docs-bot
@@ -16,6 +16,7 @@ topics:
|
||||
- Enterprise
|
||||
- SSH
|
||||
---
|
||||
|
||||
You can execute these commands from anywhere on the VM after signing in as an SSH admin user. For more information, see [AUTOTITLE](/admin/configuration/configuring-your-enterprise/accessing-the-administrative-shell-ssh).
|
||||
|
||||
## General
|
||||
@@ -140,6 +141,94 @@ This utility applies {% data variables.enterprise.management_console %} settings
|
||||
ghe-config-apply
|
||||
```
|
||||
|
||||
{% ifversion ghes > 3.18 %}
|
||||
|
||||
### ghe-crypto
|
||||
|
||||
This utility is used to verify and list {% data variables.enterprise.management_console %} `github-ssl` crypto settings for TLS and SSH connections.
|
||||
|
||||
The list of configurable `github-ssl` fields can be viewed via `ghe-crypto --help`.
|
||||
|
||||
#### Listing default cipher suites and algorithms
|
||||
|
||||
The `list` command returns default crypto settings for a given field. Use the `-o json` flag to output the results in JSON format.
|
||||
|
||||
To list TLS 1.2 cipher suites:
|
||||
|
||||
```shell
|
||||
ghe-crypto list tlsv12-ciphersuites
|
||||
```
|
||||
|
||||
To list TLS 1.3 cipher suites:
|
||||
|
||||
```shell
|
||||
ghe-crypto list tlsv13-ciphersuites
|
||||
```
|
||||
|
||||
To list SSH ciphers:
|
||||
|
||||
```shell
|
||||
ghe-crypto list ssh-ciphers
|
||||
```
|
||||
|
||||
To list SSH MAC algorithms:
|
||||
|
||||
```shell
|
||||
ghe-crypto list ssh-mac-algorithms
|
||||
```
|
||||
|
||||
To list SSH key exchange algorithms:
|
||||
|
||||
```shell
|
||||
ghe-crypto list ssh-kex-algorithms
|
||||
```
|
||||
|
||||
To list SSH signature types:
|
||||
|
||||
```shell
|
||||
ghe-crypto list ssh-signature-types
|
||||
```
|
||||
|
||||
Example output in JSON format:
|
||||
|
||||
```shell
|
||||
$ ghe-crypto list tlsv12-ciphersuites -o json
|
||||
> [
|
||||
> "ECDHE-ECDSA-AES128-GCM-SHA256",
|
||||
> "ECDHE-ECDSA-CHACHA20-POLY1305",
|
||||
> "ECDHE-ECDSA-AES256-GCM-SHA384",
|
||||
> "ECDHE-RSA-AES128-GCM-SHA256",
|
||||
> "ECDHE-RSA-CHACHA20-POLY1305",
|
||||
> "ECDHE-RSA-AES256-GCM-SHA384"
|
||||
> ]
|
||||
```
|
||||
|
||||
#### Checking cipher suites and algorithms
|
||||
|
||||
The `check` command validates a single line of crypto settings delimited by `,`. This is useful before applying configuration changes.
|
||||
|
||||
To check TLS 1.2 cipher suites:
|
||||
|
||||
```shell
|
||||
ghe-crypto check tlsv12-ciphersuites CIPHER1,CIPHER2,CIPHER3
|
||||
```
|
||||
|
||||
To check TLS 1.3 cipher suites:
|
||||
|
||||
```shell
|
||||
ghe-crypto check tlsv13-ciphersuites TLS_AES_128_GCM_SHA256,TLS_AES_256_GCM_SHA384,TLS_CHACHA20_POLY1305_SHA256
|
||||
```
|
||||
|
||||
To check SSH ciphers:
|
||||
|
||||
```shell
|
||||
ghe-crypto check ssh-ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com
|
||||
```
|
||||
|
||||
For more information about configuring cipher suites and cryptographic algorithms, see [AUTOTITLE](/admin/configuring-settings/hardening-security-for-your-enterprise/configuring-tls#configuring-cipher-suites-and-cryptographic-algorithms).
