jprdonnelly/docs
1
0
Fork 0
mirror of synced 2025-12-19 18:10:59 -05:00
Code Issues Projects Releases Wiki Activity

[Quote removal] Remove quotes from data/reusables/actions and data/reusables/accounts (#53657)

Browse Source 
Co-authored-by: Ashish Keshan <ashkeshan@gmail.com>
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
This commit is contained in:
Roniece Ricardo
2024-12-20 15:01:52 -05:00
committed by GitHub
parent 9237179c5f
commit a8c7801607
139 changed files with 198 additions and 198 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
data/reusables/accounts/accounts-billed-separately.md
View File

@@ -1 +1 @@
Each account on {% data variables.product.product_name %} is billed separately. Upgrading an organization account enables paid features for the organization's repositories only and does not affect the features available in repositories owned by any associated personal accounts. Similarly, upgrading a personal account enables paid features for the personal account's repositories only and does not affect the repositories of any organization accounts. For more information about account types, see "[AUTOTITLE](/get-started/learning-about-github/types-of-github-accounts)." Each account on {% data variables.product.product_name %} is billed separately. Upgrading an organization account enables paid features for the organization's repositories only and does not affect the features available in repositories owned by any associated personal accounts. Similarly, upgrading a personal account enables paid features for the personal account's repositories only and does not affect the repositories of any organization accounts. For more information about account types, see [AUTOTITLE](/get-started/learning-about-github/types-of-github-accounts).

2
data/reusables/accounts/create-personal-access-tokens.md
View File

@@ -1 +1 @@
1. For each of your accounts, create a dedicated {% data variables.product.pat_v1 %} with `repo` scope. {% ifversion pat-v2 %}Or, for each of your accounts and for each organization that you are a member of, create a {% data variables.product.pat_v2 %} that can access the desired repositories and that has read and write permissions on repository contents.{% endif %} For more information, see "[AUTOTITLE](/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token)." 1. For each of your accounts, create a dedicated {% data variables.product.pat_v1 %} with `repo` scope. {% ifversion pat-v2 %}Or, for each of your accounts and for each organization that you are a member of, create a {% data variables.product.pat_v2 %} that can access the desired repositories and that has read and write permissions on repository contents.{% endif %} For more information, see [AUTOTITLE](/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token).

2
data/reusables/accounts/you-must-know-your-password.md
View File

@@ -1 +1 @@
If you protect your personal account with two-factor authentication but do not know your password, {% ifversion 2fa-recovery-flow %} you will need to start a two-factor authentication recovery request. For more information, see "[Request help with two-factor authentication](/authentication/securing-your-account-with-two-factor-authentication-2fa/recovering-your-account-if-you-lose-your-2fa-credentials#requesting-help-with-two-factor-authentication)."{% else %}you will not be able to follow these steps to recover your account.{% data variables.product.company_short %} can send a password reset email to a verified address associated with your account. For more information, see "[AUTOTITLE](/authentication/keeping-your-account-and-data-secure/updating-your-github-access-credentials#requesting-a-new-password)."{% endif %} If you protect your personal account with two-factor authentication but do not know your password, {% ifversion 2fa-recovery-flow %} you will need to start a two-factor authentication recovery request. For more information, see [Request help with two-factor authentication](/authentication/securing-your-account-with-two-factor-authentication-2fa/recovering-your-account-if-you-lose-your-2fa-credentials#requesting-help-with-two-factor-authentication).{% else %}you will not be able to follow these steps to recover your account.{% data variables.product.company_short %} can send a password reset email to a verified address associated with your account. For more information, see [AUTOTITLE](/authentication/keeping-your-account-and-data-secure/updating-your-github-access-credentials#requesting-a-new-password).{% endif %}

2
data/reusables/actions/about-artifact-attestations.md
View File

@@ -4,6 +4,6 @@ When you generate artifact attestations with your software, you create cryptogra
* A link to the workflow associated with the artifact. * A link to the workflow associated with the artifact.
* The repository, organization, environment, commit SHA, and triggering event for the artifact. * The repository, organization, environment, commit SHA, and triggering event for the artifact.
* Other information from the OIDC token used to establish provenance. For more information, see "[AUTOTITLE](/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect)." * Other information from the OIDC token used to establish provenance. For more information, see [AUTOTITLE](/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect).
You can also generate artifact attestations that include an associated software bill of materials (SBOM). Associating your builds with a list of the open source dependencies used in them provides transparency and enables consumers to comply with data protection standards. You can also generate artifact attestations that include an associated software bill of materials (SBOM). Associating your builds with a list of the open source dependencies used in them provides transparency and enables consumers to comply with data protection standards.

2
data/reusables/actions/about-deployment-with-github-actions.md
View File

@@ -1 +1 @@
You can deliver deployments through {% data variables.product.prodname_actions %} and environments or with the REST API and third party apps. For more information about using environments to deploy with {% data variables.product.prodname_actions %}, see "[AUTOTITLE](/actions/deployment/targeting-different-environments/managing-environments-for-deployment)." For more information about deployments with the REST API, see "[AUTOTITLE](/rest/repos#deployments)." You can deliver deployments through {% data variables.product.prodname_actions %} and environments or with the REST API and third party apps. For more information about using environments to deploy with {% data variables.product.prodname_actions %}, see [AUTOTITLE](/actions/deployment/targeting-different-environments/managing-environments-for-deployment). For more information about deployments with the REST API, see [AUTOTITLE](/rest/repos#deployments).

2
data/reusables/actions/about-environments.md
View File

@@ -1 +1 @@
Environments are used to describe a general deployment target like `production`, `staging`, or `development`. When a {% data variables.product.prodname_actions %} workflow deploys to an environment, the environment is displayed on the main page of the repository. You can use environments to require approval for a job to proceed, restrict which branches can trigger a workflow{% ifversion actions-custom-deployment-protection-rules-beta %}, gate deployments with custom deployment protection rules{% endif %}, or limit access to secrets. For more information about creating environments, see "[AUTOTITLE](/actions/deployment/targeting-different-environments/managing-environments-for-deployment)." Environments are used to describe a general deployment target like `production`, `staging`, or `development`. When a {% data variables.product.prodname_actions %} workflow deploys to an environment, the environment is displayed on the main page of the repository. You can use environments to require approval for a job to proceed, restrict which branches can trigger a workflow{% ifversion actions-custom-deployment-protection-rules-beta %}, gate deployments with custom deployment protection rules{% endif %}, or limit access to secrets. For more information about creating environments, see [AUTOTITLE](/actions/deployment/targeting-different-environments/managing-environments-for-deployment).

2
data/reusables/actions/about-oidc-short-overview.md
View File

@@ -1,2 +1,2 @@
If your {% data variables.product.prodname_actions %} workflows need to access resources from a cloud provider that supports OpenID Connect (OIDC), you can configure your workflows to authenticate directly to the cloud provider. This will let you stop storing these credentials as long-lived secrets and provide other security benefits. For more information, see "[AUTOTITLE](/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect)" If your {% data variables.product.prodname_actions %} workflows need to access resources from a cloud provider that supports OpenID Connect (OIDC), you can configure your workflows to authenticate directly to the cloud provider. This will let you stop storing these credentials as long-lived secrets and provide other security benefits. For more information, see [AUTOTITLE](/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect)

4
data/reusables/actions/about-runner-groups.md
View File

@@ -2,8 +2,8 @@ To control access to runners at the organization{% ifversion ghec or ghes %} and
When you grant access to a runner group, you can see the runner group listed in the organization's runner settings. Optionally, you can assign additional granular repository{% ifversion restrict-groups-to-workflows %} and workflow{% endif %} access policies to the runner group. When you grant access to a runner group, you can see the runner group listed in the organization's runner settings. Optionally, you can assign additional granular repository{% ifversion restrict-groups-to-workflows %} and workflow{% endif %} access policies to the runner group.
When new runners are created, they are automatically assigned to the default group unless otherwise specified. Runners can only be in one group at a time. You can move runners from one runner group to another. For more information, see "[Moving a runner to a group](#moving-a-runner-to-a-group)." When new runners are created, they are automatically assigned to the default group unless otherwise specified. Runners can only be in one group at a time. You can move runners from one runner group to another. For more information, see [Moving a runner to a group](#moving-a-runner-to-a-group).
{% ifversion target-runner-groups %} {% ifversion target-runner-groups %}
For information on how to route jobs to runners in a specific group, see "[AUTOTITLE](/actions/using-jobs/choosing-the-runner-for-a-job#choosing-runners-in-a-group)." For information on how to route jobs to runners in a specific group, see [AUTOTITLE](/actions/using-jobs/choosing-the-runner-for-a-job#choosing-runners-in-a-group).
{% endif %} {% endif %}

2
data/reusables/actions/about-security-hardening-for-worklows.md
View File

@@ -1 +1 @@
{% data variables.product.prodname_dotcom %} provides security features that you can use to increase the security of your workflows. You can use {% data variables.product.prodname_dotcom %}'s built-in features to ensure you are notified about vulnerabilities in the actions you consume, or to automate the process of keeping the actions in your workflows up to date. For more information, see "[AUTOTITLE](/actions/security-guides/using-githubs-security-features-to-secure-your-use-of-github-actions)." {% data variables.product.prodname_dotcom %} provides security features that you can use to increase the security of your workflows. You can use {% data variables.product.prodname_dotcom %}'s built-in features to ensure you are notified about vulnerabilities in the actions you consume, or to automate the process of keeping the actions in your workflows up to date. For more information, see [AUTOTITLE](/actions/security-guides/using-githubs-security-features-to-secure-your-use-of-github-actions).

2
data/reusables/actions/action-bundled-actions.md
View File

@@ -1 +1 @@
For more information about the action, and for instructions about how to download the most recent version, see "[AUTOTITLE](/admin/github-actions/managing-access-to-actions-from-githubcom/using-the-latest-version-of-the-official-bundled-actions)." For more information about the action, and for instructions about how to download the most recent version, see [AUTOTITLE](/admin/github-actions/managing-access-to-actions-from-githubcom/using-the-latest-version-of-the-official-bundled-actions).

