Merge branch 'main' into new-badge-2020

.github/ISSUE_COMMENT_TEMPLATE/quick-status.yml

@@ -14,6 +14,8 @@ body:
           value: 'Status: YELLOW'
         - label: "RED \U0001F534 (BLOCKED)"
           value: 'Status: RED'
+        - label: "BLACK ⚫️ (We shipped it \U0001F389)"
+          value: 'Status: BLACK'
   - type: textarea
     attributes:
       label: Update Summary

.github/actions-scripts/enterprise-server-issue-templates/release-issue.md

@@ -34,12 +34,6 @@
     ```
     ☝️ This will run a workflow **on every push to the PR** that will sync **only** the English index for the new version to Algolia. This will make the GHES content searchable on staging throughout content creation, and will ensure the search updates go live at the same time the content is published. See [`contributing/search.md`](https://github.com/github/docs-internal/blob/main/contributing/search.md) for details.
 
-- [ ] Create an OpenAPI topic branch
-
-  This branch is used to avoid propagating the OpenAPI dev mode check CI test failure in all of the branches. All changes that affect the OpenAPI schema should branch off of this topic branch. The tests should all be passing before the OpenAPI topic branch is merged into the megabranch.
-
-  For more information about how OpenAPI changes are published to docs.github.com, see [Publishing REST API changes to docs.github.com](https://github.com/github/docs-content/blob/main/docs-content-docs/docs-content-workflows/publishing-documentation/publishing-REST-api-docs.md#publishing-rest-api-changes-to-docsgithubcom).
-
 - [ ] In `github/github`, to create a new GHES release follow these steps:
   - [ ] Copy the previous release's root document to a new root document for this release `cp app/api/description/ghes-<LATEST RELEASE NUMBER>.yaml app/api/description/ghes-<NEXT RELEASE NUMBER>.yaml`.
   - [ ] Update the `externalDocs.url` property in that file to use the new GHES release number.
@@ -47,6 +41,14 @@
   - [ ] Update the `variables.externalDocsUrl`, `variables.ghesVersion`, and `patch.[].value.url` in that file to use the new GHES release number.
   - [ ] Update `published` in that file to `false`. **Note:** This is important to ensure that 3.1 OpenAPI changes are not made public until 3.1 is released.
 
+#### Troubleshooting
+
+If the `OpenAPI dev mode check / check-schema-versions` check fails on the release branch, in your local checkout of the mega branch:
+
+- run `git checkout origin/main lib/rest/static/*`
+- run `script/rest/update-files.js --decorate-only`
+- push the resulting changes
+
 ### Before shipping the release branch
 
 - [ ] Add the GHES release notes to `data/release-notes/` and update the versioning frontmatter in `content/admin/release-notes.md` to `enterprise-server: '<=<RELEASE>'`

.github/allowed-actions.js

@@ -4,13 +4,13 @@
 // can be added it this list.
 
 module.exports = [
-  "actions/cache@0781355a23dac32fd3bac414512f4b903437991a", //actions/cache@v2.1.3
-  "actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f", //actions/checkout@v2.3.4
-  "actions/github-script@626af12fe9a53dc2972b48385e7fe7dec79145c9", //actions/script@v3.0.0
-  "actions/labeler@5f867a63be70efff62b767459b009290364495eb", //actions/labeler@v2.2.0
-  "actions/setup-node@c46424eee26de4078d34105d3de3cc4992202b1e", //actions/setup-node@v2.1.4
-  "ruby/setup-ruby@fdcfbcf14ec9672f6f615cb9589a1bc5dd69d262", //ruby/setup-ruby@vv1.64.1
-  "actions/stale@9d6f46564a515a9ea11e7762ab3957ee58ca50da", //actions/stale@v3.0.16
+  "actions/cache@0781355a23dac32fd3bac414512f4b903437991a", // v2.1.3
+  "actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f", // v2.3.4
+  "actions/github-script@626af12fe9a53dc2972b48385e7fe7dec79145c9", // v3.0.0
+  "actions/labeler@5f867a63be70efff62b767459b009290364495eb", // v2.2.0
+  "actions/setup-node@c46424eee26de4078d34105d3de3cc4992202b1e", // v2.1.4
+  "ruby/setup-ruby@fdcfbcf14ec9672f6f615cb9589a1bc5dd69d262", // v1.64.1
+  "actions/stale@9d6f46564a515a9ea11e7762ab3957ee58ca50da", // v3.0.16
   "alex-page/github-project-automation-plus@fdb7991b72040d611e1123d2b75ff10eda9372c9",
   "andymckay/labeler@22d5392de2b725cea4b284df5824125054049d84",
   "archive/github-actions-slack@d368c5a4ad757515a9344918f84c490b05777d94",
@@ -20,14 +20,14 @@ module.exports = [
   "cschleiden/actions-linter@0ff16d6ac5103cca6c92e6cbc922b646baaea5be",
   "dawidd6/action-delete-branch@47743101a121ad657031e6704086271ca81b1911",
   "docker://chinthakagodawita/autoupdate-action:v1",
-  "fkirc/skip-duplicate-actions@36feb0d8d062137530c2e00bd278d138fe191289",
   "github/codeql-action/analyze@v1",
   "github/codeql-action/init@v1",
   "juliangruber/approve-pull-request-action@c530832d4d346c597332e20e03605aa94fa150a8",
-  "juliangruber/find-pull-request-action@2fc55e82a6d5d36fe1e7f1848f7e64fd02d99de9",
+  "juliangruber/find-pull-request-action@db875662766249c049b2dcd85293892d61cb0b51", // v1.5.0
   "juliangruber/read-file-action@e0a316da496006ffd19142f0fd594a1783f3b512",
   "lee-dohm/close-matching-issues@22002609b2555fe18f52b8e2e7c07cbf5529e8a8",
-  "pascalgn/automerge-action@c9bd1823770819dc8fb8a5db2d11a3a95fbe9b07", //pascalgn/automerge@0.12.0
+  "lee-dohm/no-response@9bb0a4b5e6a45046f00353d5de7d90fb8bd773bb",
+  "pascalgn/automerge-action@c9bd1823770819dc8fb8a5db2d11a3a95fbe9b07", // v0.12.0
   "peter-evans/create-issue-from-file@a04ce672e3acedb1f8e416b46716ddfd09905326",
   "peter-evans/create-or-update-comment@5221bf4aa615e5c6e95bb142f9673a9c791be2cd",
   "peter-evans/create-pull-request@8c603dbb04b917a9fc2dd991dc54fef54b640b43",

.github/workflows/browser-test.yml

@@ -12,44 +12,26 @@ on:
   pull_request:
 
 jobs:
-  see_if_should_skip:
-    continue-on-error: true
-    runs-on: ubuntu-latest
-    # Map a step output to a job output
-    outputs:
-      should_skip: ${{ steps.skip_check.outputs.should_skip }}
-    steps:
-      - id: skip_check
-        uses: fkirc/skip-duplicate-actions@36feb0d8d062137530c2e00bd278d138fe191289
-        with:
-          cancel_others: 'false'
-          github_token: ${{ github.token }}
-          paths: '[".github/workflows/browser-test.yml","assets/**", "content/**", "data/**", "includes/**", "javascripts/**", "jest-puppeteer.config.js", "jest.config.js", "layouts/**", "lib/**", "middleware/**", "package-lock.json", "package.json", "server.js", "translations/**", "webpack.config.js"]'
   build:
-    needs: see_if_should_skip
     runs-on: ubuntu-latest
     steps:
       # Each of these ifs needs to be repeated at each step to make sure the required check still runs
       # Even if if doesn't do anything
-      - if: ${{ needs.see_if_should_skip.outputs.should_skip != 'true' }}
-        name: Checkout
+      - name: Checkout
         uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f
 
-      - if: ${{ needs.see_if_should_skip.outputs.should_skip != 'true' }}
-        name: Setup Node
+      - name: Setup Node
         uses: actions/setup-node@c46424eee26de4078d34105d3de3cc4992202b1e
         with:
           node-version: 14.x
 
-      - if: ${{ needs.see_if_should_skip.outputs.should_skip != 'true' }}
-        name: Install
+      - name: Install
         uses: rachmari/puppeteer-container@6d56d6e132a3df76cf60bc290a4282f7fbaed05e
         timeout-minutes: 5
         with:
           args: npm ci
 
-      - if: ${{ needs.see_if_should_skip.outputs.should_skip != 'true' }}
-        name: Test
+      - name: Test
         timeout-minutes: 10
         uses: rachmari/puppeteer-container@6d56d6e132a3df76cf60bc290a4282f7fbaed05e
         with:

