resolve conflicts from main branch
This commit is contained in:
Rachael Sewell
5
data/features/feed.yml
Normal file
5
data/features/feed.yml
Normal file
@@ -0,0 +1,5 @@
|
||||
# Issues 11279
|
||||
# Docs for the new feed
|
||||
versions:
|
||||
fpt: '*'
|
||||
ghec: '*'
|
||||
@@ -9672,6 +9672,11 @@ type Discussion implements Closable & Comment & Deletable & Labelable & Lockable
|
||||
"""
|
||||
includesCreatedEdit: Boolean!
|
||||
|
||||
"""
|
||||
Only return answered/unanswered discussions
|
||||
"""
|
||||
isAnswered: Boolean
|
||||
|
||||
"""
|
||||
A list of labels associated with the object.
|
||||
"""
|
||||
@@ -34884,6 +34889,11 @@ type Repository implements Node & ProjectOwner & RepositoryInfo & Starrable & Su
|
||||
"""
|
||||
after: String
|
||||
|
||||
"""
|
||||
Only show answered or unanswered discussions
|
||||
"""
|
||||
answered: Boolean = null
|
||||
|
||||
"""
|
||||
Returns the elements in the list that come before the specified cursor.
|
||||
"""
|
||||
|
||||
@@ -10856,6 +10856,11 @@ type Discussion implements Closable & Comment & Deletable & Labelable & Lockable
|
||||
"""
|
||||
includesCreatedEdit: Boolean!
|
||||
|
||||
"""
|
||||
Only return answered/unanswered discussions
|
||||
"""
|
||||
isAnswered: Boolean
|
||||
|
||||
"""
|
||||
A list of labels associated with the object.
|
||||
"""
|
||||
@@ -42315,6 +42320,11 @@ type Repository implements Node & PackageOwner & ProjectOwner & ProjectV2Recent
|
||||
"""
|
||||
after: String
|
||||
|
||||
"""
|
||||
Only show answered or unanswered discussions
|
||||
"""
|
||||
answered: Boolean = null
|
||||
|
||||
"""
|
||||
Returns the elements in the list that come before the specified cursor.
|
||||
"""
|
||||
|
||||
@@ -10856,6 +10856,11 @@ type Discussion implements Closable & Comment & Deletable & Labelable & Lockable
|
||||
"""
|
||||
includesCreatedEdit: Boolean!
|
||||
|
||||
"""
|
||||
Only return answered/unanswered discussions
|
||||
"""
|
||||
isAnswered: Boolean
|
||||
|
||||
"""
|
||||
A list of labels associated with the object.
|
||||
"""
|
||||
@@ -42315,6 +42320,11 @@ type Repository implements Node & PackageOwner & ProjectOwner & ProjectV2Recent
|
||||
"""
|
||||
after: String
|
||||
|
||||
"""
|
||||
Only show answered or unanswered discussions
|
||||
"""
|
||||
answered: Boolean = null
|
||||
|
||||
"""
|
||||
Returns the elements in the list that come before the specified cursor.
|
||||
"""
|
||||
|
||||
@@ -9,6 +9,9 @@ sections:
|
||||
security_fixes:
|
||||
- HTTP Strict Transport Security (HSTS) is enabled within the Management Console.
|
||||
- Packages have been updated to the latest security versions.
|
||||
- |
|
||||
**LOW:** An incorrect comparison vulnerability was identified in GitHub Enterprise Server that allowed commit smuggling by displaying an incorrect diff in a reopened pull request. To exploit this vulnerability, an attacker would need write access to the repository. This vulnerability was reported via the [GitHub Bug Bounty program](https://bounty.github.com/) and was assigned [CVE-2023-23766](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23766). [Updated: 2023-09-22]
|
||||
|
||||
bugs:
|
||||
- On an instance with GitHub Actions enabled, scale sets configured at the enterprise level did not appear for use within the instance's organizations or repositories.
|
||||
- On an instance with a GitHub Advanced Security license and secret scanning enabled, secret scanning alerts could fail to show an error message in the UI when a failure occurred closing or reopening the alert.
|
||||
|
||||
@@ -6,7 +6,7 @@ sections:
|
||||
- |
|
||||
Packages have been updated to the latest security versions.
|
||||
- |
|
||||
An incorrect comparison vulnerability was identified in GitHub Enterprise Server that allowed commit smuggling by displaying an incorrect diff in a re-opened Pull Request. To exploit this vulnerability, an attacker would need write access to the repository. This vulnerability was reported via the [GitHub Bug Bounty Program](https://bounty.github.com/) and was assigned [CVE-2023-23765](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23765).
|
||||
**LOW:** An incorrect comparison vulnerability was identified in GitHub Enterprise Server that allowed commit smuggling by displaying an incorrect diff in a re-opened Pull Request. To exploit this vulnerability, an attacker would need write access to the repository. This vulnerability was reported via the [GitHub Bug Bounty Program](https://bounty.github.com/) and was assigned [CVE-2023-23765](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23765).
|
||||
|
||||
bugs:
|
||||
- |
|
||||
|
||||
@@ -2,7 +2,7 @@ date: '2023-08-10'
|
||||
sections:
|
||||
security_fixes:
|
||||
- |
|
||||
**LOW:** An attacker could circumvent branch protection by changing a PR base branch to an invalid ref name. This vulnerability was reported via the [GitHub Bug Bounty program](https://bounty.github.com/).
|
||||
**LOW:** An incorrect comparison vulnerability was identified in GitHub Enterprise Server that allowed commit smuggling by displaying an incorrect diff in a reopened pull request. To exploit this vulnerability, an attacker would need write access to the repository. This vulnerability was reported via the [GitHub Bug Bounty program](https://bounty.github.com/) and was assigned [CVE-2023-23766](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23766). [Updated: 2023-09-22]
|
||||
- |
|
||||
Packages have been updated to the latest security versions.
|
||||
bugs:
|
||||
|
||||
@@ -6,7 +6,7 @@ sections:
|
||||
- |
|
||||
Packages have been updated to the latest security versions.
|
||||
- |
|
||||
An incorrect comparison vulnerability was identified in GitHub Enterprise Server that allowed commit smuggling by displaying an incorrect diff in a re-opened Pull Request. To exploit this vulnerability, an attacker would need write access to the repository. This vulnerability was reported via the [GitHub Bug Bounty Program](https://bounty.github.com/) and was assigned [CVE-2023-23765](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23765).
|
||||
**LOW:** An incorrect comparison vulnerability was identified in GitHub Enterprise Server that allowed commit smuggling by displaying an incorrect diff in a re-opened Pull Request. To exploit this vulnerability, an attacker would need write access to the repository. This vulnerability was reported via the [GitHub Bug Bounty Program](https://bounty.github.com/) and was assigned [CVE-2023-23765](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23765).
|
||||
bugs:
|
||||
- |
|
||||
If MinIO was configured for external blob storage on an instance with GitHub Actions enabled and MinIO was configured for bucket replication, the instance's credential validation with MinIO would occasionally fail.
|
||||
|
||||
@@ -2,7 +2,7 @@ date: '2023-08-10'
|
||||
sections:
|
||||
security_fixes:
|
||||
- |
|
||||
**LOW:** An attacker could circumvent branch protection by changing a PR base branch to an invalid ref name. This vulnerability was reported via the [GitHub Bug Bounty program](https://bounty.github.com/).
|
||||
**LOW:** An incorrect comparison vulnerability was identified in GitHub Enterprise Server that allowed commit smuggling by displaying an incorrect diff in a reopened pull request. To exploit this vulnerability, an attacker would need write access to the repository. This vulnerability was reported via the [GitHub Bug Bounty program](https://bounty.github.com/) and was assigned [CVE-2023-23766](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23766). [Updated: 2023-09-22]
|
||||
- |
|
||||
Packages have been updated to the latest security versions.
|
||||
bugs:
|
||||
|
||||
@@ -6,7 +6,7 @@ sections:
|
||||
- |
|
||||
Packages have been updated to the latest security versions.
|
||||
- |
|
||||
An incorrect comparison vulnerability was identified in GitHub Enterprise Server that allowed commit smuggling by displaying an incorrect diff in a re-opened Pull Request. To exploit this vulnerability, an attacker would need write access to the repository. This vulnerability was reported via the [GitHub Bug Bounty Program](https://bounty.github.com/) and was assigned [CVE-2023-23765](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23765).