2
data/reusables/actions/actions-activity-types.md
View File

@@ -19,4 +19,4 @@ on:
- labeled - labeled
``` ```
For more information about each event and their activity types, see "[AUTOTITLE](/actions/using-workflows/events-that-trigger-workflows)." For more information about each event and their activity types, see [AUTOTITLE](/actions/using-workflows/events-that-trigger-workflows).

2
data/reusables/actions/actions-runner-controller-about-arc.md
View File

@@ -1,3 +1,3 @@
{% data variables.product.prodname_actions_runner_controller %} (ARC) is a Kubernetes operator that orchestrates and scales self-hosted runners for {% data variables.product.prodname_actions %}. For more information, see [Operator pattern](https://kubernetes.io/docs/concepts/extend-kubernetes/operator/) in the Kubernetes documentation. {% data variables.product.prodname_actions_runner_controller %} (ARC) is a Kubernetes operator that orchestrates and scales self-hosted runners for {% data variables.product.prodname_actions %}. For more information, see [Operator pattern](https://kubernetes.io/docs/concepts/extend-kubernetes/operator/) in the Kubernetes documentation.
With ARC, you can create runner scale sets that automatically scale based on the number of workflows running in your repository, organization, or enterprise. Because controlled runners can be ephemeral and based on containers, new runner instances can scale up or down rapidly and cleanly. For more information about autoscaling, see "[AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners/autoscaling-with-self-hosted-runners)." With ARC, you can create runner scale sets that automatically scale based on the number of workflows running in your repository, organization, or enterprise. Because controlled runners can be ephemeral and based on containers, new runner instances can scale up or down rapidly and cleanly. For more information about autoscaling, see [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners/autoscaling-with-self-hosted-runners).

2
data/reusables/actions/actions-secrets-variables-repository-access.md
View File

@@ -2,7 +2,7 @@
{% ifversion fpt %} {% ifversion fpt %}
> [!NOTE] > [!NOTE]
> Organization-level secrets and variables are not accessible by private repositories for {% data variables.product.prodname_free_user %}. For more information about upgrading your {% data variables.product.company_short %} subscription, see "[AUTOTITLE](/billing/managing-billing-for-your-github-account/upgrading-your-github-subscription)". > Organization-level secrets and variables are not accessible by private repositories for {% data variables.product.prodname_free_user %}. For more information about upgrading your {% data variables.product.company_short %} subscription, see [AUTOTITLE](/billing/managing-billing-for-your-github-account/upgrading-your-github-subscription).
{% endif %} {% endif %}

4
data/reusables/actions/actions-tab-new-runners-note.md
View File

@@ -1,7 +1,7 @@
> [!NOTE] > [!NOTE]
> Enterprise and organization owners{% ifversion custom-org-roles %} and users with the "Manage organization runners and runner groups" permission{% endif %} can create runners from this page. To create a new runner, click **New runner** at the top right of the list of runners to add runners to the repository. > Enterprise and organization owners{% ifversion custom-org-roles %} and users with the "Manage organization runners and runner groups" permission{% endif %} can create runners from this page. To create a new runner, click **New runner** at the top right of the list of runners to add runners to the repository.
> >
> For more information, see {% ifversion actions-hosted-runners %}"[AUTOTITLE](/actions/using-github-hosted-runners/managing-larger-runners)" and {% endif %}"[AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners/adding-self-hosted-runners)." > For more information, see {% ifversion actions-hosted-runners %}[AUTOTITLE](/actions/using-github-hosted-runners/managing-larger-runners) and {% endif %}[AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners/adding-self-hosted-runners).
{% ifversion custom-org-roles %} {% ifversion custom-org-roles %}
>For more information about custom organization roles, see "[AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/about-custom-organization-roles)." >For more information about custom organization roles, see [AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/about-custom-organization-roles).
{% endif %} {% endif %}

2
data/reusables/actions/actions-usage-metrics-not-billing-metrics.md
View File

@@ -1,3 +1,3 @@
{% data variables.product.prodname_actions %} usage metrics do not apply minute multipliers to the metrics displayed. While they _can_ help you understand your bill, their primary purpose is to help you understand how and where Actions minutes are being used in your organization. {% data variables.product.prodname_actions %} usage metrics do not apply minute multipliers to the metrics displayed. While they _can_ help you understand your bill, their primary purpose is to help you understand how and where Actions minutes are being used in your organization.
For more information about minute multipliers, see "[AUTOTITLE](/billing/managing-billing-for-github-actions/about-billing-for-github-actions#minute-multipliers)." For more information about minute multipliers, see [AUTOTITLE](/billing/managing-billing-for-github-actions/about-billing-for-github-actions#minute-multipliers).

2
data/reusables/actions/add-hosted-runner-overview.md
View File

@@ -1,3 +1,3 @@
You can choose an operating system and a hardware configuration from the list of available options. When new instances of this runner are deployed through autoscaling, they'll use the same operating system and hardware configuration you've defined here. You can choose an operating system and a hardware configuration from the list of available options. When new instances of this runner are deployed through autoscaling, they'll use the same operating system and hardware configuration you've defined here.
New runners are automatically assigned to the default group, or you can choose which group the runners must join during the runner creation process. In addition, you can modify the runner's group membership after you've registered the runner. For more information, see "[AUTOTITLE](/actions/using-github-hosted-runners/controlling-access-to-larger-runners)." New runners are automatically assigned to the default group, or you can choose which group the runners must join during the runner creation process. In addition, you can modify the runner's group membership after you've registered the runner. For more information, see [AUTOTITLE](/actions/using-github-hosted-runners/controlling-access-to-larger-runners).

8
data/reusables/actions/allow-specific-actions-intro.md
View File

@@ -8,17 +8,17 @@ When you choose {% data reusables.actions.policy-label-for-select-actions-workfl
{% data reusables.repositories.settings-permissions-org-policy-note %} {% data reusables.repositories.settings-permissions-org-policy-note %}
* **Allow actions created by {% data variables.product.prodname_dotcom %}:** You can allow all actions created by {% data variables.product.prodname_dotcom %} to be used by workflows. Actions created by {% data variables.product.prodname_dotcom %} are located in the `actions` and `github` organizations. For more information, see the [`actions`](https://github.com/actions) and [`github`](https://github.com/github) organizations. * **Allow actions created by {% data variables.product.prodname_dotcom %}:** You can allow all actions created by {% data variables.product.prodname_dotcom %} to be used by workflows. Actions created by {% data variables.product.prodname_dotcom %} are located in the `actions` and `github` organizations. For more information, see the [`actions`](https://github.com/actions) and [`github`](https://github.com/github) organizations.
* **Allow Marketplace actions by verified creators:** {% ifversion ghes %}This option is available if you have {% data variables.product.prodname_github_connect %} enabled and configured with {% data variables.product.prodname_actions %}. For more information, see "[AUTOTITLE](/admin/github-actions/managing-access-to-actions-from-githubcom/enabling-automatic-access-to-githubcom-actions-using-github-connect)."{% endif %} You can allow all {% data variables.product.prodname_marketplace %} actions created by verified creators to be used by workflows. When GitHub has verified the creator of the action as a partner organization, the {% octicon "verified" aria-label="The verified badge" %} badge is displayed next to the action in {% data variables.product.prodname_marketplace %}. * **Allow Marketplace actions by verified creators:** {% ifversion ghes %}This option is available if you have {% data variables.product.prodname_github_connect %} enabled and configured with {% data variables.product.prodname_actions %}. For more information, see [AUTOTITLE](/admin/github-actions/managing-access-to-actions-from-githubcom/enabling-automatic-access-to-githubcom-actions-using-github-connect).{% endif %} You can allow all {% data variables.product.prodname_marketplace %} actions created by verified creators to be used by workflows. When GitHub has verified the creator of the action as a partner organization, the {% octicon "verified" aria-label="The verified badge" %} badge is displayed next to the action in {% data variables.product.prodname_marketplace %}.
* **Allow specified actions{% ifversion actions-workflow-policy %} and reusable workflows{% endif %}:** You can restrict workflows to use actions{% ifversion actions-workflow-policy %} and reusable workflows{% endif %} in specific organizations and repositories. Specified actions cannot be set to more than 1000. * **Allow specified actions{% ifversion actions-workflow-policy %} and reusable workflows{% endif %}:** You can restrict workflows to use actions{% ifversion actions-workflow-policy %} and reusable workflows{% endif %} in specific organizations and repositories. Specified actions cannot be set to more than 1000.
To restrict access to specific tags or commit SHAs of an action{% ifversion actions-workflow-policy %} or reusable workflow{% endif %}, use the same syntax used in the workflow to select the action{% ifversion actions-workflow-policy %} or reusable workflow{% endif %}. To restrict access to specific tags or commit SHAs of an action{% ifversion actions-workflow-policy %} or reusable workflow{% endif %}, use the same syntax used in the workflow to select the action{% ifversion actions-workflow-policy %} or reusable workflow{% endif %}.
* For an action, the syntax is `OWNER/REPOSITORY@TAG-OR-SHA`. For example, use `actions/javascript-action@v1.0.1` to select a tag or `actions/javascript-action@a824008085750b8e136effc585c3cd6082bd575f` to select a SHA. For more information, see "[AUTOTITLE](/actions/learn-github-actions/finding-and-customizing-actions#using-release-management-for-your-custom-actions)." * For an action, the syntax is `OWNER/REPOSITORY@TAG-OR-SHA`. For example, use `actions/javascript-action@v1.0.1` to select a tag or `actions/javascript-action@a824008085750b8e136effc585c3cd6082bd575f` to select a SHA. For more information, see [AUTOTITLE](/actions/learn-github-actions/finding-and-customizing-actions#using-release-management-for-your-custom-actions).
{%- ifversion actions-workflow-policy %} {%- ifversion actions-workflow-policy %}
* For a reusable workflow, the syntax is `OWNER/REPOSITORY/PATH/FILENAME@TAG-OR-SHA`. For example, `octo-org/another-repo/.github/workflows/workflow.yml@v1`. For more information, see "[AUTOTITLE](/actions/using-workflows/reusing-workflows#calling-a-reusable-workflow)." * For a reusable workflow, the syntax is `OWNER/REPOSITORY/PATH/FILENAME@TAG-OR-SHA`. For example, `octo-org/another-repo/.github/workflows/workflow.yml@v1`. For more information, see [AUTOTITLE](/actions/using-workflows/reusing-workflows#calling-a-reusable-workflow).
{%- endif %} {%- endif %}
You can use the `*` wildcard character to match patterns. For example, to allow all actions{% ifversion actions-workflow-policy %} and reusable workflows{% endif %} in organizations that start with `space-org`, you can specify `space-org*/*`. To allow all actions{% ifversion actions-workflow-policy %} and reusable workflows{% endif %} in repositories that start with octocat, you can use `*/octocat**@*`. For more information about using the `*` wildcard, see "[AUTOTITLE](/actions/using-workflows/workflow-syntax-for-github-actions#filter-pattern-cheat-sheet)." You can use the `*` wildcard character to match patterns. For example, to allow all actions{% ifversion actions-workflow-policy %} and reusable workflows{% endif %} in organizations that start with `space-org`, you can specify `space-org*/*`. To allow all actions{% ifversion actions-workflow-policy %} and reusable workflows{% endif %} in repositories that start with octocat, you can use `*/octocat**@*`. For more information about using the `*` wildcard, see [AUTOTITLE](/actions/using-workflows/workflow-syntax-for-github-actions#filter-pattern-cheat-sheet).
Use `,` to separate patterns. For example, to allow `octocat` and `octokit`, you can specify `octocat/*, octokit/*`. Use `,` to separate patterns. For example, to allow `octocat` and `octokit`, you can specify `octocat/*, octokit/*`.

2
data/reusables/actions/arc-runners-namespace.md
View File

@@ -1,2 +1,2 @@
> [!NOTE] > [!NOTE]
> Create the secret in the same namespace where the `gha-runner-scale-set` chart is installed. In this example, the namespace is `arc-runners` to match the quickstart documentation. For more information, see "[AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners-with-actions-runner-controller/quickstart-for-actions-runner-controller#configuring-a-runner-scale-set)." > Create the secret in the same namespace where the `gha-runner-scale-set` chart is installed. In this example, the namespace is `arc-runners` to match the quickstart documentation. For more information, see [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners-with-actions-runner-controller/quickstart-for-actions-runner-controller#configuring-a-runner-scale-set).

2
data/reusables/actions/artifact-attestations-step-explanation.md
View File

@@ -1 +1 @@
In the last step, it generates an artifact attestation for the image, which increases supply chain security. For more information, see "[AUTOTITLE](/actions/security-guides/using-artifact-attestations-to-establish-provenance-for-builds)." In the last step, it generates an artifact attestation for the image, which increases supply chain security. For more information, see [AUTOTITLE](/actions/security-guides/using-artifact-attestations-to-establish-provenance-for-builds).

2
data/reusables/actions/artifact-log-retention-statement.md
View File

@@ -1 +1 @@
By default, {% data variables.product.product_name %} stores build logs and artifacts for 90 days, and this retention period can be customized. For more information, see "[AUTOTITLE](/actions/learn-github-actions/usage-limits-billing-and-administration#artifact-and-log-retention-policy)." By default, {% data variables.product.product_name %} stores build logs and artifacts for 90 days, and this retention period can be customized. For more information, see [AUTOTITLE](/actions/learn-github-actions/usage-limits-billing-and-administration#artifact-and-log-retention-policy).

4
data/reusables/actions/azure-vnet-about-larger-runners.md
View File

@@ -1,3 +1,3 @@
2-64 vCPU Ubuntu and Windows runners are supported with Azure VNET. For more information on these runner types, see "[AUTOTITLE](/actions/using-github-hosted-runners/about-larger-runners/about-larger-runners#about-ubuntu-and-windows-larger-runners)." 2-64 vCPU Ubuntu and Windows runners are supported with Azure VNET. For more information on these runner types, see [AUTOTITLE](/actions/using-github-hosted-runners/about-larger-runners/about-larger-runners#about-ubuntu-and-windows-larger-runners).
{% data reusables.actions.static-ip-limitation-vnet %} You must use dynamic IP addresses, which is the default configuration for larger runners. For more information about networking for larger runners, see "[AUTOTITLE](/actions/using-github-hosted-runners/about-larger-runners/about-larger-runners#networking-for-larger-runners)." {% data reusables.actions.static-ip-limitation-vnet %} You must use dynamic IP addresses, which is the default configuration for larger runners. For more information about networking for larger runners, see [AUTOTITLE](/actions/using-github-hosted-runners/about-larger-runners/about-larger-runners#networking-for-larger-runners).

2
data/reusables/actions/azure-vnet-configuring-overview.md
View File

@@ -2,4 +2,4 @@ To use {% data variables.product.company_short %}-hosted runners with Azure VNET
The following procedures will lead you through both steps. The following procedures will lead you through both steps.
For more information about troubleshooting common issues with using {% data variables.product.company_short %}-hosted runners with Azure VNET, see {% ifversion ghec %}"[AUTOTITLE](/admin/configuration/configuring-private-networking-for-hosted-compute-products/troubleshooting-azure-private-network-configurations-for-github-hosted-runners-in-your-enterprise)."{% else %}"[AUTOTITLE](/organizations/managing-organization-settings/troubleshooting-azure-private-network-configurations-for-github-hosted-runners-in-your-organization)."{% endif %} For more information about troubleshooting common issues with using {% data variables.product.company_short %}-hosted runners with Azure VNET, see {% ifversion ghec %}[AUTOTITLE](/admin/configuration/configuring-private-networking-for-hosted-compute-products/troubleshooting-azure-private-network-configurations-for-github-hosted-runners-in-your-enterprise).{% else %}[AUTOTITLE](/organizations/managing-organization-settings/troubleshooting-azure-private-network-configurations-for-github-hosted-runners-in-your-organization).{% endif %}

4
data/reusables/actions/azure-vnet-creating-network-configuration-prereqs.md
View File

@@ -1,7 +1,7 @@
After configuring your Azure resources, you can use an Azure Virtual Network (VNET) for private networking by creating a network configuration{% ifversion ghec %} at the enterprise or organization level{% else %} at the organization level{% endif %}. Then, you can associate that network configuration to runner groups. For more information about runner groups, see "[AUTOTITLE](/actions/using-github-hosted-runners/about-larger-runners/controlling-access-to-larger-runners)." After configuring your Azure resources, you can use an Azure Virtual Network (VNET) for private networking by creating a network configuration{% ifversion ghec %} at the enterprise or organization level{% else %} at the organization level{% endif %}. Then, you can associate that network configuration to runner groups. For more information about runner groups, see [AUTOTITLE](/actions/using-github-hosted-runners/about-larger-runners/controlling-access-to-larger-runners).
Once the network configuration is associated with a runner group, all runners in that group will have access to the Azure VNET that has been connected to the underlying configuration. Once the network configuration is associated with a runner group, all runners in that group will have access to the Azure VNET that has been connected to the underlying configuration.
### Prerequisites ### Prerequisites
Ensure your Azure resources have been configured _before_ adding a network configuration in {% data variables.product.company_short %}. For more information, see {% ifversion ghec %}"[AUTOTITLE](/admin/configuration/configuring-private-networking-for-hosted-compute-products/configuring-private-networking-for-github-hosted-runners#configuring-your-azure-resources)."{% else %}For more information, see "[AUTOTITLE](/organizations/managing-organization-settings/configuring-private-networking-for-github-hosted-runners-in-your-organization#configuring-your-azure-resources)."{% endif %} Ensure your Azure resources have been configured _before_ adding a network configuration in {% data variables.product.company_short %}. For more information, see {% ifversion ghec %}[AUTOTITLE](/admin/configuration/configuring-private-networking-for-hosted-compute-products/configuring-private-networking-for-github-hosted-runners#configuring-your-azure-resources).{% else %}[AUTOTITLE](/organizations/managing-organization-settings/configuring-private-networking-for-github-hosted-runners-in-your-organization#configuring-your-azure-resources).{% endif %}

2
data/reusables/actions/azure-vnet-enterprise-policy.md
View File

@@ -1 +1 @@
By default, organizations in an enterprise cannot create new network configurations and only inherit enterprise-level network configurations. Enterprise owners can set a policy that allows organizations in the enterprise to create network configurations that are independent of the enterprise. For more information, see "[AUTOTITLE](/admin/configuration/configuring-private-networking-for-hosted-compute-products/configuring-private-networking-for-github-hosted-runners-in-your-enterprise#enabling-creation-of-network-configurations-for-organizations)." By default, organizations in an enterprise cannot create new network configurations and only inherit enterprise-level network configurations. Enterprise owners can set a policy that allows organizations in the enterprise to create network configurations that are independent of the enterprise. For more information, see [AUTOTITLE](/admin/configuration/configuring-private-networking-for-hosted-compute-products/configuring-private-networking-for-github-hosted-runners-in-your-enterprise#enabling-creation-of-network-configurations-for-organizations).

2
data/reusables/actions/azure-vnet-hosted-compute-troubleshooting.md
View File

@@ -70,7 +70,7 @@ To fix this, either increase the size of the subnet you are using or reduce the
### Cannot delete subnet ### Cannot delete subnet
In some cases, a subnet cannot be deleted because it has a Service Association Link (SAL) applied to it. For more information, see "[AUTOTITLE](/organizations/managing-organization-settings/configuring-private-networking-for-github-hosted-runners-in-your-organization#deleting-a-subnet)." In some cases, a subnet cannot be deleted because it has a Service Association Link (SAL) applied to it. For more information, see [AUTOTITLE](/organizations/managing-organization-settings/configuring-private-networking-for-github-hosted-runners-in-your-organization#deleting-a-subnet).
If you need to identify the network settings resource associated with the subnet, you can run the following `curl` command. If you need to identify the network settings resource associated with the subnet, you can run the following `curl` command.
To obtain an Azure Entra token, please refer to the [Azure documentation](https://learn.microsoft.com/en-us/cli/azure/authenticate-azure-cli). Use the same `api-version` you used to create the resource. To obtain an Azure Entra token, please refer to the [Azure documentation](https://learn.microsoft.com/en-us/cli/azure/authenticate-azure-cli). Use the same `api-version` you used to create the resource.

2
data/reusables/actions/azure-vnet-intro-capabilities.md
View File

@@ -1,4 +1,4 @@
You can connect multiple VNET subnets to {% data variables.product.github %} and manage private resource access for your runners via runner groups. For more information about runner groups, see "[AUTOTITLE](/actions/using-github-hosted-runners/about-larger-runners/controlling-access-to-larger-runners)." You can connect multiple VNET subnets to {% data variables.product.github %} and manage private resource access for your runners via runner groups. For more information about runner groups, see [AUTOTITLE](/actions/using-github-hosted-runners/about-larger-runners/controlling-access-to-larger-runners).
Using {% data variables.product.company_short %}-hosted runners within Azure VNET allows you to perform the following actions. Using {% data variables.product.company_short %}-hosted runners within Azure VNET allows you to perform the following actions.
* Privately connect a runner to resources inside an Azure VNET without opening internet ports, including on-premises resources accessible from the Azure VNET. * Privately connect a runner to resources inside an Azure VNET without opening internet ports, including on-premises resources accessible from the Azure VNET.

6
data/reusables/actions/azure-vnet-next-steps-links.md
View File

@@ -2,7 +2,7 @@ To use {% data variables.product.company_short %}-hosted runners with an Azure V
{% ifversion fpt %} {% ifversion fpt %}
For procedures to configure Azure private networking at the organization level, see "[AUTOTITLE](/organizations/managing-organization-settings/configuring-private-networking-for-github-hosted-runners-in-your-organization)." For procedures to configure Azure private networking at the organization level, see [AUTOTITLE](/organizations/managing-organization-settings/configuring-private-networking-for-github-hosted-runners-in-your-organization).
{% endif %} {% endif %}
@@ -10,8 +10,8 @@ For procedures to configure Azure private networking at the organization level,
{% data reusables.actions.azure-vnet-enterprise-policy %} {% data reusables.actions.azure-vnet-enterprise-policy %}
For procedures to configure Azure private networking at the enterprise level, see "[AUTOTITLE](/admin/configuration/configuring-private-networking-for-hosted-compute-products/configuring-private-networking-for-github-hosted-runners-in-your-enterprise)." For procedures to configure Azure private networking at the enterprise level, see [AUTOTITLE](/admin/configuration/configuring-private-networking-for-hosted-compute-products/configuring-private-networking-for-github-hosted-runners-in-your-enterprise).
For procedures to configure Azure private networking at the organization level, see "[AUTOTITLE](/organizations/managing-organization-settings/configuring-private-networking-for-github-hosted-runners-in-your-organization)." For procedures to configure Azure private networking at the organization level, see [AUTOTITLE](/organizations/managing-organization-settings/configuring-private-networking-for-github-hosted-runners-in-your-organization).
{% endif %} {% endif %}

4
data/reusables/actions/azure-vnet-procedures-prereqs.md
View File

@@ -12,10 +12,10 @@ You will use a script to automate configuring your Azure resources.
The `.bicep` file we provide contains the minimal set of rules to use {% data variables.product.company_short %}-hosted runners with Azure VNET. You may need to add rules for your specific use case. The `.bicep` file we provide contains the minimal set of rules to use {% data variables.product.company_short %}-hosted runners with Azure VNET. You may need to add rules for your specific use case.
If you use {% data variables.enterprise.data_residency %}, in the `AllowOutBoundGitHub` section, you must also include the egress IP ranges for {% data variables.enterprise.data_residency_site %}. See "[AUTOTITLE](/admin/data-residency/network-details-for-ghecom#ranges-for-egress-traffic)." If you use {% data variables.enterprise.data_residency %}, in the `AllowOutBoundGitHub` section, you must also include the egress IP ranges for {% data variables.enterprise.data_residency_site %}. See [AUTOTITLE](/admin/data-residency/network-details-for-ghecom#ranges-for-egress-traffic).
> [!NOTE] > [!NOTE]
> As an alternative to using the following file, to allow {% data variables.product.prodname_actions %} to communicate with the runners, you can allow the same firewall domains that are required for communication between self-hosted runners and {% data variables.product.product_name %}. For more information, see "[AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners/about-self-hosted-runners#communication-between-self-hosted-runners-and-github-enterprise-cloud)." To determine the appropriate subnet IP address range, we recommend adding a 30% buffer to the maximum job concurrency you anticipate. For instance, if your network configuration's runners are set to a maximum job concurrency of 300, it's recommended to utilize a subnet IP address range that can accommodate at least 390 runners. This buffer helps ensure that your network can handle unexpected increases in VM needs to meet job concurrency without running out of IP addresses. > As an alternative to using the following file, to allow {% data variables.product.prodname_actions %} to communicate with the runners, you can allow the same firewall domains that are required for communication between self-hosted runners and {% data variables.product.product_name %}. For more information, see [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners/about-self-hosted-runners#communication-between-self-hosted-runners-and-github-enterprise-cloud). To determine the appropriate subnet IP address range, we recommend adding a 30% buffer to the maximum job concurrency you anticipate. For instance, if your network configuration's runners are set to a maximum job concurrency of 300, it's recommended to utilize a subnet IP address range that can accommodate at least 390 runners. This buffer helps ensure that your network can handle unexpected increases in VM needs to meet job concurrency without running out of IP addresses.
```bicep copy ```bicep copy
@description('NSG for outbound rules') @description('NSG for outbound rules')

