practices for the change.
- "[Switching your SAML configuration from an organization to an enterprise account](/admin/identity-and-access-management/using-saml-for-enterprise-iam/switching-your-saml-configuration-from-an-organization-to-an-enterprise-account)"
- "[Migrating from SAML to OIDC](/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/migrating-from-saml-to-oidc)"
## Accessing your enterprise when SSO is not available
When a configuration error or an issue with your identity provider IdP prevents you from using SSO, you can use a recovery code to access your enterprise. For more information, see "[Accessing your enterprise account if your identity provider is unavailable](/admin/identity-and-access-management/managing-recovery-codes-for-your-enterprise/accessing-your-enterprise-account-if-your-identity-provider-is-unavailable)."
{% endif %}
## SAML authentication errors
If users are experiencing errors when attempting to authenticate with SAML, see "[Troubleshooting SAML authentication](/admin/identity-and-access-management/using-saml-for-enterprise-iam/troubleshooting-saml-authentication)."
{% ifversion ghec %}
## 参考リンク
- "[Troubleshooting identity and access management for your organization](/organizations/managing-saml-single-sign-on-for-your-organization/troubleshooting-identity-and-access-management-for-your-organization)"
{% endif %}

6
translations/ja-JP/content/admin/identity-and-access-management/using-saml-for-enterprise-iam/configuring-saml-single-sign-on-for-your-enterprise-using-okta.md
View File

@@ -51,9 +51,3 @@ Alternatively, you can also configure SAML SSO using Okta for an organization th
1. [**Save**] をクリックします。
{% data reusables.saml.okta-view-setup-instructions %}
1. 設定手順の情報を使用して、Enterprise アカウントの SAML を有効にします。 詳しい情報については、「[Enterprise 向けのSAML シングルサインオンを設定する](/admin/authentication/managing-identity-and-access-for-your-enterprise/configuring-saml-single-sign-on-for-your-enterprise)」を参照してください。
## Okta でグループを作成する
1. Okta で、Enterprise アカウントが所有する各 Organization に合わせてグループを作成します。 各グループの名前は、Organization のアカウント名 (Organization の表示名ではく) に一致する必要があります。 たとえば、Organization の URL が `https://github.com/octo-org` の場合は、グループに `octo-org` という名前をつけます。
1. Enterprise アカウントに作成したアプリケーションを各グループに割り当てます。 {% data variables.product.prodname_dotcom %} が、ユーザごとに `groups` データをすべて受け取ります。
1. ユーザを所属させたい Organization に基づいて、ユーザをグループに追加します。

4
translations/ja-JP/content/admin/identity-and-access-management/using-saml-for-enterprise-iam/saml-configuration-reference.md
View File

@@ -136,6 +136,10 @@ To prevent a person from authenticating with your IdP and staying authorized ind
To customize the session duration, you may be able to define the value of the `SessionNotOnOrAfter` attribute on your IdP. If you define a value less than 24 hours, {% data variables.product.product_name %} may prompt people to authenticate every time {% data variables.product.product_name %} initiates a redirect.
{% ifversion ghec %}
To prevent authentication errors, we recommend a minimum session duration of 4 hours. For more information, see "[Troubleshooting SAML authentication](/admin/identity-and-access-management/using-saml-for-enterprise-iam/troubleshooting-saml-authentication#users-are-repeatedly-redirected-to-authenticate)."
{% endif %}
{% note %}
**Notes**:

9
translations/ja-JP/content/admin/identity-and-access-management/using-saml-for-enterprise-iam/troubleshooting-saml-authentication.md
View File

@@ -4,6 +4,7 @@ shortTitle: Troubleshoot SAML SSO
intro: 'If you use SAML single sign-on (SSO) and people are unable to authenticate to access {% data variables.product.product_location %}, you can troubleshoot the problem.'
versions:
ghes: '*'
ghec: '*'
type: how_to
topics:
- Accounts
@@ -15,6 +16,7 @@ topics:
- Troubleshooting
---
{% ifversion ghes %}
## About problems with SAML authentication
{% data variables.product.product_name %} logs error messages for failed SAML authentication in the authentication log at _/var/log/github/auth.log_. You can review responses in this log file, and you can also configure more verbose logging.
