jprdonnelly/docs
1
0
Fork 0
mirror of synced 2025-12-23 11:54:18 -05:00
Code Issues Projects Releases Wiki Activity

Merge branch 'main' into Ruth-ikegah/issue#431

Browse Source
This commit is contained in:
Janice
2020-10-19 15:42:30 -07:00
committed by GitHub
parent 27d7da9dcf 847f7735aa
commit c80c3ab78a
8981 changed files with 82758 additions and 119384 deletions
Download Patch File Download Diff File Expand all files Collapse all files

368
.all-contributorsrc
View File

@@ -1,368 +0,0 @@
{
"files": [
"README.md"
],
"imageSize": 64,
"commit": false,
"badgeTemplate": "",
"contributors": [
{
"login": "alebourne",
"name": "Alexandra Bourne",
"avatar_url": "https://avatars1.githubusercontent.com/u/24581915?v=4",
"profile": "https://github.com/alebourne",
"contributions": [
"content",
"bug"
]
},
{
"login": "crichID",
"name": "Cynthia Rich",
"avatar_url": "https://avatars0.githubusercontent.com/u/9950121?v=4",
"profile": "http://cynthiarich.me/",
"contributions": [
"content",
"bug"
]
},
{
"login": "emilyistoofunky",
"name": "Emily Gould",
"avatar_url": "https://avatars1.githubusercontent.com/u/4822039?v=4",
"profile": "https://github.com/emilyistoofunky",
"contributions": [
"content",
"bug"
]
},
{
"login": "felicitymay",
"name": "Felicity Chapman",
"avatar_url": "https://avatars1.githubusercontent.com/u/1877141?v=4",
"profile": "https://github.com/felicitymay",
"contributions": [
"content",
"bug"
]
},
{
"login": "heiskr",
"name": "Kevin Heis",
"avatar_url": "https://avatars2.githubusercontent.com/u/1221423?v=4",
"profile": "https://heiskr.com/",
"contributions": [
"bug",
"code"
]
},
{
"login": "hubwriter",
"name": "Alistair Christie",
"avatar_url": "https://avatars1.githubusercontent.com/u/54933897?v=4",
"profile": "https://github.com/hubwriter",
"contributions": [
"content",
"bug"
]
},
{
"login": "JamesMGreene",
"name": "James M. Greene",
"avatar_url": "https://avatars2.githubusercontent.com/u/417751?v=4",
"profile": "https://jamesmgreene.github.io/",
"contributions": [
"bug",
"code"
]
},
{
"login": "janiceilene",
"name": "Janice",
"avatar_url": "https://avatars3.githubusercontent.com/u/9817819?v=4",
"profile": "https://github.com/janiceilene",
"contributions": [
"content",
"bug"
]
},
{
"login": "jasonetco",
"name": "Jason Etcovitch",
"avatar_url": "https://avatars1.githubusercontent.com/u/10660468?v=4",
"profile": "https://jasonet.co",
"contributions": [
"bug",
"code"
]
},
{
"login": "jf205",
"name": "James Fletcher",
"avatar_url": "https://avatars2.githubusercontent.com/u/42464962?v=4",
"profile": "https://github.com/jf205",
"contributions": [
"content",
"bug"
]
},
{
"login": "jleaver",
"name": "Jenn Leaver",
"avatar_url": "https://avatars2.githubusercontent.com/u/4453117?v=4",
"profile": "https://github.com/jleaver",
"contributions": [
"content",
"bug"
]
},
{
"login": "jmarlena",
"name": "jmarlena",
"avatar_url": "https://avatars3.githubusercontent.com/u/6732600?v=4",
"profile": "https://github.com/jmarlena",
"contributions": [
"content",
"bug"
]
},
{
"login": "jwargo",
"name": "John M. Wargo",
"avatar_url": "https://avatars0.githubusercontent.com/u/30843404?v=4",
"profile": "https://johnwargo.com/",
"contributions": [
"content",
"bug"
]
},
{
"login": "lecoursen",
"name": "Laura Coursen",
"avatar_url": "https://avatars3.githubusercontent.com/u/14935376?v=4",
"profile": "https://github.com/lecoursen",
"contributions": [
"content",
"bug"
]
},
{
"login": "lucascosti",
"name": "Lucas Costi",
"avatar_url": "https://avatars3.githubusercontent.com/u/4434330?v=4",
"profile": "https://lucascosti.com/",
"contributions": [
"content",
"bug"
]
},
{
"login": "martin389",
"name": "Martin Lopes",
"avatar_url": "https://avatars3.githubusercontent.com/u/54248166?v=4",
"profile": "https://github.com/martin389",
"contributions": [
"content",
"bug"
]
},
{
"login": "mattpollard",
"name": "Matt Pollard",
"avatar_url": "https://avatars0.githubusercontent.com/u/1894408?v=4",
"profile": "https://github.com/mattpollard",
"contributions": [
"content",
"bug"
]
},
{
"login": "mchammer01",
"name": "mc",
"avatar_url": "https://avatars3.githubusercontent.com/u/42146119?v=4",
"profile": "https://github.com/mchammer01",
"contributions": [
"content",
"bug"
]
},
{
"login": "megbird",
"name": "Meg Bird",
"avatar_url": "https://avatars2.githubusercontent.com/u/5658046?v=4",
"profile": "http://meaganbird.com/",
"contributions": [
"content",
"bug"
]
},
{
"login": "myarb",
"name": "Melanie Yarbrough",
"avatar_url": "https://avatars2.githubusercontent.com/u/11952755?v=4",
"profile": "https://github.com/myarb",
"contributions": [
"content",
"bug"
]
},
{
"login": "rachmari",
"name": "Rachael Sewell",
"avatar_url": "https://avatars2.githubusercontent.com/u/9831992?v=4",
"profile": "https://github.com/rachmari",
"contributions": [
"content",
"bug"
]
},
{
"login": "runleonarun",
"name": "Leona B. Campbell",
"avatar_url": "https://avatars1.githubusercontent.com/u/3880403?v=4",
"profile": "https://github.com/runleonarun",
"contributions": [
"content",
"bug"
]
},
{
"login": "sarahs",
"name": "Sarah Schneider",
"avatar_url": "https://avatars3.githubusercontent.com/u/821071?v=4",
"profile": "https://github.com/sarahs",
"contributions": [
"bug",
"code"
]
},
{
"login": "shati-patel",
"name": "Shati Patel",
"avatar_url": "https://avatars3.githubusercontent.com/u/42641846?v=4",
"profile": "https://github.com/shati-patel",
"contributions": [
"content",
"bug"
]
},
{
"login": "simpsoka",
"name": "Kathy Korevec",
"avatar_url": "https://avatars3.githubusercontent.com/u/704152?v=4",
"profile": "http://kathy.pm/",
"contributions": [
"content",
"bug"
]
},
{
"login": "timeyoutakeit",
"name": "Amy Burns",
"avatar_url": "https://avatars3.githubusercontent.com/u/5012825?v=4",
"profile": "https://github.com/timeyoutakeit",
"contributions": [
"content",
"bug"
]
},
{
"login": "vanessayuenn",
"name": "Vanessa Yuen",
"avatar_url": "https://avatars3.githubusercontent.com/u/6842965?v=4",
"profile": "https://github.com/vanessayuenn",
"contributions": [
"bug",
"code"
]
},
{
"login": "zeke",
"name": "Zeke Sikelianos",
"avatar_url": "https://avatars1.githubusercontent.com/u/2289?v=4",
"profile": "http://zeke.sikelianos.com/",
"contributions": [
"bug",
"code"
]
},
{
"login": "BenJam",
"name": "Benjamin Nickolls",
"avatar_url": "https://avatars2.githubusercontent.com/u/158833?v=4",
"profile": "https://github.com/BenJam",
"contributions": [
"doc"
]
},
{
"login": "jeffmcaffer",
"name": "Jeff McAffer",
"avatar_url": "https://avatars2.githubusercontent.com/u/10070956?v=4",
"profile": "https://mcaffer.com",
"contributions": [
"doc"
]
},
{
"login": "tjenkinson",
"name": "Tom Jenkinson",
"avatar_url": "https://avatars0.githubusercontent.com/u/3259993?v=4",
"profile": "https://tjenkinson.me",
"contributions": [
"code"
]
},
{
"login": "casals",
"name": "Arthur Casals",
"avatar_url": "https://avatars0.githubusercontent.com/u/785860?v=4",
"profile": "https://github.com/casals",
"contributions": [
"content",
"doc"
]
},
{
"login": "Simran-B",
"name": "Simran",
"avatar_url": "https://avatars3.githubusercontent.com/u/7819991?v=4",
"profile": "https://www.arangodb.com/",
]
},
{
"login": "Ruth",
"name": "Ruth",
"avatar_url": "https://avatars0.githubusercontent.com/u/85029?v=4",
"profile": "https://github.com/ruth",
"contributions": [
"content"
]
},
{
"login": "wi5nia",
"name": "Tomasz Wisniewski",
"avatar_url": "https://avatars2.githubusercontent.com/u/12593852?v=4",
"profile": "http://tomaszwisniewski.com",
"contributions": [
"doc"
]
},
{
"login": "chiedo",
"name": "Chiedo John",
"avatar_url": "https://avatars2.githubusercontent.com/u/2156688?v=4",
"profile": "https://chiedojohn.com/",
"contributions": [
"code"
]
}
],
"contributorsPerLine": 7,
"projectName": "docs",
"projectOwner": "github",
"repoType": "github",
"repoHost": "https://github.com",
"skipCi": true,
"commitConvention": "none"
}

9
.github/CODEOWNERS vendored
View File

@@ -3,16 +3,21 @@
# https://help.github.com/articles/about-codeowners
# https://git-scm.com/docs/gitignore
/translations/ @github/docs-localization @github-actions
# Engineering
*.js @github/docs-engineering
/.github/ @github/docs-engineering
/script/ @github/docs-engineering
app.json @github/docs-engineering
crowdin.yml @github/docs-engineering
Dockerfile @github/docs-engineering
package-lock.json @github/docs-engineering
package.json @github/docs-engineering
# Localization
/.github/workflows/crowdin.yml @github/docs-localization
/crowdin*.yml @github/docs-engineering @github/docs-localization
/translations/ @github/docs-engineering @github/docs-localization @github-actions
# Site Policy
/content/github/site-policy/ @github/site-policy-admins
# Make sure that Octokit maintainers get notified about changes