|
||||
**LOW:** An incorrect comparison vulnerability was identified in GitHub Enterprise Server that allowed commit smuggling by displaying an incorrect diff in a re-opened Pull Request. To exploit this vulnerability, an attacker would need write access to the repository. This vulnerability was reported via the [GitHub Bug Bounty Program](https://bounty.github.com/) and was assigned [CVE-2023-23765](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23765).
|
||||
bugs:
|
||||
- |
|
||||
If MinIO was configured for external blob storage on an instance with GitHub Actions enabled and MinIO was configured for bucket replication, the instance's credential validation with MinIO would occasionally fail.
|
||||
|
||||
@@ -2,7 +2,7 @@ date: '2023-08-10'
|
||||
sections:
|
||||
security_fixes:
|
||||
- |
|
||||
**LOW:** An attacker could circumvent branch protection by changing a PR base branch to an invalid ref name. This vulnerability was reported via the [GitHub Bug Bounty program](https://bounty.github.com/).
|
||||
**LOW:** An incorrect comparison vulnerability was identified in GitHub Enterprise Server that allowed commit smuggling by displaying an incorrect diff in a reopened pull request. To exploit this vulnerability, an attacker would need write access to the repository. This vulnerability was reported via the [GitHub Bug Bounty program](https://bounty.github.com/) and was assigned [CVE-2023-23766](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23766). [Updated: 2023-09-22]
|
||||
- |
|
||||
Packages have been updated to the latest security versions.
|
||||
bugs:
|
||||
|
||||
@@ -15,7 +15,7 @@ sections:
|
||||
- |
|
||||
Packages have been updated to the latest security versions.
|
||||
- |
|
||||
An incorrect comparison vulnerability was identified in GitHub Enterprise Server that allowed commit smuggling by displaying an incorrect diff in a re-opened Pull Request. To exploit this vulnerability, an attacker would need write access to the repository. This vulnerability was reported via the [GitHub Bug Bounty Program](https://bounty.github.com/) and was assigned [CVE-2023-23765](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23765).
|
||||
**LOW:** An incorrect comparison vulnerability was identified in GitHub Enterprise Server that allowed commit smuggling by displaying an incorrect diff in a re-opened Pull Request. To exploit this vulnerability, an attacker would need write access to the repository. This vulnerability was reported via the [GitHub Bug Bounty Program](https://bounty.github.com/) and was assigned [CVE-2023-23765](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23765).
|
||||
bugs:
|
||||
- |
|
||||
If MinIO was configured for external blob storage on an instance with GitHub Actions enabled and MinIO was configured for bucket replication, the instance's credential validation with MinIO would occasionally fail.
|
||||
|
||||
@@ -7,7 +7,7 @@ intro: |
|
||||
sections:
|
||||
security_fixes:
|
||||
- |
|
||||
**LOW:** An attacker could circumvent branch protection by changing a PR base branch to an invalid ref name. This vulnerability was reported via the [GitHub Bug Bounty program](https://bounty.github.com/).
|
||||
**LOW:** An incorrect comparison vulnerability was identified in GitHub Enterprise Server that allowed commit smuggling by displaying an incorrect diff in a reopened pull request. To exploit this vulnerability, an attacker would need write access to the repository. This vulnerability was reported via the [GitHub Bug Bounty program](https://bounty.github.com/) and was assigned [CVE-2023-23766](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23766). [Updated: 2023-09-22]
|
||||
bugs:
|
||||
- |
|
||||
API results were incomplete, and ordering of results was incorrect if `asc` or `desc` appeared in lowercase within the API query.
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
Choose a recovery verification factor.
|
||||
- If you've used your current device to log into this account before and would like to use the device for verification, click **Verify with this device**. Device verification is recorded with cookies, and won't be available if your browser deletes cookies regularly.
|
||||
- If you've previously set up an SSH key on this account and would like to use the SSH key for verification, click **SSH key**.
|
||||
- If you've previously set up a {% data variables.product.pat_generic %} and would like to use the {% data variables.product.pat_generic %} for verification, click **{% data variables.product.pat_generic_caps %}**.
|
||||
- If you've previously set up a {% data variables.product.pat_generic %} and would like to use the {% data variables.product.pat_generic %} for verification, click **{% data variables.product.pat_generic_caps %}**.
|
||||
|
||||
@@ -2,4 +2,4 @@
|
||||
|
||||
- Tips and tricks for getting started with your account
|
||||
- Customized information about engaging projects or new features
|
||||
- Newsletters that you've subscribed to
|
||||
- Newsletters that you've subscribed to
|
||||
|
||||
@@ -1 +1 @@
|
||||
A member of {% data variables.contact.github_support %} will review your request and email you within three business days. If your request is approved, you'll receive a link to complete your account recovery process. If your request is denied, the email will include a way to contact support with any additional questions.
|
||||
A member of {% data variables.contact.github_support %} will review your request and email you within three business days. If your request is approved, you'll receive a link to complete your account recovery process. If your request is denied, the email will include a way to contact support with any additional questions.
|
||||
|
||||
@@ -8,4 +8,4 @@
|
||||
|
||||
|
||||
1. To finish unlinking your email, on {% data variables.product.prodname_dotcom_the_website %}, click **Unlink**.
|
||||
1. Optionally, to create a new account and link your newly unlinked email, click **Create a new account**.
|
||||
1. Optionally, to create a new account and link your newly unlinked email, click **Create a new account**.
|
||||
|
||||
@@ -1 +1 @@
|
||||
You can deliver deployments through {% data variables.product.prodname_actions %} and environments or with the REST API and third party apps. For more information about using environments to deploy with {% data variables.product.prodname_actions %}, see "[AUTOTITLE](/actions/deployment/targeting-different-environments/using-environments-for-deployment)." For more information about deployments with the REST API, see "[AUTOTITLE](/rest/repos#deployments)."
|
||||
You can deliver deployments through {% data variables.product.prodname_actions %} and environments or with the REST API and third party apps. For more information about using environments to deploy with {% data variables.product.prodname_actions %}, see "[AUTOTITLE](/actions/deployment/targeting-different-environments/using-environments-for-deployment)." For more information about deployments with the REST API, see "[AUTOTITLE](/rest/repos#deployments)."
|
||||
|
||||
@@ -1 +1 @@
|
||||
By default, repositories in an organization do not have access to enterprise-level runner groups. To give repositories access to enterprise runner groups, organization owners must configure each enterprise runner group and choose which repositories have access.
|
||||
By default, repositories in an organization do not have access to enterprise-level runner groups. To give repositories access to enterprise runner groups, organization owners must configure each enterprise runner group and choose which repositories have access.
|
||||
|
||||
@@ -1 +1 @@
|
||||
{% data variables.actions.hosted_runner_caps %}s are only billed at the per-minute rate for the amount of time workflows are executed on them. There is no cost associated with creating a {% data variables.actions.hosted_runner %} that is not being used by a workflow.
|
||||
{% data variables.actions.hosted_runner_caps %}s are only billed at the per-minute rate for the amount of time workflows are executed on them. There is no cost associated with creating a {% data variables.actions.hosted_runner %} that is not being used by a workflow.
|
||||
|
||||
@@ -1 +1 @@
|
||||
In addition to the [standard {% data variables.product.prodname_dotcom %}-hosted runners](/actions/using-github-hosted-runners/about-github-hosted-runners#supported-runners-and-hardware-resources), {% data variables.product.prodname_dotcom %} offers customers on {% data variables.product.prodname_team %} and {% data variables.product.prodname_ghe_cloud %} plans a range of managed virtual machines with more RAM, CPU, and disk space. These runners are hosted by {% data variables.product.prodname_dotcom %} and have the runner application and other tools preinstalled.
|
||||
In addition to the [standard {% data variables.product.prodname_dotcom %}-hosted runners](/actions/using-github-hosted-runners/about-github-hosted-runners#supported-runners-and-hardware-resources), {% data variables.product.prodname_dotcom %} offers customers on {% data variables.product.prodname_team %} and {% data variables.product.prodname_ghe_cloud %} plans a range of managed virtual machines with more RAM, CPU, and disk space. These runners are hosted by {% data variables.product.prodname_dotcom %} and have the runner application and other tools preinstalled.