.github/workflows/close-external-repo-sync-prs.yml

@@ -1,65 +0,0 @@
-name: Check for External Repo Sync PR
-
-# **What it does**: If someone made a repo sync pull request other than Octomerger, close it.
-# **Why we have it**: Another form of spam in the open-source repository.
-# **Who does it impact**: Open-source contributors.
-
-on:
-  pull_request:
-    types:
-      - opened
-      - reopened
-    branches:
-      - main
-
-jobs:
-  invalid-repo-sync-check:
-    name: Close external Repo Sync PRs
-    if: ${{ github.repository == 'github/docs' && github.head_ref == 'repo-sync' }}
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/github-script@626af12fe9a53dc2972b48385e7fe7dec79145c9
-        with:
-          github-token: ${{ secrets.DOCUBOT_FR_PROJECT_BOARD_WORKFLOWS_REPO_ORG_READ_SCOPES }}
-          script: |
-
-            const prCreator = context.payload.sender.login
-
-            // If the PR creator is the expected account, stop now
-            if (prCreator === 'Octomerger') {
-              return
-            }
-
-            try {
-              await github.teams.getMembershipForUserInOrg({
-                org: 'github',
-                team_slug: 'employees',
-                username: prCreator
-              })
-
-              // If the PR creator is a GitHub employee, stop now
-              return
-            } catch (err) {
-              // An error will be thrown if the user is not a GitHub employee.
-              // That said, we still want to proceed anyway!
-            }
-
-            const pr = context.payload.pull_request
-            const { owner, repo } = context.repo
-
-            // Close the PR and add the invalid label
-            await github.issues.update({
-              owner: owner,
-              repo: repo,
-              issue_number: pr.number,
-              labels: ['invalid'],
-              state: 'closed'
-            })
-
-            // Comment on the PR
-            await github.issues.createComment({
-              owner: owner,
-              repo: repo,
-              issue_number: pr.number,
-              body: "Please leave this `repo-sync` branch to the robots!\n\nI'm going to close this pull request now, but feel free to open a new issue or ask any questions in [discussions](https://github.com/github/docs/discussions)!"
-            })

.github/workflows/confirm-internal-staff-work-in-docs.yml

@@ -17,7 +17,7 @@ jobs:
   check-team-membership:
     runs-on: ubuntu-latest
     continue-on-error: true
-    if: github.repository == 'github/docs'
+    if: github.repository == 'github/docs' && github.actor != 'docs-bot'
     steps:
       - id: membership_check
         uses: actions/github-script@626af12fe9a53dc2972b48385e7fe7dec79145c9

.github/workflows/link-check-dotcom.yml

@@ -12,53 +12,26 @@ on:
   pull_request:
 
 jobs:
-  see_if_should_skip:
-    continue-on-error: true
-    runs-on: ubuntu-latest
-    # Map a step output to a job output
-    outputs:
-      should_skip: ${{ steps.skip_check.outputs.should_skip }}
-    steps:
-      - id: skip_check
-        uses: fkirc/skip-duplicate-actions@36feb0d8d062137530c2e00bd278d138fe191289
-        with:
-          cancel_others: 'false'
-          github_token: ${{ github.token }}
-          paths: '[".github/workflows/link-check-dotcom.yml", "assets/**", "content/**", "data/**", "includes/**", "javascripts/**", "jest-puppeteer.config.js", "jest.config.js", "layouts/**", "lib/**", "middleware/**", "package-lock.json", "package.json", "server.js", "translations/**", "webpack.config.js"]'
   build:
-    needs: see_if_should_skip
     runs-on: ${{ fromJSON('["ubuntu-latest", "self-hosted"]')[github.repository == 'github/docs-internal'] }}
     steps:
       # Each of these ifs needs to be repeated at each step to make sure the required check still runs
       # Even if if doesn't do anything
-      - if: ${{ needs.see_if_should_skip.outputs.should_skip != 'true' }}
-        name: Checkout
+      - name: Checkout
         uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f
 
-      - if: ${{ needs.see_if_should_skip.outputs.should_skip != 'true' }}
-        name: Setup node
+      - name: Setup node
         uses: actions/setup-node@c46424eee26de4078d34105d3de3cc4992202b1e
         with:
           node-version: 14.x
 
-      - if: ${{ needs.see_if_should_skip.outputs.should_skip != 'true' }}
-        name: Install
+      - name: Install
         run: npm ci
 
-      ## TODO
-      # - if: ${{ github.repository == 'github/docs-internal' &&  needs.see_if_should_skip.outputs.should_skip != 'true' }}
-      #   name: Clone early access
-      #   run: npm run heroku-postbuild
-      #   env:
-      #     DOCUBOT_REPO_PAT: ${{ secrets.DOCUBOT_REPO_PAT }}
-      #     GIT_BRANCH: ${{ github.head_ref || github.ref }}
-
-      - if: ${{ needs.see_if_should_skip.outputs.should_skip != 'true' }}
-        name: Build
+      - name: Build
         run: npm run build
 
-      - if: ${{ needs.see_if_should_skip.outputs.should_skip != 'true' }}
-        name: 'Link check: Dotcom'
+      - name: 'Link check: Dotcom'
         env:
           DOCS_VERSION: 'dotcom'
         run: npm run link-check

.github/workflows/link-check-ghae.yml

@@ -12,53 +12,26 @@ on:
   pull_request:
 
 jobs:
-  see_if_should_skip:
-    continue-on-error: true
-    runs-on: ubuntu-latest
-    # Map a step output to a job output
-    outputs:
-      should_skip: ${{ steps.skip_check.outputs.should_skip }}
-    steps:
-      - id: skip_check
-        uses: fkirc/skip-duplicate-actions@36feb0d8d062137530c2e00bd278d138fe191289
-        with:
-          cancel_others: 'false'
-          github_token: ${{ github.token }}
-          paths: '[".github/workflows/link-check-ghae.yml", "assets/**", "content/**", "data/**", "includes/**", "javascripts/**", "jest-puppeteer.config.js", "jest.config.js", "layouts/**", "lib/**", "middleware/**", "package-lock.json", "package.json", "server.js", "translations/**", "webpack.config.js"]'
   build:
-    needs: see_if_should_skip
     runs-on: ${{ fromJSON('["ubuntu-latest", "self-hosted"]')[github.repository == 'github/docs-internal'] }}
     steps:
       # Each of these ifs needs to be repeated at each step to make sure the required check still runs
       # Even if if doesn't do anything
-      - if: ${{ needs.see_if_should_skip.outputs.should_skip != 'true' }}
-        name: Checkout
+      - name: Checkout
         uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f
 
-      - if: ${{ needs.see_if_should_skip.outputs.should_skip != 'true' }}
-        name: Setup node
+      - name: Setup node
         uses: actions/setup-node@c46424eee26de4078d34105d3de3cc4992202b1e
         with:
           node-version: 14.x
 
-      - if: ${{ needs.see_if_should_skip.outputs.should_skip != 'true' }}
-        name: Install
+      - name: Install
         run: npm ci
 
-      ## TODO
-      # - if: ${{ github.repository == 'github/docs-internal' &&  needs.see_if_should_skip.outputs.should_skip != 'true' }}
-      #   name: Clone early access
-      #   run: npm run heroku-postbuild
-      #   env:
-      #     DOCUBOT_REPO_PAT: ${{ secrets.DOCUBOT_REPO_PAT }}
-      #     GIT_BRANCH: ${{ github.head_ref || github.ref }}
-
-      - if: ${{ needs.see_if_should_skip.outputs.should_skip != 'true' }}
-        name: Build
+      - name: Build
         run: npm run build
 
-      - if: ${{ needs.see_if_should_skip.outputs.should_skip != 'true' }}
-        name: 'Link check: GitHub AE'
+      - name: 'Link check: GitHub AE'
         env:
           DOCS_VERSION: 'github-ae'
         run: npm run link-check

.github/workflows/link-check-ghes.yml

@@ -12,53 +12,26 @@ on:
   pull_request:
 
 jobs:
-  see_if_should_skip:
-    continue-on-error: true
-    runs-on: ubuntu-latest
-    # Map a step output to a job output
-    outputs:
-      should_skip: ${{ steps.skip_check.outputs.should_skip }}
-    steps:
-      - id: skip_check
-        uses: fkirc/skip-duplicate-actions@36feb0d8d062137530c2e00bd278d138fe191289
-        with:
-          cancel_others: 'false'
-          github_token: ${{ github.token }}
-          paths: '[".github/workflows/link-check-ghes.yml", "assets/**", "content/**", "data/**", "includes/**", "javascripts/**", "jest-puppeteer.config.js", "jest.config.js", "layouts/**", "lib/**", "middleware/**", "package-lock.json", "package.json", "server.js", "translations/**", "webpack.config.js"]'
   build:
-    needs: see_if_should_skip
     runs-on: ${{ fromJSON('["ubuntu-latest", "self-hosted"]')[github.repository == 'github/docs-internal'] }}
     steps:
       # Each of these ifs needs to be repeated at each step to make sure the required check still runs
       # Even if if doesn't do anything
-      - if: ${{ needs.see_if_should_skip.outputs.should_skip != 'true' }}
-        name: Checkout
+      - name: Checkout
         uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f
 