2
data/reusables/actions/azure-vnet-supported-regions.md
View File

@@ -1,6 +1,6 @@
The {% data variables.product.prodname_actions %} service supports a subset of all the regions that Azure provides. To facilitate communication between the {% data variables.product.prodname_actions %} service and your subnet, your subnet must be in one of the supported regions. The {% data variables.product.prodname_actions %} service supports a subset of all the regions that Azure provides. To facilitate communication between the {% data variables.product.prodname_actions %} service and your subnet, your subnet must be in one of the supported regions.
> [!NOTE] If you use {% data variables.enterprise.data_residency_short %} on {% data variables.enterprise.data_residency_site %}, the supported regions are different. See "[AUTOTITLE](/admin/data-residency/network-details-for-ghecom#supported-regions-for-azure-private-networking)." > [!NOTE] If you use {% data variables.enterprise.data_residency_short %} on {% data variables.enterprise.data_residency_site %}, the supported regions are different. See [AUTOTITLE](/admin/data-residency/network-details-for-ghecom#supported-regions-for-azure-private-networking).
The following regions are supported on {% data variables.product.prodname_dotcom_the_website %}. The following regions are supported on {% data variables.product.prodname_dotcom_the_website %}.

2
data/reusables/actions/cd-templates-actions.md
View File

@@ -1,3 +1,3 @@
{% data variables.product.product_name %} offers deployment workflow templates for several popular services, such as Azure Web App. To learn how to get started using a workflow template, see "[AUTOTITLE](/actions/learn-github-actions/using-starter-workflows)" or [browse the full list of deployment workflow templates](https://github.com/actions/starter-workflows/tree/main/deployments). You can also check out our more detailed guides for specific deployment workflows, such as "[AUTOTITLE](/actions/deployment/deploying-to-your-cloud-provider/deploying-to-azure/deploying-nodejs-to-azure-app-service)." {% data variables.product.product_name %} offers deployment workflow templates for several popular services, such as Azure Web App. To learn how to get started using a workflow template, see [AUTOTITLE](/actions/learn-github-actions/using-starter-workflows) or [browse the full list of deployment workflow templates](https://github.com/actions/starter-workflows/tree/main/deployments). You can also check out our more detailed guides for specific deployment workflows, such as [AUTOTITLE](/actions/deployment/deploying-to-your-cloud-provider/deploying-to-azure/deploying-nodejs-to-azure-app-service).
Many service providers also offer actions on {% data variables.product.prodname_marketplace %} for deploying to their service. For the full list, see [{% data variables.product.prodname_marketplace %}](https://github.com/marketplace?category=deployment&type=actions). Many service providers also offer actions on {% data variables.product.prodname_marketplace %} for deploying to their service. For the full list, see [{% data variables.product.prodname_marketplace %}](https://github.com/marketplace?category=deployment&type=actions).

2
data/reusables/actions/choose-repo.md
View File

@@ -1 +1 @@
Choose a repository where you want to apply this project management workflow. You can use an existing repository that you have write access to, or you can create a new repository. For more information about creating a repository, see "[AUTOTITLE](/repositories/creating-and-managing-repositories/creating-a-new-repository)." Choose a repository where you want to apply this project management workflow. You can use an existing repository that you have write access to, or you can create a new repository. For more information about creating a repository, see [AUTOTITLE](/repositories/creating-and-managing-repositories/creating-a-new-repository).

2
data/reusables/actions/commit-workflow.md
View File

@@ -1 +1 @@
Commit your workflow file to the default branch of your repository. For more information, see "[AUTOTITLE](/repositories/working-with-files/managing-files/creating-new-files)." Commit your workflow file to the default branch of your repository. For more information, see [AUTOTITLE](/repositories/working-with-files/managing-files/creating-new-files).

2
data/reusables/actions/context-injection-warning.md
View File

@@ -1,2 +1,2 @@
> [!WARNING] > [!WARNING]
> When creating workflows and actions, you should always consider whether your code might execute untrusted input from possible attackers. Certain contexts should be treated as untrusted input, as an attacker could insert their own malicious content. For more information, see "[AUTOTITLE](/actions/security-guides/security-hardening-for-github-actions#understanding-the-risk-of-script-injections)." > When creating workflows and actions, you should always consider whether your code might execute untrusted input from possible attackers. Certain contexts should be treated as untrusted input, as an attacker could insert their own malicious content. For more information, see [AUTOTITLE](/actions/security-guides/security-hardening-for-github-actions#understanding-the-risk-of-script-injections).

4
data/reusables/actions/create-azure-app-plan.md
View File

@@ -13,5 +13,5 @@
See the Azure documentation for more information on using the [Azure CLI](https://docs.microsoft.com/cli/azure/): See the Azure documentation for more information on using the [Azure CLI](https://docs.microsoft.com/cli/azure/):
* For authentication, see "[Sign in with Azure CLI](https://docs.microsoft.com/cli/azure/authenticate-azure-cli)." * For authentication, see [Sign in with Azure CLI](https://docs.microsoft.com/cli/azure/authenticate-azure-cli).
* If you need to create a new resource group, see "[az group](https://docs.microsoft.com/cli/azure/group?view=azure-cli-latest#az_group_create)." * If you need to create a new resource group, see [az group](https://docs.microsoft.com/cli/azure/group?view=azure-cli-latest#az_group_create).

4
data/reusables/actions/create-azure-publish-profile.md
View File

@@ -1,5 +1,5 @@
1. Configure an Azure publish profile and create an `AZURE_WEBAPP_PUBLISH_PROFILE` secret. 1. Configure an Azure publish profile and create an `AZURE_WEBAPP_PUBLISH_PROFILE` secret.
Generate your Azure deployment credentials using a publish profile. For more information, see "[Generate deployment credentials](https://docs.microsoft.com/azure/app-service/deploy-github-actions?tabs=applevel#generate-deployment-credentials)" in the Azure documentation. Generate your Azure deployment credentials using a publish profile. For more information, see [Generate deployment credentials](https://docs.microsoft.com/azure/app-service/deploy-github-actions?tabs=applevel#generate-deployment-credentials) in the Azure documentation.
In your {% data variables.product.prodname_dotcom %} repository, create a secret named `AZURE_WEBAPP_PUBLISH_PROFILE` that contains the contents of the publish profile. For more information on creating secrets, see "[AUTOTITLE](/actions/security-guides/using-secrets-in-github-actions#creating-secrets-for-a-repository)." In your {% data variables.product.prodname_dotcom %} repository, create a secret named `AZURE_WEBAPP_PUBLISH_PROFILE` that contains the contents of the publish profile. For more information on creating secrets, see [AUTOTITLE](/actions/security-guides/using-secrets-in-github-actions#creating-secrets-for-a-repository).

2
data/reusables/actions/creating-a-runner-group-for-an-enterprise.md
View File

@@ -9,7 +9,7 @@ Always include a security admonition above this procedure. This is either one of
Enterprises can add their runners to groups for access management. Enterprises can create groups of runners that are accessible to specific organizations in the enterprise account{% ifversion restrict-groups-to-workflows %} or to specific workflows{% endif %}. Organization owners can then assign additional granular repository{% ifversion restrict-groups-to-workflows %} or workflow{% endif %} access policies to the enterprise runner groups. For information about how to create a runner group with the REST API, see the enterprise endpoints in the [{% data variables.product.prodname_actions %} REST API](/rest/actions#self-hosted-runner-groups). Enterprises can add their runners to groups for access management. Enterprises can create groups of runners that are accessible to specific organizations in the enterprise account{% ifversion restrict-groups-to-workflows %} or to specific workflows{% endif %}. Organization owners can then assign additional granular repository{% ifversion restrict-groups-to-workflows %} or workflow{% endif %} access policies to the enterprise runner groups. For information about how to create a runner group with the REST API, see the enterprise endpoints in the [{% data variables.product.prodname_actions %} REST API](/rest/actions#self-hosted-runner-groups).
If no group is specified during the registration process, runners are automatically added to a default group. You can later move the runner from the default group to a custom group. For more information, see "[Moving a runner to a group](#moving-a-runner-to-a-group)." If no group is specified during the registration process, runners are automatically added to a default group. You can later move the runner from the default group to a custom group. For more information, see [Moving a runner to a group](#moving-a-runner-to-a-group).
When creating a group, you must choose a policy that defines which organizations have access to the runner group. When creating a group, you must choose a policy that defines which organizations have access to the runner group.

8
data/reusables/actions/creating-a-runner-group-for-an-organization.md
View File

@@ -8,13 +8,13 @@ Always include a security admonition above this procedure. This is either one of
{% endcomment %} {% endcomment %}
> [!NOTE] > [!NOTE]
> When creating a runner group, you must choose a policy that defines which repositories{% ifversion restrict-groups-to-workflows %} and workflows{% endif %} have access to the runner group. To change which repositories and workflows can access the runner group, organization owners{% ifversion custom-org-roles %} and users with the “Manage organization runners and runner groups” permission{% endif %} can set a policy for the organization. For more information, see "[AUTOTITLE](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise#disabling-repository-level-self-hosted-runners)." > When creating a runner group, you must choose a policy that defines which repositories{% ifversion restrict-groups-to-workflows %} and workflows{% endif %} have access to the runner group. To change which repositories and workflows can access the runner group, organization owners{% ifversion custom-org-roles %} and users with the “Manage organization runners and runner groups” permission{% endif %} can set a policy for the organization. For more information, see [AUTOTITLE](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise#disabling-repository-level-self-hosted-runners).
All organizations have a single default runner group. {% ifversion fpt %}Organization owners using the {% data variables.product.prodname_team %} plan{% else %}Organization owners{% ifversion custom-org-roles %} and users with the "Manage organization runners and runner groups" permission{% endif %}{% endif %} can create additional organization-level runner groups. {% ifversion custom-org-roles %}For more information about custom organization roles, see "[AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/about-custom-organization-roles)."{% endif %} All organizations have a single default runner group. {% ifversion fpt %}Organization owners using the {% data variables.product.prodname_team %} plan{% else %}Organization owners{% ifversion custom-org-roles %} and users with the "Manage organization runners and runner groups" permission{% endif %}{% endif %} can create additional organization-level runner groups. {% ifversion custom-org-roles %}For more information about custom organization roles, see [AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/about-custom-organization-roles).{% endif %}
If no group is specified during the registration process, runners are automatically added to the default group. You can later move the runner from the default group to a custom group. For more information, see "[Moving a runner to a group](#moving-a-runner-to-a-group)." If no group is specified during the registration process, runners are automatically added to the default group. You can later move the runner from the default group to a custom group. For more information, see [Moving a runner to a group](#moving-a-runner-to-a-group).
For information about how to create a runner group with the REST API, see "[AUTOTITLE](/rest/actions#self-hosted-runner-groups)." For information about how to create a runner group with the REST API, see [AUTOTITLE](/rest/actions#self-hosted-runner-groups).
{% data reusables.organizations.navigate-to-org %} {% data reusables.organizations.navigate-to-org %}
{% data reusables.organizations.org_settings %} {% data reusables.organizations.org_settings %}

2
data/reusables/actions/dependabot-version-updates-actions-caveats.md
View File

@@ -1,3 +1,3 @@
* {% data variables.product.prodname_dependabot %} only supports updates to {% data variables.product.prodname_actions %} using the {% data variables.product.prodname_dotcom %} repository syntax, such as `{% data reusables.actions.action-checkout %}`. {% data variables.product.prodname_dependabot %} will ignore actions or reusable workflows referenced locally (for example, `./.github/actions/foo.yml`). * {% data variables.product.prodname_dependabot %} only supports updates to {% data variables.product.prodname_actions %} using the {% data variables.product.prodname_dotcom %} repository syntax, such as `{% data reusables.actions.action-checkout %}`. {% data variables.product.prodname_dependabot %} will ignore actions or reusable workflows referenced locally (for example, `./.github/actions/foo.yml`).
* Docker Hub and {% data variables.product.prodname_registry %} {% data variables.product.prodname_container_registry %} URLs are currently not supported. For example, references to Docker container actions using `docker://` syntax aren't supported. * Docker Hub and {% data variables.product.prodname_registry %} {% data variables.product.prodname_container_registry %} URLs are currently not supported. For example, references to Docker container actions using `docker://` syntax aren't supported.
* {% data variables.product.prodname_dependabot %} supports both public and private repositories for {% data variables.product.prodname_actions %}. For private registry configuration options, see "`git`" in "[AUTOTITLE](/code-security/dependabot/working-with-dependabot/configuring-access-to-private-registries-for-dependabot#git)." * {% data variables.product.prodname_dependabot %} supports both public and private repositories for {% data variables.product.prodname_actions %}. For private registry configuration options, see "`git`" in [AUTOTITLE](/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#git).