|
||||
|
||||
@@ -1 +1 @@
|
||||
If you don't specify a runner group during the registration process, your new runners are automatically assigned to the default group, and can then be moved to another group.
|
||||
If you don't specify a runner group during the registration process, your new runners are automatically assigned to the default group, and can then be moved to another group.
|
||||
|
||||
@@ -1 +1 @@
|
||||
By default, all repositories in an organization are granted access to organization-level runner groups. To restrict which repositories have access, organization owners must configure organization runner groups and choose which repositories have access.
|
||||
By default, all repositories in an organization are granted access to organization-level runner groups. To restrict which repositories have access, organization owners must configure organization runner groups and choose which repositories have access.
|
||||
|
||||
@@ -1 +1 @@
|
||||
In order to remove a runner group, you must first move or remove all of the runners from the group.
|
||||
In order to remove a runner group, you must first move or remove all of the runners from the group.
|
||||
|
||||
@@ -1 +1 @@
|
||||
You can configure a runner group to run either selected workflows or all workflows. For example, you might use this setting to protect secrets that are stored on runners or to standardize deployment workflows by restricting a runner group to run only a specific reusable workflow. This setting cannot be overridden if you are configuring an organization's runner group that was shared by an enterprise.
|
||||
You can configure a runner group to run either selected workflows or all workflows. For example, you might use this setting to protect secrets that are stored on runners or to standardize deployment workflows by restricting a runner group to run only a specific reusable workflow. This setting cannot be overridden if you are configuring an organization's runner group that was shared by an enterprise.
|
||||
|
||||
@@ -1 +1 @@
|
||||
If you have `repo: write` access to a repository, you can view a list of the runners available to the repository.
|
||||
If you have `repo: write` access to a repository, you can view a list of the runners available to the repository.
|
||||
|
||||
@@ -2,4 +2,4 @@
|
||||
|
||||
**Note:** Enterprise and organization owners with privileges to create runners have the option to create new runners from this page. If you are an enterprise or organization owner, click **New runner** at the top right of the list of runners to add runners to the repository. For more information, see {% ifversion actions-hosted-runners %}"[AUTOTITLE](/actions/using-github-hosted-runners/managing-larger-runners)" and {% endif %}"[AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners/adding-self-hosted-runners)."
|
||||
|
||||
{% endnote %}
|
||||
{% endnote %}
|
||||
|
||||
@@ -1 +1 @@
|
||||
{% data variables.product.prodname_dotcom %} recommends pinning actions to a commit SHA. To get a newer version, you will need to update the SHA. You can also reference a tag or branch, but the action may change without warning.
|
||||
{% data variables.product.prodname_dotcom %} recommends pinning actions to a commit SHA. To get a newer version, you will need to update the SHA. You can also reference a tag or branch, but the action may change without warning.
|
||||
|
||||
@@ -1 +1 @@
|
||||
If you are using Azure and {% data variables.product.prodname_ghe_cloud %}, you can create {% data variables.product.company_short %}-hosted runners in your Azure VNET(s). This enables you to take advantage of {% data variables.product.company_short %}-managed infrastructure for your CI/CD while providing you with full control over the networking policies of your runners. For more information about Azure VNET, see [What is Azure Virtual Network?](https://learn.microsoft.com/en-us/azure/virtual-network/virtual-networks-overview) in the Azure documentation.
|
||||
If you are using Azure and {% data variables.product.prodname_ghe_cloud %}, you can create {% data variables.product.company_short %}-hosted runners in your Azure VNET(s). This enables you to take advantage of {% data variables.product.company_short %}-managed infrastructure for your CI/CD while providing you with full control over the networking policies of your runners. For more information about Azure VNET, see [What is Azure Virtual Network?](https://learn.microsoft.com/en-us/azure/virtual-network/virtual-networks-overview) in the Azure documentation.
|
||||
|
||||
@@ -1 +1 @@
|
||||
Once a repository has reached its maximum cache storage, the cache eviction policy will create space by deleting the oldest caches in the repository.
|
||||
Once a repository has reached its maximum cache storage, the cache eviction policy will create space by deleting the oldest caches in the repository.
|
||||
|
||||
@@ -1,3 +1,3 @@
|
||||
{% data variables.product.product_name %} offers deployment starter workflows for several popular services, such as Azure Web App. To learn how to get started using a starter workflow, see "[AUTOTITLE](/actions/using-workflows/using-starter-workflows)" or [browse the full list of deployment starter workflows](https://github.com/actions/starter-workflows/tree/main/deployments). You can also check out our more detailed guides for specific deployment workflows, such as "[AUTOTITLE](/actions/deployment/deploying-to-your-cloud-provider/deploying-to-azure/deploying-nodejs-to-azure-app-service)."
|
||||
{% data variables.product.product_name %} offers deployment starter workflows for several popular services, such as Azure Web App. To learn how to get started using a starter workflow, see "[AUTOTITLE](/actions/learn-github-actions/using-starter-workflows)" or [browse the full list of deployment starter workflows](https://github.com/actions/starter-workflows/tree/main/deployments). You can also check out our more detailed guides for specific deployment workflows, such as "[AUTOTITLE](/actions/deployment/deploying-to-your-cloud-provider/deploying-to-azure/deploying-nodejs-to-azure-app-service)."
|
||||
|
||||
Many service providers also offer actions on {% data variables.product.prodname_marketplace %} for deploying to their service. For the full list, see [{% data variables.product.prodname_marketplace %}](https://github.com/marketplace?category=deployment&type=actions).
|
||||
|
||||
@@ -9,4 +9,4 @@ Always include a security admonition above this procedure. This is either one of
|
||||
1. Under "Organization access," use the dropdown menu to click **Selected organizations**.
|
||||
1. To the right of the dropdown menu, click {% octicon "gear" aria-label="The Gear icon" %}.
|
||||
1. In the popup, use the checkboxes to select organizations that can use this runner group.
|
||||
1. Click **Save group**.
|
||||
1. Click **Save group**.
|
||||
|
||||
@@ -10,4 +10,4 @@ Always include a security admonition above this procedure. This is either one of
|
||||
1. Under "Repository access," use the dropdown menu to click **Selected organizations**.
|
||||
1. To the right of the dropdown menu, click {% octicon "gear" aria-label="The Gear icon" %}.
|
||||
1. In the popup, use the checkboxes to select repositories that can access this runner group.
|
||||
1. Click **Save group**.
|
||||
1. Click **Save group**.
|
||||
|
||||
@@ -15,4 +15,4 @@ Always include a security admonition above this procedure. This is either one of
|
||||
|
||||
Organization-owned runner groups cannot access workflows from a different organization in the enterprise; instead, you must create an enterprise-owned runner group.
|
||||
|
||||
1. Click **Save**.
|
||||
1. Click **Save**.
|
||||
|
||||
@@ -1,2 +1,2 @@
|
||||
1. In the "Auto-scaling" section, under "Maximum Job Concurrency," enter the maximum number of jobs you would like to allow to run at the same time.
|
||||
1. Click **Save**.
|
||||
1. Click **Save**.
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
|
||||
**Warning**
|
||||
|
||||
{% indented_data_reference reusables.actions.self-hosted-runner-security spaces=3 %}
|
||||
{% data reusables.actions.self-hosted-runner-security %}
|
||||
|
||||
For more information, see "[AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners/about-self-hosted-runners#self-hosted-runner-security-with-public-repositories)."
|
||||
|
||||
|
||||
@@ -1 +1 @@
|
||||
1. Optionally, to copy a runner's label to use it in a workflow, click {% octicon "kebab-horizontal" aria-label="More options" %} to the right of the runner, then click **Copy label**.
|
||||
1. Optionally, to copy a runner's label to use it in a workflow, click {% octicon "kebab-horizontal" aria-label="More options" %} to the right of the runner, then click **Copy label**.