-      - if: ${{ needs.see_if_should_skip.outputs.should_skip != 'true' }}
-        name: Setup node
+      - name: Setup node
         uses: actions/setup-node@c46424eee26de4078d34105d3de3cc4992202b1e
         with:
           node-version: 14.x
 
-      - if: ${{ needs.see_if_should_skip.outputs.should_skip != 'true' }}
-        name: Install
+      - name: Install
         run: npm ci
 
-      ## TODO
-      # - if: ${{ github.repository == 'github/docs-internal' &&  needs.see_if_should_skip.outputs.should_skip != 'true' }}
-      #   name: Clone early access
-      #   run: npm run heroku-postbuild
-      #   env:
-      #     DOCUBOT_REPO_PAT: ${{ secrets.DOCUBOT_REPO_PAT }}
-      #     GIT_BRANCH: ${{ github.head_ref || github.ref }}
-
-      - if: ${{ needs.see_if_should_skip.outputs.should_skip != 'true' }}
-        name: Build
+      - name: Build
         run: npm run build
 
-      - if: ${{ needs.see_if_should_skip.outputs.should_skip != 'true' }}
-        name: 'Link check: Enterprise Server'
+      - name: 'Link check: Enterprise Server'
         env:
           DOCS_VERSION: 'enterprise-server'
         run: npm run link-check

.github/workflows/move-reopened-issues-to-triage.yaml

@@ -0,0 +1,41 @@
+name: Move Reopened Issues to Triage
+
+# **What it does**: Moves issues that are reopened from the Done column to the Triage column.
+# **Why we have it**: To prevent having to do this manually.
+# **Who does it impact**: Open-source.
+
+on:
+  issues:
+    types:
+      - reopened
+
+jobs:
+  move-reopened-issue-to-triage:
+    if: github.repository == 'github/docs'
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/github-script@626af12fe9a53dc2972b48385e7fe7dec79145c9
+        with:
+          github-token: ${{ github.token }}
+          script: |
+            const issueNumber = context.issue.number;
+            const doneColumnId = 11167427;
+            const triageColumnId = 11007039;
+
+            try {
+              const cards = await github.projects.listCards({
+                column_id: doneColumnId
+              });
+
+              for (const card of cards) {
+                if (card.content_url.endsWith(`/${issueNumber}`)) {
+                  await github.projects.moveCard({
+                    card_id: card.id,
+                    position: 'position',
+                    column_id: triageColumnId
+                  });
+                }
+              }
+            } catch(e) {
+              console.log(error);
+            }

.github/workflows/no-response.yaml

@@ -0,0 +1,32 @@
+name: No Response
+
+# **What it does**: Closes issues that don't have enough information to be
+#                   actionable.
+# **Why we have it**: To remove the need for maintainers to remember to check
+#                     back on issues periodically to see if contributors have
+#                     responded.
+# **Who does it impact**: Everyone that works on docs or docs-internal.
+
+on:
+  issue_comment:
+    types: [created]
+
+  schedule:
+    # Schedule for five minutes after the hour every hour
+    - cron: '5 * * * *'
+
+jobs:
+  noResponse:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: lee-dohm/no-response@9bb0a4b5e6a45046f00353d5de7d90fb8bd773bb
+        with:
+          token: ${{ github.token }}
+          closeComment: >
+            This issue has been automatically closed because there has been no response
+            to our request for more information from the original author. With only the
+            information that is currently in the issue, we don't have enough information
+            to take action. Please reach out if you have or find the answers we need so
+            that we can investigate further. See [this blog post on bug reports and the
+            importance of repro steps](https://www.lee-dohm.com/2015/01/04/writing-good-bug-reports/)
+            for more information about the kind of information that may be helpful.

.github/workflows/open-enterprise-issue.yml

@@ -1,5 +1,9 @@
 name: Open Enterprise release or deprecation issue
 
+# **What it does**: Checks if there is an Enterprise release or deprecation upcoming, and if so, opens an issue with the tasks to be completed.
+# **Why we have it**: GHES releases and deprecations run on a predictable schedule, so we can automate some of the project management aspects.
+# **Who does it impact**: Docs engineering, docs content.
+
 on:
   schedule:
     - cron: '49 14 * * *' # At 14:49 UTC daily

.github/workflows/repo-sync.yml

@@ -1,13 +1,18 @@
 # The docs.github.com project has two repositories: github/docs (public) and github/docs-internal (private)
 #
-# This GitHub Actions workflow keeps the main branch of those two repos in sync.
+# This GitHub Actions workflow keeps the `main` branch of those two repos in sync.
 #
 # For more details, see https://github.com/repo-sync/repo-sync#how-it-works
 
 name: Repo Sync
 
-# **What it does**: Syncs docs and docs-internal.
-# **Why we have it**: To keep the open-source repository up-to-date, while still having an internal repository for sensitive work.
+# **What it does**:
+#  - close-invalid-repo-sync: Close repo sync pull requests not created by Octomerger or a Hubber.
+#  - repo-sync: Syncs docs and docs-internal.
+# **Why we have it**:
+#  - close-invalid-repo-sync: Another form of spam prevention for the open-source repository.
+#  - repo-sync: To keep the open-source repository up-to-date, while still having an internal
+#    repository for sensitive work.
 # **Who does it impact**: Open-source.
 
 on:
@@ -16,7 +21,74 @@ on:
     - cron: '*/15 * * * *' # every 15 minutes
 
 jobs:
+  close-invalid-repo-sync:
+    name: Close invalid Repo Sync PRs
+    runs-on: ubuntu-latest
+    steps:
+      - name: Find pull request
+        if: ${{ github.repository == 'github/docs' }}
+        uses: juliangruber/find-pull-request-action@db875662766249c049b2dcd85293892d61cb0b51
+        id: find-pull-request
+        with:
+          github-token: ${{ secrets.DOCS_BOT_SPAM_VISION }}
+          branch: repo-sync
+          base: main
+          state: open
+
+      - name: Close pull request if unwanted
+        if: ${{ github.repository == 'github/docs' && steps.find-pull-request.outputs.number }}
+        uses: actions/github-script@626af12fe9a53dc2972b48385e7fe7dec79145c9
+        with:
+          github-token: ${{ secrets.DOCS_BOT_SPAM_VISION }}
+          script: |
+            const { owner, repo } = context.repo
+
+            const { data: pr } = await github.pulls.get({
+              owner,
+              repo,
+              pull_number: parseInt(${{ steps.find-pull-request.outputs.number }})
+            })
+
+            const prCreator = pr.user.login
+
+            // If the PR creator is the expected account, stop now
+            if (prCreator === 'Octomerger') {
+              return
+            }
+
+            try {
+              await github.teams.getMembershipForUserInOrg({
+                org: 'github',
+                team_slug: 'employees',
+                username: prCreator
+              })
+
+              // If the PR creator is a GitHub employee, stop now
+              return
+            } catch (err) {
+              // An error will be thrown if the user is not a GitHub employee.
+              // That said, we still want to proceed anyway!
+            }
+
+            // Close the PR and add the invalid label
+            await github.issues.update({
+              owner,
+              repo,
+              issue_number: pr.number,
+              labels: ['invalid'],
+              state: 'closed'
+            })
+
+            // Comment on the PR
+            await github.issues.createComment({
+              owner,
+              repo,
+              issue_number: pr.number,
+              body: "Please leave this `repo-sync` branch to the robots!\n\nI'm going to close this pull request now, but feel free to open a new issue or ask any questions in [discussions](https://github.com/github/docs/discussions)!"
+            })
+
   repo-sync:
+    needs: close-invalid-repo-sync
     if: github.repository == 'github/docs-internal' || github.repository == 'github/docs'
     name: Repo Sync
     runs-on: ubuntu-latest
@@ -44,17 +116,18 @@ jobs:
           destination_branch: main
           pr_title: 'repo sync'
           pr_body: "This is an automated pull request to sync changes between the public and private repos.\n\n:robot: This pull request should be merged (not squashed) to preserve continuity across repos, so please let a bot do the merging!"
-          pr_label: automerge,autoupdate,automated-reposync-pr
+          pr_label: autoupdate,automated-reposync-pr
           github_token: ${{ secrets.OCTOMERGER_PAT_WITH_REPO_AND_WORKFLOW_SCOPE }}
 
       - name: Find pull request
-        uses: juliangruber/find-pull-request-action@2fc55e82a6d5d36fe1e7f1848f7e64fd02d99de9
+        uses: juliangruber/find-pull-request-action@db875662766249c049b2dcd85293892d61cb0b51
         id: find-pull-request
         with:
           github-token: ${{ secrets.GITHUB_TOKEN }}
           branch: repo-sync
           base: main
           author: Octomerger
+          state: open
 