2
data/reusables/actions/dependabot-version-updates-for-actions.md
View File

@@ -1 +1 @@
You can use {% data variables.product.prodname_dependabot %} to ensure that references to actions and reusable workflows used in your repository are kept up to date. Actions are often updated with bug fixes and new features to make automated processes faster, safer, and more reliable. {% data variables.product.prodname_dependabot %} takes the effort out of maintaining your dependencies as it does this automatically for you. For more information, see "[AUTOTITLE](/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot)" and "[AUTOTITLE](/code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates)." You can use {% data variables.product.prodname_dependabot %} to ensure that references to actions and reusable workflows used in your repository are kept up to date. Actions are often updated with bug fixes and new features to make automated processes faster, safer, and more reliable. {% data variables.product.prodname_dependabot %} takes the effort out of maintaining your dependencies as it does this automatically for you. For more information, see [AUTOTITLE](/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot) and [AUTOTITLE](/code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates).

4
data/reusables/actions/disable-selfhosted-runners-crossrefs.md
View File

@@ -1,5 +1,5 @@
{% ifversion ghec or ghes %}Enterprise owners and organization {% elsif fpt %}Organization {% endif %}owners can choose which repositories are allowed to create repository-level self-hosted runners. {% ifversion custom-org-roles %}Users with the “Manage organization runners and runner groups” permission can only choose which repositories are allowed to create repository-level self-hosted runners for repositories in your organization{% endif %}. {% ifversion ghec or ghes %}Enterprise owners and organization {% elsif fpt %}Organization {% endif %}owners can choose which repositories are allowed to create repository-level self-hosted runners. {% ifversion custom-org-roles %}Users with the “Manage organization runners and runner groups” permission can only choose which repositories are allowed to create repository-level self-hosted runners for repositories in your organization{% endif %}.
{% ifversion custom-org-roles %}For more information about custom organization roles, see "[AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/about-custom-organization-roles)."{% endif %} {% ifversion custom-org-roles %}For more information about custom organization roles, see [AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/about-custom-organization-roles).{% endif %}
For more information, see {% ifversion ghec or ghes %}"[AUTOTITLE](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise#disabling-repository-level-self-hosted-runners)" and {% endif %}"[AUTOTITLE](/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization#limiting-the-use-of-self-hosted-runners)." For more information, see {% ifversion ghec or ghes %}[AUTOTITLE](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise#disabling-repository-level-self-hosted-runners) and {% endif %}[AUTOTITLE](/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization#limiting-the-use-of-self-hosted-runners).

2
data/reusables/actions/enabling-actions-metrics.md
View File

@@ -1,3 +1,3 @@
## Enabling access to {% data variables.product.prodname_actions %} metrics ## Enabling access to {% data variables.product.prodname_actions %} metrics
Organization owners can create custom organization roles to allow people to view {% data variables.product.prodname_actions %} usage metrics for their organization. To provide users with access, select the "View organization Actions metrics" role when creating a custom organization role. For more information, see "[AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/about-custom-organization-roles)." Organization owners can create custom organization roles to allow people to view {% data variables.product.prodname_actions %} usage metrics for their organization. To provide users with access, select the "View organization Actions metrics" role when creating a custom organization role. For more information, see [AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/about-custom-organization-roles).

4
data/reusables/actions/enterprise-common-prereqs.md
View File

@@ -1,5 +1,5 @@
* Review the hardware requirements for {% data variables.product.prodname_actions %}. For more information, see "[AUTOTITLE](/admin/github-actions/getting-started-with-github-actions-for-your-enterprise/getting-started-with-github-actions-for-github-enterprise-server#review-hardware-considerations)." * Review the hardware requirements for {% data variables.product.prodname_actions %}. For more information, see [AUTOTITLE](/admin/github-actions/getting-started-with-github-actions-for-your-enterprise/getting-started-with-github-actions-for-github-enterprise-server#review-hardware-considerations).
* TLS must be configured for {% data variables.product.prodname_ghe_server %}'s domain. For more information, see "[AUTOTITLE](/admin/configuration/configuring-network-settings/configuring-tls)." * TLS must be configured for {% data variables.product.prodname_ghe_server %}'s domain. For more information, see [AUTOTITLE](/admin/configuration/configuring-network-settings/configuring-tls).
> [!NOTE] > [!NOTE]
> {% data reusables.actions.enterprise-self-signed-cert %} > {% data reusables.actions.enterprise-self-signed-cert %}

2
data/reusables/actions/enterprise-gcp-storage-credential-fields.md
View File

@@ -1,3 +1,3 @@
* **Service URL:** The service URL for your bucket. This is usually `https://storage.googleapis.com`. * **Service URL:** The service URL for your bucket. This is usually `https://storage.googleapis.com`.
* **Bucket Name:** The name of your bucket. * **Bucket Name:** The name of your bucket.
* **HMAC Access Id and HMAC Secret:** The Google Cloud access ID and secret for your storage account. For more information, see "[Manage HMAC keys for service accounts](https://cloud.google.com/storage/docs/authentication/managing-hmackeys)" in the Google Cloud documentation. * **HMAC Access Id and HMAC Secret:** The Google Cloud access ID and secret for your storage account. For more information, see [Manage HMAC keys for service accounts](https://cloud.google.com/storage/docs/authentication/managing-hmackeys) in the Google Cloud documentation.

2
data/reusables/actions/enterprise-http-proxy.md
View File

@@ -3,4 +3,4 @@ If you have an **HTTP Proxy Server** configured on {% data variables.product.git
* You must add `.localhost`, `127.0.0.1`, and `::1` to the **HTTP Proxy Exclusion** list (in this order). * You must add `.localhost`, `127.0.0.1`, and `::1` to the **HTTP Proxy Exclusion** list (in this order).
* If your external storage location is not routable, then you must also add your external storage URL to the exclusion list. * If your external storage location is not routable, then you must also add your external storage URL to the exclusion list.
For more information on changing your proxy settings, see "[AUTOTITLE](/admin/configuration/configuring-network-settings/configuring-an-outbound-web-proxy-server)." For more information on changing your proxy settings, see [AUTOTITLE](/admin/configuration/configuring-network-settings/configuring-an-outbound-web-proxy-server).

2
data/reusables/actions/enterprise-limit-actions-use.md
View File

@@ -1 +1 @@
After you enable {% data variables.product.prodname_github_connect %}, you can use policies to restrict which public actions can be used in repositories in your enterprise. For more information, see "[AUTOTITLE](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise)." After you enable {% data variables.product.prodname_github_connect %}, you can use policies to restrict which public actions can be used in repositories in your enterprise. For more information, see [AUTOTITLE](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise).

2
data/reusables/actions/enterprise-marketplace-actions.md
View File

@@ -1,6 +1,6 @@
{% ifversion ghes %} {% ifversion ghes %}
> [!NOTE] > [!NOTE]
> {% data variables.product.prodname_actions %} on {% data variables.product.prodname_ghe_server %} may have limited access to actions on {% data variables.product.prodname_dotcom_the_website %} or {% data variables.product.prodname_marketplace %}. For more information, see "[AUTOTITLE](/admin/github-actions/managing-access-to-actions-from-githubcom)" and contact your {% data variables.product.prodname_enterprise %} site administrator. > {% data variables.product.prodname_actions %} on {% data variables.product.prodname_ghe_server %} may have limited access to actions on {% data variables.product.prodname_dotcom_the_website %} or {% data variables.product.prodname_marketplace %}. For more information, see [AUTOTITLE](/admin/github-actions/managing-access-to-actions-from-githubcom) and contact your {% data variables.product.prodname_enterprise %} site administrator.
{% endif %} {% endif %}

2
data/reusables/actions/enterprise-postinstall-nextsteps.md
View File

@@ -1,3 +1,3 @@
## Next steps ## Next steps
After the configuration run has successfully completed, {% data variables.product.prodname_actions %} will be enabled on {% data variables.product.github %}. For your next steps, such as managing {% data variables.product.prodname_actions %} access permissions and adding self-hosted runners, return to "[AUTOTITLE](/admin/github-actions/getting-started-with-github-actions-for-your-enterprise/getting-started-with-github-actions-for-github-enterprise-server#enabling-github-actions-with-your-storage-provider)." After the configuration run has successfully completed, {% data variables.product.prodname_actions %} will be enabled on {% data variables.product.github %}. For your next steps, such as managing {% data variables.product.prodname_actions %} access permissions and adding self-hosted runners, return to [AUTOTITLE](/admin/github-actions/getting-started-with-github-actions-for-your-enterprise/getting-started-with-github-actions-for-github-enterprise-server#enabling-github-actions-with-your-storage-provider).

2
data/reusables/actions/enterprise-s3-storage-credential-fields.md
View File

@@ -1,5 +1,5 @@
* **AWS Service URL:** The service URL for your bucket. For example, if your S3 bucket was created in the `us-west-2` region, this value should be `https://s3.us-west-2.amazonaws.com`. * **AWS Service URL:** The service URL for your bucket. For example, if your S3 bucket was created in the `us-west-2` region, this value should be `https://s3.us-west-2.amazonaws.com`.
For more information, see "[AWS service endpoints](https://docs.aws.amazon.com/general/latest/gr/rande.html)" in the AWS documentation. For more information, see [AWS service endpoints](https://docs.aws.amazon.com/general/latest/gr/rande.html) in the AWS documentation.
* **AWS S3 Bucket:** The name of your S3 bucket. * **AWS S3 Bucket:** The name of your S3 bucket.
* **AWS S3 Access Key and AWS S3 Secret Key:** The AWS access key ID and secret key for your bucket. * **AWS S3 Access Key and AWS S3 Secret Key:** The AWS access key ID and secret key for your bucket.

2
data/reusables/actions/enterprise-setup-prereq.md
View File

@@ -2,6 +2,6 @@
### Using self-hosted runners on {% data variables.product.prodname_ghe_server %} ### Using self-hosted runners on {% data variables.product.prodname_ghe_server %}
When using setup actions (such as `actions/setup-LANGUAGE`) on {% data variables.product.prodname_ghe_server %} with self-hosted runners, you might need to set up the tools cache on runners that do not have internet access. For more information, see "[AUTOTITLE](/admin/github-actions/managing-access-to-actions-from-githubcom/setting-up-the-tool-cache-on-self-hosted-runners-without-internet-access)." When using setup actions (such as `actions/setup-LANGUAGE`) on {% data variables.product.prodname_ghe_server %} with self-hosted runners, you might need to set up the tools cache on runners that do not have internet access. For more information, see [AUTOTITLE](/admin/github-actions/managing-access-to-actions-from-githubcom/setting-up-the-tool-cache-on-self-hosted-runners-without-internet-access).
{% endif %} {% endif %}

2
data/reusables/actions/enterprise-storage-about.md
View File

@@ -1,3 +1,3 @@
## About external storage for {% data variables.product.prodname_actions %} ## About external storage for {% data variables.product.prodname_actions %}
{% data reusables.actions.enterprise-storage-contents %} For more information, see "[AUTOTITLE](/admin/github-actions/getting-started-with-github-actions-for-your-enterprise/getting-started-with-github-actions-for-github-enterprise-server#external-storage-requirements)." {% data reusables.actions.enterprise-storage-contents %} For more information, see [AUTOTITLE](/admin/github-actions/getting-started-with-github-actions-for-your-enterprise/getting-started-with-github-actions-for-github-enterprise-server#external-storage-requirements).

2
data/reusables/actions/forked-write-permission.md
View File

@@ -1 +1 @@
You can use the `permissions` key to add and remove read permissions for forked repositories, but typically you can't grant write access. The exception to this behavior is where an admin user has selected the **Send write tokens to workflows from pull requests** option in the {% data variables.product.prodname_actions %} settings. For more information, see "[AUTOTITLE](/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#enabling-workflows-for-private-repository-forks)." You can use the `permissions` key to add and remove read permissions for forked repositories, but typically you can't grant write access. The exception to this behavior is where an admin user has selected the **Send write tokens to workflows from pull requests** option in the {% data variables.product.prodname_actions %} settings. For more information, see [AUTOTITLE](/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#enabling-workflows-for-private-repository-forks).

2
data/reusables/actions/gai-config-environment-variables.md
View File

@@ -1 +1 @@
{% data variables.product.prodname_actions_importer %} uses environment variables for its authentication configuration. These variables are set when following the configuration process using the `configure` command. For more information, see the "[Configuring credentials](#configuring-credentials)" section. {% data variables.product.prodname_actions_importer %} uses environment variables for its authentication configuration. These variables are set when following the configuration process using the `configure` command. For more information, see the [Configuring credentials](#configuring-credentials) section.

2
data/reusables/actions/gai-custom-transformers-rec.md
View File

@@ -1 +1 @@
If there is anything that {% data variables.product.prodname_actions_importer %} was not able to convert automatically, such as unknown build steps or a partially successful pipeline, you might want to create custom transformers to further customize the conversion process. For more information, see "[AUTOTITLE](/actions/migrating-to-github-actions/automated-migrations/extending-github-actions-importer-with-custom-transformers)." If there is anything that {% data variables.product.prodname_actions_importer %} was not able to convert automatically, such as unknown build steps or a partially successful pipeline, you might want to create custom transformers to further customize the conversion process. For more information, see [AUTOTITLE](/actions/migrating-to-github-actions/automated-migrations/extending-github-actions-importer-with-custom-transformers).