50
.github/allowed-actions.js vendored
View File

@@ -4,34 +4,34 @@
// can be added it this list.
module.exports = [
'actions/cache@v1',
'actions/cache@v2',
'actions/checkout@v2',
'actions/github-script@0.9.0',
'actions/github-script@v2.0.0',
'actions/github-script@v2',
'actions/github-script@v3',
'actions/labeler@v2',
'actions/setup-node@v1',
'actions/setup-ruby@v1',
'actions/stale@v3',
'crowdin/github-action@1.0.10',
'dawidd6/action-delete-branch@v3',
'actions/cache@70655ec8323daeeaa7ef06d7c56e1b9191396cbe',
'actions/cache@d1255ad9362389eac595a9ae406b8e8cb3331f16',
'actions/checkout@a81bbbf8298c0fa03ea29cdc473d45769f953675',
'actions/github-script@5d03ada4b0a753e9460b312e61cc4f8fdeacf163',
'actions/github-script@6e5ee1dc1cb3740e5e5e76ad668e3f526edbfe45',
'actions/github-script@44b873bc975058192f5279ebe7579496381f575d',
'actions/github-script@626af12fe9a53dc2972b48385e7fe7dec79145c9',
'actions/labeler@5f867a63be70efff62b767459b009290364495eb',
'actions/setup-node@56899e050abffc08c2b3b61f3ec6a79a9dc3223d',
'actions/setup-ruby@5f29a1cd8dfebf420691c4c9a0e832e2fae5a526',
'actions/stale@44f9eae0adddf72dbf3eedfacc999f70afcec1a8',
'crowdin/github-action@fd9429dd63d6c0f8a8cb4b93ad8076990bd6e688',
'dawidd6/action-delete-branch@47743101a121ad657031e6704086271ca81b1911',
'docker://chinthakagodawita/autoupdate-action:v1',
'fkirc/skip-duplicate-actions@36feb0d8d062137530c2e00bd278d138fe191289',
'github/codeql-action/analyze@v1',
'github/codeql-action/init@v1',
'ianwalter/puppeteer@3.0.0',
'juliangruber/approve-pull-request-action@v1',
'juliangruber/find-pull-request-action@v1',
'juliangruber/read-file-action@v1',
'ianwalter/puppeteer@12728ddef82390d1ecd4732fb543f62177392fbb',
'juliangruber/approve-pull-request-action@c530832d4d346c597332e20e03605aa94fa150a8',
'juliangruber/find-pull-request-action@64d55773c959748ad30a4184f4dc102af1669f7b',
'juliangruber/read-file-action@e0a316da496006ffd19142f0fd594a1783f3b512',
'pascalgn/automerge-action@c9bd182',
'peter-evans/create-issue-from-file@v2',
'peter-evans/create-pull-request@v2',
'rachmari/actions-add-new-issue-to-column@v1.1.1',
'rachmari/labeler@v1.0.4',
'repo-sync/github-sync@v2',
'repo-sync/pull-request@v2',
'rtCamp/action-slack-notify@master',
'rtCamp/action-slack-notify@v2.1.0',
'peter-evans/create-issue-from-file@35e304e2a12caac08c568247a2cb46ecd0c3ecc5',
'peter-evans/create-pull-request@938e6aea6f8dbdaced2064e948cb806c77fe87b8',
'rachmari/actions-add-new-issue-to-column@1a459ef92308ba7c9c9dc2fcdd72f232495574a9',
'rachmari/labeler@832d42ec5523f3c6d46e8168de71cd54363e3e2e',
'repo-sync/github-sync@3832fe8e2be32372e1b3970bbae8e7079edeec88',
'repo-sync/pull-request@ea6773388b83b337e4da9a223293309f2c3670e7',
'rtCamp/action-slack-notify@e17352feaf9aee300bf0ebc1dfbf467d80438815',
'tjenkinson/gh-action-auto-merge-dependency-updates@cee2ac0'
]

2
.github/workflows/60-days-stale-check.yml vendored
View File

@@ -7,7 +7,7 @@ jobs:
stale:
runs-on: ubuntu-latest
steps:
- uses: actions/stale@v3
- uses: actions/stale@44f9eae0adddf72dbf3eedfacc999f70afcec1a8
with:
repo-token: ${{ secrets.GITHUB_TOKEN }}
stale-issue-message: 'This issue is stale because it has been open 60 days with no activity.'

2
.github/workflows/auto-label-prs.yml vendored
View File

@@ -7,6 +7,6 @@ jobs:
if: github.repository == 'github/docs-internal'
runs-on: ubuntu-latest
steps:
- uses: actions/labeler@v2
- uses: actions/labeler@5f867a63be70efff62b767459b009290364495eb
with:
repo-token: "${{ secrets.GITHUB_TOKEN }}"

2
.github/workflows/autoupdate-branch.yml vendored
View File

@@ -13,4 +13,4 @@ jobs:
GITHUB_TOKEN: ${{ secrets.OCTOMERGER_PAT_WITH_REPO_AND_WORKFLOW_SCOPE }}
PR_FILTER: labelled
PR_LABELS: autoupdate
MERGE_MSG: "Branch was updated using the 'autoupdate branch' Actions workflow."
MERGE_MSG: "Branch was updated using the 'autoupdate branch' Actions workflow."

39
.github/workflows/browser-test.yml vendored
View File

@@ -1,18 +1,41 @@
name: Browser Tests
on: [push]
on:
workflow_dispatch:
push:
jobs:
see_if_should_skip:
continue-on-error: true
runs-on: ubuntu-latest
# Map a step output to a job output
outputs:
should_skip: ${{ steps.skip_check.outputs.should_skip }}
steps:
- id: skip_check
uses: fkirc/skip-duplicate-actions@36feb0d8d062137530c2e00bd278d138fe191289
with:
cancel_others: 'false'
github_token: ${{ github.token }}
paths: '[".github/workflows/browser-test.yml","assets/**", "content/**", "data/**", "includes/**", "javascripts/**", "jest-puppeteer.config.js", "jest.config.js", "layouts/**", "lib/**", "middleware/**", "package-lock.json", "package.json", "server.js", "translations/**", "webpack.config.js"]'
build:
needs: see_if_should_skip
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Install
uses: ianwalter/puppeteer@3.0.0
# Each of these ifs needs to be repeated at each step to make sure the required check still runs
# Even if if doesn't do anything
- if: ${{ needs.see_if_should_skip.outputs.should_skip != 'true' }}
name: Checkout
uses: actions/checkout@a81bbbf8298c0fa03ea29cdc473d45769f953675
- if: ${{ needs.see_if_should_skip.outputs.should_skip != 'true' }}
name: Install
uses: ianwalter/puppeteer@12728ddef82390d1ecd4732fb543f62177392fbb
with:
args: npm ci
- name: Test
uses: ianwalter/puppeteer@3.0.0
- if: ${{ needs.see_if_should_skip.outputs.should_skip != 'true' }}
name: Test
uses: ianwalter/puppeteer@12728ddef82390d1ecd4732fb543f62177392fbb
with:
args: npm run browser-test
args: npm run browser-test

4
.github/workflows/check-all-english-links.yml vendored
View File

@@ -10,7 +10,7 @@ jobs:
if: github.repository == 'github/docs-internal'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- uses: actions/checkout@a81bbbf8298c0fa03ea29cdc473d45769f953675
- name: npm ci
run: npm ci
- name: npm run build
@@ -28,7 +28,7 @@ jobs:
fi
- if: ${{ steps.check.outputs.continue == 'yes' }}
name: Create issue from file
uses: peter-evans/create-issue-from-file@v2
uses: peter-evans/create-issue-from-file@35e304e2a12caac08c568247a2cb46ecd0c3ecc5
with:
token: ${{ secrets.DOCUBOT_FR_PROJECT_BOARD_WORKFLOWS_REPO_ORG_READ_SCOPES }}
title: ${{ steps.check.outputs.title }}

2
.github/workflows/codeql.yml vendored
View File

@@ -15,7 +15,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- uses: actions/checkout@a81bbbf8298c0fa03ea29cdc473d45769f953675
- uses: github/codeql-action/init@v1
with:
languages: javascript # comma separated list of values from {go, python, javascript, java, cpp, csharp} (not YET ruby, sorry!)

27
.github/workflows/crowdin.yml vendored
View File

@@ -1,42 +1,43 @@
# Please ping @github/docs-localization in the PR whenever you update this file!
name: Crowdin Sync
on:
push:
branches:
- main
workflow_dispatch:
schedule:
- cron: "33 2 * * *" # every day at 2:33 UTC at least until automerge is working
jobs:
sync_with_crowdin:
name: Sync with Crowdin
if: github.repository == 'github/docs-internal'
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2
uses: actions/checkout@a81bbbf8298c0fa03ea29cdc473d45769f953675
- name: Sync
uses: crowdin/github-action@1.0.10
uses: crowdin/github-action@fd9429dd63d6c0f8a8cb4b93ad8076990bd6e688
with:
upload_translations: true
upload_translations: false
download_translations: true
create_pull_request: true
# Using a custom config temporarily to avoid clobbering the existing crowdin.yml
# that is used by the github-help-docs OAuth integration.
config: 'crowdin-actions-config.yml'
config: 'crowdin.yml'
# This is the name of the git branch that Crowdin will create when opening a pull request.
# This branch does NOT need to be manually created. It will be created automatically by the action.
localization_branch_name: automated-crowdin-translations
localization_branch_name: translations
# This is the name of the top-level directory that Crowdin will use for files.
# Note that this is not a "branch" in the git sense, but more like a top-level directory in your Crowdin project.
# This branch does NOT need to be manually created. It will be created automatically by the action.
crowdin_branch_name: crowdin-main
crowdin_branch_name: main
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
# Using an @octoglot token instead of the default Actions-provided GITHUB_TOKEN here
# so that subsequent workflows will be able to run on the pull request created by this workflow.
GITHUB_TOKEN: ${{ secrets.OCTOGLOT_PAT_WITH_REPO_AND_WORKFLOW_SCOPE }}
# This is a numeric id, not to be confused with Crowdin API v1 "project identifier" string
# See "API v2" on https://crowdin.com/project/<your-project>/settings#api
@@ -47,4 +48,4 @@ jobs:
# This token was created by logging into Crowdin with the octoglot user
CROWDIN_PERSONAL_TOKEN: ${{ secrets.CROWDIN_PERSONAL_TOKEN }}

85
.github/workflows/first-responder-docs-content.yml vendored Normal file
View File