       - name: Approve pull request
         if: ${{ steps.find-pull-request.outputs.number }}
@@ -68,7 +141,7 @@ jobs:
         if: ${{ steps.find-pull-request.outputs.number }}
         uses: actions/github-script@626af12fe9a53dc2972b48385e7fe7dec79145c9
         with:
-          github-token: ${{ secrets.GITHUB_TOKEN }}
+          github-token: ${{ secrets.OCTOMERGER_PAT_WITH_REPO_AND_WORKFLOW_SCOPE }}
           script: |
             const mainHeadSha = await github.git.getRef({
               ...context.repo,
@@ -92,6 +165,41 @@ jobs:
               console.log(`Branch is already up-to-date`)
             }
 
+      - name: Enable GitHub auto-merge
+        if: ${{ steps.find-pull-request.outputs.number }}
+        uses: actions/github-script@626af12fe9a53dc2972b48385e7fe7dec79145c9
+        with:
+          github-token: ${{ secrets.OCTOMERGER_PAT_WITH_REPO_AND_WORKFLOW_SCOPE }}
+          script: |
+            const pull = await github.pulls.get({
+              ...context.repo,
+              pull_number: parseInt(${{ steps.find-pull-request.outputs.number }})
+            })
+
+            const pullNodeId = pull.data.node_id
+            console.log(`Pull request GraphQL Node ID: ${pullNodeId}`)
+
+            const mutation = `mutation ($id: ID!) {
+              enablePullRequestAutoMerge(input: {
+                pullRequestId: $id,
+                mergeMethod: MERGE
+              }) {
+                clientMutationId
+              }
+            }`
+            const variables = {
+              id: pullNodeId
+            }
+
+            const graph = await github.graphql(mutation, variables)
+            console.log('GraphQL mutation result:\n' + JSON.stringify(graph))
+
+            if (graph.errors && graph.errors.length > 0) {
+              console.error('ERROR! Failed to enable auto-merge:\n - ' + graph.errors.map(error => error.message).join('\n - '))
+            } else {
+              console.log('Auto-merge enabled!')
+            }
+
       - name: Send Slack notification if workflow fails
         uses: someimportantcompany/github-actions-slack-message@0b470c14b39da4260ed9e3f9a4f1298a74ccdefd
         if: failure()

.github/workflows/send-crowdin-prs-to-boards.yml

@@ -1,5 +1,9 @@
 name: Send Crowdin PRs to boards
 
+# **What it does**: Sends PRs opened on the crowdin branch to the ready for work column in this board: https://github.com/orgs/github/projects/1269#column-13447153
+# **Why we have it**: To make sure the first responder sees crowdin translations that need to be merged as they review the Task board.
+# **Who does it impact**: Docs localization and Docs Engineering
+
 on:
   pull_request:
     types:
@@ -14,7 +18,7 @@ jobs:
         with:
           github-token: ${{ secrets.DOCUBOT_READORG_REPO_WORKFLOW_SCOPES }}
           script: |
-            var squadBoardColumnId = 13447153; // Add to the team backlog/squad board
+            var squadBoardColumnId = 13447153; // Add to the team task board
 
             try {
               await github.projects.createCard({
@@ -25,14 +29,3 @@ jobs:
             } catch (error) {
               console.log(error);
             }
-
-            var prBoardColumnId = 10095775; // Add to the pull requests board
-            try {
-              await github.projects.createCard({
-                column_id: prBoardColumnId,
-                content_id: context.payload.pull_request.id,
-                content_type: "PullRequest"
-              });
-            } catch (error) {
-              console.log(error);
-            }

.github/workflows/send-issues-to-how-how-we-work-boards.yml

@@ -16,7 +16,7 @@ jobs:
     runs-on: ubuntu-latest
     continue-on-error: true
     steps:
-      - if: contains(github.event.issue.labels.*.name, 'engineering') && !contains(github.event.issue.labels.*.name, 'feature') && !contains(github.event.issue.labels.*.name, 'epic')
+      - if: (github.repository == 'github/docs-internal') && contains(github.event.issue.labels.*.name, 'engineering') && !contains(github.event.issue.labels.*.name, 'feature') && !contains(github.event.issue.labels.*.name, 'epic')
         uses: actions/github-script@626af12fe9a53dc2972b48385e7fe7dec79145c9
         with:
           github-token: ${{ secrets.DOCUBOT_READORG_REPO_WORKFLOW_SCOPES }}
@@ -31,7 +31,7 @@ jobs:
             } catch (error) {
               console.log(error);
             }
-      - if: contains(github.event.issue.labels.*.name, 'engineering') && contains(github.event.issue.labels.*.name, 'feature')
+      - if: (github.repository == 'github/docs-internal') && contains(github.event.issue.labels.*.name, 'engineering') && contains(github.event.issue.labels.*.name, 'feature')
         uses: actions/github-script@626af12fe9a53dc2972b48385e7fe7dec79145c9
         with:
           github-token: ${{ secrets.DOCUBOT_READORG_REPO_WORKFLOW_SCOPES }}
@@ -46,7 +46,7 @@ jobs:
             } catch (error) {
               console.log(error);
             }
-      - if: contains(github.event.issue.labels.*.name, 'engineering') && contains(github.event.issue.labels.*.name, 'epic')
+      - if: (github.repository == 'github/docs-internal') && contains(github.event.issue.labels.*.name, 'engineering') && contains(github.event.issue.labels.*.name, 'epic')
         uses: actions/github-script@626af12fe9a53dc2972b48385e7fe7dec79145c9
         with:
           github-token: ${{ secrets.DOCUBOT_READORG_REPO_WORKFLOW_SCOPES }}

.github/workflows/send-prs-to-how-how-we-work-boards.yml

@@ -16,7 +16,7 @@ jobs:
     runs-on: ubuntu-latest
     continue-on-error: true
     steps:
-      - if: (github.repository == 'github/docs-internal' || github.repository == 'github/docs') && contains(github.event.pull_request.labels.*.name, 'feature')
+      - if: (github.repository == 'github/docs-internal') && contains(github.event.pull_request.labels.*.name, 'feature')
         uses: actions/github-script@626af12fe9a53dc2972b48385e7fe7dec79145c9
         with:
           github-token: ${{ secrets.DOCUBOT_READORG_REPO_WORKFLOW_SCOPES }}
@@ -35,11 +35,15 @@ jobs:
 
             var column_id = 13445681;
             try {
-              github.projects.createCard({
+              await github.projects.createCard({
                 column_id: column_id,
                 content_id: context.payload.pull_request.id,
                 content_type: "PullRequest"
               });
             } catch (error) {
+              if (error.includes('Project already has the associated issue')) {
+                return
+              } else {
                 console.log(error);
               }
+            }

.github/workflows/site-policy-sync.yml

@@ -1,8 +1,8 @@
 name: site-policy-sync
 
-# **What it does**: Updates our site policy docs when changes happen to site policy.
-# **Why we have it**: We want up to date site policy docs.
-# **Who does it impact**: Site policy team.
+# **What it does**: Updates our site-policy repo when changes happen to site policy docs.
+# **Why we have it**: We want keep site-policy repo up to date.
+# **Who does it impact**: Site-policy team.
 
 # Controls when the action will run.
 on:
@@ -30,6 +30,10 @@ jobs:
     steps:
       # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
       - uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f
+      # Sets commit message
+      - name: custom message
+        run: |
+          echo "MESSAGE=${{github.event.pull_request.title}}" >> $GITHUB_ENV
 
       # Pushes to other repo
       - name: Push folder to another repository
@@ -42,6 +46,6 @@ jobs:
           destination_branch: 'main'
           destination_branch_create: 'repo-sync'
           destination_folder: 'Policies'
-          user_email: 'pcihon@users.noreply.github.com'
-          user_name: 'pcihon'
-          commit_msg: 'Automatic sync from GitHub Docs.'
+          user_email: 'site-policy-bot@users.noreply.github.com'
+          user_name: 'site-policy-bot'
+          commit_msg: '${{ env.MESSAGE }}'

.github/workflows/sync-single-english-algolia-index.yml

@@ -47,4 +47,6 @@ jobs:
           ALGOLIA_APPLICATION_ID: ${{ secrets.ALGOLIA_APPLICATION_ID }}
           ALGOLIA_API_KEY: ${{ secrets.ALGOLIA_API_KEY }}
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        run: npm run sync-search
+        run: |
+          npm run build
+          npm run sync-search