|
||||
|
||||
{% endif %}
|
||||
|
||||
### ghe-console
|
||||
|
||||
This utility opens the GitHub Rails console on your {% data variables.product.prodname_enterprise %} appliance. {% data reusables.command_line.use_with_support_only %}
|
||||
|
||||
@@ -120,4 +120,392 @@ To resolve these errors, you must update the Subject Alternative Names (SANs) yo
|
||||
```
|
||||
|
||||
{% data reusables.enterprise.apply-configuration %}
|
||||
|
||||
1. If you configured a user message or maintenance mode, remove the message and disable maintenance mode.
|
||||
|
||||
{% ifversion ghes > 3.18 %}
|
||||
|
||||
## Configuring cipher suites and cryptographic algorithms
|
||||
|
||||
You can configure the cipher suites and cryptographic algorithms that {% data variables.product.prodname_ghe_server %} uses for TLS connections and SSH connections.
|
||||
|
||||
### About cipher suite and algorithm configuration
|
||||
|
||||
{% data variables.product.prodname_ghe_server %} allows you to configure which cipher suites and cryptographic algorithms to use for:
|
||||
|
||||
* **TLS connections** on ports 443 (HTTPS web interface) and 8443 (HTTPS management console)
|
||||
* **SSH connections** on port 22 (Git operations via SSH) and port 122 (administrative shell access)
|
||||
|
||||
The default secure cipher suites are based on industry-standard TLS hardening recommendations and modern security best practices. Most organizations should use these defaults unless specific compliance or security requirements dictate otherwise.
|
||||
|
||||
Organizations may need to customize cipher suites and cryptographic algorithms to meet specific organizational security policies, industry standards, or regulatory requirements.
|
||||
|
||||
Starting in {% data variables.product.prodname_ghe_server %} 3.19, TLS ciphers are configurable and the web gateway uses more secure cipher defaults. To maintain backwards compatibility with existing instances, newly provisioned instances will use these new defaults.
|
||||
|
||||
> [!WARNING]
|
||||
> Configuring overly restrictive cipher suites may prevent clients from connecting to your instance. Always test changes in a non-production environment first, ensure at least one cipher suite is compatible with your clients, and verify connectivity after applying configuration changes.
|
||||
|
||||
> [!NOTE]
|
||||
> When configuring TLS cipher suites, use comma-separated values in your configuration commands. {% data variables.product.prodname_ghe_server %} automatically converts comma delimiters to colons for the HAProxy configuration. Cipher suites are evaluated in the order specified, so list your preferred ciphers first.
|
||||
|
||||
### Configuring TLS cipher suites
|
||||
|
||||
You can configure the cipher suites used for TLS 1.2 and TLS 1.3 connections.
|
||||
|
||||
#### Listing available TLS cipher suites
|
||||
|
||||
{% data reusables.enterprise_installation.ssh-into-target-instance %}
|
||||
|
||||
1. To view the default secure cipher suites for TLS 1.2, run the following command.
|
||||
|
||||
```shell copy
|
||||
ghe-crypto list tlsv12-ciphersuites
|
||||
```
|
||||
|
||||
1. To view the default secure cipher suites for TLS 1.3, run the following command.
|
||||
|
||||
```shell copy
|
||||
ghe-crypto list tlsv13-ciphersuites
|
||||
```
|
||||
|
||||
#### Viewing current cipher configuration
|
||||
|
||||
{% data reusables.enterprise_installation.ssh-into-target-instance %}
|
||||
|
||||
1. To view the configured TLS 1.2 cipher suites, run the following command.
|
||||
|
||||
```shell copy
|
||||
ghe-config github-ssl.tlsv12-ciphersuites
|
||||
```
|
||||
|
||||
1. To view the configured TLS 1.3 cipher suites, run the following command.
|
||||
|
||||
```shell copy
|
||||
ghe-config github-ssl.tlsv13-ciphersuites
|
||||
```
|
||||
|
||||
If these commands return empty values, the instance is using the secure defaults.
|
||||
|
||||
#### Setting TLS 1.2 cipher suites
|
||||
|
||||
{% data reusables.enterprise_installation.ssh-into-target-instance %}
|
||||
|
||||
1. Check your desired TLS 1.2 cipher suites using the `ghe-crypto check` command. Replace `CIPHER1,CIPHER2,CIPHER3` with a comma-separated list of cipher suites.