@@ -0,0 +1,85 @@
name: First responder docs-content
on:
pull_request:
types: [reopened, opened, ready_for_review, closed, unlabeled]
jobs:
first-responder-triage-pr:
name: Triage PR to FR project board
if: github.repository == 'github/docs-internal' && github.event.pull_request.draft == false && github.event.action != 'unlabeled' && github.event.action != 'closed'
runs-on: ubuntu-latest
steps:
- name: Check if the event originated from a team member
uses: actions/github-script@44b873bc975058192f5279ebe7579496381f575d
id: set-result
with:
github-token: ${{secrets.DOCUBOT_FR_PROJECT_BOARD_WORKFLOWS_REPO_ORG_READ_SCOPES}}
result-encoding: string
script: |
const repoName = context.payload.repository.name
const ownerName = context.payload.repository.owner.login
const issueNumber = (context.eventName === "issues") ? context.payload.issue.number : context.payload.number
const updatedIssueInformation = await github.issues.get({
owner: ownerName,
repo: repoName,
issue_number: issueNumber
})
const teamMembers = await github.request(
`/orgs/github/teams/docs/members`
)
const logins = teamMembers.data.map(member => member.login)
// ignore PRs opened by docs bot accounts
logins.push('Octomerger', 'octoglot')
if (logins.some(login => login === updatedIssueInformation.data.user.login)) {
console.log(`This issue or pull request was authored by a member of the github/docs team.`)
return 'true'
}
console.log(`This issue or pull request was authored by an external contributor.`)
return 'false'
- name: Label external contributor pull requests with docs-content-fr
uses: rachmari/labeler@832d42ec5523f3c6d46e8168de71cd54363e3e2e
if: steps.set-result.outputs.result == 'false'
with:
repo-token: "${{ secrets.DOCUBOT_FR_PROJECT_BOARD_WORKFLOWS_REPO_ORG_READ_SCOPES }}"
add-labels: "docs-content-fr"
- name: Triage to FR PR project column
uses: rachmari/actions-add-new-issue-to-column@1a459ef92308ba7c9c9dc2fcdd72f232495574a9
if: steps.set-result.outputs.result == 'false'
with:
action-token: ${{ secrets.DOCUBOT_FR_PROJECT_BOARD_WORKFLOWS_REPO_ORG_READ_SCOPES }}
project-url: "https://github.com/orgs/github/projects/1367"
column-name: "Docs-internal external contributor PRs"
first-responder-remove-pr:
name: Remove PR from FR project board
if: (github.event.label.name == 'docs-content-fr' && github.event.action == 'unlabeled') || github.event.action == 'closed'
runs-on: ubuntu-latest
steps:
- name: Remove card from project
uses: actions/github-script@44b873bc975058192f5279ebe7579496381f575d
with:
github-token: ${{secrets.DOCUBOT_FR_PROJECT_BOARD_WORKFLOWS_REPO_ORG_READ_SCOPES}}
result-encoding: string
script: |
const issueToRemove = context.payload.number
const cards = await github.projects.listCards({
column_id: 11130889
})
cards.data.forEach(card => {
if (card.content_url) {
const cardIssueNumber = parseInt(card.content_url.split('/').pop(), 10)
if (cardIssueNumber === issueToRemove) {
const cards = github.projects.deleteCard({
card_id: card.id
})
}
}
})
- name: Remove docs-content-fr label if not already removed
if: github.event.action == 'closed'
uses: rachmari/labeler@832d42ec5523f3c6d46e8168de71cd54363e3e2e
with:
repo-token: "${{ secrets.DOCUBOT_FR_PROJECT_BOARD_WORKFLOWS_REPO_ORG_READ_SCOPES }}"
remove-labels: "docs-content-fr"

8
.github/workflows/merged-notification.yml vendored
View File

@@ -1,5 +1,5 @@
on:
pull_request:
pull_request_target:
types: ['closed']
jobs:
@@ -7,13 +7,11 @@ jobs:
if: github.event.repository.private == false && github.event.pull_request.merged && github.event.pull_request.base.ref == github.event.repository.default_branch
runs-on: ubuntu-latest
steps:
- uses: actions/github-script@v3
- uses: actions/github-script@626af12fe9a53dc2972b48385e7fe7dec79145c9
with:
script: |
github.issues.createComment({
...context.repo,
issue_number: context.payload.pull_request.number,
body: `Thanks very much for contributing! Your pull request has been merged 🎉 You should see your changes appear on the site in approximately 24 hours.
If you haven't already, you can add yourself to [the list of contributors](https://github.com/github/docs#contributors-) by creating a new comment in this PR using [these instructions](https://allcontributors.org/docs/en/bot/usage#commands). Thanks again! :sparkles:`
body: 'Thanks very much for contributing! Your pull request has been merged 🎉 You should see your changes appear on the site in approximately 24 hours.'
})

9
.github/workflows/pa11y.yml vendored
View File

@@ -1,11 +1,14 @@
name: "Pa11y"
on: [push]
on:
workflow_dispatch:
schedule:
- cron: "25 17 * * *" # once a day at 17:25 UTC / 11:50 PST
jobs:
test:
runs-on: ubuntu-latest
steps:
- name: Check out repo
uses: actions/checkout@v2
uses: actions/checkout@a81bbbf8298c0fa03ea29cdc473d45769f953675
- name: Get npm cache directory
id: npm-cache
@@ -13,7 +16,7 @@ jobs:
echo "::set-output name=dir::$(npm config get cache)"
- name: Cache node modules
uses: actions/cache@v2
uses: actions/cache@d1255ad9362389eac595a9ae406b8e8cb3331f16
with:
path: ${{ steps.npm-cache.outputs.dir }}
key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}

4
.github/workflows/ping-staging-apps.yml vendored
View File

@@ -12,10 +12,10 @@ jobs:
env:
HEROKU_API_TOKEN: ${{ secrets.HEROKU_API_TOKEN }}
steps:
- uses: actions/checkout@v2
- uses: actions/checkout@a81bbbf8298c0fa03ea29cdc473d45769f953675
- name: npm ci
run: npm ci
- name: npm run build
run: npm run build
- name: Run script
run: script/ping-staging-apps.js
run: script/ping-staging-apps.js

11
.github/workflows/remove-unused-assets.yml vendored
View File

@@ -5,8 +5,7 @@ env:
on:
schedule:
# - cron: "20 15 * * 0" # run every Sunday at 20:15 UTC / 12:15 PST
- cron: 0 0 1 1 * # run next January 1st, aka temporarily disabled
- cron: "20 15 * * 0" # run every Sunday at 20:15 UTC / 12:15 PST
jobs:
remove_unused_assets:
@@ -19,7 +18,7 @@ jobs:
echo 'The repo is currently frozen! Exiting this workflow.'
exit 1 # prevents further steps from running
- name: Checkout
uses: actions/checkout@v2
uses: actions/checkout@a81bbbf8298c0fa03ea29cdc473d45769f953675
- name: npm ci
run: npm ci
- name: Run scripts
@@ -28,13 +27,13 @@ jobs:
script/remove-extraneous-translation-files.js
- name: Get script results to use in PR body
id: results
uses: juliangruber/read-file-action@v1
uses: juliangruber/read-file-action@e0a316da496006ffd19142f0fd594a1783f3b512
with:
path: ./results.md
- name: Remove script results file
run: rm -rf ./results.md
- name: Create pull request
uses: peter-evans/create-pull-request@v2
uses: peter-evans/create-pull-request@938e6aea6f8dbdaced2064e948cb806c77fe87b8
with:
# need to use a token with repo and workflow scopes for this step
token: ${{ secrets.OCTOMERGER_PAT_WITH_REPO_AND_WORKFLOW_SCOPE }}
@@ -49,7 +48,7 @@ jobs:
branch: remove-unused-assets
- if: ${{ failure() }}
name: Delete remote branch (if previous steps failed)
uses: dawidd6/action-delete-branch@v3
uses: dawidd6/action-delete-branch@47743101a121ad657031e6704086271ca81b1911
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
branches: remove-unused-assets

12
.github/workflows/repo-sync.yml vendored
View File

@@ -27,10 +27,10 @@ jobs:
exit 1 # prevents further steps from running
- name: Check out repo
uses: actions/checkout@v2
uses: actions/checkout@a81bbbf8298c0fa03ea29cdc473d45769f953675
- name: Sync repo to branch
uses: repo-sync/github-sync@v2
uses: repo-sync/github-sync@3832fe8e2be32372e1b3970bbae8e7079edeec88
env:
GITHUB_TOKEN: ${{ secrets.OCTOMERGER_PAT_WITH_REPO_AND_WORKFLOW_SCOPE }}
with:
@@ -40,7 +40,7 @@ jobs:
github_token: ${{ secrets.OCTOMERGER_PAT_WITH_REPO_AND_WORKFLOW_SCOPE }}
- name: Create pull request
uses: repo-sync/pull-request@v2
uses: repo-sync/pull-request@ea6773388b83b337e4da9a223293309f2c3670e7
env:
GITHUB_TOKEN: ${{ secrets.OCTOMERGER_PAT_WITH_REPO_AND_WORKFLOW_SCOPE }}
with:
@@ -52,7 +52,7 @@ jobs:
github_token: ${{ secrets.OCTOMERGER_PAT_WITH_REPO_AND_WORKFLOW_SCOPE }}
- name: Find pull request
uses: juliangruber/find-pull-request-action@v1
uses: juliangruber/find-pull-request-action@64d55773c959748ad30a4184f4dc102af1669f7b
id: find-pull-request
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
@@ -60,13 +60,13 @@ jobs:
- name: Approve pull request
if: ${{ steps.find-pull-request.outputs.number }}
uses: juliangruber/approve-pull-request-action@v1
uses: juliangruber/approve-pull-request-action@c530832d4d346c597332e20e03605aa94fa150a8
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
number: ${{ steps.find-pull-request.outputs.number }}
- name: Send Slack notification if workflow fails
uses: rtCamp/action-slack-notify@master
uses: rtCamp/action-slack-notify@e17352feaf9aee300bf0ebc1dfbf467d80438815
if: failure()
env:
SLACK_WEBHOOK: ${{ secrets.DOCS_ALERTS_SLACK_WEBHOOK }}

2
.github/workflows/send-eng-issues-to-backlog.yml vendored
View File

@@ -12,7 +12,7 @@ jobs:
steps:
- name: Add issues with engineering label to project board
if: contains(github.event.issue.labels.*.name, 'engineering') || contains(github.event.issue.labels.*.name, 'design') || contains(github.event.issue.labels.*.name, 'Design')
uses: actions/github-script@v2
uses: actions/github-script@44b873bc975058192f5279ebe7579496381f575d
with:
github-token: ${{ secrets.DOCUBOT_FR_PROJECT_BOARD_WORKFLOWS_REPO_ORG_READ_SCOPES }}
script: |

2
.github/workflows/start-new-engineering-pr-workflow.yml vendored
View File

@@ -13,7 +13,7 @@ jobs:
REGULAR_COLUMN_ID: 10095779
steps:
- name:
uses: actions/github-script@v2
uses: actions/github-script@44b873bc975058192f5279ebe7579496381f575d
continue-on-error: true
with:
github-token: ${{ secrets.DOCUBOT_FR_PROJECT_BOARD_WORKFLOWS_REPO_ORG_READ_SCOPES }}

8
.github/workflows/sync-algolia-search-indices.yml vendored
View File

@@ -12,12 +12,12 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: checkout
uses: actions/checkout@v2
- uses: actions/setup-node@v1
uses: actions/checkout@a81bbbf8298c0fa03ea29cdc473d45769f953675
- uses: actions/setup-node@56899e050abffc08c2b3b61f3ec6a79a9dc3223d
with:
node-version: 14.x
- name: cache node modules
uses: actions/cache@v1
uses: actions/cache@70655ec8323daeeaa7ef06d7c56e1b9191396cbe
with:
path: ~/.npm
key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
@@ -32,7 +32,7 @@ jobs:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: npm run sync-search
- name: Send slack notification if workflow run fails
uses: rtCamp/action-slack-notify@v2.1.0
uses: rtCamp/action-slack-notify@e17352feaf9aee300bf0ebc1dfbf467d80438815
if: failure()
env:
SLACK_WEBHOOK: ${{ secrets.DOCS_ALERTS_SLACK_WEBHOOK }}

12
.github/workflows/test-translations.yml vendored
View File

@@ -12,12 +12,12 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Check out repo
uses: actions/checkout@v2
uses: actions/checkout@a81bbbf8298c0fa03ea29cdc473d45769f953675
with:
ref: translations # check out the 'translations' branch
- name: Setup node
uses: actions/setup-node@v1
uses: actions/setup-node@56899e050abffc08c2b3b61f3ec6a79a9dc3223d
with:
node-version: 14.x
@@ -27,7 +27,7 @@ jobs:
echo "::set-output name=dir::$(npm config get cache)"
- name: Cache node modules
uses: actions/cache@v2
uses: actions/cache@d1255ad9362389eac595a9ae406b8e8cb3331f16
with:
path: ${{ steps.npm-cache.outputs.dir }}
key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
@@ -52,10 +52,10 @@ jobs:
test-group: [content, meta, rendering, routing, unit, links-and-images]
steps:
- name: Check out repo
uses: actions/checkout@v2
uses: actions/checkout@a81bbbf8298c0fa03ea29cdc473d45769f953675
- name: Setup node
uses: actions/setup-node@v1
uses: actions/setup-node@56899e050abffc08c2b3b61f3ec6a79a9dc3223d
with:
node-version: 14.x
@@ -65,7 +65,7 @@ jobs:
echo "::set-output name=dir::$(npm config get cache)"
- name: Cache node modules
uses: actions/cache@v2
uses: actions/cache@d1255ad9362389eac595a9ae406b8e8cb3331f16
with:
path: ${{ steps.npm-cache.outputs.dir }}
key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}