.github/workflows/test.yml

@@ -17,22 +17,7 @@ env:
   CI: true
 
 jobs:
-  see_if_should_skip:
-    continue-on-error: true
-    runs-on: ubuntu-latest
-    # Map a step output to a job output
-    outputs:
-      should_skip: ${{ steps.skip_check.outputs.should_skip }}
-    steps:
-      - id: skip_check
-        uses: fkirc/skip-duplicate-actions@36feb0d8d062137530c2e00bd278d138fe191289
-        with:
-          cancel_others: 'false'
-          github_token: ${{ github.token }}
-          paths: '[".github/workflows/test.yml", ".node-version", ".npmrc", "app.json", "content/**", "data/**","lib/**", "Dockerfile", "feature-flags.json", "Gemfile", "Gemfile.lock", "middleware/**", "node_modules/**","package.json", "package-lock.json", "server.js", "tests/**", "translations/**", "Procfile", "webpack.config.js"]'
-
   test:
-    needs: see_if_should_skip
     # Run on self-hosted if the private repo or ubuntu-latest if the public repo
     # See pull # 17442 in the private repo for context
     runs-on: ${{ fromJSON('["ubuntu-latest", "self-hosted"]')[github.repository == 'github/docs-internal'] }}
@@ -44,27 +29,23 @@ jobs:
     steps:
       # Each of these ifs needs to be repeated at each step to make sure the required check still runs
       # Even if if doesn't do anything
-      - if: ${{ needs.see_if_should_skip.outputs.should_skip != 'true' }}
-        name: Check out repo
+      - name: Check out repo
         uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f
         with:
           # Enables cloning the Early Access repo later with the relevant PAT
           persist-credentials: 'false'
 
-      - if: ${{ needs.see_if_should_skip.outputs.should_skip != 'true' }}
-        name: Setup node
+      - name: Setup node
         uses: actions/setup-node@c46424eee26de4078d34105d3de3cc4992202b1e
         with:
           node-version: 14.x
 
-      - if: ${{ needs.see_if_should_skip.outputs.should_skip != 'true' }}
-        name: Get npm cache directory
+      - name: Get npm cache directory
         id: npm-cache
         run: |
           echo "::set-output name=dir::$(npm config get cache)"
 
-      - if: ${{ needs.see_if_should_skip.outputs.should_skip != 'true' }}
-        name: Cache node modules
+      - name: Cache node modules
         uses: actions/cache@0781355a23dac32fd3bac414512f4b903437991a
         with:
           path: ${{ steps.npm-cache.outputs.dir }}
@@ -72,23 +53,21 @@ jobs:
           restore-keys: |
             ${{ runner.os }}-node-
 
-      - if: ${{ needs.see_if_should_skip.outputs.should_skip != 'true' }}
-        name: Install dependencies
+      - name: Install dependencies
         run: npm ci
 
-      - if: ${{ needs.see_if_should_skip.outputs.should_skip != 'true' && github.repository == 'github/docs-internal' }}
+      - if: ${{ github.repository == 'github/docs-internal' }}
         name: Clone early access
         run: npm run heroku-postbuild
         env:
           DOCUBOT_REPO_PAT: ${{ secrets.DOCUBOT_REPO_PAT }}
           GIT_BRANCH: ${{ github.head_ref || github.ref }}
 
-      - if: ${{ needs.see_if_should_skip.outputs.should_skip != 'true' && github.repository != 'github/docs-internal' }}
+      - if: ${{ github.repository != 'github/docs-internal' }}
         name: Run build script
         run: npm run build
 
-      - if: ${{ needs.see_if_should_skip.outputs.should_skip != 'true' }}
-        name: Run tests
+      - name: Run tests
         run: npx jest tests/${{ matrix.test-group }}/
         env:
           NODE_OPTIONS: '--max_old_space_size=4096'

.github/workflows/translations.yml

@@ -21,13 +21,14 @@ jobs:
           echo 'The repo is currently frozen! Exiting this workflow.'
           exit 1 # prevents further steps from running
       - name: Find original Pull Request
-        uses: juliangruber/find-pull-request-action@2fc55e82a6d5d36fe1e7f1848f7e64fd02d99de9
+        uses: juliangruber/find-pull-request-action@db875662766249c049b2dcd85293892d61cb0b51
         id: pr
         with:
           github-token: ${{ secrets.GITHUB_TOKEN }}
           branch: translations
           base: main
           author: octoglot
+          state: open
       - if: ${{ steps.pr.outputs.number }}
         name: Check if already labeled
         uses: actions/github-script@626af12fe9a53dc2972b48385e7fe7dec79145c9

.pa11yci

@@ -59,7 +59,7 @@
     "http://localhost:4001/en/packages",
     "http://localhost:4001/en/actions/configuring-and-managing-workflows/configuring-a-workflow",
     "http://localhost:4001/en/github/authenticating-to-github/managing-commit-signature-verification",
-    "http://localhost:4001/en/github/setting-up-and-managing-organizations-and-teams/about-oauth-app-access-restrictions",
+    "http://localhost:4001/en/organizations/restricting-access-to-your-organizations-data/about-oauth-app-access-restrictions",
     "http://localhost:4001/en/github/managing-files-in-a-repository/adding-a-file-to-a-repository-using-the-command-line",
     "http://localhost:4001/en/github/getting-started-with-github/access-permissions-on-github",
     "http://localhost:4001/en/github/getting-started-with-github/githubs-products",

CONTRIBUTING.md

@@ -9,7 +9,7 @@ Before you begin:
 
 ### Use the 'make a contribution' button
 
-![](./assets/images/make-contribution.gif)
+<img src="./assets/images/contribution_cta.png" width="400">
 
 Navigating a new codebase can be challenging, so we're making that a little easier. As you're using docs.github.com, you may come across an article that you want to make an update to. You can click on the **make a contribution** button right on that article, which will take you to the file in this repo where you'll make your changes.
 
@@ -19,6 +19,8 @@ Before you make your changes, check to see if an [issue exists](https://github.c
 
 If you spot something new, open an issue using a [template](https://github.com/github/docs/issues/new/choose). We'll use the issue to have a conversation about the problem you want to fix.
 
+**Note:** We cannot accept contributions to the [REST API reference documentation](https://docs.github.com/en/rest/reference). If you spot an inaccuracy in the REST API reference documentation, open an issue in the [github/rest-api-description](https://github.com/github/rest-api-description/issues/new?template=schema-inaccuracy.md) repository.
+
 ### Ready to make a change? Fork the repo
 
 Fork using GitHub Desktop:

Dockerfile.openapi_decorator

@@ -0,0 +1,19 @@
+FROM node:14-alpine
+
+RUN apk add --no-cache git python make g++
+
+WORKDIR /openapi-check
+
+RUN chown node:node /openapi-check -R
+
+USER node
+
+COPY --chown=node:node package.json /openapi-check
+COPY --chown=node:node package-lock.json /openapi-check
+ADD --chown=node:node script /openapi-check/script
+ADD --chown=node:node lib /openapi-check/lib
+ADD --chown=node:node content /openapi-check/content
+
+RUN npm ci -D
+
+ENTRYPOINT ["node", "/openapi-check/script/rest/openapi-check.js"]

Procfile

@@ -1,3 +1,3 @@
 web: NODE_ENV=production node server.js
 
-release: NODE_ENV=production node script/purge-redis-pages.js
+release: NODE_ENV=production script/release-heroku

assets/images/octicons/hamburger.svg

@@ -1 +1 @@
-<svg width="18" height="24" viewBox="0 0 18 24" fill="none" xmlns="http://www.w3.org/2000/svg"><path fill-rule="evenodd" clip-rule="evenodd" d="M17.115 13.5H.885C0 13.5 0 12.885 0 12s0-1.5.885-1.5H17.1c.885 0 .885.615.885 1.5s0 1.5-.885 1.5h.015zm0-6H.885C0 7.5 0 6.885 0 6s0-1.5.885-1.5H17.1c.885 0 .885.615.885 1.5s0 1.5-.885 1.5h.015zm-16.23 9H17.1c.885 0 .885.615.885 1.5s0 1.5-.885 1.5H.885C0 19.5 0 18.885 0 18s0-1.5.885-1.5z" fill="#1B1F23"/></svg>
+<svg width="18" height="24" viewBox="0 0 18 24" fill="none" xmlns="http://www.w3.org/2000/svg"><path fill-rule="evenodd" clip-rule="evenodd" d="M17.115 13.5H.885C0 13.5 0 12.885 0 12s0-1.5.885-1.5H17.1c.885 0 .885.615.885 1.5s0 1.5-.885 1.5h.015zm0-6H.885C0 7.5 0 6.885 0 6s0-1.5.885-1.5H17.1c.885 0 .885.615.885 1.5s0 1.5-.885 1.5h.015zm-16.23 9H17.1c.885 0 .885.615.885 1.5s0 1.5-.885 1.5H.885C0 19.5 0 18.885 0 18s0-1.5.885-1.5z" fill="#6a737d"/></svg>

