From bb2537e8727afbadd1eded72b790ddf3061ea83c Mon Sep 17 00:00:00 2001
From: Jules Parker <19994093+jules-p@users.noreply.github.com>
Date: Tue, 25 Jan 2022 10:50:00 +0100
Subject: [PATCH] split reusable in two and adds article specific details on
 fork policies

---
 ...orcing-policies-for-github-actions-in-your-enterprise.md | 4 ++++
 ...ling-or-limiting-github-actions-for-your-organization.md | 4 ++++
 .../managing-github-actions-settings-for-a-repository.md    | 4 ++++
 .../github-actions/private-repository-forks-options.md      | 3 +++
 .../github-actions/private-repository-forks-overview.md     | 6 +-----
 5 files changed, 16 insertions(+), 5 deletions(-)
 create mode 100644 data/reusables/github-actions/private-repository-forks-options.md

diff --git a/content/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise.md b/content/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise.md
index 246bc09758..db319c888c 100644
--- a/content/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise.md
+++ b/content/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise.md
@@ -100,6 +100,10 @@ You can enforce policies to control how {% data variables.product.prodname_actio
 
 {% data reusables.github-actions.private-repository-forks-overview %}
 
+These policies can be enabled and disabled at the enterprise level. Once enabled at the enterprise level, the policies can then be selectively disabled for individual organizations or repositories.
+
+{% data reusables.github-actions.private-repository-forks-options %}
+
 {% data reusables.enterprise-accounts.access-enterprise %}
 {% data reusables.enterprise-accounts.policies-tab %}
 {% data reusables.enterprise-accounts.actions-tab %}
diff --git a/content/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization.md b/content/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization.md
index 753c2e3f39..0cbbe95559 100644
--- a/content/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization.md
+++ b/content/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization.md
@@ -79,6 +79,10 @@ You can configure this behavior for an organization using the procedure below. M
 
 {% data reusables.github-actions.private-repository-forks-overview %}
 
+These policies can be enabled and disabled at the {% if fpt %}organization{% elsif ghec or ghae or ghes %}enterprise{% endif %} level. Once enabled at the {% ifversion fpt %}organization{% elsif ghec or ghae or ghes %}enterprise{% endif %} level, the policies can then be selectively disabled for individual {% if ghec or ghae or ghes %}organizations or{% endif %} repositories.
+
+{% data reusables.github-actions.private-repository-forks-options %}
+
 ### Configuring the private fork policy for an organization
 
 {% data reusables.profile.access_org %}
diff --git a/content/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository.md b/content/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository.md
index 90bd18f498..ad440ee372 100644
--- a/content/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository.md
+++ b/content/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository.md
@@ -83,6 +83,10 @@ You can configure this behavior for a repository using the procedure below. Modi
 
 {% data reusables.github-actions.private-repository-forks-overview %}
 
+These policies can be enabled and disabled at the {% ifversion fpt %}organization{% elsif ghec or ghae or ghes %}enterprise{% endif %} level. Once enabled at the {% ifversion fpt %}organization{% elsif ghec or ghae or ghes %}enterprise{% endif %} level, the policies can then be selectively disabled for individual repositories.
+
+{% data reusables.github-actions.private-repository-forks-options %}
+
 ### Configuring the private fork policy for a repository
 
 {% data reusables.repositories.navigate-to-repo %}
diff --git a/data/reusables/github-actions/private-repository-forks-options.md b/data/reusables/github-actions/private-repository-forks-options.md
new file mode 100644
index 0000000000..3d3ce0986b
--- /dev/null
+++ b/data/reusables/github-actions/private-repository-forks-options.md
@@ -0,0 +1,3 @@
+- **Run workflows from fork pull requests** - Allows users to run workflows from fork pull requests, using a `GITHUB_TOKEN` with read-only permission, and with no access to secrets.
+- **Send write tokens to workflows from pull requests** - Allows pull requests from forks to use a `GITHUB_TOKEN` with write permission.
+- **Send secrets to workflows from pull requests** - Makes all secrets available to the pull request.
diff --git a/data/reusables/github-actions/private-repository-forks-overview.md b/data/reusables/github-actions/private-repository-forks-overview.md
index 3f54363817..47c020c3b6 100644
--- a/data/reusables/github-actions/private-repository-forks-overview.md
+++ b/data/reusables/github-actions/private-repository-forks-overview.md
@@ -1,5 +1 @@
-If you rely on using forks of your private repositories, you can configure policies that control how users can run workflows on `pull_request` events. Available to private {% ifversion ghec or ghes or ghae %}and internal{% endif %} repositories only, you can configure these policy settings for {% ifversion ghec %}an enterprise{% elsif ghes or ghae %}your enterprise{% elsif fpt %}an organization{% endif %}, which will apply the settings to all applicable repositories{% ifversion ghec or ghes or ghae %} in all organizations within {% ifversion ghec %}the{% elsif ghes or ghae %}your{% endif %} enterprise{% endif %}. You can then disable these policy settings for individual repositories. You can also disable the policy settings for {% ifversion ghec or fpt %}the{% elsif ghes or ghae %}your{% endif %} entire{% ifversion ghec or ghes or ghae %} enterprise {% elsif  fpt %} organization{% endif %} at any time.
-
-- **Run workflows from fork pull requests** - Allows users to run workflows from fork pull requests, using a `GITHUB_TOKEN` with read-only permission, and with no access to secrets.
-- **Send write tokens to workflows from pull requests** - Allows pull requests from forks to use a `GITHUB_TOKEN` with write permission.
-- **Send secrets to workflows from pull requests** - Makes all secrets available to the pull request.
+If you rely on using forks of your private repositories, you can configure policies that control how users can run workflows on `pull_request` events. Available to private {% ifversion ghec or ghes or ghae %}and internal{% endif %} repositories only, you can configure these policy settings for {% ifversion ghec %}enterprises, {% elsif ghes or ghae %}your enterprise, {% endif %}organizations, or repositories.