Merge pull request #56011 from github/repo-sync

Repo sync
2025-12-22 19:34:15 -05:00 · 2025-06-10 11:35:08 -07:00
parent 1c3dca4c56 7ec695e633
commit c53f1b875d
4 changed files with 49 additions and 55 deletions
--- a/content/actions/security-for-github-actions/security-hardening-your-deployments/configuring-openid-connect-in-jfrog.md
+++ b/content/actions/security-for-github-actions/security-hardening-your-deployments/configuring-openid-connect-in-jfrog.md
@@ -47,59 +47,52 @@ To use OIDC with JFrog, establish a trust relationship between {% data variables
 ## Updating your {% data variables.product.prodname_actions %} workflow
-Once you establish a trust relationship between {% data variables.product.prodname_actions %} and the JFrog platform, you can update your {% data variables.product.prodname_actions %} workflow file.
+### Authenticating with JFrog using OIDC
 In your {% data variables.product.prodname_actions %} workflow file, ensure you are using the provider name and audience you configured in the JFrog Platform.
-The following example uses the placeholder `YOUR_PROVIDER_NAME`.
+The following example uses the placeholders `YOUR_PROVIDER_NAME` and `YOUR_AUDIENCE`.
 ```yaml
- name: Fetch Access Token from Artifactory
+permissions:
-        id: fetch_access_token
+  id-token: write
-        env:
+  contents: read
          ID_TOKEN: ${{ steps.idtoken.outputs.id_token }}
        run: |
          ACCESS_TOKEN=$(curl \
          -X POST \
          -H "Content-type: application/json" \
          https://example.jfrog.io/access/api/v1/oidc/token \
          -d \
          "{\"grant_type\": \"urn:ietf:params:oauth:grant-type:token-exchange\", \"subject_token_type\":\"urn:ietf:params:oauth:token-type:id_token\", \"subject_token\": \"$ID_TOKEN\", \"provider_name\": \"YOUR_PROVIDER_NAME\"}" | jq .access_token | tr -d '"')
          echo ACCESS_TOKEN=$ACCESS_TOKEN >> $GITHUB_OUTPUT
 ```
 The following example shows part of a {% data variables.product.prodname_actions %} workflow file using cURL.
 ```yaml
 - name: Get ID Token (cURL method)
        id: idtoken
        run: |
          ID_TOKEN=$(curl -sLS -H "User-Agent: actions/oidc-client" -H "Authorization: Bearer $ACTIONS_ID_TOKEN_REQUEST_TOKEN" \
          "${ACTIONS_ID_TOKEN_REQUEST_URL}&audience=jfrog-github" | jq .value | tr -d '"')
          echo "ID_TOKEN=${ID_TOKEN}" >> $GITHUB_OUTPUT
 ```
 Alternatively, you can set the audience as an environment variable using the `env` context. For more information about the `env` context, see [AUTOTITLE](/actions/learn-github-actions/contexts#env-context).
 {% data reusables.actions.oidc-deployment-protection-rules %}
 ```yaml
 jobs:
  build:
    runs-on: ubuntu-latest
-    env:
+    steps:
-      OIDC_AUDIENCE: 'YOUR_AUDIENCE'
+      - name: Set up JFrog CLI with OIDC
-```
+        id: setup-jfrog-cli
-
+        uses: jfrog/setup-jfrog-cli@29fa5190a4123350e81e2a2e8d803b2a27fed15e
 Then, in your workflow file, retrieve the value of the variables stored in the `env` context. The following example uses the `env` context to retrieve the OIDC audience.
 ```yaml
 - name: Get ID Token (using env context)
        uses: {% data reusables.actions.action-github-script %}
        id: idtoken
        with:
-          script: |
+          JF_URL: ${{ env.JF_URL }}
-            const coredemo = require('@actions/core');
+          oidc-provider-name: 'YOUR_PROVIDER_NAME' 
-            let id_token = await coredemo.getIDToken(process.env.OIDC_AUDIENCE);
+          oidc-audience: 'YOUR_AUDIENCE' # This is optional
-            coredemo.setOutput('id_token', id_token);
+
      - name: Upload artifact
        run: jf rt upload "dist/*.zip" my-repo/
 ```
 > [!TIP]
 > When OIDC authentication is used, the `setup-jfrog-cli` action automatically provides `oidc-user` and `oidc-token` as step outputs.