2
data/reusables/actions/gai-inspect-audit.md
View File

@@ -37,7 +37,7 @@ The "Manual tasks" section contains an overview of tasks that {% data variables.
Listed below are some key terms that can appear in the "Manual tasks" section: Listed below are some key terms that can appear in the "Manual tasks" section:
* A **secret** is a repository or organization-level secret that is used in the converted pipelines. These secrets must be created manually in {% data variables.product.prodname_actions %} for these pipelines to function properly. For more information, see "[AUTOTITLE](/actions/security-guides/using-secrets-in-github-actions)." * A **secret** is a repository or organization-level secret that is used in the converted pipelines. These secrets must be created manually in {% data variables.product.prodname_actions %} for these pipelines to function properly. For more information, see [AUTOTITLE](/actions/security-guides/using-secrets-in-github-actions).
* A **self-hosted runner** refers to a label of a runner that is referenced in a converted pipeline that is not a {% data variables.product.prodname_dotcom %}-hosted runner. You will need to manually define these runners for these pipelines to function properly. * A **self-hosted runner** refers to a label of a runner that is referenced in a converted pipeline that is not a {% data variables.product.prodname_dotcom %}-hosted runner. You will need to manually define these runners for these pipelines to function properly.
#### Files #### Files

2
data/reusables/actions/general-security-hardening.md
View File

@@ -1,3 +1,3 @@
## General security hardening for {% data variables.product.prodname_actions %} ## General security hardening for {% data variables.product.prodname_actions %}
If you want to learn more about security practices for {% data variables.product.prodname_actions %}, see "[AUTOTITLE](/actions/security-guides/security-hardening-for-github-actions)." If you want to learn more about security practices for {% data variables.product.prodname_actions %}, see [AUTOTITLE](/actions/security-guides/security-hardening-for-github-actions).

2
data/reusables/actions/github-hosted-runners-check-concurrency.md
View File

@@ -1 +1 @@
To identify any constraints with concurrency or queuing, you can check how many jobs are currently being processed on the {% data variables.product.prodname_dotcom %}-hosted runners in your organization or enterprise. For more information, see "[AUTOTITLE](/actions/using-github-hosted-runners/monitoring-your-current-jobs)." To identify any constraints with concurrency or queuing, you can check how many jobs are currently being processed on the {% data variables.product.prodname_dotcom %}-hosted runners in your organization or enterprise. For more information, see [AUTOTITLE](/actions/using-github-hosted-runners/monitoring-your-current-jobs).

2
data/reusables/actions/github-token-permissions.md
View File

@@ -1 +1 @@
The `GITHUB_TOKEN` secret is set to an access token for the repository each time a job in a workflow begins. You should set the permissions for this access token in the workflow file to grant read access for the `contents` permission and write access for the `packages` permission. For more information, see "[AUTOTITLE](/actions/security-guides/automatic-token-authentication)." The `GITHUB_TOKEN` secret is set to an access token for the repository each time a job in a workflow begins. You should set the permissions for this access token in the workflow file to grant read access for the `contents` permission and write access for the `packages` permission. For more information, see [AUTOTITLE](/actions/security-guides/automatic-token-authentication).

28
data/reusables/actions/github-token-scope-descriptions.md
View File

@@ -4,23 +4,23 @@ Available permissions and details of what each allows an action to do:
| Permission | Allows an action using `GITHUB_TOKEN` to | | Permission | Allows an action using `GITHUB_TOKEN` to |
| --- | --- | | --- | --- |
| `actions` | Work with GitHub Actions. For example, `actions: write` permits an action to cancel a workflow run. For more information, see "[AUTOTITLE](/rest/overview/permissions-required-for-github-apps?apiVersion=2022-11-28#repository-permissions-for-actions)." | | `actions` | Work with GitHub Actions. For example, `actions: write` permits an action to cancel a workflow run. For more information, see [AUTOTITLE](/rest/overview/permissions-required-for-github-apps?apiVersion=2022-11-28#repository-permissions-for-actions). |
| {% ifversion artifact-attestations %} | | {% ifversion artifact-attestations %} |
| `attestations` | Work with artifact attestations. For example, `attestations: write` permits an action to generate an artifact attestation for a build. For more information, see "[AUTOTITLE](/actions/security-guides/using-artifact-attestations-to-establish-provenance-for-builds)" | | `attestations` | Work with artifact attestations. For example, `attestations: write` permits an action to generate an artifact attestation for a build. For more information, see [AUTOTITLE](/actions/security-guides/using-artifact-attestations-to-establish-provenance-for-builds) |
| {% endif %} | | {% endif %} |
| `checks` | Work with check runs and check suites. For example, `checks: write` permits an action to create a check run. For more information, see "[AUTOTITLE](/rest/overview/permissions-required-for-github-apps?apiVersion=2022-11-28#repository-permissions-for-checks)." | | `checks` | Work with check runs and check suites. For example, `checks: write` permits an action to create a check run. For more information, see [AUTOTITLE](/rest/overview/permissions-required-for-github-apps?apiVersion=2022-11-28#repository-permissions-for-checks). |
| `contents` | Work with the contents of the repository. For example, `contents: read` permits an action to list the commits, and `contents: write` allows the action to create a release. For more information, see "[AUTOTITLE](/rest/overview/permissions-required-for-github-apps?apiVersion=2022-11-28#repository-permissions-for-contents)." | | `contents` | Work with the contents of the repository. For example, `contents: read` permits an action to list the commits, and `contents: write` allows the action to create a release. For more information, see [AUTOTITLE](/rest/overview/permissions-required-for-github-apps?apiVersion=2022-11-28#repository-permissions-for-contents). |
| `deployments` | Work with deployments. For example, `deployments: write` permits an action to create a new deployment. For more information, see "[AUTOTITLE](/rest/overview/permissions-required-for-github-apps?apiVersion=2022-11-28#repository-permissions-for-deployments)." | | `deployments` | Work with deployments. For example, `deployments: write` permits an action to create a new deployment. For more information, see [AUTOTITLE](/rest/overview/permissions-required-for-github-apps?apiVersion=2022-11-28#repository-permissions-for-deployments). |
| {% ifversion discussions %} | | {% ifversion discussions %} |
| `discussions` | Work with GitHub Discussions. For example, `discussions: write` permits an action to close or delete a discussion. For more information, see "[AUTOTITLE](/graphql/guides/using-the-graphql-api-for-discussions)." | | `discussions` | Work with GitHub Discussions. For example, `discussions: write` permits an action to close or delete a discussion. For more information, see [AUTOTITLE](/graphql/guides/using-the-graphql-api-for-discussions). |
| {% endif %} | | {% endif %} |
| {% ifversion fpt or ghec %} | | {% ifversion fpt or ghec %} |
| `id-token` | Fetch an OpenID Connect (OIDC) token. This requires `id-token: write`. For more information, see "[AUTOTITLE](/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect#updating-your-actions-for-oidc)" | | `id-token` | Fetch an OpenID Connect (OIDC) token. This requires `id-token: write`. For more information, see [AUTOTITLE](/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect#updating-your-actions-for-oidc) |
| {% endif %} | | {% endif %} |
| `issues` | Work with issues. For example, `issues: write` permits an action to add a comment to an issue. For more information, see "[AUTOTITLE](/rest/overview/permissions-required-for-github-apps?apiVersion=2022-11-28#repository-permissions-for-issues)." | | `issues` | Work with issues. For example, `issues: write` permits an action to add a comment to an issue. For more information, see [AUTOTITLE](/rest/overview/permissions-required-for-github-apps?apiVersion=2022-11-28#repository-permissions-for-issues). |
| `packages` | Work with GitHub Packages. For example, `packages: write` permits an action to upload and publish packages on GitHub Packages. For more information, see "[AUTOTITLE](/packages/learn-github-packages/about-permissions-for-github-packages#about-scopes-and-permissions-for-package-registries)." | | `packages` | Work with GitHub Packages. For example, `packages: write` permits an action to upload and publish packages on GitHub Packages. For more information, see [AUTOTITLE](/packages/learn-github-packages/about-permissions-for-github-packages#about-scopes-and-permissions-for-package-registries). |
| `pages` | Work with GitHub Pages. For example, `pages: write` permits an action to request a GitHub Pages build. For more information, see "[AUTOTITLE](/rest/overview/permissions-required-for-github-apps?apiVersion=2022-11-28#repository-permissions-for-pages)." | | `pages` | Work with GitHub Pages. For example, `pages: write` permits an action to request a GitHub Pages build. For more information, see [AUTOTITLE](/rest/overview/permissions-required-for-github-apps?apiVersion=2022-11-28#repository-permissions-for-pages). |
| `pull-requests` | Work with pull requests. For example, `pull-requests: write` permits an action to add a label to a pull request. For more information, see "[AUTOTITLE](/rest/overview/permissions-required-for-github-apps?apiVersion=2022-11-28#repository-permissions-for-pull-requests)." | | `pull-requests` | Work with pull requests. For example, `pull-requests: write` permits an action to add a label to a pull request. For more information, see [AUTOTITLE](/rest/overview/permissions-required-for-github-apps?apiVersion=2022-11-28#repository-permissions-for-pull-requests). |
| `repository-projects` | Work with GitHub projects (classic). For example, `repository-projects: write` permits an action to add a column to a project (classic). For more information, see "[AUTOTITLE](/rest/overview/permissions-required-for-github-apps?apiVersion=2022-11-28#repository-permissions-for-projects)." | | `repository-projects` | Work with GitHub projects (classic). For example, `repository-projects: write` permits an action to add a column to a project (classic). For more information, see [AUTOTITLE](/rest/overview/permissions-required-for-github-apps?apiVersion=2022-11-28#repository-permissions-for-projects). |
| `security-events` | Work with GitHub code scanning and Dependabot alerts. For example, `security-events: read` permits an action to list the Dependabot alerts for the repository, and `security-events: write` allows an action to update the status of a code scanning alert. For more information, see "[Repository permissions for 'Code scanning alerts'](/rest/overview/permissions-required-for-github-apps?apiVersion=2022-11-28#repository-permissions-for-code-scanning-alerts)" and "[Repository permissions for 'Dependabot alerts'](/rest/overview/permissions-required-for-github-apps?apiVersion=2022-11-28#repository-permissions-for-dependabot-alerts)" in "Permissions required for GitHub Apps." | | `security-events` | Work with GitHub code scanning and Dependabot alerts. For example, `security-events: read` permits an action to list the Dependabot alerts for the repository, and `security-events: write` allows an action to update the status of a code scanning alert. For more information, see [Repository permissions for 'Code scanning alerts'](/rest/overview/permissions-required-for-github-apps?apiVersion=2022-11-28#repository-permissions-for-code-scanning-alerts) and [Repository permissions for 'Dependabot alerts'](/rest/overview/permissions-required-for-github-apps?apiVersion=2022-11-28#repository-permissions-for-dependabot-alerts) in "Permissions required for GitHub Apps." |
| `statuses` | Work with commit statuses. For example, `statuses:read` permits an action to list the commit statuses for a given reference. For more information, see "[AUTOTITLE](/rest/overview/permissions-required-for-github-apps?apiVersion=2022-11-28#repository-permissions-for-commit-statuses)." | | `statuses` | Work with commit statuses. For example, `statuses:read` permits an action to list the commit statuses for a given reference. For more information, see [AUTOTITLE](/rest/overview/permissions-required-for-github-apps?apiVersion=2022-11-28#repository-permissions-for-commit-statuses). |

2
data/reusables/actions/github_sha_description.md
View File

@@ -1 +1 @@
The commit SHA that triggered the workflow. The value of this commit SHA depends on the event that triggered the workflow. For more information, see "[AUTOTITLE](/actions/using-workflows/events-that-trigger-workflows)." For example, `ffac537e6cbbf934b08745a378932722df287a53`. The commit SHA that triggered the workflow. The value of this commit SHA depends on the event that triggered the workflow. For more information, see [AUTOTITLE](/actions/using-workflows/events-that-trigger-workflows). For example, `ffac537e6cbbf934b08745a378932722df287a53`.

2
data/reusables/actions/if-supported-contexts.md
View File

@@ -1 +1 @@
You can use any supported context and expression to create a conditional. For more information on which contexts are supported in this key, see "[AUTOTITLE](/actions/learn-github-actions/contexts#context-availability)." You can use any supported context and expression to create a conditional. For more information on which contexts are supported in this key, see [AUTOTITLE](/actions/learn-github-actions/contexts#context-availability).

2
data/reusables/actions/internal-actions-summary.md
View File

@@ -1,3 +1,3 @@
{% ifversion internal-actions %} {% ifversion internal-actions %}
To share actions across your enterprise without publishing the actions publicly, you can store the actions in an internal repository, then configure the repository to allow access to {% data variables.product.prodname_actions %} workflows in other repositories owned by the same organization or by any organization in the enterprise. For more information, see "[AUTOTITLE](/actions/creating-actions/sharing-actions-and-workflows-with-your-enterprise)." To share actions across your enterprise without publishing the actions publicly, you can store the actions in an internal repository, then configure the repository to allow access to {% data variables.product.prodname_actions %} workflows in other repositories owned by the same organization or by any organization in the enterprise. For more information, see [AUTOTITLE](/actions/creating-actions/sharing-actions-and-workflows-with-your-enterprise).
{% endif %} {% endif %}

2
data/reusables/actions/introducing-enterprise.md
View File

@@ -1 +1 @@
Before you get started, you should make a plan for how you'll introduce {% data variables.product.prodname_actions %} to your enterprise. For more information, see "[AUTOTITLE](/admin/github-actions/getting-started-with-github-actions-for-your-enterprise/introducing-github-actions-to-your-enterprise)." Before you get started, you should make a plan for how you'll introduce {% data variables.product.prodname_actions %} to your enterprise. For more information, see [AUTOTITLE](/admin/github-actions/getting-started-with-github-actions-for-your-enterprise/introducing-github-actions-to-your-enterprise).

2
data/reusables/actions/ip-allow-list-self-hosted-runners.md
View File

@@ -1,4 +1,4 @@
> [!WARNING] > [!WARNING]
> If you use an IP allow list and would also like to use {% data variables.product.prodname_actions %}, you must use self-hosted runners{% ifversion actions-hosted-runners %} or {% data variables.product.prodname_dotcom %}-hosted larger runners with static IP address ranges{% endif %}. When using [Azure private networking](/admin/configuration/configuring-private-networking-for-hosted-compute-products/about-azure-private-networking-for-github-hosted-runners-in-your-enterprise), IPs from your Azure subnet must be used. To reduce the number of required IPs, we recommend creating a load balancer to provide a single IP range for the GitHub allow list. For more information, see "[AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners/about-self-hosted-runners)" {% ifversion actions-hosted-runners %} or "[AUTOTITLE](/actions/using-github-hosted-runners/using-larger-runners/about-larger-runners)"{% endif %}. > If you use an IP allow list and would also like to use {% data variables.product.prodname_actions %}, you must use self-hosted runners{% ifversion actions-hosted-runners %} or {% data variables.product.prodname_dotcom %}-hosted larger runners with static IP address ranges{% endif %}. When using [Azure private networking](/admin/configuration/configuring-private-networking-for-hosted-compute-products/about-azure-private-networking-for-github-hosted-runners-in-your-enterprise), IPs from your Azure subnet must be used. To reduce the number of required IPs, we recommend creating a load balancer to provide a single IP range for the GitHub allow list. For more information, see [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners/about-self-hosted-runners) {% ifversion actions-hosted-runners %} or [AUTOTITLE](/actions/using-github-hosted-runners/using-larger-runners/about-larger-runners){% endif %}.
To allow your self-hosted {% ifversion actions-hosted-runners %}or larger hosted{% endif %} runners to communicate with {% data variables.product.prodname_dotcom %}, add the IP address or IP address range of your runners to the IP allow list that you have configured for your enterprise. To allow your self-hosted {% ifversion actions-hosted-runners %}or larger hosted{% endif %} runners to communicate with {% data variables.product.prodname_dotcom %}, add the IP address or IP address range of your runners to the IP allow list that you have configured for your enterprise.