@@ -100,3 +102,10 @@ Audience is invalid. Audience attribute does not match https://<em>YOUR-INSTANCE
```
Ensure that you set the value for `Audience` on your IdP to the `EntityId` for {% data variables.product.product_location %}, which is the full URL to your instance. たとえば、`https://ghe.corp.example.com` などです。
{% endif %}
{% data reusables.saml.current-time-earlier-than-notbefore-condition %}
{% ifversion ghec %}
{% data reusables.saml.authentication-loop %}
{% endif %}

2
translations/ja-JP/content/admin/user-management/managing-organizations-in-your-enterprise/index.md
View File

@@ -8,6 +8,7 @@ redirect_from:
- /articles/managing-organizations-in-your-enterprise-account
- /github/setting-up-and-managing-your-enterprise-account/managing-organizations-in-your-enterprise-account
- /github/setting-up-and-managing-your-enterprise/managing-organizations-in-your-enterprise-account
- /admin/user-management/managing-organizations-in-your-enterprise/managing-unowned-organizations-in-your-enterprise
intro: 'Organizationは企業内で、部署や同様のプロジェクトで作業を行うグループなど、個別のユーザグループを作成する素晴らしい手段です。 {% ifversion ghae %}Internal{% else %}Public and internal{% endif %} repositories that belong to an organization are accessible to members of other organizations in the enterprise, while private repositories are inaccessible to anyone but members of the organization that are granted access.'
versions:
ghec: '*'
@@ -17,7 +18,6 @@ topics:
- Enterprise
children:
- /adding-organizations-to-your-enterprise
- /managing-unowned-organizations-in-your-enterprise
- /configuring-visibility-for-organization-membership
- /preventing-users-from-creating-organizations
- /requiring-two-factor-authentication-for-an-organization

22
translations/ja-JP/content/admin/user-management/managing-organizations-in-your-enterprise/managing-unowned-organizations-in-your-enterprise.md
View File

@@ -1,22 +0,0 @@
---
title: Managing unowned organizations in your enterprise
intro: Enterprise アカウントで現在オーナーがいない Organization のオーナーになることができます。
permissions: Enterprise owners can manage unowned organizations in an enterprise account.
redirect_from:
- /github/setting-up-and-managing-your-enterprise/managing-organizations-in-your-enterprise-account/managing-unowned-organizations-in-your-enterprise-account
- /github/setting-up-and-managing-your-enterprise-account/managing-unowned-organizations-in-your-enterprise-account
- /github/setting-up-and-managing-your-enterprise/managing-unowned-organizations-in-your-enterprise-account
versions:
ghec: '*'
type: how_to
topics:
- Administrator
- Enterprise
- Organizations
shortTitle: Manage unowned organizations
---
{% data reusables.enterprise-accounts.access-enterprise %}
2. 検索フィールドの右側で、[**X unowned**] をクリックします。 ![オーナーのいない Organization を表示するボタン](/assets/images/help/business-accounts/unowned-organizations-button.png)
3. 所有権を取得したい Organization の右側で、[**Become an owner**] をクリックします。 ![[Become an owner] ボタン](/assets/images/help/business-accounts/become-an-owner-button.png)
4. 警告を読み、[**Become an owner**] をクリックします。 ![[Become an owner] ボタン](/assets/images/help/business-accounts/become-an-owner-confirmation.png)

2
translations/ja-JP/content/billing/managing-billing-for-github-copilot/about-billing-for-github-copilot.md
View File

@@ -12,7 +12,7 @@ shortTitle: GitHub Copilotの支払い
{% data variables.product.prodname_copilot %}を使いたい場合、{% data variables.product.prodname_dotcom %}の個人アカウントにプランが必要になります。 {% data variables.product.prodname_copilot %} の詳細については、「[{% data variables.product.prodname_copilot %} について](/en/copilot/overview-of-github-copilot/about-github-copilot)」を参照してください。
有料プランを始める前に、{% data variables.product.prodname_copilot %}を評価するために1回限定の60日の試用をセットアップできます。 試用を開始するには、月次もしくは年次の支払いサイクルを選択し、支払い方法を提供しなければなりません。 60日の終わりまでに試用をキャンセルしなかった場合、試用は自動的に有料プランに変換されます。 {% data variables.product.prodname_copilot %}の試用は、60日の間いつでもキャンセルでき、そうすれば課金されることはありません。 試用の終了前にキャンセルした場合、60日の試用期間が終了するまでは{% data variables.product.prodname_copilot %}にアクセスできます。 For more information, see "[Managing your GitHub Copilot subscription](/en/billing/managing-billing-for-github-copilot/managing-your-github-copilot-subscription)."