assets/images/octicons/search.svg

@@ -1 +1 @@
-<svg fill="none" height="16" viewBox="0 0 17 16" width="17" xmlns="http://www.w3.org/2000/svg"><path clip-rule="evenodd" d="m16.5089 13.3-3.7792-3.83c.6943-.98 1.101-2.17 1.101-3.47 0-3.31-2.6683-6-5.9516-6s-5.95161 2.69-5.95161 6 2.66831 6 5.95161 6c1.28952 0 2.46-.41 3.442-1.11l3.7991 3.81c.1885.2.4464.3.6944.3s.5158-.09.6943-.3c.3869-.39.3869-1.02 0-1.41zm-8.6298-2.6c-2.56911 0-4.66209-2.11-4.66209-4.7s2.09298-4.7 4.66209-4.7c2.5691 0 4.6621 2.11 4.6621 4.7s-2.093 4.7-4.6621 4.7z" fill="#1074e7" fill-rule="evenodd"/></svg>
+<svg fill="none" height="16" viewBox="0 0 17 16" width="17" xmlns="http://www.w3.org/2000/svg"><path clip-rule="evenodd" d="m16.5089 13.3-3.7792-3.83c.6943-.98 1.101-2.17 1.101-3.47 0-3.31-2.6683-6-5.9516-6s-5.95161 2.69-5.95161 6 2.66831 6 5.95161 6c1.28952 0 2.46-.41 3.442-1.11l3.7991 3.81c.1885.2.4464.3.6944.3s.5158-.09.6943-.3c.3869-.39.3869-1.02 0-1.41zm-8.6298-2.6c-2.56911 0-4.66209-2.11-4.66209-4.7s2.09298-4.7 4.66209-4.7c2.5691 0 4.6621 2.11 4.6621 4.7s-2.093 4.7-4.6621 4.7z" fill="#6a737d" fill-rule="evenodd"/></svg>

assets/images/octicons/x.svg

@@ -1 +1 @@
-<svg width="16" height="22" viewBox="0 0 16 22" fill="none" xmlns="http://www.w3.org/2000/svg"><path fill-rule="evenodd" clip-rule="evenodd" d="M9.974 10.667l5 5L13 17.64l-5-5-5 5-1.973-1.973 5-5-5-5L3 3.693l5 5 5-5 1.973 1.974-5 5z" fill="#1B1F23"/></svg>
+<svg width="16" height="22" viewBox="0 0 16 22" fill="none" xmlns="http://www.w3.org/2000/svg"><path fill-rule="evenodd" clip-rule="evenodd" d="M9.974 10.667l5 5L13 17.64l-5-5-5 5-1.973-1.973 5-5-5-5L3 3.693l5 5 5-5 1.973 1.974-5 5z" fill="#6a737d"/></svg>

content/README.md

@@ -184,8 +184,10 @@ featuredLinks:
 
 ### `changelog`
 
-- Purpose: Render a list of changelog items with timestamps on product pages (ex: `layouts/product-landing.html`)
-- Type: `Array`, items are objects `{ href: string, title: string, date: 'YYYY-MM-DD' }`
+- Purpose: Render a list of items pulled from [GitHub Changelog](https://github.blog/changelog/) on product landing pages (ex: `layouts/product-landing.html`). The one exception is Education, which pulls from https://github.blog/category/community/education.
+- Type: `Object`, properties:
+  - `label` -- must be present and corresponds to the labels used in the [GitHub Changelog](https://github.blog/changelog/)
+  - `prefix` -- optional string that starts each changelog title that should be omitted in the docs feed. For example, with the prefix `GitHub Actions: ` specified, changelog titles like `GitHub Actions: Some Title Here` will render as `Some Title Here` in the docs feed).
 - Optional.
 
 ### `defaultPlatform`

content/actions/creating-actions/metadata-syntax-for-github-actions.md

@@ -58,7 +58,7 @@ inputs:
 
 When you specify an input to an action in a workflow file or use a default input value, {% data variables.product.prodname_dotcom %} creates an environment variable for the input with the name `INPUT_<VARIABLE_NAME>`. The environment variable created converts input names to uppercase letters and replaces spaces with `_` characters.
 
-For example, if a workflow defined the numOctocats and octocatEyeColor inputs, the action code could read the values of the inputs using the `INPUT_NUMOCTOCATS` and `INPUT_OCTOCATEYECOLOR` environment variables.
+For example, if a workflow defined the `numOctocats` and `octocatEyeColor` inputs, the action code could read the values of the inputs using the `INPUT_NUMOCTOCATS` and `INPUT_OCTOCATEYECOLOR` environment variables.
 
 #### `inputs.<input_id>`
 
@@ -76,6 +76,10 @@ For example, if a workflow defined the numOctocats and octocatEyeColor inputs, t
 
 **Optional** A `string` representing the default value. The default value is used when an input parameter isn't specified in a workflow file.
 
+#### `inputs.<input_id>.deprecationMessage`
+
+**Optional** If the input parameter is used, this `string` is logged as a warning message. You can use this warning to notify users that the input is deprecated and mention any alternatives.
+
 ### `outputs`
 
 **Optional** Output parameters allow you to declare data that an action sets. Actions that run later in a workflow can use the output data set in previously run actions.  For example, if you had an action that performed the addition of two inputs (x + y = z), the action could output the sum (z) for other actions to use as an input.

content/actions/guides/about-packaging-with-github-actions.md

@@ -45,7 +45,7 @@ In addition to uploading packaging artifacts for testing in a continuous integra
 * **Publish packages to {% data variables.product.prodname_registry %}**  
   {% data variables.product.prodname_registry %} can act as a package hosting service for many types of packages. You can choose to share your packages with all of {% data variables.product.prodname_dotcom %}, or private packages to share with collaborators or an organization. For more information, see "[About {% data variables.product.prodname_registry %}](/github/managing-packages-with-github-packages/about-github-packages)."
 
-  You may want to publish packages to {% data variables.product.prodname_registry %} on every push into the default branch. This will allow developers on your project to always be able to run and test the latest build out of master easily, by installing it from {% data variables.product.prodname_registry %}.
+  You may want to publish packages to {% data variables.product.prodname_registry %} on every push into the default branch. This will allow developers on your project to always be able to run and test the latest build out of the main branch easily, by installing it from {% data variables.product.prodname_registry %}.
 
 * **Publish packages to a package registry**  
   For many projects, publishing to a package registry is performed whenever a new version of a project is released. For example, a project that produces a JAR file may upload new releases to the Maven Central repository. Or, a .NET project may produce a nuget package and upload it to the NuGet Gallery.

content/actions/guides/building-and-testing-nodejs.md

@@ -37,7 +37,7 @@ We recommend that you have a basic understanding of Node.js, YAML, workflow conf
 
 {% data variables.product.prodname_dotcom %} provides a Node.js workflow template that will work for most Node.js projects. This guide includes npm and Yarn examples that you can use to customize the template. For more information, see the [Node.js workflow template](https://github.com/actions/starter-workflows/blob/main/ci/node.js.yml).
 
-To get started quickly, add the template to the `.github/workflows` directory of your repository.
+To get started quickly, add the template to the `.github/workflows` directory of your repository. The workflow shown below assumes that the default branch for your repository is `main`.
 
 {% raw %}
 ```yaml{:copy}
@@ -45,9 +45,9 @@ name: Node.js CI
 
 on:
   push:
-    branches: [ $default-branch ]
+    branches: [ main ]
   pull_request:
-    branches: [ $default-branch ]
+    branches: [ main ]
 
 jobs:
   build:

content/actions/guides/building-and-testing-ruby.md

@@ -31,7 +31,7 @@ We recommend that you have a basic understanding of Ruby, YAML, workflow configu
 
 {% data variables.product.prodname_dotcom %} provides a Ruby workflow template that will work for most Ruby projects. For more information, see the [Ruby workflow template](https://github.com/actions/starter-workflows/blob/master/ci/ruby.yml).
 
-To get started quickly, add the template to the `.github/workflows` directory of your repository.
+To get started quickly, add the template to the `.github/workflows` directory of your repository. The workflow shown below assumes that the default branch for your repository is `main`.
 
 {% raw %}
 ```yaml
@@ -39,9 +39,9 @@ name: Ruby
 
 on:
   push:
-    branches: [ $default-branch ]
+    branches: [ main ]
   pull_request:
-    branches: [ $default-branch ]
+    branches: [ main ]
 
 jobs:
   test:
@@ -105,9 +105,9 @@ name: Ruby CI
 
 on:
   push:
-    branches: [ $default-branch ]
+    branches: [ main ]
   pull_request:
-    branches: [ $default-branch ]
+    branches: [ main ]
 
 jobs:
   test:
@@ -211,9 +211,9 @@ name: Matrix Testing
 
 on:
   push:
-    branches: [ $default-branch ]
+    branches: [ main ]
   pull_request:
-    branches: [ $default-branch ]
+    branches: [ main ]
 
 jobs:
   test:
@@ -272,11 +272,11 @@ name: Ruby Gem
 on:
   # Manually publish
   workflow_dispatch:
-  # Alternatively, publish whenever changes are merged to the default branch.
+  # Alternatively, publish whenever changes are merged to the `main` branch.
   push:
-    branches: [ $default-branch ]
+    branches: [ main ]
   pull_request:
-    branches: [ $default-branch ]
+    branches: [ main ]
 
 jobs:
   build:

content/actions/guides/index.md

@@ -70,6 +70,7 @@ includeGuides:
   - /actions/guides/commenting-on-an-issue-when-a-label-is-added
   - /actions/guides/moving-assigned-issues-on-project-boards
   - /actions/guides/removing-a-label-when-a-card-is-added-to-a-project-board-column
+  - /actions/guides/managing-github-actions-with-github-cli
 