|
||||
|
||||
```shell copy
|
||||
ghe-crypto check tlsv12-ciphersuites CIPHER1,CIPHER2,CIPHER3
|
||||
```
|
||||
|
||||
For example:
|
||||
|
||||
```shell
|
||||
ghe-crypto check tlsv12-ciphersuites ECDHE-ECDSA-AES128-GCM-SHA256,ECDHE-RSA-AES128-GCM-SHA256,ECDHE-ECDSA-AES256-GCM-SHA384
|
||||
```
|
||||
|
||||
1. If the cipher string is valid, set the TLS 1.2 cipher suites. Replace `CIPHER1,CIPHER2,CIPHER3` with your comma-separated list.
|
||||
|
||||
```shell copy
|
||||
ghe-config github-ssl.tlsv12-ciphersuites 'CIPHER1,CIPHER2,CIPHER3'
|
||||
```
|
||||
|
||||
For example:
|
||||
|
||||
```shell
|
||||
ghe-config github-ssl.tlsv12-ciphersuites 'ECDHE-ECDSA-AES128-GCM-SHA256,ECDHE-RSA-AES128-GCM-SHA256,ECDHE-ECDSA-AES256-GCM-SHA384'
|
||||
```
|
||||
|
||||
1. Check the configuration.
|
||||
|
||||
```shell copy
|
||||
ghe-config-check
|
||||
```
|
||||
|
||||
{% data reusables.enterprise.apply-configuration %}
|
||||
|
||||
1. If you configured a user message or maintenance mode, remove the message and disable maintenance mode.
|
||||
|
||||
#### Setting TLS 1.3 cipher suites
|
||||
|
||||
{% data reusables.enterprise_installation.ssh-into-target-instance %}
|
||||
|
||||
1. Check your desired TLS 1.3 cipher suites using the `ghe-crypto check` command. Replace `CIPHER1,CIPHER2,CIPHER3` with a comma-separated list of cipher suites.
|
||||
|
||||
```shell copy
|
||||
ghe-crypto check tlsv13-ciphersuites CIPHER1,CIPHER2,CIPHER3
|
||||
```
|
||||
|
||||
For example:
|
||||
|
||||
```shell
|
||||
ghe-crypto check tlsv13-ciphersuites TLS_AES_128_GCM_SHA256,TLS_AES_256_GCM_SHA384,TLS_CHACHA20_POLY1305_SHA256
|
||||
```
|
||||
|
||||
1. If the cipher string is valid, set the TLS 1.3 cipher suites. Replace `CIPHER1,CIPHER2,CIPHER3` with your comma-separated list.
|
||||
|
||||
```shell copy
|
||||
ghe-config github-ssl.tlsv13-ciphersuites 'CIPHER1,CIPHER2,CIPHER3'
|
||||
```
|
||||
|
||||
For example:
|
||||
|
||||
```shell
|
||||
ghe-config github-ssl.tlsv13-ciphersuites 'TLS_AES_128_GCM_SHA256,TLS_AES_256_GCM_SHA384,TLS_CHACHA20_POLY1305_SHA256'
|
||||
```
|
||||
|
||||
1. Check the configuration.
|
||||
|
||||
```shell copy
|
||||
ghe-config-check
|
||||
```
|
||||
|
||||
{% data reusables.enterprise.apply-configuration %}
|
||||
|
||||
1. If you configured a user message or maintenance mode, remove the message and disable maintenance mode.
|
||||
|
||||
### Configuring SSH cryptographic algorithms
|
||||
|
||||
You can configure the cryptographic algorithms used for SSH connections on port 22 (Git operations) and port 122 (administrative shell access).