有料プランを始める前に、{% data variables.product.prodname_copilot %}を評価するために1回限定の60日の試用をセットアップできます。 試用を開始するには、月次もしくは年次の支払いサイクルを選択し、支払い方法を提供しなければなりません。 60日の終わりまでに試用をキャンセルしなかった場合、試用は自動的に有料プランに変換されます。 {% data variables.product.prodname_copilot %}の試用は、60日の間いつでもキャンセルでき、そうすれば課金されることはありません。 試用の終了前にキャンセルした場合、60日の試用期間が終了するまでは{% data variables.product.prodname_copilot %}にアクセスできます。 詳しい情報については「[GitHub Copilotのプランの管理](/en/billing/managing-billing-for-github-copilot/managing-your-github-copilot-subscription)」を参照してください。
## {% data variables.product.prodname_copilot %}の価格

2
translations/ja-JP/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/running-codeql-code-scanning-in-a-container.md
View File

@@ -76,7 +76,7 @@ jobs:
matrix:
language: [java]
# Specify the container in which actions will run
# アクションが実行されるコンテナを指定
container:
image: codeql-container:f0f91db

17
translations/ja-JP/content/codespaces/customizing-your-codespace/configuring-automatic-deletion-of-your-codespaces.md
View File

@@ -27,6 +27,7 @@ If a repository belongs to an organization, the organization admin may have set
Each codespace has its own retention period. You may, therefore, have codespaces with different rentention periods. For example, if:
* You created a codespace, changed your default retention period, then created another codespace.
* You created a codespace using {% data variables.product.prodname_cli %} and specified a different retention period.
* You created a codespace from an organization-owned repository that has a retention period configured for the organization.
{% note %}
@@ -55,11 +56,10 @@ Each codespace has its own retention period. You may, therefore, have codespaces
1. [**Save**] をクリックします。
This default setting may be superseded by a shorter organization-level retention period.
When you create a codespace using {% data variables.product.prodname_cli %} you can override this default. If you create a codespace in an organization that specifies a shorter retention period, the organization-level value overrides your personal setting.
If you set a retention period of more than a day, you'll be sent an email notification one day prior to its deletion.
## Checking the remaining time until autodeletion
You can check whether a codespace is due to be automatically deleted soon.
@@ -68,16 +68,19 @@ When an inactive codespace is approaching the end of its retention period, this
![The pre-deletion message in the codespaces list on {% data variables.product.prodname_dotcom %}](/assets/images/help/codespaces/retention-deletion-message.png)
{% endwebui %}
{% cli %}
## Setting a retention period for a codespace
You can set your default retention period in your web browser, on {% data variables.product.prodname_dotcom_the_website %}. For more information, click the "Web browser" tab at the top of this article.
To set the codespace retention period when you create a codespace, use the `--retention-period` flag with the `codespace create` subcommand. Specify the period in days. The period must be between 0 and 30 days.
```shell
gh codespace create --retention-period DAYS
```
If you don't specify a retention period when you create a codespace, then either your default retention period, or an organization retention period, will be used, depending on which is lower. For information about setting your default retention period, click the "Web browser" tab on this page.
{% data reusables.cli.cli-learn-more %}
@@ -87,7 +90,7 @@ You can set your default retention period in your web browser, on {% data variab
## Setting the retention period
You can set your default retention period in your web browser, on {% data variables.product.prodname_dotcom_the_website %}. For more information, click the "Web browser" tab at the top of this article.
You can set your default retention period in your web browser, on {% data variables.product.prodname_dotcom_the_website %}. Alternatively, if you use {% data variables.product.prodname_cli %} to create a codespace you can set a retention period for that particular codespace. For more information, click the appropriate tab above.