39
.github/workflows/test-windows.yml vendored
View File

@@ -11,39 +11,6 @@ env:
CI: true
jobs:
lint:
runs-on: windows-latest
steps:
- name: Check out repo
uses: actions/checkout@v2
- name: Setup node
uses: actions/setup-node@v1
with:
node-version: 14.x
- name: Get npm cache directory
id: npm-cache
run: |
echo "::set-output name=dir::$(npm config get cache)"
- name: Cache node modules
uses: actions/cache@v2
with:
path: ${{ steps.npm-cache.outputs.dir }}
key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
restore-keys: |
${{ runner.os }}-node-
- name: Install dependencies
run: npm ci
- name: Run linter
run: npx standard
- name: Check dependencies
run: npm run check-deps
test:
runs-on: windows-latest
strategy:
@@ -52,10 +19,10 @@ jobs:
test-group: [content, meta, rendering, routing, unit, links-and-images]
steps:
- name: Check out repo
uses: actions/checkout@v2
uses: actions/checkout@a81bbbf8298c0fa03ea29cdc473d45769f953675
- name: Setup node
uses: actions/setup-node@v1
uses: actions/setup-node@56899e050abffc08c2b3b61f3ec6a79a9dc3223d
with:
node-version: 14.x
@@ -65,7 +32,7 @@ jobs:
echo "::set-output name=dir::$(npm config get cache)"
- name: Cache node modules
uses: actions/cache@v2
uses: actions/cache@d1255ad9362389eac595a9ae406b8e8cb3331f16
with:
path: ${{ steps.npm-cache.outputs.dir }}
key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}

79
.github/workflows/test.yml vendored
View File

@@ -3,6 +3,7 @@
name: Node.js Tests
on:
workflow_dispatch:
push:
branches:
- main
@@ -14,79 +15,111 @@ env:
CI: true
jobs:
see_if_should_skip:
continue-on-error: true
runs-on: ubuntu-latest
# Map a step output to a job output
outputs:
should_skip: ${{ steps.skip_check.outputs.should_skip }}
steps:
- id: skip_check
uses: fkirc/skip-duplicate-actions@36feb0d8d062137530c2e00bd278d138fe191289
with:
cancel_others: 'false'
github_token: ${{ github.token }}
paths: '[".github/workflows/test.yml",".node-version", ".npmrc", "app.json", "content/**", "data/**","lib/**", "Dockerfile", "feature-flags.json", "Gemfile", "Gemfile.lock", "middleware/**", "node_modules/**","package.json", "package-lock.json", "server.js", "tests/**", "translations/**", "Procfile", "webpack.config.js"]'
lint:
needs: see_if_should_skip
runs-on: ubuntu-latest
steps:
- name: Check out repo
uses: actions/checkout@v2
# Each of these ifs needs to be repeated at each step to make sure the required check still runs
# Even if if doesn't do anything
- if: ${{ needs.see_if_should_skip.outputs.should_skip != 'true' }}
name: Check out repo
uses: actions/checkout@a81bbbf8298c0fa03ea29cdc473d45769f953675
- name: Setup node
uses: actions/setup-node@v1
- if: ${{ needs.see_if_should_skip.outputs.should_skip != 'true' }}
name: Setup node
uses: actions/setup-node@56899e050abffc08c2b3b61f3ec6a79a9dc3223d
with:
node-version: 14.x
- name: Get npm cache directory
- if: ${{ needs.see_if_should_skip.outputs.should_skip != 'true' }}
name: Get npm cache directory
id: npm-cache
run: |
echo "::set-output name=dir::$(npm config get cache)"
- name: Cache node modules
uses: actions/cache@v2
- if: ${{ needs.see_if_should_skip.outputs.should_skip != 'true' }}
name: Cache node modules
uses: actions/cache@d1255ad9362389eac595a9ae406b8e8cb3331f16
with:
path: ${{ steps.npm-cache.outputs.dir }}
key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
restore-keys: |
${{ runner.os }}-node-
- name: Install dependencies
- if: ${{ needs.see_if_should_skip.outputs.should_skip != 'true' }}
name: Install dependencies
run: npm ci
- name: Run linter
- if: ${{ needs.see_if_should_skip.outputs.should_skip != 'true' }}
name: Run linter
run: npx standard
- name: Check dependencies
- if: ${{ needs.see_if_should_skip.outputs.should_skip != 'true' }}
name: Check dependencies
run: npm run check-deps
test:
needs: see_if_should_skip
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
test-group: [content, meta, rendering, routing, unit, links-and-images]
steps:
- name: Check out repo
uses: actions/checkout@v2
# Each of these ifs needs to be repeated at each step to make sure the required check still runs
# Even if if doesn't do anything
- if: ${{ needs.see_if_should_skip.outputs.should_skip != 'true' }}
name: Check out repo
uses: actions/checkout@a81bbbf8298c0fa03ea29cdc473d45769f953675
- name: Setup node
uses: actions/setup-node@v1
- if: ${{ needs.see_if_should_skip.outputs.should_skip != 'true' }}
name: Setup node
uses: actions/setup-node@56899e050abffc08c2b3b61f3ec6a79a9dc3223d
with:
node-version: 14.x
- name: Get npm cache directory
- if: ${{ needs.see_if_should_skip.outputs.should_skip != 'true' }}
name: Get npm cache directory
id: npm-cache
run: |
echo "::set-output name=dir::$(npm config get cache)"
- name: Cache node modules
uses: actions/cache@v2
- if: ${{ needs.see_if_should_skip.outputs.should_skip != 'true' }}
name: Cache node modules
uses: actions/cache@d1255ad9362389eac595a9ae406b8e8cb3331f16
with:
path: ${{ steps.npm-cache.outputs.dir }}
key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
restore-keys: |
${{ runner.os }}-node-
- name: Install dependencies
- if: ${{ needs.see_if_should_skip.outputs.should_skip != 'true' }}
name: Install dependencies
run: npm ci
- name: Run build script
- if: ${{ needs.see_if_should_skip.outputs.should_skip != 'true' }}
name: Run build script
run: npm run build
- name: Run tests
- if: ${{ needs.see_if_should_skip.outputs.should_skip != 'true' }}
name: Run tests
run: npx jest tests/${{ matrix.test-group }}/
- name: Send Slack notification if workflow fails
uses: rtCamp/action-slack-notify@master
uses: rtCamp/action-slack-notify@e17352feaf9aee300bf0ebc1dfbf467d80438815
if: failure() && github.ref == 'early-access'
env:
SLACK_WEBHOOK: ${{ secrets.DOCS_ALERTS_SLACK_WEBHOOK }}
SLACK_MESSAGE: "Tests are failing on the `early-access` branch. https://github.com/github/docs-internal/tree/early-access"
SLACK_MESSAGE: "Tests are failing on the `early-access` branch. https://github.com/github/docs-internal/tree/early-access"

8
.github/workflows/translations.yml vendored
View File

@@ -17,14 +17,14 @@ jobs:
echo 'The repo is currently frozen! Exiting this workflow.'
exit 1 # prevents further steps from running
- name: Find original Pull Request
uses: juliangruber/find-pull-request-action@v1
uses: juliangruber/find-pull-request-action@64d55773c959748ad30a4184f4dc102af1669f7b
id: pr
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
branch: translations
- if: ${{ steps.pr.outputs.number }}
name: Check if already labeled
uses: actions/github-script@0.9.0
uses: actions/github-script@5d03ada4b0a753e9460b312e61cc4f8fdeacf163
id: has-label
with:
script: |
@@ -38,13 +38,13 @@ jobs:
}
- if: ${{ !steps.has-label.outputs.result }}
name: Approve Pull Request
uses: juliangruber/approve-pull-request-action@v1
uses: juliangruber/approve-pull-request-action@c530832d4d346c597332e20e03605aa94fa150a8
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
number: ${{ steps.pr.outputs.number }}
- if: ${{ !steps.has-label.outputs.result }}
name: Add automerge label
uses: actions/github-script@0.9.0
uses: actions/github-script@5d03ada4b0a753e9460b312e61cc4f8fdeacf163
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
script: |

6
.github/workflows/triage-issue-comments.yml vendored
View File

@@ -10,7 +10,7 @@ jobs:
steps:
- name: Check if the event originated from a team member
uses: actions/github-script@v2.0.0
uses: actions/github-script@6e5ee1dc1cb3740e5e5e76ad668e3f526edbfe45
id: is-internal-contributor
with:
github-token: ${{secrets.GITHUB_TOKEN}}
@@ -33,13 +33,13 @@ jobs:
return 'false'
}
- name: Label issues with new comments with 'triage'
uses: rachmari/labeler@v1.0.4
uses: rachmari/labeler@832d42ec5523f3c6d46e8168de71cd54363e3e2e
if: (steps.is-internal-contributor.outputs.result == 'false')
with:
repo-token: "${{ secrets.GITHUB_TOKEN }}"
add-labels: "triage"
- name: Triage to project board
uses: rachmari/actions-add-new-issue-to-column@v1.1.1
uses: rachmari/actions-add-new-issue-to-column@1a459ef92308ba7c9c9dc2fcdd72f232495574a9
with:
action-token: ${{ secrets.GITHUB_TOKEN }}
project-url: "https://github.com/github/docs/projects/1"

4
.github/workflows/triage-issues.yml vendored
View File

@@ -10,12 +10,12 @@ jobs:
steps:
- name: Label new issues with 'triage'
uses: rachmari/labeler@v1.0.4
uses: rachmari/labeler@832d42ec5523f3c6d46e8168de71cd54363e3e2e
with:
repo-token: "${{ secrets.GITHUB_TOKEN }}"
add-labels: "triage"
- name: Triage to project board
uses: rachmari/actions-add-new-issue-to-column@v1.1.1
uses: rachmari/actions-add-new-issue-to-column@1a459ef92308ba7c9c9dc2fcdd72f232495574a9
with:
action-token: ${{ secrets.GITHUB_TOKEN }}
project-url: "https://github.com/github/docs/projects/1"

4
.github/workflows/triage-pull-requests.yml vendored
View File

@@ -10,12 +10,12 @@ jobs:
steps:
- name: Label new pull requests with 'triage'
uses: rachmari/labeler@v1.0.4
uses: rachmari/labeler@832d42ec5523f3c6d46e8168de71cd54363e3e2e
with:
repo-token: "${{ secrets.GITHUB_TOKEN }}"
add-labels: "triage"
- name: Triage to project board
uses: rachmari/actions-add-new-issue-to-column@v1.1.1
uses: rachmari/actions-add-new-issue-to-column@1a459ef92308ba7c9c9dc2fcdd72f232495574a9
with:
action-token: ${{ secrets.GITHUB_TOKEN }}
project-url: "https://github.com/github/docs/projects/1"

2
.github/workflows/triage-stale-check.yml vendored
View File

@@ -9,7 +9,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- uses: actions/stale@v3
- uses: actions/stale@44f9eae0adddf72dbf3eedfacc999f70afcec1a8
with:
repo-token: ${{ secrets.GITHUB_TOKEN }}
stale-pr-message: 'This PR is stale because it has been open 7 days with no activity and will be automatically closed in 3 days. To keep this PR open, update the PR by adding a comment or pushing a commit.'