|
||||
|
||||
#### Listing available SSH algorithms
|
||||
|
||||
{% data reusables.enterprise_installation.ssh-into-target-instance %}
|
||||
|
||||
1. To view the default secure SSH ciphers, run the following command.
|
||||
|
||||
```shell copy
|
||||
ghe-crypto list ssh-ciphers
|
||||
```
|
||||
|
||||
1. To view the default secure SSH MAC algorithms, run the following command.
|
||||
|
||||
```shell copy
|
||||
ghe-crypto list ssh-mac-algorithms
|
||||
```
|
||||
|
||||
1. To view the default secure SSH key exchange algorithms, run the following command.
|
||||
|
||||
```shell copy
|
||||
ghe-crypto list ssh-kex-algorithms
|
||||
```
|
||||
|
||||
1. To view the default secure SSH signature types, run the following command.
|
||||
|
||||
```shell copy
|
||||
ghe-crypto list ssh-signature-types
|
||||
```
|
||||
|
||||
#### Viewing current SSH configuration
|
||||
|
||||
{% data reusables.enterprise_installation.ssh-into-target-instance %}
|
||||
|
||||
1. To view the configured SSH ciphers, run the following command.
|
||||
|
||||
```shell copy
|
||||
ghe-config github-ssl.ssh-ciphers
|
||||
```
|
||||
|
||||
1. To view the configured SSH MAC algorithms, run the following command.
|
||||
|
||||
```shell copy
|
||||
ghe-config github-ssl.ssh-mac-algorithms
|
||||
```
|
||||
|
||||
1. To view the configured SSH key exchange algorithms, run the following command.
|
||||
|
||||
```shell copy
|
||||
ghe-config github-ssl.ssh-kex-algorithms
|
||||
```
|
||||
|
||||
1. To view the configured SSH signature types, run the following command.
|
||||
|
||||
```shell copy
|
||||
ghe-config github-ssl.ssh-signature-types
|
||||
```
|
||||
|
||||
If these commands return empty values, the instance is using the secure defaults.
|
||||
|
||||
#### Setting SSH ciphers
|
||||
|
||||
{% data reusables.enterprise_installation.ssh-into-target-instance %}
|
||||
|
||||
1. Check your desired SSH ciphers using the `ghe-crypto check` command. Replace `cipher1,cipher2,cipher3` with a comma-separated list of ciphers.
|
||||
|
||||
```shell copy
|
||||
ghe-crypto check ssh-ciphers cipher1,cipher2,cipher3
|
||||
```
|
||||
|
||||
For example:
|
||||
|
||||
```shell
|
||||
ghe-crypto check ssh-ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com
|
||||
```
|
||||
|
||||
1. If the cipher string is valid, set the SSH ciphers. Replace `cipher1,cipher2,cipher3` with your comma-separated list.
|
||||
|
||||
```shell copy
|
||||
ghe-config github-ssl.ssh-ciphers 'cipher1,cipher2,cipher3'
|
||||
```
|
||||
|
||||
For example:
|
||||
|
||||
```shell
|
||||
ghe-config github-ssl.ssh-ciphers 'chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com'
|
||||
```
|
||||
|
||||
1. Check the configuration.
|
||||
|
||||
```shell copy
|
||||
ghe-config-check
|
||||
```
|
||||
|
||||
{% data reusables.enterprise.apply-configuration %}
|
||||
|
||||
1. If you configured a user message or maintenance mode, remove the message and disable maintenance mode.
|
||||
|
||||
#### Setting SSH MAC algorithms
|
||||
|
||||
{% data reusables.enterprise_installation.ssh-into-target-instance %}
|
||||
|
||||
1. Check your desired SSH MAC algorithms using the `ghe-crypto check` command. Replace `mac1,mac2,mac3` with a comma-separated list of MAC algorithms.
|
||||
|
||||
```shell copy
|
||||
ghe-crypto check ssh-mac-algorithms mac1,mac2,mac3
|
||||
```
|
||||
|
||||
For example:
|
||||
|
||||
```shell
|
||||
ghe-crypto check ssh-mac-algorithms hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com
|
||||
```
|
||||
|
||||
1. If the MAC algorithm string is valid, set the SSH MAC algorithms. Replace `mac1,mac2,mac3` with your comma-separated list.
|
||||
|
||||
```shell copy
|
||||
ghe-config github-ssl.ssh-mac-algorithms 'mac1,mac2,mac3'
|
||||
```
|
||||
|
||||
For example:
|
||||
|
||||
```shell
|
||||
ghe-config github-ssl.ssh-mac-algorithms 'hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com'
|
||||
```
|
||||
|
||||
1. Check the configuration.
|
||||
|
||||
```shell copy
|
||||
ghe-config-check
|
||||
```
|
||||
|
||||
{% data reusables.enterprise.apply-configuration %}
|
||||
|
||||
1. If you configured a user message or maintenance mode, remove the message and disable maintenance mode.
|
||||
|
||||
#### Setting SSH key exchange algorithms
|
||||
|
||||
{% data reusables.enterprise_installation.ssh-into-target-instance %}
|
||||
|
||||
1. Check your desired SSH key exchange algorithms using the `ghe-crypto check` command. Replace `kex1,kex2,kex3` with a comma-separated list of key exchange algorithms.