## Checking whether codespaces will be autodeleted soon

4
translations/ja-JP/content/codespaces/managing-codespaces-for-your-organization/restricting-the-retention-period-for-codespaces.md
View File

@@ -16,13 +16,13 @@ topics:
{% data variables.product.prodname_codespaces %} are automatically deleted after they have been stopped and have remained inactive for a defined number of days. The retention period for each codespace is set when the codespace is created and does not change.
Everyone who has access to {% data variables.product.prodname_github_codespaces %} can configure a retention period for the codespaces they create. The initial setting for this retention period is 30 days. Individual users can set this period within the range 0-30 days. For more information, see "[Configuring automatic deletion of your codespaces](/codespaces/customizing-your-codespace/configuring-automatic-deletion-of-your-codespaces)."
Everyone who has access to {% data variables.product.prodname_github_codespaces %} can configure a retention period for the codespaces they create. The initial setting for this default retention period is 30 days. Individual users can set this period within the range 0-30 days. For more information, see "[Configuring automatic deletion of your codespaces](/codespaces/customizing-your-codespace/configuring-automatic-deletion-of-your-codespaces)."
As an organization owner, you may want to configure constraints on the maximum retention period for codespaces created for the repositories owned by your organization. This can help you to limit the storage costs associated with codespaces that are stopped and then left unused until they are automatically deleted. For more information about storage charges, see "[About billing for Codespaces](/billing/managing-billing-for-github-codespaces/about-billing-for-codespaces#codespaces-pricing)." You can set a maximum retention period for all, or for specific, repositories owned by your organization.
### Setting organization-wide and repository-specific policies
When you create a policy, you choose whether it applies to all repositories in your organization, or only to specified repositories. If you create an organization-wide policy with a codespace retention constraint, then the retention constraints in any policies that are targeted at specific repositories should be shorter than the restriction configured for the entire organization, or they will have no effect. The shortest retention period - in an organization-wide policy, a policy targeted at specified repositories, or in someone's personal settings - is applied.
When you create a policy, you choose whether it applies to all repositories in your organization, or only to specified repositories. If you create an organization-wide policy with a codespace retention constraint, then the retention constraints in any policies that are targeted at specific repositories should be shorter than the restriction configured for the entire organization, or they will have no effect. The shortest retention period - in an organization-wide policy, a policy targeted at specified repositories, or the default retention period in someone's personal settings - is applied.
If you add an organization-wide policy with a retention constraint, you should set the retention period to the longest acceptable period. You can then add separate policies that set the maximum retention to a shorter period for specific repositories in your organization.

5
translations/ja-JP/content/codespaces/the-githubdev-web-based-editor.md
View File

@@ -34,7 +34,10 @@ The {% data variables.product.prodname_serverless %} runsentirely in your bro
You can open any {% data variables.product.prodname_dotcom %} repository in the {% data variables.product.prodname_serverless %} in either of the following ways:
- Press `.` while browsing any repository or pull request on {% data variables.product.prodname_dotcom %}.
- To open the repository in the same browser tab, press `.` while browsing any repository or pull request on {% data variables.product.prodname_dotcom %}.
To open the repository in a new browser tab, hold down the shift key and press `.`.
- Change the URL from "github.com" to "github.dev".
- When viewing a file, use the dropdown menu next to {% octicon "pencil" aria-label="The edit icon" %} and select **Open in github.dev**.

12
translations/ja-JP/content/codespaces/troubleshooting/troubleshooting-dotfiles-for-codespaces.md
View File

@@ -14,9 +14,13 @@ shortTitle: Dotfiles
If your codespace fails to pick up configuration settings from dotfiles, you should work through the following debugging steps.
1. ドットファイルリポジトリがパブリックであることを確認します。 codespace で使用するシークレットまたは機密データがある場合は、プライベートドットファイルの代わりに[Codespace シークレット](/codespaces/managing-your-codespaces/managing-encrypted-secrets-for-your-codespaces)を使用します。
2. `/workspaces/.codespaces/.persistedshare/dotfiles` をチェックして、ドットファイルがクローンされたかどうかを確認します。
- If your dotfiles were cloned, try manually re-running your install script to verify that it is executable.
- If your dotfiles were not cloned, check `/workspaces/.codespaces/.persistedshare/EnvironmentLog.txt` to see if there was a problem cloning them.