10
.github/workflows/update-graphql-files.yml vendored
View File

@@ -22,9 +22,9 @@ jobs:
echo 'The repo is currently frozen! Exiting this workflow.'
exit 1 # prevents further steps from running
- name: Checkout
uses: actions/checkout@v2
uses: actions/checkout@a81bbbf8298c0fa03ea29cdc473d45769f953675
- name: Set up Ruby
uses: actions/setup-ruby@v1
uses: actions/setup-ruby@5f29a1cd8dfebf420691c4c9a0e832e2fae5a526
with:
ruby-version: '2.4'
- name: Install Ruby dependencies
@@ -46,7 +46,7 @@ jobs:
script/graphql/build-changelog-from-markdown.js
- name: Create pull request
id: create-pull-request
uses: peter-evans/create-pull-request@v2
uses: peter-evans/create-pull-request@938e6aea6f8dbdaced2064e948cb806c77fe87b8
with:
# need to use a token with repo and workflow scopes for this step
token: ${{ secrets.OCTOMERGER_PAT_WITH_REPO_AND_WORKFLOW_SCOPE }}
@@ -60,13 +60,13 @@ jobs:
branch: graphql-schema-update
- if: ${{ failure() }}
name: Delete remote branch (if previous steps failed)
uses: dawidd6/action-delete-branch@v3
uses: dawidd6/action-delete-branch@47743101a121ad657031e6704086271ca81b1911
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
branches: graphql-schema-update
- if: ${{ steps.create-pull-request.outputs.pr_number }}
name: Approve
uses: juliangruber/approve-pull-request-action@v1
uses: juliangruber/approve-pull-request-action@c530832d4d346c597332e20e03605aa94fa150a8
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
number: ${{ steps.create-pull-request.outputs.pr_number }}

68
README.md
View File

@@ -8,7 +8,6 @@ In this article:
- [Contributing](#contributing)
- [READMEs](#readmes)
- [License](#license)
- [Contributors ✨](#contributors-)
## Contributing
@@ -70,70 +69,3 @@ The GitHub product documentation in the assets, content, and data folders are li
All other code in this repository is licensed under a [MIT license](LICENSE-CODE).
When using the GitHub logos, be sure to follow the [GitHub logo guidelines](https://github.com/logos).
## Contributors ✨
Thanks goes to these wonderful people ([emoji key](https://allcontributors.org/docs/en/emoji-key)):
<!-- ALL-CONTRIBUTORS-LIST:START - Do not remove or modify this section -->
<!-- prettier-ignore-start -->
<!-- markdownlint-disable -->
<table>
<tr>
<td align="center"><a href="https://github.com/alebourne"><img src="https://avatars1.githubusercontent.com/u/24581915?v=4?s=64" width="64px;" alt=""/><br /><sub><b>Alexandra Bourne</b></sub></a><br /><a href="#content-alebourne" title="Content">🖋</a> <a href="https://github.com/github/docs/issues?q=author%3Aalebourne" title="Bug reports">🐛</a></td>
<td align="center"><a href="http://cynthiarich.me/"><img src="https://avatars0.githubusercontent.com/u/9950121?v=4?s=64" width="64px;" alt=""/><br /><sub><b>Cynthia Rich</b></sub></a><br /><a href="#content-crichID" title="Content">🖋</a> <a href="https://github.com/github/docs/issues?q=author%3AcrichID" title="Bug reports">🐛</a></td>
<td align="center"><a href="https://github.com/emilyistoofunky"><img src="https://avatars1.githubusercontent.com/u/4822039?v=4?s=64" width="64px;" alt=""/><br /><sub><b>Emily Gould</b></sub></a><br /><a href="#content-emilyistoofunky" title="Content">🖋</a> <a href="https://github.com/github/docs/issues?q=author%3Aemilyistoofunky" title="Bug reports">🐛</a></td>
<td align="center"><a href="https://github.com/felicitymay"><img src="https://avatars1.githubusercontent.com/u/1877141?v=4?s=64" width="64px;" alt=""/><br /><sub><b>Felicity Chapman</b></sub></a><br /><a href="#content-felicitymay" title="Content">🖋</a> <a href="https://github.com/github/docs/issues?q=author%3Afelicitymay" title="Bug reports">🐛</a></td>
<td align="center"><a href="https://heiskr.com/"><img src="https://avatars2.githubusercontent.com/u/1221423?v=4?s=64" width="64px;" alt=""/><br /><sub><b>Kevin Heis</b></sub></a><br /><a href="https://github.com/github/docs/issues?q=author%3Aheiskr" title="Bug reports">🐛</a> <a href="https://github.com/github/docs/commits?author=heiskr" title="Code">💻</a></td>
<td align="center"><a href="https://github.com/hubwriter"><img src="https://avatars1.githubusercontent.com/u/54933897?v=4?s=64" width="64px;" alt=""/><br /><sub><b>Alistair Christie</b></sub></a><br /><a href="#content-hubwriter" title="Content">🖋</a> <a href="https://github.com/github/docs/issues?q=author%3Ahubwriter" title="Bug reports">🐛</a></td>
<td align="center"><a href="https://jamesmgreene.github.io/"><img src="https://avatars2.githubusercontent.com/u/417751?v=4?s=64" width="64px;" alt=""/><br /><sub><b>James M. Greene</b></sub></a><br /><a href="https://github.com/github/docs/issues?q=author%3AJamesMGreene" title="Bug reports">🐛</a> <a href="https://github.com/github/docs/commits?author=JamesMGreene" title="Code">💻</a></td>
</tr>
<tr>
<td align="center"><a href="https://github.com/janiceilene"><img src="https://avatars3.githubusercontent.com/u/9817819?v=4?s=64" width="64px;" alt=""/><br /><sub><b>Janice</b></sub></a><br /><a href="#content-janiceilene" title="Content">🖋</a> <a href="https://github.com/github/docs/issues?q=author%3Ajaniceilene" title="Bug reports">🐛</a></td>
<td align="center"><a href="https://jasonet.co"><img src="https://avatars1.githubusercontent.com/u/10660468?v=4?s=64" width="64px;" alt=""/><br /><sub><b>Jason Etcovitch</b></sub></a><br /><a href="https://github.com/github/docs/issues?q=author%3Ajasonetco" title="Bug reports">🐛</a> <a href="https://github.com/github/docs/commits?author=jasonetco" title="Code">💻</a></td>
<td align="center"><a href="https://github.com/jf205"><img src="https://avatars2.githubusercontent.com/u/42464962?v=4?s=64" width="64px;" alt=""/><br /><sub><b>James Fletcher</b></sub></a><br /><a href="#content-jf205" title="Content">🖋</a> <a href="https://github.com/github/docs/issues?q=author%3Ajf205" title="Bug reports">🐛</a></td>
<td align="center"><a href="https://github.com/jleaver"><img src="https://avatars2.githubusercontent.com/u/4453117?v=4?s=64" width="64px;" alt=""/><br /><sub><b>Jenn Leaver</b></sub></a><br /><a href="#content-jleaver" title="Content">🖋</a> <a href="https://github.com/github/docs/issues?q=author%3Ajleaver" title="Bug reports">🐛</a></td>
<td align="center"><a href="https://github.com/jmarlena"><img src="https://avatars3.githubusercontent.com/u/6732600?v=4?s=64" width="64px;" alt=""/><br /><sub><b>jmarlena</b></sub></a><br /><a href="#content-jmarlena" title="Content">🖋</a> <a href="https://github.com/github/docs/issues?q=author%3Ajmarlena" title="Bug reports">🐛</a></td>
<td align="center"><a href="https://johnwargo.com/"><img src="https://avatars0.githubusercontent.com/u/30843404?v=4?s=64" width="64px;" alt=""/><br /><sub><b>John M. Wargo</b></sub></a><br /><a href="#content-jwargo" title="Content">🖋</a> <a href="https://github.com/github/docs/issues?q=author%3Ajwargo" title="Bug reports">🐛</a></td>
<td align="center"><a href="https://github.com/lecoursen"><img src="https://avatars3.githubusercontent.com/u/14935376?v=4?s=64" width="64px;" alt=""/><br /><sub><b>Laura Coursen</b></sub></a><br /><a href="#content-lecoursen" title="Content">🖋</a> <a href="https://github.com/github/docs/issues?q=author%3Alecoursen" title="Bug reports">🐛</a></td>
</tr>
<tr>
<td align="center"><a href="https://lucascosti.com/"><img src="https://avatars3.githubusercontent.com/u/4434330?v=4?s=64" width="64px;" alt=""/><br /><sub><b>Lucas Costi</b></sub></a><br /><a href="#content-lucascosti" title="Content">🖋</a> <a href="https://github.com/github/docs/issues?q=author%3Alucascosti" title="Bug reports">🐛</a></td>
<td align="center"><a href="https://github.com/martin389"><img src="https://avatars3.githubusercontent.com/u/54248166?v=4?s=64" width="64px;" alt=""/><br /><sub><b>Martin Lopes</b></sub></a><br /><a href="#content-martin389" title="Content">🖋</a> <a href="https://github.com/github/docs/issues?q=author%3Amartin389" title="Bug reports">🐛</a></td>
<td align="center"><a href="https://github.com/mattpollard"><img src="https://avatars0.githubusercontent.com/u/1894408?v=4?s=64" width="64px;" alt=""/><br /><sub><b>Matt Pollard</b></sub></a><br /><a href="#content-mattpollard" title="Content">🖋</a> <a href="https://github.com/github/docs/issues?q=author%3Amattpollard" title="Bug reports">🐛</a></td>
<td align="center"><a href="https://github.com/mchammer01"><img src="https://avatars3.githubusercontent.com/u/42146119?v=4?s=64" width="64px;" alt=""/><br /><sub><b>mc</b></sub></a><br /><a href="#content-mchammer01" title="Content">🖋</a> <a href="https://github.com/github/docs/issues?q=author%3Amchammer01" title="Bug reports">🐛</a></td>
<td align="center"><a href="http://meaganbird.com/"><img src="https://avatars2.githubusercontent.com/u/5658046?v=4?s=64" width="64px;" alt=""/><br /><sub><b>Meg Bird</b></sub></a><br /><a href="#content-megbird" title="Content">🖋</a> <a href="https://github.com/github/docs/issues?q=author%3Amegbird" title="Bug reports">🐛</a></td>
<td align="center"><a href="https://github.com/myarb"><img src="https://avatars2.githubusercontent.com/u/11952755?v=4?s=64" width="64px;" alt=""/><br /><sub><b>Melanie Yarbrough</b></sub></a><br /><a href="#content-myarb" title="Content">🖋</a> <a href="https://github.com/github/docs/issues?q=author%3Amyarb" title="Bug reports">🐛</a></td>
<td align="center"><a href="https://github.com/rachmari"><img src="https://avatars2.githubusercontent.com/u/9831992?v=4?s=64" width="64px;" alt=""/><br /><sub><b>Rachael Sewell</b></sub></a><br /><a href="#content-rachmari" title="Content">🖋</a> <a href="https://github.com/github/docs/issues?q=author%3Arachmari" title="Bug reports">🐛</a></td>
</tr>
<tr>
<td align="center"><a href="https://github.com/runleonarun"><img src="https://avatars1.githubusercontent.com/u/3880403?v=4?s=64" width="64px;" alt=""/><br /><sub><b>Leona B. Campbell</b></sub></a><br /><a href="#content-runleonarun" title="Content">🖋</a> <a href="https://github.com/github/docs/issues?q=author%3Arunleonarun" title="Bug reports">🐛</a></td>
<td align="center"><a href="https://github.com/sarahs"><img src="https://avatars3.githubusercontent.com/u/821071?v=4?s=64" width="64px;" alt=""/><br /><sub><b>Sarah Schneider</b></sub></a><br /><a href="https://github.com/github/docs/issues?q=author%3Asarahs" title="Bug reports">🐛</a> <a href="https://github.com/github/docs/commits?author=sarahs" title="Code">💻</a></td>
<td align="center"><a href="https://github.com/shati-patel"><img src="https://avatars3.githubusercontent.com/u/42641846?v=4?s=64" width="64px;" alt=""/><br /><sub><b>Shati Patel</b></sub></a><br /><a href="#content-shati-patel" title="Content">🖋</a> <a href="https://github.com/github/docs/issues?q=author%3Ashati-patel" title="Bug reports">🐛</a></td>
<td align="center"><a href="http://kathy.pm/"><img src="https://avatars3.githubusercontent.com/u/704152?v=4?s=64" width="64px;" alt=""/><br /><sub><b>Kathy Korevec</b></sub></a><br /><a href="#content-simpsoka" title="Content">🖋</a> <a href="https://github.com/github/docs/issues?q=author%3Asimpsoka" title="Bug reports">🐛</a></td>
<td align="center"><a href="https://github.com/timeyoutakeit"><img src="https://avatars3.githubusercontent.com/u/5012825?v=4?s=64" width="64px;" alt=""/><br /><sub><b>Amy Burns</b></sub></a><br /><a href="#content-timeyoutakeit" title="Content">🖋</a> <a href="https://github.com/github/docs/issues?q=author%3Atimeyoutakeit" title="Bug reports">🐛</a></td>
<td align="center"><a href="https://github.com/vanessayuenn"><img src="https://avatars3.githubusercontent.com/u/6842965?v=4?s=64" width="64px;" alt=""/><br /><sub><b>Vanessa Yuen</b></sub></a><br /><a href="https://github.com/github/docs/issues?q=author%3Avanessayuenn" title="Bug reports">🐛</a> <a href="https://github.com/github/docs/commits?author=vanessayuenn" title="Code">💻</a></td>
<td align="center"><a href="http://zeke.sikelianos.com/"><img src="https://avatars1.githubusercontent.com/u/2289?v=4?s=64" width="64px;" alt=""/><br /><sub><b>Zeke Sikelianos</b></sub></a><br /><a href="https://github.com/github/docs/issues?q=author%3Azeke" title="Bug reports">🐛</a> <a href="https://github.com/github/docs/commits?author=zeke" title="Code">💻</a></td>
</tr>
<tr>
<td align="center"><a href="https://github.com/BenJam"><img src="https://avatars2.githubusercontent.com/u/158833?v=4?s=64" width="64px;" alt=""/><br /><sub><b>Benjamin Nickolls</b></sub></a><br /><a href="https://github.com/github/docs/commits?author=BenJam" title="Documentation">📖</a></td>
<td align="center"><a href="https://mcaffer.com"><img src="https://avatars2.githubusercontent.com/u/10070956?v=4?s=64" width="64px;" alt=""/><br /><sub><b>Jeff McAffer</b></sub></a><br /><a href="https://github.com/github/docs/commits?author=jeffmcaffer" title="Documentation">📖</a></td>
<td align="center"><a href="https://tjenkinson.me"><img src="https://avatars0.githubusercontent.com/u/3259993?v=4?s=64" width="64px;" alt=""/><br /><sub><b>Tom Jenkinson</b></sub></a><br /><a href="https://github.com/github/docs/commits?author=tjenkinson" title="Code">💻</a></td>
<td align="center"><a href="https://github.com/casals"><img src="https://avatars0.githubusercontent.com/u/785860?v=4?s=64" width="64px;" alt=""/><br /><sub><b>Arthur Casals</b></sub></a><br /><a href="#content-casals" title="Content">🖋</a> <a href="https://github.com/github/docs/commits?author=casals" title="Documentation">📖</a></td>
<td align="center"><a href="https://github.com/ruth"><img src="https://avatars0.githubusercontent.com/u/85029?v=4?s=64" width="64px;" alt=""/><br /><sub><b>Ruth</b></sub></a><br /><a href="#content-Ruth" title="Content">🖋</a></td>
<td align="center"><a href="http://tomaszwisniewski.com"><img src="https://avatars2.githubusercontent.com/u/12593852?v=4?s=64" width="64px;" alt=""/><br /><sub><b>Tomasz Wisniewski</b></sub></a><br /><a href="https://github.com/github/docs/commits?author=wi5nia" title="Documentation">📖</a></td>
<td align="center"><a href="https://chiedojohn.com/"><img src="https://avatars2.githubusercontent.com/u/2156688?v=4?s=64" width="64px;" alt=""/><br /><sub><b>Chiedo John</b></sub></a><br /><a href="https://github.com/github/docs/commits?author=chiedo" title="Code">💻</a></td>
</tr>
<tr>
<td align="center"><a href="https://www.arangodb.com/"><img src="https://avatars3.githubusercontent.com/u/7819991?v=4" width="64px;" alt=""/><br /><sub><b>Simran</b></sub></a><br /><a href="https://github.com/github/docs/commits?author=Simran-B" title="Documentation">📖</a></td>
</tr>
</table>
<!-- markdownlint-restore -->
<!-- prettier-ignore-end -->
<!-- ALL-CONTRIBUTORS-LIST:END -->
This project follows the [all-contributors](https://github.com/all-contributors/all-contributors) specification. Contributions of any kind welcome!