 > These can be used for other integrations that require authentication with JFrog.
 > To reference these outputs, ensure the step has an explicit `id` defined (for example `id: setup-jfrog-cli`).
 ### Using OIDC Credentials in other steps
 ```yaml
      - name: Sign in to Artifactory Docker registry
        uses: docker/login-action@v3
        with:
          registry: ${{ env.JF_URL }}
          username: ${{ steps.setup-jfrog-cli.outputs.oidc-user }}
          password: ${{ steps.setup-jfrog-cli.outputs.oidc-token }}
 ```
 ## Further reading
 - [OpenID Connect Integration](https://jfrog.com/help/r/jfrog-platform-administration-documentation/openid-connect-integration) in the JFrog documentation
 - [Identity Mappings](https://jfrog.com/help/r/jfrog-platform-administration-documentation/identity-mappings) in the JFrog documentation
 - [AUTOTITLE](actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect)
 ```
--- a/content/copilot/using-github-copilot/ai-models/changing-the-ai-model-for-copilot-chat.md
+++ b/content/copilot/using-github-copilot/ai-models/changing-the-ai-model-for-copilot-chat.md
@@ -49,7 +49,7 @@ For more information about these models, see [AUTOTITLE](/copilot/using-github-c
 Experimental pre-release versions of the models may not interact with all filters correctly, including the duplication detection filter.
-## Changing your AI model
+## Changing the AI model
 These instructions are for {% data variables.product.prodname_copilot_short %} on the {% data variables.product.github %} website. For instructions on different clients, click the appropriate tab at the top of this page.
@@ -94,9 +94,9 @@ The following models are currently available through multi-model {% data variabl
 For more information about these models, see [AUTOTITLE](/copilot/using-github-copilot/ai-models/choosing-the-right-ai-model-for-your-task).
-## Changing your AI model
+## Changing the AI model
-These instructions are for {% data variables.product.prodname_vscode_shortname %}. For instructions on different clients, click the appropriate tab at the top of this page.
+These instructions are for {% data variables.product.prodname_vscode %}. For instructions on different clients, click the appropriate tab at the top of this page.
 {% data reusables.copilot.model-picker-enable-alternative-models %}
@@ -128,7 +128,7 @@ The following models are currently available through multi-model {% data variabl
 For more information about these models, see [AUTOTITLE](/copilot/using-github-copilot/ai-models/choosing-the-right-ai-model-for-your-task).
-## Changing the AI model for {% data variables.copilot.copilot_chat_short %}
+## Changing the AI model
 These instructions are for {% data variables.product.prodname_vs %}. For instructions on different clients, click the appropriate tab at the top of this page.
@@ -168,7 +168,7 @@ The following models are currently available through multi-model {% data variabl
 For more information about these models, see [AUTOTITLE](/copilot/using-github-copilot/ai-models/choosing-the-right-ai-model-for-your-task).
-## Changing the AI model for {% data variables.copilot.copilot_chat_short %}
+## Changing the AI model
 These instructions are for the JetBrains IDEs. For instructions on different clients, click the appropriate tab at the top of this page.
@@ -178,7 +178,7 @@ These instructions are for the JetBrains IDEs. For instructions on different cli
 1. Click the **{% octicon "copilot" aria-hidden="true" aria-label="copilot" %}** icon in the status bar.
 1. In the popup menu, click **Open {% data variables.copilot.copilot_chat %}**.
-1. In the bottom right of the chat view, select an AI model of your choice from the {% octicon "chevron-down" aria-hidden="true" aria-label="chevron-down" %} dropdown menu.
+1. In the bottom right of the chat view, select an AI model of your choice from the **CURRENT-MODEL** {% octicon "chevron-down" aria-hidden="true" aria-label="chevron-down" %} dropdown menu, then click the AI model of your choice.