3. 考えられる Issue については、`/workspaces/.codespaces/.persistedshare/creation.log` を確認します。 For more information, see [Creation logs](/codespaces/troubleshooting/codespaces-logs#creation-logs).
2. Enable dotfiles by selecting **Automatically install dotfiles** in [your personal Codespaces settings](https://github.com/settings/codespaces).
![The 'Automatically install dotfiles' option](/assets/images/help/codespaces/automatically-install-dotfiles.png)
3. `/workspaces/.codespaces/.persistedshare/dotfiles` をチェックして、ドットファイルがクローンされたかどうかを確認します。
- If your dotfiles were cloned, try manually re-running your install script to verify that it is executable.
- If your dotfiles were not cloned, check `/workspaces/.codespaces/.persistedshare/EnvironmentLog.txt` to see if there was a problem cloning them.
4. 考えられる Issue については、`/workspaces/.codespaces/.persistedshare/creation.log` を確認します。 For more information, see [Creation logs](/codespaces/troubleshooting/codespaces-logs#creation-logs).
If the configuration from your dotfiles is correctly picked up, but part of the configuration is incompatible with codespaces, use the `$CODESPACES` environment variable to add conditional logic for codespace-specific configuration settings.

2
translations/ja-JP/content/organizations/managing-saml-single-sign-on-for-your-organization/index.md
View File

@@ -21,7 +21,7 @@ children:
- /downloading-your-organizations-saml-single-sign-on-recovery-codes
- /managing-team-synchronization-for-your-organization
- /accessing-your-organization-if-your-identity-provider-is-unavailable
- /troubleshooting-identity-and-access-management
- /troubleshooting-identity-and-access-management-for-your-organization
shortTitle: SAMLシングルサインオンの管理
---

2
translations/ja-JP/content/organizations/managing-saml-single-sign-on-for-your-organization/managing-team-synchronization-for-your-organization.md
View File

@@ -74,7 +74,7 @@ OktaでのTeam同期のエラーの可能性を回避するために、{% data v
OrganizationのメンバーがリンクされたSCIMアイデンティティを持たない場合、Teamの同期は期待された動作をせず、そのユーザはTeamに追加も削除もされないかもしれません。 もしもユーザの中にSCIMのリンクされたアイデンティティを持たない者がいた場合、それらのユーザはプロビジョニングし直さなければなりません。
SCIMのリンクされたアイデンティティを書いているユーザのプロビジョニングに関するヘルプについては「[アイデンティティ及びアクセス管理のトラブルシューティング](/organizations/managing-saml-single-sign-on-for-your-organization/troubleshooting-identity-and-access-management)」を参照してください。
For help on provisioning users that have missing a missing SCIM linked identity, see "[Troubleshooting identity and access management for your organization](/organizations/managing-saml-single-sign-on-for-your-organization/troubleshooting-identity-and-access-management-for-your-organization)."
{% data reusables.identity-and-permissions.team-sync-okta-requirements %}

12
translations/ja-JP/content/organizations/managing-saml-single-sign-on-for-your-organization/troubleshooting-identity-and-access-management.md → translations/ja-JP/content/organizations/managing-saml-single-sign-on-for-your-organization/troubleshooting-identity-and-access-management-for-your-organization.md
View File

@@ -1,5 +1,5 @@
---
title: アイデンティティとアクセス管理のトラブルシューティング
title: Troubleshooting identity and access management for your organization
intro: OrganizationのSAML SSO、Team同期、アイデンティティプロバイダIdPとの接続に関するエラーに対する一般的なトラブルシューティングをレビューして解決してください。
versions:
ghec: '*'
@@ -7,8 +7,14 @@ topics:
- Organizations
- Teams
shortTitle: アクセスのトラブルシューティング
redirect_from:
- /organizations/managing-saml-single-sign-on-for-your-organization/troubleshooting-identity-and-access-management
---
{% data reusables.saml.current-time-earlier-than-notbefore-condition %}
{% data reusables.saml.authentication-loop %}