|
||||
|
||||
@@ -1 +1 @@
|
||||
Custom deployment protection rules are available in public repositories for all plans. For access to custom deployment protection rules in private or internal repositories, you must use {% data variables.product.prodname_enterprise %}. {% data reusables.gated-features.more-info %}
|
||||
Custom deployment protection rules are available in public repositories for all plans. For access to custom deployment protection rules in private or internal repositories, you must use {% data variables.product.prodname_enterprise %}. {% data reusables.gated-features.more-info %}
|
||||
|
||||
@@ -2,4 +2,4 @@
|
||||
|
||||
**Note:** Deployment history is currently in beta and subject to change.
|
||||
|
||||
{% endnote %}
|
||||
{% endnote %}
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
When you use expressions in an `if` conditional, you may omit the {% raw %}`${{ }}`{% endraw %} expression syntax because {% data variables.product.prodname_actions %} automatically evaluates the `if` conditional as an expression. However, this rule does not apply everywhere.
|
||||
|
||||
You must use the {% raw %}`${{ }}`{% endraw %} expression syntax or escape with `''`, `""`, or `()` when the expression starts with `!`, since `!` is reserved notation in YAML format.
|
||||
You must use the {% raw %}`${{ }}`{% endraw %} expression syntax or escape with `''`, `""`, or `()` when the expression starts with `!`, since `!` is reserved notation in YAML format.
|
||||
|
||||
Using the {% raw %}`${{ }}`{% endraw %} expression syntax turns the contents into a string, and strings are truthy. For example, `if: true && {% raw %}${{ false }}{% endraw %}` will evaluate to `true`.
|
||||
|
||||
@@ -1 +1 @@
|
||||
Using {% data variables.product.company_short %}-hosted larger runners with an Azure Virtual Network (VNET) is in private beta and subject to change. This feature may not be available to all users.
|
||||
Using {% data variables.product.company_short %}-hosted larger runners with an Azure Virtual Network (VNET) is in private beta and subject to change. This feature may not be available to all users.
|
||||
|
||||
@@ -29,4 +29,4 @@ You can use the following syntax to disable permissions for all of the available
|
||||
|
||||
```yaml
|
||||
permissions: {}
|
||||
```
|
||||
```
|
||||
|
||||
@@ -4,20 +4,20 @@ Available scopes and details of what each allows an action to do:
|
||||
|
||||
| Scope | Allows an action using `GITHUB_TOKEN` to |
|
||||
| --- | --- |
|
||||
| `actions` | Work with GitHub Actions. For example, `actions: write` permits an action to cancel a workflow run. For more information, see "[AUTOTITLE](/rest/overview/permissions-required-for-github-apps?apiVersion=2022-11-28#repository-permissions-for-actions)." |
|
||||
| `checks` | Work with check runs and check suites. For example, `checks: write` permits an action to create a check run. For more information, see "[AUTOTITLE](/rest/overview/permissions-required-for-github-apps?apiVersion=2022-11-28#repository-permissions-for-checks)." |
|
||||
| `contents` | Work with the contents of the repository. For example, `contents: read` permits an action to list the commits, and `contents:write` allows the action to create a release. For more information, see "[AUTOTITLE](/rest/overview/permissions-required-for-github-apps?apiVersion=2022-11-28#repository-permissions-for-contents)." |
|
||||
| `deployments` | Work with deployments. For example, `deployments: write` permits an action to create a new deployment. For more information, see "[AUTOTITLE](/rest/overview/permissions-required-for-github-apps?apiVersion=2022-11-28#repository-permissions-for-deployments)." |
|
||||
| `actions` | Work with GitHub Actions. For example, `actions: write` permits an action to cancel a workflow run. For more information, see "[AUTOTITLE](/rest/overview/permissions-required-for-github-apps?apiVersion=2022-11-28#repository-permissions-for-actions)." |
|
||||
| `checks` | Work with check runs and check suites. For example, `checks: write` permits an action to create a check run. For more information, see "[AUTOTITLE](/rest/overview/permissions-required-for-github-apps?apiVersion=2022-11-28#repository-permissions-for-checks)." |
|
||||
| `contents` | Work with the contents of the repository. For example, `contents: read` permits an action to list the commits, and `contents:write` allows the action to create a release. For more information, see "[AUTOTITLE](/rest/overview/permissions-required-for-github-apps?apiVersion=2022-11-28#repository-permissions-for-contents)." |
|
||||
| `deployments` | Work with deployments. For example, `deployments: write` permits an action to create a new deployment. For more information, see "[AUTOTITLE](/rest/overview/permissions-required-for-github-apps?apiVersion=2022-11-28#repository-permissions-for-deployments)." |
|
||||
{%- ifversion discussions %}
|
||||
| `discussions` | Work with GitHub Discussions. For example, `discussions: write` permits an action to close or delete a discussion. For more information, see "[AUTOTITLE](/graphql/guides/using-the-graphql-api-for-discussions)." |
|
||||
| `discussions` | Work with GitHub Discussions. For example, `discussions: write` permits an action to close or delete a discussion. For more information, see "[AUTOTITLE](/graphql/guides/using-the-graphql-api-for-discussions)." |
|
||||
{%- endif %}
|
||||
{%- ifversion fpt or ghec %}
|
||||
| `id-token` | Fetch an OpenID Connect (OIDC) token. This requires `id-token: write`. For more information, see "[AUTOTITLE](/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect#updating-your-actions-for-oidc)" |
|
||||
| `id-token` | Fetch an OpenID Connect (OIDC) token. This requires `id-token: write`. For more information, see "[AUTOTITLE](/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect#updating-your-actions-for-oidc)" |
|
||||
{%- endif %}
|
||||
| `issues` | Work with issues. For example, `issues: write` permits an action to add a comment to an issue. For more information, see "[AUTOTITLE](/rest/overview/permissions-required-for-github-apps?apiVersion=2022-11-28#repository-permissions-for-issues)." |
|
||||
| `packages` | Work with GitHub Packages. For example, `packages: write` permits an action to upload and publish packages on GitHub Packages. For more information, see "[AUTOTITLE](/packages/learn-github-packages/about-permissions-for-github-packages#about-scopes-and-permissions-for-package-registries)." |
|
||||
| `pages` | Work with GitHub Pages. For example, `pages: write` permits an action to request a GitHub Pages build. For more information, see "[AUTOTITLE](/rest/overview/permissions-required-for-github-apps?apiVersion=2022-11-28#repository-permissions-for-pages)." |
|
||||
| `pull-requests` | Work with pull requests. For example, `pull-requests: write` permits an action to add a label to a pull request. For more information, see "[AUTOTITLE](/rest/overview/permissions-required-for-github-apps?apiVersion=2022-11-28#repository-permissions-for-pull-requests)." |
|
||||
| `repository-projects` | Work with GitHub projects (classic). For example, `repository-projects: write` permits an action to add a column to a project (classic). For more information, see "[AUTOTITLE](/rest/overview/permissions-required-for-github-apps?apiVersion=2022-11-28#repository-permissions-for-projects)." |
|
||||
| `security-events` | Work with GitHub code scanning and Dependabot alerts. For example, `security-events: read` permits an action to list the Dependabot alerts for the repository, and `security-events: write` allows an action to update the status of a code scanning alert. For more information, see "[Repository permissions for 'Code scanning alerts'](/rest/overview/permissions-required-for-github-apps?apiVersion=2022-11-28#repository-permissions-for-code-scanning-alerts)" and "[Repository permissions for 'Dependabot alerts'](/rest/overview/permissions-required-for-github-apps?apiVersion=2022-11-28#repository-permissions-for-dependabot-alerts)" in "Permissions required for GitHub Apps." |
|
||||
| `statuses` | Work with commit statuses. For example, `statuses:read` permits an action to list the commit statuses for a given reference. For more information, see "[AUTOTITLE](/rest/overview/permissions-required-for-github-apps?apiVersion=2022-11-28#repository-permissions-for-commit-statuses)." |
|
||||
| `issues` | Work with issues. For example, `issues: write` permits an action to add a comment to an issue. For more information, see "[AUTOTITLE](/rest/overview/permissions-required-for-github-apps?apiVersion=2022-11-28#repository-permissions-for-issues)." |
|
||||
| `packages` | Work with GitHub Packages. For example, `packages: write` permits an action to upload and publish packages on GitHub Packages. For more information, see "[AUTOTITLE](/packages/learn-github-packages/about-permissions-for-github-packages#about-scopes-and-permissions-for-package-registries)." |
|
||||
| `pages` | Work with GitHub Pages. For example, `pages: write` permits an action to request a GitHub Pages build. For more information, see "[AUTOTITLE](/rest/overview/permissions-required-for-github-apps?apiVersion=2022-11-28#repository-permissions-for-pages)." |
|
||||
| `pull-requests` | Work with pull requests. For example, `pull-requests: write` permits an action to add a label to a pull request. For more information, see "[AUTOTITLE](/rest/overview/permissions-required-for-github-apps?apiVersion=2022-11-28#repository-permissions-for-pull-requests)." |
|
||||
| `repository-projects` | Work with GitHub projects (classic). For example, `repository-projects: write` permits an action to add a column to a project (classic). For more information, see "[AUTOTITLE](/rest/overview/permissions-required-for-github-apps?apiVersion=2022-11-28#repository-permissions-for-projects)." |
|
||||
| `security-events` | Work with GitHub code scanning and Dependabot alerts. For example, `security-events: read` permits an action to list the Dependabot alerts for the repository, and `security-events: write` allows an action to update the status of a code scanning alert. For more information, see "[Repository permissions for 'Code scanning alerts'](/rest/overview/permissions-required-for-github-apps?apiVersion=2022-11-28#repository-permissions-for-code-scanning-alerts)" and "[Repository permissions for 'Dependabot alerts'](/rest/overview/permissions-required-for-github-apps?apiVersion=2022-11-28#repository-permissions-for-dependabot-alerts)" in "Permissions required for GitHub Apps." |
|
||||
| `statuses` | Work with commit statuses. For example, `statuses:read` permits an action to list the commit statuses for a given reference. For more information, see "[AUTOTITLE](/rest/overview/permissions-required-for-github-apps?apiVersion=2022-11-28#repository-permissions-for-commit-statuses)." |
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
### Specifying the JVM version and architecture
|
||||
### Specifying the Java version and architecture
|
||||
|
||||
The starter workflow sets up the `PATH` to contain OpenJDK 8 for the x64 platform. If you want to use a different version of Java, or target a different architecture (`x64` or `x86`), you can use the `setup-java` action to choose a different Java runtime environment.