 {% endjetbrains %}
@@ -207,7 +207,7 @@ The following models are currently available through multi-model {% data variabl
 For more information about these models, see [AUTOTITLE](/copilot/using-github-copilot/ai-models/choosing-the-right-ai-model-for-your-task).
-## Changing the AI model for {% data variables.copilot.copilot_chat_short %}
+## Changing the AI model
 These instructions are for the Eclipse IDE. For instructions on different clients, click the appropriate tab at the top of this page.
@@ -246,7 +246,7 @@ The following models are currently available through multi-model {% data variabl
 For more information about these models, see [AUTOTITLE](/copilot/using-github-copilot/ai-models/choosing-the-right-ai-model-for-your-task).
-## Changing the AI model for {% data variables.copilot.copilot_chat_short %}
+## Changing the AI model
 These instructions are for Xcode. For instructions on different clients, click the appropriate tab at the top of this page.
--- a/content/copilot/using-github-copilot/ai-models/using-gemini-in-github-copilot.md
+++ b/content/copilot/using-github-copilot/ai-models/using-gemini-in-github-copilot.md
@@ -19,6 +19,7 @@ redirect_from:
 * {% data variables.copilot.copilot_chat_short %} in {% data variables.product.prodname_vscode %}
 * Immersive mode in {% data variables.copilot.copilot_chat_short %} in {% data variables.product.github %}
 * {% data variables.copilot.copilot_chat_short %} in JetBrains IDEs
 {% data variables.product.prodname_copilot %} uses {% data variables.copilot.copilot_gemini_flash %} and {% data variables.copilot.copilot_gemini_25_pro %} hosted on Google Cloud Platform (GCP). When using {% data variables.copilot.copilot_gemini %} models, prompts and metadata are sent to GCP, which makes the [following data commitment](https://cloud.google.com/gemini/docs/discover/data-governance): _{% data variables.copilot.copilot_gemini %} doesn't use your prompts, or its responses, as data to train its models._
@@ -34,7 +35,7 @@ You must enable access to {% data variables.copilot.copilot_gemini_flash %} and
 > [!NOTE] {% data variables.copilot.copilot_gemini_25_pro %} is not currently available for {% data variables.copilot.copilot_free_short %}.
-If you have a {% data variables.copilot.copilot_free_short %}, {% data variables.copilot.copilot_pro_short %}, or {% data variables.copilot.copilot_pro_plus_short %} subscription, you can enable {% data variables.copilot.copilot_gemini %} in two ways:
+If you have a {% data variables.copilot.copilot_free_short %}, {% data variables.copilot.copilot_pro_short %}, or {% data variables.copilot.copilot_pro_plus_short %} subscription, you can enable the {% data variables.copilot.copilot_gemini %} models available to your plan in two ways:
 * The first time you choose to use {% data variables.copilot.copilot_gemini %} models with {% data variables.copilot.copilot_chat_short %} in {% data variables.product.prodname_vscode %}, or in the immersive view of {% data variables.copilot.copilot_chat_short %}, you will be prompted to allow access to the model.
--- a/data/reusables/actions/workflow-templates-repo-link.md
+++ b/data/reusables/actions/workflow-templates-repo-link.md
@@ -1 +1 @@
-Use these workflows as a starting place to build your custom workflow or use them as-is. You can browse the full list of workflow templates in the [actions/starter-workflows](https://github.com/actions/starter-workflows) repository. For more information, see [AUTOTITLE](/actions/writing-workflows/using-starter-workflows).
+Use these workflows as a starting place to build your custom workflow or use them as-is. You can browse the full list of workflow templates in the [actions/starter-workflows](https://github.com/actions/starter-workflows) repository.
`@@ -1 +1 @@`
	`Use these workflows as a starting place to build your custom workflow or use them as-is. You can browse the full list of workflow templates in the [actions/starter-workflows](https://github.com/actions/starter-workflows) repository. For more information, see [AUTOTITLE](/actions/writing-workflows/using-starter-workflows).`	`Use these workflows as a starting place to build your custom workflow or use them as-is. You can browse the full list of workflow templates in the [actions/starter-workflows](https://github.com/actions/starter-workflows) repository.`