 ---
 <!-- {% link_in_list /about-continuous-integration %} -->
@@ -104,3 +105,4 @@ includeGuides:
 <!-- {% link_in_list /commenting-on-an-issue-when-a-label-is-added %} -->
 <!-- {% link_in_list /moving-assigned-issues-on-project-boards %} -->
 <!-- {% link_in_list /removing-a-label-when-a-card-is-added-to-a-project-board-column %} -->
+<!-- {% link_in_list /managing-github-actions-with-github-cli %} -->

content/actions/guides/managing-github-actions-with-github-cli.md

@@ -0,0 +1,37 @@
+---
+title: Managing GitHub Actions with GitHub CLI
+intro: 'You can use {% data variables.product.prodname_cli %} to interact with {% data variables.product.prodname_actions %}.'
+product: '{% data reusables.gated-features.actions %}'
+versions:
+  free-pro-team: '*'
+  enterprise-server: '>=2.22'
+  github-ae: '*'
+type: 'overview'
+topics:
+  - 'Workflows'
+---
+
+{% data reusables.actions.enterprise-beta %}
+{% data reusables.actions.enterprise-github-hosted-runners %}
+{% data reusables.actions.ae-beta %}
+
+### Setting up {% data variables.product.prodname_cli %}
+
+{% data reusables.cli.download-update-cli %} {% data reusables.cli.actions-cli-version %} {% data reusables.cli.cli-manual %}
+
+{% data reusables.cli.cli-auth %}
+
+{% data reusables.cli.cli-repo %}
+
+### Managing {% data variables.product.prodname_actions %} with {% data variables.product.prodname_cli %}
+
+To view all available commands related to {% data variables.product.prodname_actions %}, run `gh actions`.
+
+For more information on using commands in specific scenarios, see the following procedures:
+
+- "[Re-running a workflow](/actions/managing-workflow-runs/re-running-a-workflow#re-run-a-workflow-through-github-cli)"
+- "[Manually running a workflow](/actions/managing-workflow-runs/manually-running-a-workflow#running-a-workflow-using-github-cli)"
+- "[Downloading workflow artifacts](/actions/managing-workflow-runs/downloading-workflow-artifacts#download-artifacts-through-github-cli)"
+- "[Using workflow run logs](/actions/managing-workflow-runs/using-workflow-run-logs#viewing-logs-through-github-cli)"
+- "[Viewing workflow run history](/actions/managing-workflow-runs/viewing-workflow-run-history#viewing-workflow-run-history-with-github-cli)"{% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@2.22" or currentVersion == "github-ae@latest" %}
+- "[Disabling and enabling a workflow](/actions/managing-workflow-runs/disabling-and-enabling-a-workflow#disabling-and-enabling-workflows-through-github-cli)"{% endif %}

content/actions/hosting-your-own-runners/about-self-hosted-runners.md

@@ -123,7 +123,7 @@ The self-hosted runner polls {% data variables.product.product_name %} to retrie
 You must ensure that the self-hosted runner has appropriate network access to communicate with the {% data variables.product.prodname_ghe_managed %} URL.
 For example, if your instance name is `octoghae`, then you will need to allow the self-hosted runner to access `octoghae.github.com`.
 
-If you use an IP address allow list for your {% data variables.product.prodname_dotcom %} organization or enterprise account, you must add your self-hosted runner's IP address to the allow list. For more information, see "[Managing allowed IP addresses for your organization](/github/setting-up-and-managing-organizations-and-teams/managing-allowed-ip-addresses-for-your-organization#using-github-actions-with-an-ip-allow-list)."
+If you use an IP address allow list for your {% data variables.product.prodname_dotcom %} organization or enterprise account, you must add your self-hosted runner's IP address to the allow list. For more information, see "[Managing allowed IP addresses for your organization](/organizations/keeping-your-organization-secure/managing-allowed-ip-addresses-for-your-organization#using-github-actions-with-an-ip-allow-list)."
 {% endif %}
 