|
||||
|
||||
|
||||
@@ -1 +1 @@
|
||||
{% data variables.actions.hosted_runner_caps %}s are only available for organizations and enterprises using the {% data variables.product.prodname_team %} or {% data variables.product.prodname_ghe_cloud %} plans.
|
||||
{% data variables.actions.hosted_runner_caps %}s are only available for organizations and enterprises using the {% data variables.product.prodname_team %} or {% data variables.product.prodname_ghe_cloud %} plans.
|
||||
|
||||
@@ -1 +1 @@
|
||||
If you would like to use more than 10 larger runners with static IP address ranges, please contact {% data variables.contact.contact_support %}.
|
||||
If you would like to use more than 10 larger runners with static IP address ranges, please contact {% data variables.contact.contact_support %}.
|
||||
|
||||
@@ -1,3 +1,3 @@
|
||||
If you plan to enable {% data variables.product.prodname_actions %} for the users of your instance, more resources are required.
|
||||
If you plan to enable {% data variables.product.prodname_actions %} for the users of your instance, more resources are required.
|
||||
|
||||
For more information about these requirements, see "[AUTOTITLE](/admin/github-actions/getting-started-with-github-actions-for-your-enterprise/getting-started-with-github-actions-for-github-enterprise-server#review-hardware-considerations)."
|
||||
|
||||
@@ -1,2 +1,2 @@
|
||||
1. To assign static IP addresses to the runner, under "Networking," check **Assign unique & static public IP address ranges for this runner**.
|
||||
1. Click **Save**.
|
||||
1. Click **Save**.
|
||||
|
||||
1
data/reusables/actions/new-starter-workflow.md
Normal file
1
data/reusables/actions/new-starter-workflow.md
Normal file
@@ -0,0 +1 @@
|
||||
1. If you already have a workflow in your repository, click **New workflow**.
|
||||
@@ -1,4 +1,4 @@
|
||||
- [AUTOTITLE](/actions/deployment/security-hardening-your-deployments/using-openid-connect-with-reusable-workflows)
|
||||
{% ifversion fpt %}- [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners/about-self-hosted-runners#communication-between-self-hosted-runners-and-github){% endif %}
|
||||
{% ifversion ghec %}- [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners/about-self-hosted-runners#communication-between-self-hosted-runners-and-github-enterprise-cloud){% endif %}
|
||||
{% ifversion ghes %}- [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners/about-self-hosted-runners#communication-between-self-hosted-runners-and-github-enterprise-server){% endif %}
|
||||
{% ifversion ghes %}- [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners/about-self-hosted-runners#communication-between-self-hosted-runners-and-github-enterprise-server){% endif %}
|
||||
|
||||
@@ -23,9 +23,9 @@ permissions:
|
||||
{% ifversion restricted-permissions-oidc %}
|
||||
You may need to specify additional permissions here, depending on your workflow's requirements.
|
||||
|
||||
For reusable workflows that are owned by the same user, organization, or enterprise as the caller workflow, the OIDC token generated in the reusable workflow can be accessed from the caller's context.
|
||||
For reusable workflows outside your enterprise or organization, the `permissions` setting for `id-token` should be explicitly set to `write` at the caller workflow level or in the specific job that calls the reusable workflow.
|
||||
For reusable workflows that are owned by the same user, organization, or enterprise as the caller workflow, the OIDC token generated in the reusable workflow can be accessed from the caller's context.
|
||||
For reusable workflows outside your enterprise or organization, the `permissions` setting for `id-token` should be explicitly set to `write` at the caller workflow level or in the specific job that calls the reusable workflow.
|
||||
This ensures that the OIDC token generated in the reusable workflow is only allowed to be consumed in the caller workflows when intended.
|
||||
|
||||
For more information, see "[AUTOTITLE](/actions/using-workflows/reusing-workflows)."
|
||||
{% endif %}
|
||||
{% endif %}
|
||||
|
||||
@@ -1,5 +1,6 @@
|
||||
{% data variables.product.prodname_actions %} can help you automate nearly every aspect of your application development processes. Ready to get started? Here are some helpful resources for taking your next steps with {% data variables.product.prodname_actions %}:
|
||||
|
||||
- For a quick way to create a {% data variables.product.prodname_actions %} workflow, see "[AUTOTITLE](/actions/learn-github-actions/using-starter-workflows)."
|
||||
- For continuous integration (CI) workflows to build and test your code, see "[AUTOTITLE](/actions/automating-builds-and-tests)."
|
||||
- For building and publishing packages, see "[AUTOTITLE](/actions/publishing-packages)."
|
||||
- For deploying projects, see "[AUTOTITLE](/actions/deployment)."
|
||||
|
||||
@@ -1 +1 @@
|
||||
1. To allow organizations to access your {% data variables.actions.hosted_runner %}s, specify the list of organizations that can use it. For more information, see "[Managing access to your runners](#managing-access-to-your-runners)."
|
||||
1. To allow organizations to access your {% data variables.actions.hosted_runner %}s, specify the list of organizations that can use it. For more information, see "[Managing access to your runners](#managing-access-to-your-runners)."
|
||||
|
||||
@@ -1 +1 @@
|
||||
You can connect {% data variables.product.prodname_dotcom %}-hosted runners to resources on a private network, including package registries, secret managers, and other on-premises services.
|
||||
You can connect {% data variables.product.prodname_dotcom %}-hosted runners to resources on a private network, including package registries, secret managers, and other on-premises services.
|
||||
|
||||
@@ -1 +1 @@
|
||||
With {% data variables.product.prodname_actions %}, you can use OpenID Connect (OIDC) tokens to authenticate your workflow outside of {% data variables.product.prodname_actions %}.
|
||||
With {% data variables.product.prodname_actions %}, you can use OpenID Connect (OIDC) tokens to authenticate your workflow outside of {% data variables.product.prodname_actions %}.
|
||||
|
||||
@@ -1 +1 @@
|
||||
If you don't want to maintain separate infrastructure for an API Gateway, you can create an overlay network between your runner and a service in your private network, by running WireGuard in both places.
|
||||
If you don't want to maintain separate infrastructure for an API Gateway, you can create an overlay network between your runner and a service in your private network, by running WireGuard in both places.