|
||||
|
||||
```shell copy
|
||||
ghe-crypto check ssh-kex-algorithms kex1,kex2,kex3
|
||||
```
|
||||
|
||||
For example:
|
||||
|
||||
```shell
|
||||
ghe-crypto check ssh-kex-algorithms curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp521
|
||||
```
|
||||
|
||||
1. If the key exchange algorithm string is valid, set the SSH key exchange algorithms. Replace `kex1,kex2,kex3` with your comma-separated list.
|
||||
|
||||
```shell copy
|
||||
ghe-config github-ssl.ssh-kex-algorithms 'kex1,kex2,kex3'
|
||||
```
|
||||
|
||||
For example:
|
||||
|
||||
```shell
|
||||
ghe-config github-ssl.ssh-kex-algorithms 'curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp521'
|
||||
```
|
||||
|
||||
1. Check the configuration.
|
||||
|
||||
```shell copy
|
||||
ghe-config-check
|
||||
```
|
||||
|
||||
{% data reusables.enterprise.apply-configuration %}
|
||||
|
||||
1. If you configured a user message or maintenance mode, remove the message and disable maintenance mode.
|
||||
|
||||
#### Setting SSH signature types
|
||||
|
||||
{% data reusables.enterprise_installation.ssh-into-target-instance %}
|
||||
|
||||
1. Check your desired SSH signature types using the `ghe-crypto check` command. Replace `sig1,sig2,sig3` with a comma-separated list of signature types.
|
||||
|
||||
```shell copy
|
||||
ghe-crypto check ssh-signature-types sig1,sig2,sig3
|
||||
```
|
||||
|
||||
For example:
|
||||
|
||||
```shell
|
||||
ghe-crypto check ssh-signature-types ssh-ed25519,ecdsa-sha2-nistp521,ecdsa-sha2-nistp384
|
||||
```
|
||||
|
||||
1. If the signature type string is valid, set the SSH signature types. Replace `sig1,sig2,sig3` with your comma-separated list.
|
||||
|
||||
```shell copy
|
||||
ghe-config github-ssl.ssh-signature-types 'sig1,sig2,sig3'
|
||||
```
|
||||
|
||||
For example:
|
||||
|
||||
```shell
|
||||
ghe-config github-ssl.ssh-signature-types 'ssh-ed25519,ecdsa-sha2-nistp521,ecdsa-sha2-nistp384'
|
||||
```
|
||||
|
||||
1. Check the configuration.
|
||||
|
||||
```shell copy
|
||||
ghe-config-check
|
||||
```
|
||||
|
||||
{% data reusables.enterprise.apply-configuration %}
|
||||
|
||||
1. If you configured a user message or maintenance mode, remove the message and disable maintenance mode.
|
||||
|
||||
### Troubleshooting cipher configuration
|
||||
|
||||
If clients cannot connect to {% data variables.location.product_location %} after changing cipher configuration, you can troubleshoot the issue.
|
||||
|
||||
1. Check that your clients support the configured TLS or SSH protocol versions.
|
||||
1. Verify that at least one configured cipher suite is compatible with your clients.
|
||||
1. Review the instance logs for TLS handshake failures or SSH connection errors. For more information about accessing logs, see [AUTOTITLE](/admin/monitoring-and-managing-your-instance/monitoring-your-instance/about-system-logs).
|
||||
1. Temporarily restore the default settings to verify the issue is cipher-related. For more information, see [Restoring default cipher suite and algorithm settings](#restoring-default-cipher-suite-and-algorithm-settings).
|
||||
1. If the issue persists after restoring defaults, contact {% data variables.contact.contact_ent_support %}.
|
||||
|
||||
### Restoring default cipher suite and algorithm settings
|
||||
|
||||
To restore the default secure cipher suites or algorithms, unset the configuration value.
|
||||
|
||||
{% data reusables.enterprise_installation.ssh-into-target-instance %}
|
||||
|
||||
1. Unset the configuration setting. Replace `SETTING` with the name of the setting you want to restore to defaults.
|
||||
|
||||
```shell copy
|
||||
ghe-config --unset github-ssl.SETTING
|
||||
```
|
||||
|
||||
For example, to restore default TLS 1.2 cipher suites:
|
||||
|
||||
```shell
|
||||
ghe-config --unset github-ssl.tlsv12-ciphersuites
|
||||
```
|
||||
|
||||
{% data reusables.enterprise.apply-configuration %}
|
||||
|
||||
1. If you configured a user message or maintenance mode, remove the message and disable maintenance mode.
|
||||
|
||||
{% endif %}
|
||||
|
||||
@@ -34,7 +34,7 @@ contentType: concepts
|
||||
|
||||
{% jetbrains %}
|
||||
|
||||
> [!NOTE] This version of this article is about custom instructions in JetBrains IDEs. Click the tabs above for other environments. <!-- markdownlint-disable-line MD027 -->
|
||||
> [!NOTE] This version of this article is about custom instructions and prompt files in JetBrains IDEs. Click the tabs above for other environments. <!-- markdownlint-disable-line MD027 -->
|
||||
{% endjetbrains %}
|
||||
|
||||
{% xcode %}
|
||||
@@ -74,7 +74,7 @@ You can create two types of repository custom instructions for {% data variables
|
||||
There are two types of files you can use to provide context and instructions to {% data variables.copilot.copilot_chat %} in {% data variables.product.prodname_vscode_shortname %}:
|
||||
|
||||
* **Repository custom instructions** allow you to specify instructions and preferences that {% data variables.product.prodname_copilot_short %} will consider when working in the context of the repository.
|
||||
* **Prompt files** (public preview) allow you to save common prompt instructions and relevant context in Markdown files (`*.prompt.md`) that you can then reuse in your chat prompts. Prompt files are only available in {% data variables.product.prodname_vscode_shortname %}.
|
||||
* **Prompt files** (public preview) allow you to save common prompt instructions and relevant context in Markdown files (`*.prompt.md`) that you can then reuse in your chat prompts. {% data reusables.copilot.prompt-files-available-in-editors %}
|
||||
|
||||
While custom instructions help to add codebase-wide context to each AI workflow, prompt files let you add instructions to a specific chat interaction.
|
||||
|
||||
@@ -88,7 +88,14 @@ While custom instructions help to add codebase-wide context to each AI workflow,
|
||||
|
||||
{% jetbrains %}
|
||||
|
||||
{% data variables.product.prodname_copilot %} can provide chat responses that are tailored to the way your team works, the tools you use, or the specifics of your project, if you provide it with enough context to do so. Instead of repeatedly adding this contextual detail to your chat questions, you can create a custom instructions file in your repository that automatically adds this information for you. The additional information is not displayed in the chat, but is available to {% data variables.product.prodname_copilot_short %} to allow it to generate higher quality responses.
|
||||
{% data variables.product.prodname_copilot %} can provide chat responses that are tailored to the way your team works, the tools you use, or the specifics of your project, if you provide it with enough context to do so. Instead of repeatedly adding this contextual detail to your chat questions, you can create a custom instructions file in your repository that automatically adds this information for you.
|
||||
|
||||
There are two types of files you can use to provide context and instructions to {% data variables.copilot.copilot_chat %} in JetBrains IDEs:
|
||||
|
||||
* **Repository custom instructions** allow you to specify instructions and preferences that {% data variables.product.prodname_copilot_short %} will consider when working in the context of the repository.
|
||||
* **Prompt files** (public preview) allow you to save common prompt instructions and relevant context in Markdown files (`*.prompt.md`) that you can then reuse in your chat prompts. {% data reusables.copilot.prompt-files-available-in-editors %}
|
||||
|
||||
While custom instructions help to add codebase-wide context to each AI workflow, prompt files let you add instructions to a specific chat interaction.
|
||||
|
||||
{% endjetbrains %}
|
||||
|
||||
@@ -229,6 +236,55 @@ Common use cases include:
|
||||
|
||||
{% data reusables.copilot.repository-custom-instructions-example %}
|
||||
|
||||
## About prompt files
|
||||
|
||||
> [!NOTE] Prompt files are {% data variables.release-phases.public_preview %} and subject to change.
|
||||
|
||||
Prompt files let you build and share reusable prompt instructions with additional context. A prompt file is a Markdown file, stored in your workspace, that mimics the existing format of writing prompts in {% data variables.copilot.copilot_chat_short %} (for example, `Rewrite #file:x.ts`). This allows blending natural language instructions and additional context.
|
||||
|
||||
Common use cases include:
|
||||
|
||||
* **Code generation**. Create reusable prompts for components, tests, or migrations (for example, React forms, or API mocks).
|
||||
* **Domain expertise**. Share specialized knowledge through prompts, such as security practices, or compliance checks.
|
||||
* **Team collaboration**. Document patterns and guidelines with references to specs and documentation.