BIN
assets/fonts/alliance/alliance-no-1-bold.woff Normal file
View File

Binary file not shown.

BIN
assets/fonts/alliance/alliance-no-1-extrabold.woff Normal file
View File

Binary file not shown.

BIN
assets/fonts/alliance/alliance-no-1-medium.woff Normal file
View File

Binary file not shown.

BIN
assets/fonts/alliance/alliance-no-1-regular.woff Normal file
View File

Binary file not shown.

BIN
assets/images/enterprise/business-accounts/license-tab.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 6.7 KiB

BIN
assets/images/enterprise/enterprises/enterprise-server-billing-license-info.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 101 KiB

BIN
assets/images/enterprise/enterprises/license.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 27 KiB

BIN
assets/images/enterprise/settings/enterprise-settings.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 72 KiB

BIN
assets/images/github-apps/github_apps_delete_key.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 44 KiB

After

Width:  |  Height:  |  Size: 92 KiB

BIN
assets/images/github-apps/github_apps_private_key_fingerprint.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 57 KiB

After

Width:  |  Height:  |  Size: 139 KiB

BIN
assets/images/help/business-accounts/enterprise-account-settings-tab.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 12 KiB

After

Width:  |  Height:  |  Size: 41 KiB

BIN
assets/images/help/enterprises/enterprise-licensing-tab.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 41 KiB

BIN
assets/images/help/images/overview-actions-result-updated.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 136 KiB

BIN
assets/images/help/repository/annotated-workflow.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 84 KiB

BIN
assets/images/help/repository/check-suite-list.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 47 KiB

BIN
assets/images/help/repository/code-scanning-alert-close-drop-down.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 47 KiB

After

Width:  |  Height:  |  Size: 130 KiB

BIN
assets/images/help/repository/code-scanning-alert-details.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 298 KiB

BIN
assets/images/help/repository/code-scanning-alert.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 56 KiB

After

Width:  |  Height:  |  Size: 268 KiB

BIN
assets/images/help/repository/code-scanning-branch-filter.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 184 KiB

BIN
assets/images/help/repository/code-scanning-delete-alerts.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 105 KiB

BIN
assets/images/help/repository/code-scanning-filter-by-rule.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 230 KiB

BIN
assets/images/help/repository/code-scanning-pr-alert.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 167 KiB

After

Width:  |  Height:  |  Size: 554 KiB

BIN
assets/images/help/repository/code-scanning-pr-annotation.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 58 KiB

After

Width:  |  Height:  |  Size: 137 KiB

BIN
assets/images/help/repository/code-scanning-show-paths.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 43 KiB

After

Width:  |  Height:  |  Size: 181 KiB

BIN
assets/images/help/repository/copy-link-button-updated.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 136 KiB

BIN
assets/images/help/repository/copy-link-button.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 38 KiB

After

Width:  |  Height:  |  Size: 87 KiB

BIN
assets/images/help/repository/delete-all-logs-updated.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 124 KiB

BIN
assets/images/help/repository/download-logs-drop-down-updated.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 86 KiB

BIN
assets/images/help/repository/failed-check-step.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 54 KiB

After

Width:  |  Height:  |  Size: 121 KiB

BIN
assets/images/help/repository/javascript-action-workflow-run-updated.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 219 KiB

BIN
assets/images/help/repository/search-log-box-updated.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 67 KiB

BIN
assets/images/help/repository/search-log-box.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 49 KiB

After

Width:  |  Height:  |  Size: 111 KiB

BIN
assets/images/help/repository/super-linter-workflow-results-updated.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 274 KiB

BIN
assets/images/help/repository/workflow-run-kebab-horizontal-icon-updated.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 98 KiB

20
content/actions/creating-actions/creating-a-composite-run-steps-action.md
View File

@@ -36,7 +36,7 @@ Before you begin, you'll create a {% data variables.product.product_name %} repo
echo "Goodbye"
```
1. From your terminal, make `goodbye.sh` executable and check it into your repository.
3. From your terminal, make `goodbye.sh` executable.
```shell
chmod +x goodbye.sh
@@ -85,14 +85,26 @@ Before you begin, you'll create a {% data variables.product.product_name %} repo
For more information about how to use `github.action_path`, see "[`github context`](/actions/reference/context-and-expression-syntax-for-github-actions#github-context)".
1. Create a new label. This example uses a label called `v1` for the main branch. For more information, see "[Creating a label
](/github/managing-your-work-on-github/creating-a-label)."
1. From your terminal, check in your `action.yml` file.
```shell
git add action.yml
git commit -m "Add action"
git push
```
1. From your terminal, add a tag. This example uses a tag called `v1`. For more information, see "[About actions](/actions/creating-actions/about-actions#using-release-management-for-actions)."
```shell
git tag -a -m "Description of this release" v1
git push --follow-tags
```
### Testing out your action in a workflow
The following workflow code uses the completed hello world action that you made in "[Creating an action metadata file](/actions/creating-actions/creating-a-composite-run-steps-action#creating-an-action-metadata-file)".
Copy the workflow code into a `.github/workflows/main.yml` file in another repository, but replace `actions/hello-world-composite-run-steps-action@v1` with the repository and label you created. You can also replace the `who-to-greet` input with your name.
Copy the workflow code into a `.github/workflows/main.yml` file in another repository, but replace `actions/hello-world-composite-run-steps-action@v1` with the repository and tag you created. You can also replace the `who-to-greet` input with your name.
{% raw %}
**.github/workflows/main.yml**