|
||||
|
||||
@@ -1,2 +1,2 @@
|
||||
1. Enter a new name for the runner in the text field under "Name."
|
||||
1. Click **Save**.
|
||||
1. Click **Save**.
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
- `{owner}/{repo}/.github/workflows/{filename}@{ref}` for reusable workflows in {% ifversion fpt %}public and private{% elsif ghec or ghes > 3.7 or ghae > 3.7 %}public, internal and private{% else %}public and internal{% endif %} repositories.
|
||||
- `./.github/workflows/{filename}` for reusable workflows in the same repository.
|
||||
|
||||
In the first option, `{ref}` can be a SHA, a release tag, or a branch name. If a release tag and a branch have the same name, the release tag takes precedence over the branch name. Using the commit SHA is the safest option for stability and security. For more information, see "[AUTOTITLE](/actions/security-guides/security-hardening-for-github-actions#reusing-third-party-workflows)."
|
||||
In the first option, `{ref}` can be a SHA, a release tag, or a branch name. If a release tag and a branch have the same name, the release tag takes precedence over the branch name. Using the commit SHA is the safest option for stability and security. For more information, see "[AUTOTITLE](/actions/security-guides/security-hardening-for-github-actions#reusing-third-party-workflows)."
|
||||
|
||||
If you use the second syntax option (without `{owner}/{repo}` and `@{ref}`) the called workflow is from the same commit as the caller workflow. Ref prefixes such as `refs/heads` and `refs/tags` are not allowed.
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
{% data reusables.enterprise-accounts.access-enterprise %}
|
||||
{% data reusables.enterprise-accounts.policies-tab %}
|
||||
{% data reusables.enterprise-accounts.actions-tab %}
|
||||
{% data reusables.enterprise-accounts.actions-runner-groups-tab %}
|
||||
{% data reusables.enterprise-accounts.actions-runner-groups-tab %}
|
||||
|
||||
@@ -1 +1 @@
|
||||
{% data variables.product.prodname_dotcom %}-hosted runners are provisioned with an `etc/hosts` file that blocks network access to various cryptocurrency mining pools and malicious sites. Hosts such as MiningMadness.com and cpu-pool.com are rerouted to localhost so that they do not present a significant security risk.
|
||||
{% data variables.product.prodname_dotcom %}-hosted runners are provisioned with an `etc/hosts` file that blocks network access to various cryptocurrency mining pools and malicious sites. Hosts such as MiningMadness.com and cpu-pool.com are rerouted to localhost so that they do not present a significant security risk.
|
||||
|
||||
@@ -1 +1 @@
|
||||
1. In the list of runners, select the runner you would like to edit.
|
||||
1. In the list of runners, select the runner you would like to edit.
|
||||
|
||||
@@ -1,2 +1,2 @@
|
||||
{% data reusables.actions.runner-label-settings %}
|
||||
1. To assign a label to your self-hosted runner, in the "Find or create a label" field, click the label.
|
||||
1. To assign a label to your self-hosted runner, in the "Find or create a label" field, click the label.
|
||||
|
||||
@@ -9,10 +9,10 @@
|
||||
|
||||
{% indented_data_reference reusables.enterprise-accounts.access-enterprise spaces=5 %}
|
||||
1. Navigate to the {% data variables.product.prodname_actions %} settings:
|
||||
- **In an organization**:
|
||||
- **In an organization**:
|
||||
|
||||
{% indented_data_reference reusables.actions.settings-ui.settings-actions-runners spaces=5 %}
|
||||
- **If using an enterprise-level runner**:
|
||||
- **If using an enterprise-level runner**:
|
||||
|
||||
{% indented_data_reference reusables.enterprise-accounts.policies-tab spaces=5 %}
|
||||
{% indented_data_reference reusables.enterprise-accounts.actions-tab spaces=5 %}
|
||||
|
||||
@@ -1,3 +1,3 @@
|
||||
1. Navigate to the main page of the organization where your self-hosted runner group is registered.
|
||||
1. Click {% octicon "gear" aria-label="The Settings gear" %} **Settings**.
|
||||
{% data reusables.organizations.settings-sidebar-actions-runners %}
|
||||
{% data reusables.organizations.settings-sidebar-actions-runners %}
|
||||
|
||||
@@ -1,3 +1,3 @@
|
||||
1. Navigate to the main page of the repository where your self-hosted runner group is registered.
|
||||
1. Click {% octicon "gear" aria-label="The Settings gear" %} **Settings**.
|
||||
{% data reusables.organizations.settings-sidebar-actions-runners %}
|
||||
{% data reusables.organizations.settings-sidebar-actions-runners %}
|
||||
|
||||
@@ -1,2 +1,2 @@
|
||||
{% data reusables.actions.runner-label-settings %}
|
||||
1. In the "Find or create a label" field, assigned labels are marked with the {% octicon "check" aria-label="The Check icon" %} icon. Click on a marked label to unassign it from your self-hosted runner.
|
||||
1. In the "Find or create a label" field, assigned labels are marked with the {% octicon "check" aria-label="The Check icon" %} icon. Click on a marked label to unassign it from your self-hosted runner.
|
||||
|
||||
@@ -1,3 +1,3 @@
|
||||
{% data reusables.actions.settings-sidebar-actions-runner-selection %}
|
||||
1. In the "Labels" section, click {% octicon "gear" aria-label="The Gear icon" %}.
|
||||
1. In the "Find or create a label" field, type the name of your new label and click **Create new label**. The custom label is created and assigned to the self-hosted runner. Custom labels can be removed from self-hosted runners, but they currently can't be manually deleted. {% data reusables.actions.actions-unused-labels %}
|
||||
1. In the "Find or create a label" field, type the name of your new label and click **Create new label**. The custom label is created and assigned to the self-hosted runner. Custom labels can be removed from self-hosted runners, but they currently can't be manually deleted. {% data reusables.actions.actions-unused-labels %}
|
||||
|
||||
@@ -1 +1 @@
|
||||
You must install the required software on your self-hosted runners. For more information about self-hosted runners, see "[AUTOTITLE](/actions/hosting-your-own-runners)."
|
||||
You must install the required software on your self-hosted runners. For more information about self-hosted runners, see "[AUTOTITLE](/actions/hosting-your-own-runners)."
|
||||
|
||||
@@ -1 +1 @@
|
||||
1. In the left sidebar, click {% octicon "play" aria-hidden="true" %} **Actions**, then click **Runners**.
|
||||
1. In the left sidebar, click {% octicon "play" aria-hidden="true" %} **Actions**, then click **Runners**.
|
||||
|
||||
1
data/reusables/actions/starter-workflow-get-started.md
Normal file
1
data/reusables/actions/starter-workflow-get-started.md
Normal file
@@ -0,0 +1 @@
|
||||
To get started quickly, add a starter workflow to the `.github/workflows` directory of your repository.
|
||||
@@ -1,3 +1,3 @@
|
||||
From your repository, click the **Actions** tab, and select the latest workflow run. Under **Jobs** or in the visualization graph, click **A job to say hello**.
|
||||
|
||||
Click **Hello world action step**, and you should see "Hello Mona the Octocat" or the name you used for the `who-to-greet` input printed in the log. To see the timestamp, click **Get the output time**.
|
||||
Click **Hello world action step**, and you should see "Hello Mona the Octocat" or the name you used for the `who-to-greet` input printed in the log. To see the timestamp, click **Get the output time**.
|
||||
|
||||
8
data/reusables/actions/third-party-actions.md
Normal file
8
data/reusables/actions/third-party-actions.md
Normal file
@@ -0,0 +1,8 @@
|
||||
{% note %}
|
||||
|
||||
**Notes**:
|
||||
|
||||
- This starter workflow contains an action that is not certified by {% data variables.product.prodname_dotcom %}. Actions provided by third parties are governed by separate terms of service, privacy policy, and support documentation.
|
||||
- If you use actions from third parties you should use a version specified by a commit SHA. If the action is revised and you want to use the newer version, you will need to update the SHA. You can specify a version by referencing a tag or a branch, however the action may change without warning. For more information, see "[AUTOTITLE](/actions/security-guides/security-hardening-for-github-actions#using-third-party-actions)."