|
||||
* **Onboarding**. Create step-by-step guides for complex processes or project-specific patterns.
|
||||
|
||||
You can have multiple prompt files in your workspace, each of which defines a prompt for a different purpose.
|
||||
|
||||
### Examples
|
||||
|
||||
The following examples demonstrate how to use prompt files.
|
||||
|
||||
* `New React form.prompt.md` - contains instructions for a reusable task to generate a form using React.
|
||||
|
||||
```markdown
|
||||
Your goal is to generate a new React form component.
|
||||
|
||||
Ask for the form name and fields if not provided.
|
||||
|
||||
Requirements for the form:
|
||||
- Use form design system components: [design-system/Form.md](../docs/design-system/Form.md)
|
||||
- Use `react-hook-form` for form state management:
|
||||
- Always define TypeScript types for your form data
|
||||
- Prefer *uncontrolled* components using register
|
||||
- Use `defaultValues` to prevent unnecessary rerenders
|
||||
- Use `yup` for validation:
|
||||
- Create reusable validation schemas in separate files
|
||||
- Use TypeScript types to ensure type safety
|
||||
- Customize UX-friendly validation rules
|
||||
```
|
||||
|
||||
* `API security review.prompt.md` - contains reusable information about security practices for REST APIs, which can be used to do security reviews of REST APIs.
|
||||
|
||||
```markdown
|
||||
Secure REST API review:
|
||||
- Ensure all endpoints are protected by authentication and authorization
|
||||
- Validate all user inputs and sanitize data
|
||||
- Implement rate limiting and throttling
|
||||
- Implement logging and monitoring for security events
|
||||
…
|
||||
```
|
||||
|
||||
{% endjetbrains %}
|
||||
|
||||
{% xcode %}
|
||||
|
||||
@@ -631,3 +631,43 @@ To enable prompt files, configure the workspace settings.
|
||||
For more information about prompt files, see [Custom instructions for {% data variables.product.prodname_copilot %} in VS Code](https://code.visualstudio.com/docs/copilot/copilot-customization#_reusable-prompt-files-experimental) in the {% data variables.product.prodname_vscode %} documentation.
|
||||
|
||||
{% endvscode %}
|
||||
|
||||
{% jetbrains %}
|
||||
|
||||
## Using prompt files
|
||||
|
||||
{% data reusables.copilot.prompt-files-preview-note %}
|
||||
|
||||
Prompt files let you build and share reusable prompt instructions with additional context. A prompt file is a Markdown file, stored in your workspace, that mimics the existing format of writing prompts in {% data variables.copilot.copilot_chat_short %} (for example, `Rewrite #file:x.ts`). You can have multiple prompt files in your workspace, each of which defines a prompt for a different purpose.
|
||||
|
||||
When writing prompt instructions, you can reference other files in the workspace by using Markdown links—for example, `[index](../../web/index.ts)`—or by using the `#file:../../web/index.ts` syntax. Paths are relative to the prompt file. Referencing other files allows you to provide additional context, such as API specifications or product documentation.
|
||||
|
||||
Once prompt files are saved, their instructions will apply to the current workspace in JetBrains IDEs that you open with {% data variables.product.prodname_copilot_short %} enabled.
|
||||
|
||||
### Creating prompt files using the command line
|
||||
|
||||
1. Create the `.github/prompts` directory if it doesn't already exist in your workspace. This directory will be the location for your prompt files.
|
||||
1. Create a prompt file in the `.github/prompts` directory. The prompt file name can contain alphanumeric characters and spaces and should describe the purpose of the prompt information the file will contain. The file name must end with the `.prompt.md` file name extension, for example `TESTPROMPT.prompt.md`.
|
||||
1. Write the prompt instructions using Markdown formatting, and save the file.
|
||||
|
||||
### Creating prompt files using the settings page
|
||||
|
||||
{% data reusables.copilot.jetbrains-settings %}
|
||||
1. Under **Tools**, under **{% data variables.product.prodname_copilot %}**, click **Edit Settings**.
|
||||
1. Under "Settings Categories", click **Customizations**.
|
||||
1. Under "Prompt Files", click **Workspace**, to create a prompt file in your workspace.
|
||||
1. Enter a name for the prompt file, excluding the `.prompt.md` file name extension. The prompt file name can contain alphanumeric characters and spaces and should describe the purpose of the prompt information the file will contain.