4
content/actions/creating-actions/creating-a-javascript-action.md
View File

@@ -263,4 +263,8 @@ jobs:
From your repository, click the **Actions** tab, and select the latest workflow run. You should see "Hello Mona the Octocat" or the name you used for the `who-to-greet` input and the timestamp printed in the log.
{% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@2.22" %}
![A screenshot of using your action in a workflow](/assets/images/help/repository/javascript-action-workflow-run-updated.png)
{% else %}
![A screenshot of using your action in a workflow](/assets/images/help/repository/javascript-action-workflow-run.png)
{% endif %}

2
content/actions/guides/building-and-testing-nodejs.md
View File

@@ -33,7 +33,7 @@ We recommend that you have a basic understanding of Node.js, YAML, workflow conf
To get started quickly, add the template to the `.github/workflows` directory of your repository.
{% raw %}
```yaml
```yaml{:copy}
name: Node.js CI
on: [push]

43
content/actions/index.md
View File

@@ -2,12 +2,15 @@
title: GitHub Actions Documentation
shortTitle: GitHub Actions
intro: 'Automate, customize, and execute your software development workflows right in your repository with {% data variables.product.prodname_actions %}. You can discover, create, and share actions to perform any job you''d like, including CI/CD, and combine actions in a completely customized workflow.'
introLinks:
quickstart: /actions/quickstart
learn: /actions/learn-github-actions
gettingStartedLinks:
- /actions/quickstart
- /actions/learn-github-actions
guideLinks:
- /actions/managing-workflow-runs
- /actions/hosting-your-own-runners
guideLinks:
- /actions/guides/setting-up-continuous-integration-using-workflow-templates
- /actions/guides/about-packaging-with-github-actions
popularLinks:
- /actions/reference/workflow-syntax-for-github-actions
- /actions/reference/events-that-trigger-workflows
@@ -36,10 +39,10 @@ versions:
<div class="d-lg-flex gutter my-6 py-6">
<div class="col-12 col-lg-4 mb-4 mb-lg-0">
<div class="featured-links-heading pb-4">
<h3 class="f5 text-normal text-mono underline-dashed color-gray-5">{% data ui.toc.getting_started %}</h3>
<h3 class="f5 text-normal text-mono underline-dashed color-gray-5">{% data ui.toc.guides %}</h3>
</div>
<ul class="list-style-none">
{% for link in gettingStartedLinks %}
{% for link in guideLinks %}
<li>{% include featured-link %}</li>
{% endfor %}
</ul>
@@ -61,40 +64,16 @@ versions:
<h3 class="f5 text-normal text-mono underline-dashed color-gray-5">Manage workflows</h3>
</div>
<ul class="list-style-none">
{% for link in guideLinks %}
{% for link in gettingStartedLinks %}
<li>{% include featured-link %}</li>
{% endfor %}
</ul>
</div>
</div>
<!-- Featured resources -->
<div class="d-lg-flex gutter-lg my-6 py-6 text-center flex-items-stretch">
<div class="col-12 col-lg-4 mb-2 mb-lg-0">
<a href="/actions/creating-actions" class="d-block text-gray-dark no-underline hover-grow Box p-5 bg-gray-light">
<div class="mb-4 d-flex flex-justify-center"><div class="circle p-3 bg-blue text-white">{% octicon "bookmark" width="24" %}</div></div>
<h4>Create actions</h4>
<p class="mb-0">A complete guide to creating and sharing actions with the community.</p>
</a>
</div>
<div class="col-12 col-lg-4 mb-2 mb-lg-0">
<a href="https://github.com/actions/starter-workflows" class="d-block text-gray-dark no-underline hover-grow Box p-5 bg-gray-light">
<div class="mb-4 d-flex flex-justify-center"><div class="circle p-3 bg-purple text-white">{% octicon "rocket" width="24" %}</div></div>
<h4>Starter workflows</h4>
<p class="mb-0">A collection of workflow files to help you get started with GitHub Actions.</p>
</a>
</div>
<div class="col-12 col-lg-4 mb-2 mb-lg-0">
<a href="https://github.com/marketplace?type=actions" class="d-block text-gray-dark no-underline hover-grow Box p-5 bg-gray-light">
<div class="mb-4 d-flex flex-justify-center"><div class="circle p-3 bg-orange text-white">{% octicon "light-bulb" width="24" %}</div></div>
<h4>GitHub Actions Marketplace</h4>
<p class="mb-0">Explore community actions and supercharge your workflow.</p>
</a>
</div>
</div>
<!-- Code examples -->
<div class="mt-6 pt-6">
<h2 class="mb-2">Guides</h2>
<h2 class="mb-2">More guides</h2>
<div class="d-flex flex-wrap gutter">
<div class="col-12 col-lg-4 mb-4">
@@ -195,5 +174,5 @@ versions:
</div>
</div>
<a href="/actions/guides" class="btn btn-outline mt-4">More guides {% octicon "arrow-right" %}</a>
<a href="/actions/guides" class="btn btn-outline mt-4">Show all guides {% octicon "arrow-right" %}</a>
</div>

5
content/actions/learn-github-actions/introduction-to-github-actions.md
View File

@@ -213,8 +213,13 @@ Once your job has started running, you can view each step's activity on {% data
![Screenshot of workflow results](/assets/images/help/images/learn-github-actions-workflow.png)
1. Under "Workflow runs", click the name of the run you want to see.
![Screenshot of workflow runs](/assets/images/help/images/learn-github-actions-run.png)
{% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@2.22" %}
1. Click on the job name to see the results of each step.
![Screenshot of workflow run details](/assets/images/help/images/overview-actions-result-updated.png)
{% else %}
1. Click on the job name to see the results of each step.
![Screenshot of workflow run details](/assets/images/help/images/overview-actions-result.png)
{% endif %}
### Next steps

57
content/actions/managing-workflow-runs/using-workflow-run-logs.md
View File

@@ -14,8 +14,6 @@ You can see whether a workflow run is in progress or complete from the workflow
If the run is complete, you can see whether the result was a success, failure, canceled, or neutral. If the run failed, you can view and search the build logs to diagnose the failure and re-run the workflow. You can also view billable job execution minutes, or download logs and build artifacts.
![Annotated workflow run image](/assets/images/help/repository/annotated-workflow.png)
{% data variables.product.prodname_actions %} use the Checks API to output statuses, results, and logs for a workflow. {% data variables.product.prodname_dotcom %} creates a new check suite for each workflow run. The check suite contains a check run for each job in the workflow, and each job includes steps. {% data variables.product.prodname_actions %} are run as a step in a workflow. For more information about the Checks API, see "[Checks](/v3/checks/)."
{% data reusables.github-actions.invalid-workflow-files %}
@@ -30,13 +28,11 @@ For jobs run on {% data variables.product.prodname_dotcom %}-hosted runners, "Se
{% data reusables.repositories.navigate-to-repo %}
{% data reusables.repositories.actions-tab %}
{% data reusables.repositories.navigate-to-workflow %}
{% data reusables.repositories.view-run %}
{% data reusables.repositories.navigate-to-job %}
6. To expand the log for a failed step, click the step.
![Failed step name](/assets/images/help/repository/failed-check-step.png)
7. Optionally, to get a link to a specific line in the logs, click on the step's line number. You can copy the link from the address bar of your web browser.
![Button to copy link](/assets/images/help/repository/copy-link-button.png)
{% data reusables.repositories.navigate-to-workflow-superlinter %}
{% data reusables.repositories.view-run-superlinter %}
{% data reusables.repositories.navigate-to-job-superlinter %}
{% data reusables.repositories.view-failed-job-results-superlinter %}
{% data reusables.repositories.view-specific-line-superlinter %}
### Searching logs
@@ -44,13 +40,18 @@ You can search the build logs for a particular step. When you search logs, only
{% data reusables.repositories.navigate-to-repo %}
{% data reusables.repositories.actions-tab %}
{% data reusables.repositories.navigate-to-workflow %}
{% data reusables.repositories.view-run %}
{% data reusables.repositories.navigate-to-job %}
6. To expand each step you want to include in your search, click the step.
{% data reusables.repositories.navigate-to-workflow-superlinter %}
{% data reusables.repositories.view-run-superlinter %}
{% data reusables.repositories.navigate-to-job-superlinter %}
{% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@2.22" %}
1. In the upper-right corner of the log output, in the **Search logs** search box, type a search query.
![Search box to search logs](/assets/images/help/repository/search-log-box-updated.png)
{% else %}
1. To expand each step you want to include in your search, click the step.
![Step name](/assets/images/help/repository/failed-check-step.png)
7. In the upper-right corner of the log output, in the **Search logs** search box, type a search query.
1. In the upper-right corner of the log output, in the **Search logs** search box, type a search query.
![Search box to search logs](/assets/images/help/repository/search-log-box.png)
{% endif %}
### Downloading logs
@@ -58,12 +59,16 @@ You can download the log files from your workflow run. You can also download a w
{% data reusables.repositories.navigate-to-repo %}
{% data reusables.repositories.actions-tab %}
{% data reusables.repositories.navigate-to-workflow %}
{% data reusables.repositories.view-run %}
1. In the left sidebar, select any job.
![Select a workflow job](/assets/images/help/repository/workflow-job.png)
2. In the upper right corner, click {% octicon "kebab-horizontal" aria-label="The horizontal kebab icon" %} and select **Download log archive**.
{% data reusables.repositories.navigate-to-workflow-superlinter %}
{% data reusables.repositories.view-run-superlinter %}
{% data reusables.repositories.navigate-to-job-superlinter %}
{% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@2.22" %}
1. In the upper right corner, click {% octicon "kebab-horizontal" aria-label="The horizontal kebab icon" %} and select **Download log archive**.
![Download logs drop-down menu](/assets/images/help/repository/download-logs-drop-down-updated.png)
{% else %}
1. In the upper right corner, click {% octicon "kebab-horizontal" aria-label="The horizontal kebab icon" %} and select **Download log archive**.
![Download logs drop-down menu](/assets/images/help/repository/download-logs-drop-down.png)
{% endif %}
### Deleting logs
@@ -71,10 +76,18 @@ You can delete the log files from your workflow run. {% data reusables.repositor
{% data reusables.repositories.navigate-to-repo %}
{% data reusables.repositories.actions-tab %}
{% data reusables.repositories.navigate-to-workflow %}
{% data reusables.repositories.view-run %}
{% data reusables.repositories.navigate-to-workflow-superlinter %}
{% data reusables.repositories.view-run-superlinter %}
{% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@2.22" %}
1. In the upper right corner, click {% octicon "kebab-horizontal" aria-label="The horizontal kebab icon" %}.
![Kebab-horizontal icon](/assets/images/help/repository/workflow-run-kebab-horizontal-icon-updated.png)
2. To delete the log files, click the **Delete all logs** button and review the confirmation prompt.
![Delete all logs](/assets/images/help/repository/delete-all-logs-updated.png)
After deleting logs, the **Delete all logs** button is removed to indicate that no log files remain in the workflow run.
{% else %}
1. In the upper right corner, click {% octicon "kebab-horizontal" aria-label="The horizontal kebab icon" %}.
![Kebab-horizontal icon](/assets/images/help/repository/workflow-run-kebab-horizontal-icon.png)
2. To delete the log files, click the **Delete all logs** button and review the confirmation prompt.
![Delete all logs](/assets/images/help/repository/delete-all-logs.png)
After deleting logs, the **Delete all logs** button is removed to indicate that no log files remain in the workflow run.
After the logs have been deleted, the **Delete all logs** button is removed to indicate that no log files remain in the workflow run.
{% endif %}