|
||||
|
||||
{% endnote %}
|
||||
@@ -1 +1 @@
|
||||
1. To choose a policy for organization access, select the **Organization access** dropdown menu and click a policy. You can configure a runner group to be accessible to a specific list of organizations, or all organizations in the enterprise.{% ifversion ghes %} By default, only private repositories can access runners in a runner group, but you can override this.{% endif %}
|
||||
1. To choose a policy for organization access, select the **Organization access** dropdown menu and click a policy. You can configure a runner group to be accessible to a specific list of organizations, or all organizations in the enterprise.{% ifversion ghes %} By default, only private repositories can access runners in a runner group, but you can override this.{% endif %}
|
||||
|
||||
@@ -26,7 +26,7 @@ on:
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note:** {% ifversion required-workflows %}You should not use branch filtering to skip workflow runs if the workflow has been configured to be required. For more information, see "[AUTOTITLE](/actions/using-workflows/required-workflows)."
|
||||
**Note:** {% ifversion required-workflows %}You should not use branch filtering to skip workflow runs if the workflow has been configured to be required. For more information, see "[AUTOTITLE](/actions/using-workflows/required-workflows)."
|
||||
|
||||
{% endif %}If a workflow is skipped due to branch filtering, [path filtering](/actions/using-workflows/workflow-syntax-for-github-actions#onpushpull_requestpull_request_targetpathspaths-ignore), or a [commit message](/actions/managing-workflow-runs/skipping-workflow-runs), then checks associated with that workflow will remain in a "Pending" state. A pull request that requires those checks to be successful will be blocked from merging.
|
||||
|
||||
|
||||
@@ -29,7 +29,7 @@ on:
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note:** {% ifversion required-workflows %}You should not use path filtering to skip workflow runs if the workflow has been configured to be required. For more information, see "[AUTOTITLE](/actions/using-workflows/required-workflows)."
|
||||
**Note:** {% ifversion required-workflows %}You should not use path filtering to skip workflow runs if the workflow has been configured to be required. For more information, see "[AUTOTITLE](/actions/using-workflows/required-workflows)."
|
||||
|
||||
{% endif %}If a workflow is skipped due to path filtering, [branch filtering](/actions/using-workflows/workflow-syntax-for-github-actions#onpull_requestpull_request_targetbranchesbranches-ignore), or a [commit message](/actions/managing-workflow-runs/skipping-workflow-runs), then checks associated with that workflow will remain in a "Pending" state. A pull request that requires those checks to be successful will be blocked from merging.
|
||||
|
||||
|
||||
@@ -1 +1 @@
|
||||
# This step uses the `actions/setup-java` action to configure the Eclipse Temurin (Java) 17 JDK by Eclipse Adoptium.
|
||||
# This step uses the `actions/setup-java` action to configure the Eclipse Temurin (Java) 17 JDK by Eclipse Adoptium.
|
||||
|
||||
@@ -1 +1 @@
|
||||
# This step uses the `actions/checkout` action to download a copy of your repository on the runner.
|
||||
# This step uses the `actions/checkout` action to download a copy of your repository on the runner.
|
||||
|
||||
@@ -1 +1 @@
|
||||
The name of the workflow. {% data variables.product.prodname_dotcom %} displays the names of your workflows under your repository's "Actions" tab. If you omit `name`, {% data variables.product.prodname_dotcom %} displays the workflow file path relative to the root of the repository.
|
||||
The name of the workflow. {% data variables.product.prodname_dotcom %} displays the names of your workflows under your repository's "Actions" tab. If you omit `name`, {% data variables.product.prodname_dotcom %} displays the workflow file path relative to the root of the repository.
|
||||
|
||||
@@ -3,4 +3,4 @@
|
||||
- For a {% data variables.product.prodname_github_app %} owned by a personal account, click **Settings**.
|
||||
- For a {% data variables.product.prodname_github_app %} owned by an organization:
|
||||
1. Click **Your organizations**.
|
||||
1. To the right of the organization, click **Settings**.
|
||||
1. To the right of the organization, click **Settings**.
|
||||
|
||||
@@ -1,2 +1,2 @@
|
||||
{% data reusables.audit_log.audit-log-api-info %}{% ifversion git-events-audit-log %}
|
||||
- Git events, such as cloning, fetching, and pushing {% ifversion enable-git-events %}(must be enabled, see "[AUTOTITLE](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/configuring-the-audit-log-for-your-enterprise)"){% endif %}{% endif %}
|
||||
- Git events, such as cloning, fetching, and pushing {% ifversion enable-git-events %}(must be enabled, see "[AUTOTITLE](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/configuring-the-audit-log-for-your-enterprise)"){% endif %}{% endif %}
|
||||
|
||||
@@ -1 +1 @@
|
||||
The name for each audit log entry is composed of a category of events, followed by an operation type. For example, the `repo.create` entry refers to the `create` operation on the `repo` category.
|
||||
The name for each audit log entry is composed of a category of events, followed by an operation type. For example, the `repo.create` entry refers to the `create` operation on the `repo` category.
|
||||
|
||||
@@ -1 +1 @@
|
||||
{% data reusables.audit_log.category-operation-notation %} The reference information in this article is grouped by categories.
|
||||
{% data reusables.audit_log.category-operation-notation %} The reference information in this article is grouped by categories.
|
||||
|
||||
@@ -1 +1 @@
|
||||
The bill for each account on {% data variables.product.product_name %} consists of the account's plan, plus other any other subscriptions and usage-based billing for the account.
|
||||
The bill for each account on {% data variables.product.product_name %} consists of the account's plan, plus other any other subscriptions and usage-based billing for the account.
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
{% data variables.product.prodname_codeql %} analyzes the {% data variables.code-scanning.compiled_languages %} source files in your repository that are built.
|
||||
{% data variables.product.prodname_codeql %} analyzes the {% data variables.code-scanning.compiled_languages %} source files in your repository that are built.
|
||||
|
||||
{% ifversion code-scanning-without-workflow-310 %}
|
||||
|
||||
@@ -8,4 +8,4 @@ If you enable default setup, the `autobuild` action will be used to build your c
|
||||
|
||||
The basic {% data variables.code-scanning.codeql_workflow %} uses the `autobuild` action to build your code. Alternatively, you can disable `autobuild` and instead specify explicit build commands to analyze only the files that are built by these custom commands.
|
||||
|
||||
{% endif %}
|
||||
{% endif %}
|
||||
|
||||
@@ -2,4 +2,4 @@
|
||||
|
||||
If the code in a repository changes to include {% ifversion code-scanning-default-setup-go %}Go, {% endif %}JavaScript/TypeScript, Python, or Ruby, {% data variables.product.prodname_dotcom %} will automatically update the {% data variables.product.prodname_code_scanning %} configuration to include the new language. If {% data variables.product.prodname_code_scanning %} fails with the new configuration, {% data variables.product.prodname_dotcom %} will resume the previous configuration automatically so that the repository does not lose {% data variables.product.prodname_code_scanning %} coverage. Compiled languages are not automatically included in default setup configuration because they often require more advanced configuration, but you can manually add any {% data variables.product.prodname_codeql %}-supported compiled language{% ifversion codeql-swift-advanced-setup %} other than Swift{% endif %} to your default setup configuration.
|
||||
|
||||
{% endif %}
|
||||
{% endif %}
|
||||
|
||||
@@ -1 +1 @@
|
||||
If you disable {% data variables.product.prodname_codeql %} {% data variables.product.prodname_code_scanning %} for all repositories this change is not reflected in the coverage information shown in security overview for the organization. The repositories will still appear to have {% data variables.product.prodname_code_scanning %} enabled in the "Security Coverage" view.
|
||||
If you disable {% data variables.product.prodname_codeql %} {% data variables.product.prodname_code_scanning %} for all repositories this change is not reflected in the coverage information shown in security overview for the organization. The repositories will still appear to have {% data variables.product.prodname_code_scanning %} enabled in the "Security Coverage" view.
|
||||
|
||||
@@ -1,10 +1,12 @@
|
||||
- {% data variables.product.prodname_codeql %} advanced setup for {% data variables.product.prodname_code_scanning %}: update the `analyze` step to limit the number of paths to a maximum of one or zero.