6
data/reusables/actions/jobs/choosing-runner-github-hosted.md
View File

@@ -6,11 +6,11 @@ If you use a {% data variables.product.prodname_dotcom %}-hosted runner, each jo
The value for runs-on, when you are using a {% data variables.product.prodname_dotcom %}-hosted runner, is a runner label or the name of a runner group. The labels for the standard {% data variables.product.prodname_dotcom %}-hosted runners are shown in the following tables. The value for runs-on, when you are using a {% data variables.product.prodname_dotcom %}-hosted runner, is a runner label or the name of a runner group. The labels for the standard {% data variables.product.prodname_dotcom %}-hosted runners are shown in the following tables.
For more information, see "[AUTOTITLE](/actions/using-github-hosted-runners/about-github-hosted-runners/about-github-hosted-runners)." For more information, see [AUTOTITLE](/actions/using-github-hosted-runners/about-github-hosted-runners/about-github-hosted-runners).
{% data reusables.actions.supported-github-runners %} {% data reusables.actions.supported-github-runners %}
In addition to the standard {% data variables.product.prodname_dotcom %}-hosted runners, {% data variables.product.prodname_dotcom %} offers customers on {% data variables.product.prodname_team %} and {% data variables.product.prodname_ghe_cloud %} plans a range of managed virtual machines with advanced features - for example, more cores and disk space, GPU-powered machines, and ARM-powered machines. For more information, see "[AUTOTITLE](/actions/using-github-hosted-runners/about-larger-runners/about-larger-runners)." In addition to the standard {% data variables.product.prodname_dotcom %}-hosted runners, {% data variables.product.prodname_dotcom %} offers customers on {% data variables.product.prodname_team %} and {% data variables.product.prodname_ghe_cloud %} plans a range of managed virtual machines with advanced features - for example, more cores and disk space, GPU-powered machines, and ARM-powered machines. For more information, see [AUTOTITLE](/actions/using-github-hosted-runners/about-larger-runners/about-larger-runners).
> [!NOTE] > [!NOTE]
> The `-latest` runner images are the latest stable images that {% data variables.product.prodname_dotcom %} provides, and might not be the most recent version of the operating system available from the operating system vendor. > The `-latest` runner images are the latest stable images that {% data variables.product.prodname_dotcom %} provides, and might not be the most recent version of the operating system available from the operating system vendor.
@@ -24,6 +24,6 @@ In addition to the standard {% data variables.product.prodname_dotcom %}-hosted
runs-on: ubuntu-latest runs-on: ubuntu-latest
``` ```
For more information, see "[AUTOTITLE](/actions/using-github-hosted-runners/about-github-hosted-runners)." For more information, see [AUTOTITLE](/actions/using-github-hosted-runners/about-github-hosted-runners).
{% endif %} {% endif %}

2
data/reusables/actions/jobs/choosing-runner-overview.md
View File

@@ -15,7 +15,7 @@ Use `jobs.<job_id>.runs-on` to define the type of machine to run the job on.
runs-on: [self-hosted, linux, x64, gpu] runs-on: [self-hosted, linux, x64, gpu]
``` ```
For more information, see "[Choosing self-hosted runners](#choosing-self-hosted-runners)." For more information, see [Choosing self-hosted runners](#choosing-self-hosted-runners).
* You can mix strings and variables in an array. For example: * You can mix strings and variables in an array. For example:
{% raw %} {% raw %}

2
data/reusables/actions/jobs/choosing-runner-self-hosted.md
View File

@@ -6,4 +6,4 @@
runs-on: [self-hosted, linux] runs-on: [self-hosted, linux]
``` ```
For more information, see "[AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners/about-self-hosted-runners)" and "[AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners/using-self-hosted-runners-in-a-workflow)." For more information, see [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners/about-self-hosted-runners) and [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners/using-self-hosted-runners-in-a-workflow).

4
data/reusables/actions/jobs/matrix-from-context.md
View File

@@ -1,6 +1,6 @@
You can use contexts to create matrices. For more information about contexts, see "[AUTOTITLE](/actions/learn-github-actions/contexts)." You can use contexts to create matrices. For more information about contexts, see [AUTOTITLE](/actions/learn-github-actions/contexts).
For example, the following workflow triggers on the `repository_dispatch` event and uses information from the event payload to build the matrix. When a repository dispatch event is created with a payload like the one below, the matrix `version` variable will have a value of `[12, 14, 16]`. For more information about the `repository_dispatch` trigger, see "[AUTOTITLE](/actions/using-workflows/events-that-trigger-workflows#repository_dispatch)." For example, the following workflow triggers on the `repository_dispatch` event and uses information from the event payload to build the matrix. When a repository dispatch event is created with a payload like the one below, the matrix `version` variable will have a value of `[12, 14, 16]`. For more information about the `repository_dispatch` trigger, see [AUTOTITLE](/actions/using-workflows/events-that-trigger-workflows#repository_dispatch).
```json ```json
{ {

2
data/reusables/actions/jobs/section-assigning-permissions-to-jobs-specific.md
View File

@@ -1,3 +1,3 @@
For a specific job, you can use `jobs.<job_id>.permissions` to modify the default permissions granted to the `GITHUB_TOKEN`, adding or removing access as required, so that you only allow the minimum required access. For more information, see "[AUTOTITLE](/actions/security-guides/automatic-token-authentication#permissions-for-the-github_token)." For a specific job, you can use `jobs.<job_id>.permissions` to modify the default permissions granted to the `GITHUB_TOKEN`, adding or removing access as required, so that you only allow the minimum required access. For more information, see [AUTOTITLE](/actions/security-guides/automatic-token-authentication#permissions-for-the-github_token).
By specifying the permission within a job definition, you can configure a different set of permissions for the `GITHUB_TOKEN` for each job, if required. Alternatively, you can specify the permissions for all jobs in the workflow. For information on defining permissions at the workflow level, see [`permissions`](/actions/using-workflows/workflow-syntax-for-github-actions#permissions). By specifying the permission within a job definition, you can configure a different set of permissions for the `GITHUB_TOKEN` for each job, if required. Alternatively, you can specify the permissions for all jobs in the workflow. For information on defining permissions at the workflow level, see [`permissions`](/actions/using-workflows/workflow-syntax-for-github-actions#permissions).

2
data/reusables/actions/jobs/section-assigning-permissions-to-jobs.md
View File

@@ -1,4 +1,4 @@
You can use `permissions` to modify the default permissions granted to the `GITHUB_TOKEN`, adding or removing access as required, so that you only allow the minimum required access. For more information, see "[AUTOTITLE](/actions/security-guides/automatic-token-authentication#permissions-for-the-github_token)." You can use `permissions` to modify the default permissions granted to the `GITHUB_TOKEN`, adding or removing access as required, so that you only allow the minimum required access. For more information, see [AUTOTITLE](/actions/security-guides/automatic-token-authentication#permissions-for-the-github_token).
You can use `permissions` either as a top-level key, to apply to all jobs in the workflow, or within specific jobs. When you add the `permissions` key within a specific job, all actions and run commands within that job that use the `GITHUB_TOKEN` gain the access rights you specify. For more information, see [`jobs.<job_id>.permissions`](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idpermissions). You can use `permissions` either as a top-level key, to apply to all jobs in the workflow, or within specific jobs. When you add the `permissions` key within a specific job, all actions and run commands within that job that use the `GITHUB_TOKEN` gain the access rights you specify. For more information, see [`jobs.<job_id>.permissions`](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idpermissions).

2
data/reusables/actions/jobs/section-defining-outputs-for-jobs.md
View File

@@ -6,7 +6,7 @@ Job outputs containing expressions are evaluated on the runner at the end of eac
If an output is skipped because it may contain a secret, you will see the following warning message: "Skip output `{output.Key}` since it may contain secret." For more information on how to handle secrets, please refer to the [Example: Masking and passing a secret between jobs or workflows](/actions/writing-workflows/choosing-what-your-workflow-does/workflow-commands-for-github-actions#example-masking-and-passing-a-secret-between-jobs-or-workflows). If an output is skipped because it may contain a secret, you will see the following warning message: "Skip output `{output.Key}` since it may contain secret." For more information on how to handle secrets, please refer to the [Example: Masking and passing a secret between jobs or workflows](/actions/writing-workflows/choosing-what-your-workflow-does/workflow-commands-for-github-actions#example-masking-and-passing-a-secret-between-jobs-or-workflows).
To use job outputs in a dependent job, you can use the `needs` context. For more information, see "[AUTOTITLE](/actions/learn-github-actions/contexts#needs-context)." To use job outputs in a dependent job, you can use the `needs` context. For more information, see [AUTOTITLE](/actions/learn-github-actions/contexts#needs-context).
### Example: Defining outputs for a job ### Example: Defining outputs for a job

2
data/reusables/actions/jobs/section-running-jobs-in-a-container-options.md
View File

@@ -1,4 +1,4 @@
Use `jobs.<job_id>.container.options` to configure additional Docker container resource options. For a list of options, see "[`docker create` options](https://docs.docker.com/engine/reference/commandline/create/#options)." Use `jobs.<job_id>.container.options` to configure additional Docker container resource options. For a list of options, see [`docker create` options](https://docs.docker.com/engine/reference/commandline/create/#options).
> [!WARNING] > [!WARNING]
> The `--network` and `--entrypoint` options are not supported. > The `--network` and `--entrypoint` options are not supported.

2
data/reusables/actions/jobs/section-using-concurrency-jobs.md
View File

@@ -1,4 +1,4 @@
You can use `jobs.<job_id>.concurrency` to ensure that only a single job or workflow using the same concurrency group will run at a time. A concurrency group can be any string or expression. Allowed expression contexts: [`github`](/actions/learn-github-actions/contexts#github-context), [`inputs`](/actions/learn-github-actions/contexts#inputs-context), [`vars`](/actions/learn-github-actions/contexts#vars-context), [`needs`](/actions/learn-github-actions/contexts#needs-context), [`strategy`](/actions/learn-github-actions/contexts#strategy-context), and [`matrix`](/actions/learn-github-actions/contexts#matrix-context). For more information about expressions, see "[AUTOTITLE](/actions/learn-github-actions/expressions)." You can use `jobs.<job_id>.concurrency` to ensure that only a single job or workflow using the same concurrency group will run at a time. A concurrency group can be any string or expression. Allowed expression contexts: [`github`](/actions/learn-github-actions/contexts#github-context), [`inputs`](/actions/learn-github-actions/contexts#inputs-context), [`vars`](/actions/learn-github-actions/contexts#vars-context), [`needs`](/actions/learn-github-actions/contexts#needs-context), [`strategy`](/actions/learn-github-actions/contexts#strategy-context), and [`matrix`](/actions/learn-github-actions/contexts#matrix-context). For more information about expressions, see [AUTOTITLE](/actions/learn-github-actions/expressions).
You can also specify `concurrency` at the workflow level. For more information, see [`concurrency`](/actions/using-workflows/workflow-syntax-for-github-actions#concurrency). You can also specify `concurrency` at the workflow level. For more information, see [`concurrency`](/actions/using-workflows/workflow-syntax-for-github-actions#concurrency).

2
data/reusables/actions/jobs/section-using-concurrency.md
View File

@@ -1,4 +1,4 @@
Use `concurrency` to ensure that only a single job or workflow using the same concurrency group will run at a time. A concurrency group can be any string or expression. The expression can only use [`github`](/actions/learn-github-actions/contexts#github-context), [`inputs`](/actions/learn-github-actions/contexts#inputs-context) and [`vars`](/actions/learn-github-actions/contexts#vars-context) contexts. For more information about expressions, see "[AUTOTITLE](/actions/learn-github-actions/expressions)." Use `concurrency` to ensure that only a single job or workflow using the same concurrency group will run at a time. A concurrency group can be any string or expression. The expression can only use [`github`](/actions/learn-github-actions/contexts#github-context), [`inputs`](/actions/learn-github-actions/contexts#inputs-context) and [`vars`](/actions/learn-github-actions/contexts#vars-context) contexts. For more information about expressions, see [AUTOTITLE](/actions/learn-github-actions/expressions).
You can also specify `concurrency` at the job level. For more information, see [`jobs.<job_id>.concurrency`](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idconcurrency). You can also specify `concurrency` at the job level. For more information, see [`jobs.<job_id>.concurrency`](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idconcurrency).

2
data/reusables/actions/jobs/section-using-conditions-to-control-job-execution.md
View File

@@ -3,7 +3,7 @@ You can use the `jobs.<job_id>.if` conditional to prevent a job from running unl
> [!NOTE] > [!NOTE]
> The `jobs.<job_id>.if` condition is evaluated before [`jobs.<job_id>.strategy.matrix`](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstrategymatrix) is applied. > The `jobs.<job_id>.if` condition is evaluated before [`jobs.<job_id>.strategy.matrix`](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstrategymatrix) is applied.
{% data reusables.actions.expression-syntax-if %} For more information, see "[AUTOTITLE](/actions/learn-github-actions/expressions)." {% data reusables.actions.expression-syntax-if %} For more information, see [AUTOTITLE](/actions/learn-github-actions/expressions).
### Example: Only run job for specific repository ### Example: Only run job for specific repository