 {% if currentVersion == "free-pro-team@latest" %}
@@ -143,7 +143,7 @@ pkg-containers.githubusercontent.com
 pkg-containers-az.githubusercontent.com
 ```
 
-If you use an IP address allow list for your {% data variables.product.prodname_dotcom %} organization or enterprise account, you must add your self-hosted runner's IP address to the allow list. For more information, see "[Managing allowed IP addresses for your organization](/github/setting-up-and-managing-organizations-and-teams/managing-allowed-ip-addresses-for-your-organization#using-github-actions-with-an-ip-allow-list)" or "[Enforcing security settings in your enterprise account](/github/setting-up-and-managing-your-enterprise/enforcing-security-settings-in-your-enterprise-account#using-github-actions-with-an-ip-allow-list)".
+If you use an IP address allow list for your {% data variables.product.prodname_dotcom %} organization or enterprise account, you must add your self-hosted runner's IP address to the allow list. For more information, see "[Managing allowed IP addresses for your organization](/organizations/keeping-your-organization-secure/managing-allowed-ip-addresses-for-your-organization#using-github-actions-with-an-ip-allow-list)" or "[Enforcing security settings in your enterprise account](/github/setting-up-and-managing-your-enterprise/enforcing-security-settings-in-your-enterprise-account#using-github-actions-with-an-ip-allow-list)".
 
 {% else %}
 

content/actions/index.md

@@ -22,18 +22,9 @@ featuredLinks:
     - /actions/reference/environment-variables
     - /actions/reference/encrypted-secrets
 changelog:
-  - title: Environments, environment protection rules and environment secrets (beta)
-    date: '2020-12-15'
-    href: https://github.blog/changelog/2020-12-15-github-actions-environments-environment-protection-rules-and-environment-secrets-beta/
-  - title: Workflow visualization
-    date: '2020-12-08'
-    href: https://github.blog/changelog/2020-12-08-github-actions-workflow-visualization/
-  - title: Removing set-env and add-path commands on November 16
-    date: '2020-11-09'
-    href: https://github.blog/changelog/2020-10-01-github-actions-deprecating-set-env-and-add-path-commands/
-
+  label: 'actions'
+  prefix: 'GitHub Actions: '
 product_video: https://www.youtube-nocookie.com/embed/cP0I9w2coGU
-
 redirect_from:
   - /articles/automating-your-workflow-with-github-actions/
   - /articles/customizing-your-project-with-github-actions/
@@ -56,28 +47,3 @@ versions:
 <!-- {% link_with_intro /using-github-hosted-runners %} -->
 <!-- {% link_with_intro /hosting-your-own-runners %} -->
 <!-- {% link_with_intro /reference %} -->
-
-<!-- Code examples -->
-{% assign actionsCodeExamples = site.data.variables.action_code_examples %}
-{% if actionsCodeExamples %}
-<div class="my-6 pt-6">
-  <h2 class="mb-2 font-mktg h1">Code examples</h2>
-
-  <div class="pr-lg-3 mb-5 mt-3">
-    <input class="js-filter-card-filter input-lg py-2 px-3 col-12 col-lg-8 form-control" placeholder="Search code examples" type="search" autocomplete="off" aria-label="Search code examples"/>
-  </div>
-
-  <div class="d-flex flex-wrap gutter">
-    {% render code-example-card for actionsCodeExamples as example %}
-  </div>
-
-  <button class="js-filter-card-show-more btn btn-outline float-right" data-js-filter-card-max="6">Show more {% octicon "arrow-right" %}</button>
-
-  <div class="js-filter-card-no-results d-none py-4 text-center text-gray font-mktg">
-    <div class="mb-3">{% octicon "search" width="24" %}</div>
-    <h3 class="text-normal">Sorry, there is no result for <strong class="js-filter-card-value"></strong></h3>
-    <p class="my-3 f4">It looks like we don't have an example that fits your filter.<br>Try another filter or add your code example</p>
-    <a href="https://github.com/github/docs/blob/main/data/variables/action_code_examples.yml">Learn how to add a code example {% octicon "arrow-right" %}</a>
-  </div>
-</div>
-{% endif %}

content/actions/learn-github-actions/security-hardening-for-github-actions.md

@@ -121,7 +121,7 @@ For example, you can use the audit log to track the `org.update_actions_secret`
   ![Audit log entries](/assets/images/help/repository/audit-log-entries.png)
 
 The following tables describe the {% data variables.product.prodname_actions %} events that you can find in the audit log. For more information on using the audit log, see
-"[Reviewing the audit log for your organization](/github/setting-up-and-managing-organizations-and-teams/reviewing-the-audit-log-for-your-organization#searching-the-audit-log)."
+"[Reviewing the audit log for your organization](/organizations/keeping-your-organization-secure/reviewing-the-audit-log-for-your-organization#searching-the-audit-log)."
 
 {% if currentVersion == "free-pro-team@latest" %}
 #### Events for environments
@@ -157,7 +157,7 @@ The following tables describe the {% data variables.product.prodname_actions %}
 | `enterprise.register_self_hosted_runner` | Triggered when a new self-hosted runner is registered. For more information, see "[Adding a self-hosted runner to an enterprise](/actions/hosting-your-own-runners/adding-self-hosted-runners#adding-a-self-hosted-runner-to-an-enterprise)."
 | `enterprise.remove_self_hosted_runner` | Triggered when a self-hosted runner is removed.
 | `enterprise.runner_group_runners_updated` | Triggered when a runner group's list of members is updated. For more information, see "[Set self-hosted runners in a group for an organization](/rest/reference/actions#set-self-hosted-runners-in-a-group-for-an-organization)."
-| `enterprise.self_hosted_runner_updated` | Triggered when the runner application is updated. Can be viewed using the REST API and the UI. This event is not included when you export the audit log as JSON data or a CSV file. For more information, see "[About self-hosted runners](/actions/hosting-your-own-runners/about-self-hosted-runners#about-self-hosted-runners)" and "[Reviewing the audit log for your organization](/github/setting-up-and-managing-organizations-and-teams/reviewing-the-audit-log-for-your-organization#exporting-the-audit-log)."{% endif %}
+| `enterprise.self_hosted_runner_updated` | Triggered when the runner application is updated. Can be viewed using the REST API and the UI. This event is not included when you export the audit log as JSON data or a CSV file. For more information, see "[About self-hosted runners](/actions/hosting-your-own-runners/about-self-hosted-runners#about-self-hosted-runners)" and "[Reviewing the audit log for your organization](/organizations/keeping-your-organization-secure/reviewing-the-audit-log-for-your-organization#exporting-the-audit-log)."{% endif %}
 | `org.register_self_hosted_runner` | Triggered when a new self-hosted runner is registered. For more information, see "[Adding a self-hosted runner to an organization](/actions/hosting-your-own-runners/adding-self-hosted-runners#adding-a-self-hosted-runner-to-an-organization)."
 | `org.remove_self_hosted_runner` | Triggered when a self-hosted runner is removed. For more information, see [Removing a runner from an organization](/actions/hosting-your-own-runners/removing-self-hosted-runners#removing-a-runner-from-an-organization).
 | `org.runner_group_runners_updated` | Triggered when a runner group's list of members is updated. For more information, see "[Set self-hosted runners in a group for an organization](/rest/reference/actions#set-self-hosted-runners-in-a-group-for-an-organization)."

content/actions/learn-github-actions/sharing-workflows-with-your-organization.md

@@ -21,13 +21,13 @@ If you need to share workflows and other {% data variables.product.prodname_acti
 
 ### Creating a workflow template
 
-Workflow templates can be created by users with write access to the organization's `.github` repository. The templates can then be used by organization members who have permission to create workflows. Workflow templates can be used to create new workflows in an organizations' public repositories; to use templates to create workflows in private repositories, the organization must be part of an enterprise or GitHub One plan.
+Workflow templates can be created by users with write access to the organization's `.github` repository. The templates can then be used by organization members who have permission to create workflows. Workflow templates can be used to create new workflows in an organizations' public repositories; to use templates to create workflows in private repositories, the organization must be part of an enterprise plan.
 
 This procedure demonstrates how to create a workflow template and metadata file. The metadata file describes how the template is presented to users when they are creating a new workflow.
 
 1. If it doesn't already exist, create a new public repository named `.github` in your organization.
-1. Create a directory named `workflow-templates`.
-1. Create your new workflow file inside the `workflow-templates` directory.
+2. Create a directory named `workflow-templates`.
+3. Create your new workflow file inside the `workflow-templates` directory.
 
    If you need to refer to a repository's default branch, you can use the `$default-branch` placeholder. When a workflow is created using your template, the placeholder will be automatically replaced with the name of the repository's default branch.
 
@@ -52,7 +52,7 @@ This procedure demonstrates how to create a workflow template and metadata file.
          - name: Run a one-line script
            run: echo Hello from Octo Organization
    ```
-1. Create a metadata file inside the `workflow-templates` directory. The metadata file must have the same name as the workflow file, but instead of the `.yml` extension, it must be appended with `.properties.json`. For example, this file named `octo-organization-ci.properties.json` contains the metadata for a workflow file named `octo-organization-ci.yml`:
+4. Create a metadata file inside the `workflow-templates` directory. The metadata file must have the same name as the workflow file, but instead of the `.yml` extension, it must be appended with `.properties.json`. For example, this file named `octo-organization-ci.properties.json` contains the metadata for a workflow file named `octo-organization-ci.yml`:
    ```yaml
    {
        "name": "Octo Organization Workflow",

content/actions/managing-workflow-runs/disabling-and-enabling-a-workflow.md

@@ -1,6 +1,6 @@
 ---
 title: Disabling and enabling a workflow
-intro: 'You can disable and re-enable a workflow using {% data variables.product.prodname_dotcom %} or the REST API.'
+intro: 'You can disable and re-enable a workflow using the {% data variables.product.prodname_dotcom %} UI, the REST API, or {% data variables.product.prodname_cli %}.'
 product: '{% data reusables.gated-features.actions %}'
 versions:
   free-pro-team: '*'
@@ -12,7 +12,7 @@ versions:
 {% data reusables.actions.enterprise-github-hosted-runners %}
 {% data reusables.actions.ae-beta %}
 
-Disabling a workflow allows you to stop a workflow from being triggered without having to delete the file from the repo. You can easily re-enable the workflow again on {% data variables.product.prodname_dotcom %}. You can also disable and enable a workflow using the REST API. For more information, see the "[Actions REST API](/rest/reference/actions#workflows)."
+Disabling a workflow allows you to stop a workflow from being triggered without having to delete the file from the repo. You can easily re-enable the workflow again on {% data variables.product.prodname_dotcom %}.
 
 Temporarily disabling a workflow can be useful in many scenarios. These are a few examples where disabling a workflow might be helpful:
 
@@ -27,7 +27,9 @@ Temporarily disabling a workflow can be useful in many scenarios. These are a fe
 
 {% endwarning %}
 
-### Disabling a workflow
+### Disabling and enabling workflows with the {% data variables.product.prodname_dotcom %} UI
+
+#### Disabling a workflow
 
 You can manually disable a workflow so that it won't execute any workflow runs. A disabled workflow is not deleted, and can be re-enabled.
 
@@ -42,7 +44,7 @@ You can manually disable a workflow so that it won't execute any workflow runs.
 The disabled workflow is marked {% octicon "stop" aria-label="The stop icon" %} to indicate its status.
 ![actions list disabled workflow](/assets/images/help/repository/actions-find-disabled-workflow.png)
 
-### Enabling a workflow
+#### Enabling a workflow
 
 You can re-enable a workflow that was previously disabled.
 
@@ -52,3 +54,23 @@ You can re-enable a workflow that was previously disabled.
 ![actions select disabled workflow](/assets/images/help/repository/actions-select-disabled-workflow.png)
 1. Click **Enable workflow**.
 ![actions enable workflow](/assets/images/help/repository/actions-enable-workflow.png)
+
+### Disabling and enabling workflows with {% data variables.product.prodname_cli %}
+
+{% data reusables.actions.actions-cli %}
+
+To disable a workflow, use the `workflow disable` subcommand. Replace `workflow` with either the name, ID, or file name of the workflow you want to disable. For example, `"Link Checker"`, `1234567`, or `"link-check-test.yml"`. If you don't specify a workflow, {% data variables.product.prodname_cli %} returns an interactive menu for you to choose a workflow.
+
+```shell
+gh workflow disable <em>workflow</em>
+```
+
+To enable a workflow, use the `workflow enable` subcommand. Replace `workflow` with either the name, ID, or file name of the workflow you want to enable. For example, `"Link Checker"`, `1234567`, or `"link-check-test.yml"`. If you don't specify a workflow, {% data variables.product.prodname_cli %} returns an interactive menu for you to choose a workflow.
+
+```shell
+gh workflow enable <em>workflow</em>
+```
+
+### Disabling and enabling workflows through the REST API
+
+You can also disable and enable a workflow using the REST API. For more information, see the "[Actions REST API](/rest/reference/actions#workflows)."