|
||||
|
||||
```yaml
|
||||
- name: Perform CodeQL Analysis
|
||||
uses: {% data reusables.actions.action-codeql-action-analyze %}
|
||||
env:
|
||||
CODEQL_ACTION_EXTRA_OPTIONS: '{"database":{"interpret-results":["--max-paths", 1]}}'
|
||||
```
|
||||
|
||||
- {% data variables.product.prodname_codeql_cli %} `database analyze`: update the database analysis command to include the `--max-paths=1` flag. For more information, see "[AUTOTITLE](/code-security/codeql-cli/codeql-cli-manual/database-analyze#--max-pathsmaxpaths)."
|
||||
|
||||
{% note %}
|
||||
|
||||
@@ -1 +1 @@
|
||||
1. Rerun the process to upload the SARIF file. It should now succeed if the SARIF file meets the requirements for {% data variables.product.prodname_code_scanning %}. For information about validation and the format supported by {% data variables.product.prodname_code_scanning %}, see "[AUTOTITLE](/code-security/code-scanning/integrating-with-code-scanning/sarif-support-for-code-scanning)."
|
||||
1. Rerun the process to upload the SARIF file. It should now succeed if the SARIF file meets the requirements for {% data variables.product.prodname_code_scanning %}. For information about validation and the format supported by {% data variables.product.prodname_code_scanning %}, see "[AUTOTITLE](/code-security/code-scanning/integrating-with-code-scanning/sarif-support-for-code-scanning)."
|
||||
|
||||
@@ -3,4 +3,3 @@
|
||||
- Click **NUMBER enabled** or **NUMBER not enabled** in the header for any feature to show only the repositories with that feature enabled or not enabled.
|
||||
- At the top of the list of repositories, click **NUMBER Archived** to show only repositories that are archived.
|
||||
- Click in the search box to add further filters to the repositories displayed.
|
||||
|
||||
@@ -8,4 +8,4 @@ However, if you delete an unpublished codespace, or if it's automatically delete
|
||||
|
||||
**Note:** If an unpublished codespace is currently billed to an organization, publishing the codespace transfers ownership and billing of the codespace to your personal account. For more information, see "[AUTOTITLE](/billing/managing-billing-for-github-codespaces/about-billing-for-github-codespaces#how-billing-is-handled-for-github-codespaces-templates)."
|
||||
|
||||
{% endnote %}
|
||||
{% endnote %}
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
## Linking to an existing codespace
|
||||
|
||||
You can create links to your existing codespaces. This is useful if you have a long-lived codespace that you return to frequently. You can save the link in a location of your choice, as an alternative to using the link on https://github.com/codespaces.
|
||||
You can create links to your existing codespaces. This is useful if you have a long-lived codespace that you return to frequently. You can save the link in a location of your choice, as an alternative to using the link on https://github.com/codespaces.
|
||||
|
||||
{% note %}
|
||||
|
||||
|
||||
@@ -9,7 +9,7 @@ Alternatively, you can also open the JetBrains Gateway and select an existing co
|
||||
|
||||
|
||||
|
||||
1. The first time you connect, you're prompted to choose whether you want to allow {% data variables.product.prodname_dotcom %} to collect anonymized usage data, to improve functionality and user experience. Click **Allow** or **Deny**.
|
||||
1. The first time you connect, you're prompted to choose whether you want to allow {% data variables.product.prodname_dotcom %} to collect anonymized usage data, to improve functionality and user experience. Click **Allow** or **Deny**.
|
||||
|
||||
You can change your choice later, if required, in the settings for the {% data variables.product.prodname_github_codespaces %} plugin, which you can access within the JetBrains Gateway settings.
|
||||
|
||||
|
||||
@@ -11,4 +11,4 @@ You can add a forwarded port to the {% data variables.product.prodname_github_co
|
||||
|
||||
Replace `NUMBER` with the port number you want to forward. This can be a comma-separated list of port numbers.
|
||||
|
||||
1. Save the file.
|
||||
1. Save the file.
|
||||
|
||||
@@ -35,4 +35,4 @@ You can label a port and write the change to a dev container configuration file
|
||||
"label": "app-pro-preview"
|
||||
}
|
||||
}
|
||||
```
|
||||
```
|
||||
|
||||
@@ -1 +1 @@
|
||||
If you create prebuilds for a forked repository, the storage cost of those prebuilds is subtracted from your monthly included storage, while available. If you have used all of your included storage, and you have set up billing, your personal account will be billed. This is true even when the codespaces you create for a fork are paid for by the organization that owns the parent repository.
|
||||
If you create prebuilds for a forked repository, the storage cost of those prebuilds is subtracted from your monthly included storage, while available. If you have used all of your included storage, and you have set up billing, your personal account will be billed. This is true even when the codespaces you create for a fork are paid for by the organization that owns the parent repository.
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
You can stop a codespace at any time. When you stop a codespace, any running processes are stopped. Any saved changes in your codespace will still be available when you next start it. The terminal history is preserved, but the visible contents of the terminal window are not preserved between codespace sessions.
|
||||
You can stop a codespace at any time. When you stop a codespace, any running processes are stopped. Any saved changes in your codespace will still be available when you next start it. The terminal history is preserved, but the visible contents of the terminal window are not preserved between codespace sessions.
|
||||
|
||||
If you do not explicitly stop a codespace, it will continue to run until it times out from inactivity. Closing a codespace does not stop the codespace. For example, if you're using a codespace in the {% data variables.product.prodname_vscode_shortname %} web client and you close the browser tab, the codespace remains running on the remote machine. For information about timeouts, see "[AUTOTITLE](/codespaces/getting-started/the-codespace-lifecycle#timeouts-for-github-codespaces)."
|
||||
|
||||
|
||||
@@ -1 +1 @@
|
||||
If you have installed {% data variables.product.prodname_cli %}, you can use it to work with {% data variables.product.prodname_github_codespaces %}. {% data reusables.cli.cli-installation %}
|
||||
If you have installed {% data variables.product.prodname_cli %}, you can use it to work with {% data variables.product.prodname_github_codespaces %}. {% data reusables.cli.cli-installation %}
|
||||
|
||||
@@ -1,3 +1,3 @@
|
||||
- The organization has set a non-zero spending limit for {% data variables.product.prodname_github_codespaces %}.
|
||||
- The codespace is created from one of the organization's repositories, or from a fork of one of the organization's repositories. This includes {% ifversion ghec %}public, private, and internal{% elsif fpt %}both public and private{% endif %} repositories.
|
||||
- The user creating the codespace is a member or collaborator of the organization, and the organization has enabled {% data variables.product.prodname_github_codespaces %} for this user. This can include all members and collaborators if the organization has chosen to enable {% data variables.product.prodname_codespaces %} for all users. If {% data variables.product.prodname_codespaces %} isn't enabled for a user, they can still create codespaces from public repositories in the organization, but the user will pay for these codespaces.
|
||||
- The codespace is created from one of the organization's repositories, or from a fork of one of the organization's repositories. This includes {% ifversion ghec %}public, private, and internal{% elsif fpt %}both public and private{% endif %} repositories.
|
||||
- The user creating the codespace is a member or collaborator of the organization, and the organization has enabled {% data variables.product.prodname_github_codespaces %} for this user. This can include all members and collaborators if the organization has chosen to enable {% data variables.product.prodname_codespaces %} for all users. If {% data variables.product.prodname_codespaces %} isn't enabled for a user, they can still create codespaces from public repositories in the organization, but the user will pay for these codespaces.
|
||||
|
||||
@@ -1 +1 @@
|
||||
Articles in the "Contributing to GitHub Docs" section refer to the documentation itself and are a resource for GitHub staff and open source contributors.
|
||||
Articles in the "Contributing to GitHub Docs" section refer to the documentation itself and are a resource for GitHub staff and open source contributors.
|
||||
|
||||
@@ -1 +1 @@
|
||||
1. In the "Code, planning, and automation" section of the sidebar, click **{% octicon "copilot" aria-hidden="true" %} {% data variables.product.prodname_copilot_short %}**, and then click **Access**.
|
||||
1. In the "Code, planning, and automation" section of the sidebar, click **{% octicon "copilot" aria-hidden="true" %} {% data variables.product.prodname_copilot_short %}**, and then click **Access**.
|
||||
|
||||
Some files were not shown because too many files have changed in this diff Show More
Reference in New Issue
Block a user