8
data/reusables/actions/jobs/section-using-environments-for-jobs.md
View File

@@ -1,9 +1,9 @@
Use `jobs.<job_id>.environment` to define the environment that the job references. Use `jobs.<job_id>.environment` to define the environment that the job references.
You can provide the environment as only the environment `name`, or as an environment object with the `name` and `url`. The URL maps to `environment_url` in the deployments API. For more information about the deployments API, see "[AUTOTITLE](/rest/repos#deployments)." You can provide the environment as only the environment `name`, or as an environment object with the `name` and `url`. The URL maps to `environment_url` in the deployments API. For more information about the deployments API, see [AUTOTITLE](/rest/repos#deployments).
> [!NOTE] > [!NOTE]
> All deployment protection rules must pass before a job referencing the environment is sent to a runner. For more information, see "[AUTOTITLE](/actions/deployment/targeting-different-environments/managing-environments-for-deployment)." > All deployment protection rules must pass before a job referencing the environment is sent to a runner. For more information, see [AUTOTITLE](/actions/deployment/targeting-different-environments/managing-environments-for-deployment).
### Example: Using a single environment name ### Example: Using a single environment name
@@ -23,7 +23,7 @@ environment:
url: https://github.com url: https://github.com
``` ```
The value of `url` can be an expression. Allowed expression contexts: [`github`](/actions/learn-github-actions/contexts#github-context), [`inputs`](/actions/learn-github-actions/contexts#inputs-context), [`vars`](/actions/learn-github-actions/contexts#vars-context), [`needs`](/actions/learn-github-actions/contexts#needs-context), [`strategy`](/actions/learn-github-actions/contexts#strategy-context), [`matrix`](/actions/learn-github-actions/contexts#matrix-context), [`job`](/actions/learn-github-actions/contexts#job-context), [`runner`](/actions/learn-github-actions/contexts#runner-context), [`env`](/actions/learn-github-actions/contexts#env-context), and [`steps`](/actions/learn-github-actions/contexts#steps-context). For more information about expressions, see "[AUTOTITLE](/actions/learn-github-actions/expressions)." The value of `url` can be an expression. Allowed expression contexts: [`github`](/actions/learn-github-actions/contexts#github-context), [`inputs`](/actions/learn-github-actions/contexts#inputs-context), [`vars`](/actions/learn-github-actions/contexts#vars-context), [`needs`](/actions/learn-github-actions/contexts#needs-context), [`strategy`](/actions/learn-github-actions/contexts#strategy-context), [`matrix`](/actions/learn-github-actions/contexts#matrix-context), [`job`](/actions/learn-github-actions/contexts#job-context), [`runner`](/actions/learn-github-actions/contexts#runner-context), [`env`](/actions/learn-github-actions/contexts#env-context), and [`steps`](/actions/learn-github-actions/contexts#steps-context). For more information about expressions, see [AUTOTITLE](/actions/learn-github-actions/expressions).
### Example: Using output as URL ### Example: Using output as URL
@@ -37,7 +37,7 @@ environment:
{% endraw %} {% endraw %}
The value of `name` can be an expression. Allowed expression contexts: [`github`](/actions/learn-github-actions/contexts#github-context), [`inputs`](/actions/learn-github-actions/contexts#inputs-context), [`vars`](/actions/learn-github-actions/contexts#vars-context), [`needs`](/actions/learn-github-actions/contexts#needs-context), [`strategy`](/actions/learn-github-actions/contexts#strategy-context), and [`matrix`](/actions/learn-github-actions/contexts#matrix-context). For more information about expressions, see "[AUTOTITLE](/actions/learn-github-actions/expressions)." The value of `name` can be an expression. Allowed expression contexts: [`github`](/actions/learn-github-actions/contexts#github-context), [`inputs`](/actions/learn-github-actions/contexts#inputs-context), [`vars`](/actions/learn-github-actions/contexts#vars-context), [`needs`](/actions/learn-github-actions/contexts#needs-context), [`strategy`](/actions/learn-github-actions/contexts#strategy-context), and [`matrix`](/actions/learn-github-actions/contexts#matrix-context). For more information about expressions, see [AUTOTITLE](/actions/learn-github-actions/expressions).
### Example: Using an expression as environment name ### Example: Using an expression as environment name

2
data/reusables/actions/jobs/section-using-jobs-in-a-workflow-needs.md
View File

@@ -31,4 +31,4 @@ jobs:
needs: [job1, job2] needs: [job1, job2]
``` ```
In this example, `job3` uses the `always()` conditional expression so that it always runs after `job1` and `job2` have completed, regardless of whether they were successful. For more information, see "[AUTOTITLE](/actions/learn-github-actions/expressions#status-check-functions)." In this example, `job3` uses the `always()` conditional expression so that it always runs after `job1` and `job2` have completed, regardless of whether they were successful. For more information, see [AUTOTITLE](/actions/learn-github-actions/expressions#status-check-functions).

4
data/reusables/actions/jobs/section-using-jobs-in-a-workflow.md
View File

@@ -2,6 +2,6 @@ A workflow run is made up of one or more `jobs`, which run in parallel by defaul
Each job runs in a runner environment specified by `runs-on`. Each job runs in a runner environment specified by `runs-on`.
You can run an unlimited number of jobs as long as you are within the workflow usage limits. For more information, see "[AUTOTITLE](/actions/learn-github-actions/usage-limits-billing-and-administration)" for {% data variables.product.prodname_dotcom %}-hosted runners and "[AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners/about-self-hosted-runners#usage-limits)" for self-hosted runner usage limits. You can run an unlimited number of jobs as long as you are within the workflow usage limits. For more information, see [AUTOTITLE](/actions/learn-github-actions/usage-limits-billing-and-administration) for {% data variables.product.prodname_dotcom %}-hosted runners and [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners/about-self-hosted-runners#usage-limits) for self-hosted runner usage limits.
If you need to find the unique identifier of a job running in a workflow run, you can use the {% ifversion fpt or ghec %}{% data variables.product.prodname_dotcom %}{% else %}{% data variables.product.product_name %}{% endif %} API. For more information, see "[AUTOTITLE](/rest/actions#workflow-jobs)." If you need to find the unique identifier of a job running in a workflow run, you can use the {% ifversion fpt or ghec %}{% data variables.product.prodname_dotcom %}{% else %}{% data variables.product.product_name %}{% endif %} API. For more information, see [AUTOTITLE](/rest/actions#workflow-jobs).

2
data/reusables/actions/jobs/using-matrix-strategy.md
View File

@@ -22,4 +22,4 @@ By default, {% data variables.product.product_name %} will maximize the number o
A matrix will generate a maximum of 256 jobs per workflow run. This limit applies to both {% data variables.product.product_name %}-hosted and self-hosted runners. A matrix will generate a maximum of 256 jobs per workflow run. This limit applies to both {% data variables.product.product_name %}-hosted and self-hosted runners.
The variables that you define become properties in the `matrix` context, and you can reference the property in other areas of your workflow file. In this example, you can use `matrix.version` and `matrix.os` to access the current value of `version` and `os` that the job is using. For more information, see "[AUTOTITLE](/actions/learn-github-actions/contexts)." The variables that you define become properties in the `matrix` context, and you can reference the property in other areas of your workflow file. In this example, you can use `matrix.version` and `matrix.os` to access the current value of `version` and `os` that the job is using. For more information, see [AUTOTITLE](/actions/learn-github-actions/contexts).

2
data/reusables/actions/larger-runner-name-note.md
View File

@@ -1,2 +1,2 @@
> [!NOTE] > [!NOTE]
> The names of {% data variables.actions.hosted_runners %} can dictate their functionality. For example, to use a {% data variables.actions.hosted_runner %} for {% data variables.product.prodname_code_scanning %} default setup, the runner must be named `code-scanning`. For more information on {% data variables.product.prodname_code_scanning %} with {% data variables.actions.hosted_runners %}, see "[AUTOTITLE](/code-security/code-scanning/managing-your-code-scanning-configuration/configuring-larger-runners-for-default-setup)." > The names of {% data variables.actions.hosted_runners %} can dictate their functionality. For example, to use a {% data variables.actions.hosted_runner %} for {% data variables.product.prodname_code_scanning %} default setup, the runner must be named `code-scanning`. For more information on {% data variables.product.prodname_code_scanning %} with {% data variables.actions.hosted_runners %}, see [AUTOTITLE](/code-security/code-scanning/managing-your-code-scanning-configuration/configuring-larger-runners-for-default-setup).

8
data/reusables/actions/larger-runners-troubleshooting-linux-windows.md
View File

@@ -1,8 +1,8 @@
If you notice the jobs that target your {% data variables.actions.hosted_runner %}s are delayed or not running, there are several factors that may be causing this. If you notice the jobs that target your {% data variables.actions.hosted_runner %}s are delayed or not running, there are several factors that may be causing this.
* **Concurrency settings:** You may have reached your maximum concurrency limit. If you would like to enable more jobs to run in parallel, you can update your autoscaling settings to a larger number. For more information, see "[AUTOTITLE](/actions/using-github-hosted-runners/managing-larger-runners#configuring-autoscaling-for-larger-runners)." * **Concurrency settings:** You may have reached your maximum concurrency limit. If you would like to enable more jobs to run in parallel, you can update your autoscaling settings to a larger number. For more information, see [AUTOTITLE](/actions/using-github-hosted-runners/managing-larger-runners#configuring-autoscaling-for-larger-runners).
* **Repository permissions:** Ensure you have the appropriate repository permissions enabled for your {% data variables.actions.hosted_runner %}s. By default, enterprise runners are not available at the repository level and must be manually enabled by an organization administrator. For more information, see "[AUTOTITLE](/actions/using-github-hosted-runners/managing-larger-runners#allowing-repositories-to-access-larger-runners)." * **Repository permissions:** Ensure you have the appropriate repository permissions enabled for your {% data variables.actions.hosted_runner %}s. By default, enterprise runners are not available at the repository level and must be manually enabled by an organization administrator. For more information, see [AUTOTITLE](/actions/using-github-hosted-runners/managing-larger-runners#allowing-repositories-to-access-larger-runners).
* **Billing information:** You must have a valid credit card on file in order to use {% data variables.actions.hosted_runner %}s. After adding a credit card to your account, it can take up to 10 minutes to enable the use of your {% data variables.actions.hosted_runner %}s. For more information, see "[AUTOTITLE](/billing/managing-your-github-billing-settings/adding-or-editing-a-payment-method)." * **Billing information:** You must have a valid credit card on file in order to use {% data variables.actions.hosted_runner %}s. After adding a credit card to your account, it can take up to 10 minutes to enable the use of your {% data variables.actions.hosted_runner %}s. For more information, see [AUTOTITLE](/billing/managing-your-github-billing-settings/adding-or-editing-a-payment-method).
* **Spending limit:** Your {% data variables.product.prodname_actions %} spending limit must be set to a value greater than zero. For more information, see "[AUTOTITLE](/billing/managing-billing-for-github-actions/managing-your-spending-limit-for-github-actions)." * **Spending limit:** Your {% data variables.product.prodname_actions %} spending limit must be set to a value greater than zero. For more information, see [AUTOTITLE](/billing/managing-billing-for-github-actions/managing-your-spending-limit-for-github-actions).
* **Fair use policy:** {% data variables.product.company_short %} has a fair use policy that begins to throttle jobs based on several factors, such as how many jobs you are running or how many jobs are running across the entirety of {% data variables.product.prodname_actions %}. * **Fair use policy:** {% data variables.product.company_short %} has a fair use policy that begins to throttle jobs based on several factors, such as how many jobs you are running or how many jobs are running across the entirety of {% data variables.product.prodname_actions %}.
* **Job queue to assign time:** Job queue to assign time refers to the time between a job request and {% data variables.product.company_short %} assigning a VM to execute the job. Standard {% data variables.product.company_short %}-hosted runners utilizing prescribed YAML workflow labels (such as `ubuntu-latest`) are always in a "warm" state. With larger runners, a warm machine may not be ready to pick up a job on first request as the pools for these machines are smaller. As a result, {% data variables.product.company_short %} may need to create a new VM, which increases the queue to assign time. Once a runner is in use, VMs are readily for subsequent workflow runs, reducing the queue to assign time for future workflow runs over the next 24 hours. * **Job queue to assign time:** Job queue to assign time refers to the time between a job request and {% data variables.product.company_short %} assigning a VM to execute the job. Standard {% data variables.product.company_short %}-hosted runners utilizing prescribed YAML workflow labels (such as `ubuntu-latest`) are always in a "warm" state. With larger runners, a warm machine may not be ready to pick up a job on first request as the pools for these machines are smaller. As a result, {% data variables.product.company_short %} may need to create a new VM, which increases the queue to assign time. Once a runner is in use, VMs are readily for subsequent workflow runs, reducing the queue to assign time for future workflow runs over the next 24 hours.

2
data/reusables/actions/learn-more-about-yaml.md
View File

@@ -1 +1 @@
If you're new to YAML and want to learn more, see "[Learn YAML in Y minutes](https://learnxinyminutes.com/docs/yaml/)." If you're new to YAML and want to learn more, see [Learn YAML in Y minutes](https://learnxinyminutes.com/docs/yaml/).

2
data/reusables/actions/make-workflow-file.md
View File

@@ -1 +1 @@
In your repository, create a file called `.github/workflows/YOUR_WORKFLOW.yml`, replacing `YOUR_WORKFLOW` with a name of your choice. This is a workflow file. For more information about creating new files on GitHub, see "[AUTOTITLE](/repositories/working-with-files/managing-files/creating-new-files)." In your repository, create a file called `.github/workflows/YOUR_WORKFLOW.yml`, replacing `YOUR_WORKFLOW` with a name of your choice. This is a workflow file. For more information about creating new files on GitHub, see [AUTOTITLE](/repositories/working-with-files/managing-files/creating-new-files).

2
data/reusables/actions/migrating-enterprise.md
View File

@@ -1 +1 @@
If you're migrating your enterprise to {% data variables.product.prodname_actions %} from another provider, there are additional considerations. For more information, see "[AUTOTITLE](/admin/github-actions/getting-started-with-github-actions-for-your-enterprise/migrating-your-enterprise-to-github-actions)." If you're migrating your enterprise to {% data variables.product.prodname_actions %} from another provider, there are additional considerations. For more information, see [AUTOTITLE](/admin/github-actions/getting-started-with-github-actions-for-your-enterprise/migrating-your-enterprise-to-github-actions).

2
data/reusables/actions/more-resources-for-ghes.md
View File

@@ -5,4 +5,4 @@ If you plan to enable {% data variables.product.prodname_actions %} or {% data v
These adjustments should be applied to the base requirements for each user tier. We recommend monitoring all changes to your resources, as further increases may be needed. These adjustments should be applied to the base requirements for each user tier. We recommend monitoring all changes to your resources, as further increases may be needed.
For more information about these requirements, see "[AUTOTITLE](/admin/github-actions/getting-started-with-github-actions-for-your-enterprise/getting-started-with-github-actions-for-github-enterprise-server#review-hardware-considerations)." For more information about these requirements, see [AUTOTITLE](/admin/github-actions/getting-started-with-github-actions-for-your-enterprise/getting-started-with-github-actions-for-github-enterprise-server#review-hardware-considerations).

2
data/reusables/actions/oidc-deployment-protection-rules.md
View File

@@ -1,2 +1,2 @@
> [!NOTE] > [!NOTE]
> When environments are used in workflows or in OIDC policies, we recommend adding protection rules to the environment for additional security. For example, you can configure deployment rules on an environment to restrict which branches and tags can deploy to the environment or access environment secrets. For more information, see "[AUTOTITLE](/actions/deployment/targeting-different-environments/managing-environments-for-deployment#deployment-protection-rules)." > When environments are used in workflows or in OIDC policies, we recommend adding protection rules to the environment for additional security. For example, you can configure deployment rules on an environment to restrict which branches and tags can deploy to the environment or access environment secrets. For more information, see [AUTOTITLE](/actions/deployment/targeting-different-environments/managing-environments-for-deployment#deployment-protection-rules).

2
data/reusables/actions/oidc-link-to-intro.md
View File

@@ -1 +1 @@
* To learn the basic concepts of how {% data variables.product.prodname_dotcom %} uses OpenID Connect (OIDC), and its architecture and benefits, see "[AUTOTITLE](/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect)." * To learn the basic concepts of how {% data variables.product.prodname_dotcom %} uses OpenID Connect (OIDC), and its architecture and benefits, see [AUTOTITLE](/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect).