|
||||
1. Click **Ok** to save the prompt file name.
|
||||
1. Write the prompt instructions using Markdown formatting, and save the file.
|
||||
|
||||
### Using prompt files
|
||||
|
||||
1. In the chat input box, type `/` followed by the name of the prompt file. For example, `/TESTPROMPT`.
|
||||
1. Optionally, attach additional files, to provide more context.
|
||||
1. Optionally, type additional information in the chat prompt box.
|
||||
|
||||
Whether you need to do this or not depends on the contents of the prompt you are using.
|
||||
|
||||
1. Submit the chat prompt.
|
||||
|
||||
{% endjetbrains %}
|
||||
|
||||
@@ -20,7 +20,7 @@ topics:
|
||||
You can customize {% data variables.product.prodname_copilot %}'s responses using two types of files:
|
||||
|
||||
* **Custom instructions** provide ongoing guidance for how {% data variables.product.prodname_copilot %} should behave across all your interactions.
|
||||
* **Prompt files (public preview)** define reusable prompts for specific tasks that you can invoke when needed. Prompt files are only available in {% data variables.product.prodname_vscode_shortname %}. For an introductory example, see [AUTOTITLE](/copilot/tutorials/customization-library/prompt-files/your-first-prompt-file).
|
||||
* **Prompt files (public preview)** define reusable prompts for specific tasks that you can invoke when needed. {% data reusables.copilot.prompt-files-available-in-editors %} For an introductory example, see [AUTOTITLE](/copilot/tutorials/customization-library/prompt-files/your-first-prompt-file).
|
||||
|
||||
While custom instructions help to add context to each AI workflow, prompt files let you add instructions to a specific chat interaction.
|
||||
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
---
|
||||
title: Customization library
|
||||
intro: 'Discover a curated collection of customizations, including custom instructions and prompt files (VS Code only), to enhance your {% data variables.product.prodname_copilot %} experience.'
|
||||
intro: 'Discover a curated collection of customizations, including custom instructions and prompt files ({% data variables.product.prodname_vscode_shortname %} and JetBrains IDEs only), to enhance your {% data variables.product.prodname_copilot %} experience.'
|
||||
allowTitleToDifferFromFilename: true
|
||||
versions:
|
||||
feature: copilot
|
||||
@@ -20,4 +20,3 @@ children:
|
||||
- /prompt-files
|
||||
contentType: tutorials
|
||||
---
|
||||
|
||||
|
||||
@@ -21,7 +21,7 @@ contentType: tutorials
|
||||
You can customize {% data variables.product.prodname_copilot %}'s responses using two types of files:
|
||||
|
||||
* **Custom instructions** provide ongoing guidance for how {% data variables.product.prodname_copilot %} should behave across all your interactions. For an introductory example, see [AUTOTITLE](/copilot/tutorials/customization-library/custom-instructions/your-first-custom-instructions).
|
||||
* **Prompt files (public preview)** define reusable prompts for specific tasks that you can invoke when needed. Prompt files are only available in {% data variables.product.prodname_vscode_shortname %}.
|
||||
* **Prompt files (public preview)** define reusable prompts for specific tasks that you can invoke when needed. {% data reusables.copilot.prompt-files-available-in-editors %}
|
||||
|
||||
## Your first prompt file
|
||||
|
||||
|
||||
@@ -0,0 +1 @@
|
||||
Prompt files are only available in {% data variables.product.prodname_vscode_shortname %} and JetBrains IDEs.
|
||||
@@ -1,3 +1,3 @@
|
||||
> [!NOTE]
|
||||
> * {% data variables.product.prodname_copilot_short %} prompt files are in {% data variables.release-phases.public_preview %} and subject to change. Prompt files are only available in {% data variables.product.prodname_vscode_shortname %}. See [AUTOTITLE](/copilot/concepts/prompting/response-customization?tool=vscode#about-prompt-files).
|
||||
> * {% data variables.product.prodname_copilot_short %} prompt files are in {% data variables.release-phases.public_preview %} and subject to change. {% data reusables.copilot.prompt-files-available-in-editors %} See [AUTOTITLE](/copilot/concepts/prompting/response-customization?tool=vscode#about-prompt-files).
|
||||
> * For community-contributed examples of prompt files for specific languages and scenarios, see the [Awesome GitHub Copilot Customizations](https://github.com/github/awesome-copilot/blob/main/README.prompts.md) repository.
|
||||
|
||||
Reference in New Issue
Block a user