## プロビジョニングされていない、あるいはSCIMによってプロビジョニング解除されたユーザがいる
ユーザのプロビジョニングの問題が生じた場合、ユーザがSCIMのメタデータを欠いているかどうかをチェックすることをおすすめします。
@@ -87,3 +93,7 @@ IdPを介して、ユーザのSCIMを手動で再プロビジョニングでき
ユーザのSCIMアイデンティティが作成されたことを確認するには、SCIMの外部アイデンティティを持っていないことが確認された一人のOrganizationメンバーで、このプロセスをテストすることをおすすめします。 手動でIdP内のユーザを更新したら、ユーザのSCIMアイデンティティが作成されたかを{% data variables.product.prodname_dotcom %} の SCIM APIを使ってチェックできます。 詳しい情報については「[ユーザのSCIMメタデータの欠如の監査](#auditing-users-for-missing-scim-metadata)」あるいはREST APIエンドポイントの「[ユーザのSCIMプロビジョニング情報の取得](/rest/reference/scim#get-scim-provisioning-information-for-a-user)」を参照してください。
ユーザのSCIMの再プロビジョニングでもうまくいかない場合は、{% data variables.product.prodname_dotcom %}サポートにお問い合わせください。
## 参考リンク
- "[Troubleshooting identity and access management for your enterprise](/admin/identity-and-access-management/managing-iam-for-your-enterprise/troubleshooting-identity-and-access-management-for-your-enterprise)"

2
translations/ja-JP/data/reusables/actions/workflow-permissions-intro.md
View File

@@ -1 +1 @@
`GITHUB_TOKEN`に付与されるデフォルトの権限を設定できます。 For more information about the `GITHUB_TOKEN`, see "[Automatic token authentication](/actions/security-guides/automatic-token-authentication)." You can choose a restricted set of permissions as the default, or apply permissive settings.
`GITHUB_TOKEN`に付与されるデフォルトの権限を設定できます。 `GITHUB_TOKEN`に関する詳しい情報については「[自動トークン認証](/actions/security-guides/automatic-token-authentication)」を参照してください。 デフォルトで制限された権限セットを選択することも、より幅広い権限設定を適用することもできます。

2
translations/ja-JP/data/reusables/actions/workflow-pr-approval-permissions-intro.md
View File

@@ -1 +1 @@
You can choose to allow or prevent {% data variables.product.prodname_actions %} workflows from{% ifversion allow-actions-to-approve-pr-with-ent-repo %} creating or{% endif %} approving pull requests.
{% data variables.product.prodname_actions %}ワークフローに対してPull Requestの{% ifversion allow-actions-to-approve-pr-with-ent-repo %}作成もしくは{% endif %}承認を許可あるいは拒否できます。

2
translations/ja-JP/data/reusables/actions/workflow-run-approve-public-fork.md
View File

@@ -4,6 +4,6 @@
{% note %}
**Note:** Workflows triggered by `pull_request_target` events are run in the context of the base branch. Since the base branch is considered trusted, workflows triggered by these events will always run, regardless of approval settings.
**ノート:** `pull_request_target`イベントでトリガーされたワークフローは、ベースブランチのコンテキスト内で実行されます。 ベースブランチは信頼できるものと見なされるので、これらのイベントでトリガーされたワークフローは、承認設定に関係なく常に実行されます。
{% endnote %}

4
translations/ja-JP/data/reusables/actions/workflow-template-overview.md
View File

@@ -1,3 +1,3 @@
{% data variables.product.prodname_dotcom %} provides preconfigured starter workflow that you can customize to create your own continuous integration workflow. {% data variables.product.product_name %} analyzes your code and shows you CI starter workflow that might be useful for your repository. たとえばリポジトリにNode.jsのコードが含まれているなら、Node.jsプロジェクトのためのサジェッションが提示されます。 You can use starter workflow as a starting place to build your custom workflow or use them as-is.
{% data variables.product.prodname_dotcom %}は事前設定されたスターターワークフローを提供します。これは、カスタマイズして独自の継続的インテグレーションワークフローを作成できます。 {% data variables.product.product_name %}はコードを分析し、リポジトリで役に立つであろうCIスターターワークフローを提示します。 たとえばリポジトリにNode.jsのコードが含まれているなら、Node.jsプロジェクトのためのサジェッションが提示されます。 スターターワークフローは、カスタムワークフローを構築するための出発点として使うことも、あるいはそのまま使うこともできます。
You can browse the full list of starter workflow in the {% ifversion fpt or ghec %}[actions/starter-workflows](https://github.com/actions/starter-workflows) repository{% else %} `actions/starter-workflows` repository on {% data variables.product.product_location %}{% endif %}.