2
data/reusables/actions/oidc-on-ghecom.md
View File

@@ -1,3 +1,3 @@
{%- ifversion ghec %} {%- ifversion ghec %}
* If you're following this guide on {% data variables.enterprise.data_residency_site %}, understand that you must substitute certain values in the following documentation. See "[AUTOTITLE](/actions/security-for-github-actions/security-hardening-your-deployments/about-security-hardening-with-openid-connect#following-these-guides-on-ghecom)." * If you're following this guide on {% data variables.enterprise.data_residency_site %}, understand that you must substitute certain values in the following documentation. See [AUTOTITLE](/actions/security-for-github-actions/security-hardening-your-deployments/about-security-hardening-with-openid-connect#following-these-guides-on-ghecom).
{%- endif %} {%- endif %}

4
data/reusables/actions/oidc-permissions-token.md
View File

@@ -1,4 +1,4 @@
The job or workflow run requires a `permissions` setting with [`id-token: write`](/actions/security-guides/automatic-token-authentication#permissions-for-the-github_token) to allow {% data variables.product.prodname_dotcom %}'s OIDC provider to create a JSON Web Token for every run. You won't be able to request the OIDC JWT ID token if the `permissions` for `id-token` is not set to `write`, however this value doesn't imply granting write access to any resources, only being able to fetch and set the OIDC token for an action or step to enable authenticating with a short-lived access token. Any actual trust setting is defined using OIDC claims, for more information see "[AUTOTITLE](/actions/security-for-github-actions/security-hardening-your-deployments/about-security-hardening-with-openid-connect#configuring-the-oidc-trust-with-the-cloud)." The job or workflow run requires a `permissions` setting with [`id-token: write`](/actions/security-guides/automatic-token-authentication#permissions-for-the-github_token) to allow {% data variables.product.prodname_dotcom %}'s OIDC provider to create a JSON Web Token for every run. You won't be able to request the OIDC JWT ID token if the `permissions` for `id-token` is not set to `write`, however this value doesn't imply granting write access to any resources, only being able to fetch and set the OIDC token for an action or step to enable authenticating with a short-lived access token. Any actual trust setting is defined using OIDC claims, for more information see [AUTOTITLE](/actions/security-for-github-actions/security-hardening-your-deployments/about-security-hardening-with-openid-connect#configuring-the-oidc-trust-with-the-cloud).
The `id-token: write` setting allows the JWT to be requested from {% data variables.product.prodname_dotcom %}'s OIDC provider using one of these approaches: The `id-token: write` setting allows the JWT to be requested from {% data variables.product.prodname_dotcom %}'s OIDC provider using one of these approaches:
@@ -27,5 +27,5 @@ For reusable workflows that are owned by the same user, organization, or enterpr
For reusable workflows outside your enterprise or organization, the `permissions` setting for `id-token` should be explicitly set to `write` at the caller workflow level or in the specific job that calls the reusable workflow. For reusable workflows outside your enterprise or organization, the `permissions` setting for `id-token` should be explicitly set to `write` at the caller workflow level or in the specific job that calls the reusable workflow.
This ensures that the OIDC token generated in the reusable workflow is only allowed to be consumed in the caller workflows when intended. This ensures that the OIDC token generated in the reusable workflow is only allowed to be consumed in the caller workflows when intended.
For more information, see "[AUTOTITLE](/actions/using-workflows/reusing-workflows)." For more information, see [AUTOTITLE](/actions/using-workflows/reusing-workflows).
{% endif %} {% endif %}

2
data/reusables/actions/oidc-security-notice.md
View File

@@ -1 +1 @@
* Before proceeding, you must plan your security strategy to ensure that access tokens are only allocated in a predictable way. To control how your cloud provider issues access tokens, you **must** define at least one condition, so that untrusted repositories cant request access tokens for your cloud resources. For more information, see "[AUTOTITLE](/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect#configuring-the-oidc-trust-with-the-cloud)." * Before proceeding, you must plan your security strategy to ensure that access tokens are only allocated in a predictable way. To control how your cloud provider issues access tokens, you **must** define at least one condition, so that untrusted repositories cant request access tokens for your cloud resources. For more information, see [AUTOTITLE](/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect#configuring-the-oidc-trust-with-the-cloud).

14
data/reusables/actions/onboarding-next-steps.md
View File

@@ -1,9 +1,9 @@
{% data variables.product.prodname_actions %} can help you automate nearly every aspect of your application development processes. Ready to get started? Here are some helpful resources for taking your next steps with {% data variables.product.prodname_actions %}: {% data variables.product.prodname_actions %} can help you automate nearly every aspect of your application development processes. Ready to get started? Here are some helpful resources for taking your next steps with {% data variables.product.prodname_actions %}:
* To create a {% data variables.product.prodname_actions %} workflow, see "[AUTOTITLE](/actions/learn-github-actions/using-starter-workflows)." * To create a {% data variables.product.prodname_actions %} workflow, see [AUTOTITLE](/actions/learn-github-actions/using-starter-workflows).
* For continuous integration (CI) workflows, see "[AUTOTITLE](/actions/automating-builds-and-tests)." * For continuous integration (CI) workflows, see [AUTOTITLE](/actions/automating-builds-and-tests).
* For building and publishing packages, see "[AUTOTITLE](/actions/publishing-packages)." * For building and publishing packages, see [AUTOTITLE](/actions/publishing-packages).
* For deploying projects, see "[AUTOTITLE](/actions/deployment)." * For deploying projects, see [AUTOTITLE](/actions/deployment).
* For automating tasks and processes on {% data variables.product.prodname_dotcom %}, see "[AUTOTITLE](/actions/managing-issues-and-pull-requests)." * For automating tasks and processes on {% data variables.product.prodname_dotcom %}, see [AUTOTITLE](/actions/managing-issues-and-pull-requests).
* For examples that demonstrate more complex features of {% data variables.product.prodname_actions %}, see "[AUTOTITLE](/actions/examples)." These detailed examples explain how to test your code on a runner, access the {% data variables.product.prodname_dotcom %} CLI, and use advanced features such as concurrency and test matrices.{% ifversion github-certification %} * For examples that demonstrate more complex features of {% data variables.product.prodname_actions %}, see [AUTOTITLE](/actions/examples). These detailed examples explain how to test your code on a runner, access the {% data variables.product.prodname_dotcom %} CLI, and use advanced features such as concurrency and test matrices.{% ifversion github-certification %}
* To certify your proficiency in automating workflows and accelerating development with {% data variables.product.prodname_actions %}, earn a {% data variables.product.prodname_actions %} certificate with {% data variables.product.prodname_certifications %}. For more information, see "[AUTOTITLE](/get-started/showcase-your-expertise-with-github-certifications/about-github-certifications)."{% endif %} * To certify your proficiency in automating workflows and accelerating development with {% data variables.product.prodname_actions %}, earn a {% data variables.product.prodname_actions %} certificate with {% data variables.product.prodname_certifications %}. For more information, see [AUTOTITLE](/get-started/showcase-your-expertise-with-github-certifications/about-github-certifications).{% endif %}

2
data/reusables/actions/org-access-to-github-hosted-runners.md
View File

@@ -1 +1 @@
1. To allow organizations to access your {% data variables.actions.hosted_runner %}, specify which organizations can use the runner group the runner is assigned to. For more information, see "[AUTOTITLE](/actions/using-github-hosted-runners/about-larger-runners/controlling-access-to-larger-runners#changing-which-organizations-can-access-a-runner-group)." 1. To allow organizations to access your {% data variables.actions.hosted_runner %}, specify which organizations can use the runner group the runner is assigned to. For more information, see [AUTOTITLE](/actions/using-github-hosted-runners/about-larger-runners/controlling-access-to-larger-runners#changing-which-organizations-can-access-a-runner-group).

2
data/reusables/actions/org-to-enterprise-actions-permissions.md
View File

@@ -1 +1 @@
If the organization has write permissions for {% data variables.product.prodname_actions %}, you must manually set write permissions for the enterprise. For more information, see "[AUTOTITLE](/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#managing-github-actions-permissions-for-your-repository)." For more information about managing organization-level permissions for {% data variables.product.prodname_actions %}, see "[AUTOTITLE](/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization#managing-github-actions-permissions-for-your-organization)." If the organization has write permissions for {% data variables.product.prodname_actions %}, you must manually set write permissions for the enterprise. For more information, see [AUTOTITLE](/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#managing-github-actions-permissions-for-your-repository). For more information about managing organization-level permissions for {% data variables.product.prodname_actions %}, see [AUTOTITLE](/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization#managing-github-actions-permissions-for-your-organization).

6
data/reusables/actions/partial-reruns-with-reusable.md
View File

@@ -1,6 +1,6 @@
Reusable workflows from public repositories can be referenced using a SHA, a release tag, or a branch name. For more information, see "[AUTOTITLE](/actions/using-workflows/reusing-workflows#calling-a-reusable-workflow)." Reusable workflows from public repositories can be referenced using a SHA, a release tag, or a branch name. For more information, see [AUTOTITLE](/actions/using-workflows/reusing-workflows#calling-a-reusable-workflow).
When you re-run a workflow that uses a reusable workflow and the reference is not a SHA, there are some behaviors to be aware of: When you re-run a workflow that uses a reusable workflow and the reference is not a SHA, there are some behaviors to be aware of:
* Re-running all jobs in a workflow will use the reusable workflow from the specified reference. For more information about re-running all jobs in a workflow, see "[AUTOTITLE](/actions/managing-workflow-runs/re-running-workflows-and-jobs#re-running-all-the-jobs-in-a-workflow)." * Re-running all jobs in a workflow will use the reusable workflow from the specified reference. For more information about re-running all jobs in a workflow, see [AUTOTITLE](/actions/managing-workflow-runs/re-running-workflows-and-jobs#re-running-all-the-jobs-in-a-workflow).
* Re-running failed jobs or a specific job in a workflow will use the reusable workflow from the same commit SHA of the first attempt. For more information about re-running failed jobs in a workflow, see "[AUTOTITLE](/actions/managing-workflow-runs/re-running-workflows-and-jobs#re-running-failed-jobs-in-a-workflow)." For more information about re-running a specific job in a workflow, see "[AUTOTITLE](/actions/managing-workflow-runs/re-running-workflows-and-jobs#re-running-a-specific-job-in-a-workflow)." * Re-running failed jobs or a specific job in a workflow will use the reusable workflow from the same commit SHA of the first attempt. For more information about re-running failed jobs in a workflow, see [AUTOTITLE](/actions/managing-workflow-runs/re-running-workflows-and-jobs#re-running-failed-jobs-in-a-workflow). For more information about re-running a specific job in a workflow, see [AUTOTITLE](/actions/managing-workflow-runs/re-running-workflows-and-jobs#re-running-a-specific-job-in-a-workflow).

2
data/reusables/actions/permissions-statement-secrets-and-variables-organization.md
View File

@@ -1,3 +1,3 @@
Organization owners{% ifversion custom-org-roles %} and users with the "Manage organization Actions variables" or "Manage organization Actions secrets" permissions{% endif %} can create secrets or variables at the organization level.{% ifversion custom-org-roles %} Organization owners{% ifversion custom-org-roles %} and users with the "Manage organization Actions variables" or "Manage organization Actions secrets" permissions{% endif %} can create secrets or variables at the organization level.{% ifversion custom-org-roles %}
For more information, see "[AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/about-custom-organization-roles)."{% endif %} For more information, see [AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/about-custom-organization-roles).{% endif %}

2
data/reusables/actions/permissions-statement-secrets-environment.md
View File

@@ -1 +1 @@
To create secrets or variables for an environment in a personal account repository, you must be the repository owner. To create secrets or variables for an environment in an organization repository, you must have `admin` access. For more information on environments, see "[AUTOTITLE](/actions/deployment/targeting-different-environments/managing-environments-for-deployment)." To create secrets or variables for an environment in a personal account repository, you must be the repository owner. To create secrets or variables for an environment in an organization repository, you must have `admin` access. For more information on environments, see [AUTOTITLE](/actions/deployment/targeting-different-environments/managing-environments-for-deployment).

2
data/reusables/actions/postgres-environment-variables.md
View File

@@ -1 +1 @@
The _client.js_ script looks for the `POSTGRES_HOST` and `POSTGRES_PORT` environment variables to create the client. The workflow sets those two environment variables as part of the "Connect to PostgreSQL" step to make them available to the _client.js_ script. For more information about the script, see "[Testing the PostgreSQL service container](#testing-the-postgresql-service-container)." The _client.js_ script looks for the `POSTGRES_HOST` and `POSTGRES_PORT` environment variables to create the client. The workflow sets those two environment variables as part of the "Connect to PostgreSQL" step to make them available to the _client.js_ script. For more information about the script, see [Testing the PostgreSQL service container](#testing-the-postgresql-service-container).

2
data/reusables/actions/pull-request-target-permissions-warning.md
View File

@@ -1,2 +1,2 @@
> [!WARNING] > [!WARNING]
> For workflows that are triggered by the `pull_request_target` event, the `GITHUB_TOKEN` is granted read/write repository permission unless the `permissions` key is specified and the workflow can access secrets, even when it is triggered from a fork. Although the workflow runs in the context of the base of the pull request, you should make sure that you do not check out, build, or run untrusted code from the pull request with this event. Additionally, any caches share the same scope as the base branch. To help prevent cache poisoning, you should not save the cache if there is a possibility that the cache contents were altered. For more information, see "[Keeping your GitHub Actions and workflows secure: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests)" on the GitHub Security Lab website. > For workflows that are triggered by the `pull_request_target` event, the `GITHUB_TOKEN` is granted read/write repository permission unless the `permissions` key is specified and the workflow can access secrets, even when it is triggered from a fork. Although the workflow runs in the context of the base of the pull request, you should make sure that you do not check out, build, or run untrusted code from the pull request with this event. Additionally, any caches share the same scope as the base branch. To help prevent cache poisoning, you should not save the cache if there is a possibility that the cache contents were altered. For more information, see [Keeping your GitHub Actions and workflows secure: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests) on the GitHub Security Lab website.

2
data/reusables/actions/redis-environment-variables.md
View File

@@ -1 +1 @@
The _client.js_ script looks for the `REDIS_HOST` and `REDIS_PORT` environment variables to create the client. The workflow sets those two environment variables as part of the "Connect to Redis" step to make them available to the _client.js_ script. For more information about the script, see "[Testing the Redis service container](#testing-the-redis-service-container)." The _client.js_ script looks for the `REDIS_HOST` and `REDIS_PORT` environment variables to create the client. The workflow sets those two environment variables as part of the "Connect to Redis" step to make them available to the _client.js_ script. For more information about the script, see [Testing the Redis service container](#testing-the-redis-service-container).

2
data/reusables/actions/reusable-keyword.md
View File

@@ -1 +1 @@
This keyword can reference several contexts. For more information, see "[Contexts](/actions/learn-github-actions/contexts#context-availability)." This keyword can reference several contexts. For more information, see [Contexts](/actions/learn-github-actions/contexts#context-availability).

2
data/reusables/actions/reusable-workflow-calling-syntax.md
View File

@@ -1,6 +1,6 @@
* `{owner}/{repo}/.github/workflows/{filename}@{ref}` for reusable workflows in {% ifversion fpt %}public and private{% elsif ghec or ghes %}public, internal and private{% else %}public and internal{% endif %} repositories. * `{owner}/{repo}/.github/workflows/{filename}@{ref}` for reusable workflows in {% ifversion fpt %}public and private{% elsif ghec or ghes %}public, internal and private{% else %}public and internal{% endif %} repositories.
* `./.github/workflows/{filename}` for reusable workflows in the same repository. * `./.github/workflows/{filename}` for reusable workflows in the same repository.
In the first option, `{ref}` can be a SHA, a release tag, or a branch name. If a release tag and a branch have the same name, the release tag takes precedence over the branch name. Using the commit SHA is the safest option for stability and security. For more information, see "[AUTOTITLE](/actions/security-guides/security-hardening-for-github-actions#reusing-third-party-workflows)." In the first option, `{ref}` can be a SHA, a release tag, or a branch name. If a release tag and a branch have the same name, the release tag takes precedence over the branch name. Using the commit SHA is the safest option for stability and security. For more information, see [AUTOTITLE](/actions/security-guides/security-hardening-for-github-actions#reusing-third-party-workflows).
If you use the second syntax option (without `{owner}/{repo}` and `@{ref}`) the called workflow is from the same commit as the caller workflow. Ref prefixes such as `refs/heads` and `refs/tags` are not allowed. You cannot use contexts or expressions in this keyword. If you use the second syntax option (without `{owner}/{repo}` and `@{ref}`) the called workflow is from the same commit as the caller workflow. Ref prefixes such as `refs/heads` and `refs/tags` are not allowed. You cannot use contexts or expressions in this keyword.

Some files were not shown because too many files have changed in this diff Show More