スターターワークフローの完全なリストは、{% ifversion fpt or ghec %}[actions/starter-workflows](https://github.com/actions/starter-workflows)リポジトリ{% else %}{% data variables.product.product_location %}上の`actions/starter-workflows`リポジトリ{% endif %}で閲覧できます。

2
translations/ja-JP/data/reusables/identity-and-permissions/team-sync-confirm-scim.md
View File

@@ -1 +1 @@
1. We recommend you confirm that your users have SAML enabled and have a linked SCIM identity to avoid potential provisioning errors. For help auditing your users, see "[Auditing users for missing SCIM metadata](/organizations/managing-saml-single-sign-on-for-your-organization/troubleshooting-identity-and-access-management#auditing-users-for-missing-scim-metadata)." For help resolving unlinked SCIM identities, see "[Troubleshooting identity and access management](/organizations/managing-saml-single-sign-on-for-your-organization/troubleshooting-identity-and-access-management)."
1. We recommend you confirm that your users have SAML enabled and have a linked SCIM identity to avoid potential provisioning errors. For more information, see "[Troubleshooting identity and access management for your organization](/organizations/managing-saml-single-sign-on-for-your-organization/troubleshooting-identity-and-access-management-for-your-organization)."

7
translations/ja-JP/data/reusables/saml/authentication-loop.md Normal file
View File

@@ -0,0 +1,7 @@
## Users are repeatedly redirected to authenticate
If users are repeatedly redirected to the SAML authentication prompt in a loop, you may need to increase the SAML session duration in your IdP settings.
The `SessionNotOnOrAfter` value sent in a SAML response determines when a user will be redirected back to the IdP to authenticate. If a SAML session duration is configured for 2 hours or less, {% data variables.product.prodname_dotcom_the_website %} will refresh a SAML session 5 minutes before it expires. If your session duration is configured as 5 minutes or less, users can get stuck in a SAML authentication loop.
To fix this problem, we recommend configuring a minimum SAML session duration of 4 hours. For more information, see "[SAML configuration reference](/admin/identity-and-access-management/using-saml-for-enterprise-iam/saml-configuration-reference#session-duration-and-timeout)."

7
translations/ja-JP/data/reusables/saml/current-time-earlier-than-notbefore-condition.md Normal file
View File

@@ -0,0 +1,7 @@
## Error: "Current time is earlier than NotBefore condition"
This error can occur when there's too large of a time difference between your IdP and {% data variables.product.product_name %}, which commonly occurs with self-hosted IdPs.
{% ifversion ghes %}To prevent this problem, we recommend pointing your appliance to the same Network Time Protocol (NTP) source as your IdP, if possible. {% endif %}If you encounter this error, make sure the time on your {% ifversion ghes %}appliance{% else %}IdP{% endif %} is properly synced with your NTP server.
If you use ADFS as your IdP, also set `NotBeforeSkew` in ADFS to 1 minute for {% data variables.product.prodname_dotcom %}. If `NotBeforeSkew` is set to 0, even very small time differences, including milliseconds, can cause authentication problems.

3
translations/ja-JP/data/reusables/saml/okta-edit-provisioning.md
View File

@@ -1,4 +1,5 @@
1. To avoid syncing errors and confirm that your users have SAML enabled and SCIM linked identities, we recommend you audit your organization's users. For more information, see "[Auditing users for missing SCIM metadata](/organizations/managing-saml-single-sign-on-for-your-organization/troubleshooting-identity-and-access-management#auditing-users-for-missing-scim-metadata)."
1. To avoid syncing errors and confirm that your users have SAML enabled and SCIM linked identities, we recommend you audit your organization's users. For more information, see "[Troubleshooting identity and access management for your organization](/organizations/managing-saml-single-sign-on-for-your-organization/troubleshooting-identity-and-access-management-for-your-organization)."
1. [Provisioning to App] の右にある [**Edit**] をクリックします。
![Screenshot of "Edit" button for Okta application's provisioning options](/assets/images/help/saml/okta-provisioning-to-app-edit-button.png)