12
content/actions/quickstart.md
View File

@@ -21,7 +21,7 @@ You only need an existing {% data variables.product.prodname_dotcom %} repositor
1. From your repository on {% data variables.product.prodname_dotcom %}, create a new file in the `.github/workflows` directory named `superlinter.yml`. For more information, see "[Creating new files](/github/managing-files-in-a-repository/creating-new-files)."
2. Copy the following YAML contents into the `superlinter.yml` file. **Note:** If your default branch is not `main`, update the value of `DEFAULT_BRANCH` to match your repository's default branch name.
{% raw %}
```yaml
```yaml{:copy}
name: Super-Linter
# Run this workflow every time a new commit pushed to your repository
@@ -56,15 +56,13 @@ Committing the workflow file in your repository triggers the `push` event and ru
### Viewing your workflow results
{% data reusables.repositories.navigate-to-repo %}
{% data reusables.repositories.actions-tab %}
1. In the left sidebar, click the workflow you want to see.
![Workflow list in left sidebar](/assets/images/help/repository/superlinter-workflow-sidebar.png)
1. From the list of workflow runs, click the name of the run you want to see.
![Name of workflow run](/assets/images/help/repository/superlinter-run-name.png)
{% data reusables.repositories.navigate-to-workflow-superlinter %}
{% data reusables.repositories.view-run-superlinter %}
1. In the left sidebar, click the **Lint code base** job.
![Lint code base job](/assets/images/help/repository/superlinter-lint-code-base-job.png)
2. Expand the **Run Super-Linter** step to view the results.
![Super linter workflow results](/assets/images/help/repository/super-linter-workflow-results.png)
{% data reusables.repositories.view-failed-job-results-superlinter %}
### More starter workflows

2
content/actions/reference/context-and-expression-syntax-for-github-actions.md
View File

@@ -179,7 +179,7 @@ on: push
jobs:
one:
runs-on: ubuntu-16.04
runs-on: ubuntu-latest
steps:
- name: Dump GitHub context
env:

3
content/actions/reference/specifications-for-github-hosted-runners.md
View File

@@ -50,6 +50,7 @@ Each virtual machine has the same hardware resources available.
{% data reusables.github-actions.supported-github-runners %}
{% data reusables.github-actions.ubuntu-runner-preview %}
{% data reusables.github-actions.macos-runner-preview %}
Workflow logs list the runner used to run a job. For more information, see "[Viewing workflow run history](/actions/managing-workflow-runs/viewing-workflow-run-history)."
@@ -63,8 +64,10 @@ The software tools included in {% data variables.product.prodname_dotcom %}-host
* [Windows Server 2019](https://github.com/actions/virtual-environments/blob/main/images/win/Windows2019-Readme.md)
* [Windows Server 2016](https://github.com/actions/virtual-environments/blob/main/images/win/Windows2016-Readme.md)
* [MacOS 10.15](https://github.com/actions/virtual-environments/blob/main/images/macos/macos-10.15-Readme.md)
* [MacOS 11.0](https://github.com/actions/virtual-environments/blob/main/images/macos/macos-11.0-Readme.md)
{% data reusables.github-actions.ubuntu-runner-preview %}
{% data reusables.github-actions.macos-runner-preview %}
{% data variables.product.prodname_dotcom %}-hosted runners include the operating system's default built-in tools, in addition to the packages listed in the above references. For example, Ubuntu and macOS runners include `grep`, `find`, and `which`, among other default tools.

4
content/actions/reference/workflow-commands-for-github-actions.md
View File

@@ -53,13 +53,15 @@ core.setOutput('SELECTED_COLOR', 'green');
You can use the `set-output` command in your workflow to set the same value:
{% raw %}
``` yaml
- name: Set selected color
run: echo '::set-output name=SELECTED_COLOR::green'
id: random-color-generator
- name: Get color
run: echo 'The selected color is' ${steps.random-color-generator.outputs.SELECTED_COLOR}
run: echo "The selected color is ${{ steps.random-color-generator.outputs.SELECTED_COLOR }}"
```
{% endraw %}
The following table shows which toolkit functions are available within a workflow:

4
content/admin/enterprise-management/upgrade-requirements.md
View File

@@ -21,7 +21,7 @@ versions:
### Recommendations
- Include as few upgrades as possible in your upgrade process. For example, instead of upgrading from {% data variables.product.prodname_enterprise %} {{ enterpriseVersions.supported[2] }} to {{ enterpriseVersions.supported[1] }} to {{ enterpriseVersions.latest }}, you could upgrade from {% data variables.product.prodname_enterprise %} {{ enterpriseVersions.supported[2] }} to {{ enterpriseVersions.latest }}.
- Include as few upgrades as possible in your upgrade process. For example, instead of upgrading from {% data variables.product.prodname_enterprise %} {{ enterpriseServerReleases.supported[2] }} to {{ enterpriseServerReleases.supported[1] }} to {{ enterpriseServerReleases.latest }}, you could upgrade from {% data variables.product.prodname_enterprise %} {{ enterpriseServerReleases.supported[2] }} to {{ enterpriseServerReleases.latest }}.
- If youre several versions behind, upgrade {% data variables.product.product_location_enterprise %} as far forward as possible with each step of your upgrade process. Using the latest version possible on each upgrade allows you to take advantage of performance improvements and bug fixes. For example, you could upgrade from {% data variables.product.prodname_enterprise %} 2.7 to 2.8 to 2.10, but upgrading from {% data variables.product.prodname_enterprise %} 2.7 to 2.9 to 2.10 uses a later version in the second step.
- Use the latest patch release when upgrading. {% data reusables.enterprise_installation.enterprise-download-upgrade-pkg %}
- Use a staging instance to test the upgrade steps. For more information, see "[Setting up a staging instance](/enterprise/{{ currentVersion }}/admin/guides/installation/setting-up-a-staging-instance/)."
@@ -29,7 +29,7 @@ versions:
### Requirements
- You must upgrade from a feature release that's **at most** two releases behind. For example, to upgrade to {% data variables.product.prodname_enterprise %} {{ enterpriseVersions.latest }}, you must be on {% data variables.product.prodname_enterprise %} {{ enterpriseVersions.supported[1] }} or {{ enterpriseVersions.supported[2] }}.
- You must upgrade from a feature release that's **at most** two releases behind. For example, to upgrade to {% data variables.product.prodname_enterprise %} {{ enterpriseServerReleases.latest }}, you must be on {% data variables.product.prodname_enterprise %} {{ enterpriseServerReleases.supported[1] }} or {{ enterpriseServerReleases.supported[2] }}.
- {% data reusables.enterprise_installation.hotpatching-explanation %}
- A hotpatch may require downtime if the affected services (like kernel, MySQL, or Elasticsearch) require a VM reboot or a service restart. You'll be notified when a reboot or restart is required. You can complete the reboot or restart at a later time.
- Additional root storage must be available when upgrading through hotpatching, as it installs multiple versions of certain services until the upgrade is complete. Pre-flight checks will notify you if you don't have enough root disk storage.

2
content/admin/enterprise-support/about-github-enterprise-support.md
View File

@@ -59,7 +59,7 @@ For urgent issues, we can help you in English 24 hours per day, 7 days per week,
{% data variables.contact.enterprise_support %} observes these U.S. holidays, although our global support team is available to answer urgent tickets.
| U.S. holiday | Date observed in {{ "now" | date: "%Y" }} |
| U.S. holiday | Date observed |
| --- | --- |
| New Year's Day | January 1 |
| Martin Luther King, Jr. Day | Third Monday in January |

5
content/admin/enterprise-support/providing-data-to-github-support.md
View File

@@ -99,9 +99,10 @@ You can use these steps to create and share a support bundle if you have SSH acc
#### Uploading a support bundle using your enterprise account
{% data reusables.enterprise-accounts.access-enterprise %}
{% data reusables.enterprise-accounts.access-enterprise-on-dotcom %}
{% data reusables.enterprise-accounts.settings-tab %}
{% data reusables.enterprise-accounts.enterprise-licensing-tab %}
3. In the left sidebar, click **Enterprise licensing**.
!["Enterprise licensing" tab in the enterprise account settings sidebar](/assets/images/help/enterprises/enterprise-licensing-tab.png)
4. Under "{% data variables.product.prodname_enterprise %} Help", click **Upload a support bundle**.
![Upload a support bundle link](/assets/images/enterprise/support/upload-support-bundle.png)
5. Under "Select an enterprise account", select the support bundle's associated account from the drop-down menu.

5
content/admin/enterprise-support/submitting-a-ticket.md
View File

@@ -23,9 +23,10 @@ After submitting your support request and optional diagnostic information, {% da
### Submitting a ticket using your enterprise account
{% data reusables.enterprise-accounts.access-enterprise %}
{% data reusables.enterprise-accounts.access-enterprise-on-dotcom %}
{% data reusables.enterprise-accounts.settings-tab %}
{% data reusables.enterprise-accounts.enterprise-licensing-tab %}
3. In the left sidebar, click **Enterprise licensing**.
!["Enterprise licensing" tab in the enterprise account settings sidebar](/assets/images/help/enterprises/enterprise-licensing-tab.png)
4. Under "{% data variables.product.prodname_enterprise %} Help", click **{% data variables.contact.enterprise_support %} Portal**.
![Link to navigate to Enterprise support site](/assets/images/enterprise/support/enterprise-support-link.png)
5. Click **Submit a Ticket**

17
content/admin/overview/managing-your-github-enterprise-license.md
View File

@@ -30,9 +30,10 @@ After you purchase a new license or upgrade an existing license from {% data var
If you'd like to renew or add user licenses to {% data variables.product.prodname_enterprise %}, contact {% data variables.contact.contact_enterprise_sales %}. Your new license file will be available for download immediately after you complete your order.
{% data reusables.enterprise-accounts.access-enterprise %}
{% data reusables.enterprise-accounts.access-enterprise-on-dotcom %}
{% data reusables.enterprise-accounts.settings-tab %}
{% data reusables.enterprise-accounts.enterprise-licensing-tab %}
3. In the left sidebar, click **Enterprise licensing**.
!["Enterprise licensing" tab in the enterprise account settings sidebar](/assets/images/help/enterprises/enterprise-licensing-tab.png)
4. Under "Enterprise Server Instances", click {% octicon "download" aria-label="The download icon" %} to download your license file.
![Download GitHub Enterprise Server license](/assets/images/help/business-accounts/download-ghes-license.png)
5. Log into your {% data variables.product.prodname_ghe_server %} instance as a site administrator.
@@ -49,9 +50,10 @@ If you'd like to renew or add user licenses to {% data variables.product.prodnam
### Viewing license usage
{% data reusables.enterprise-accounts.access-enterprise %}
{% data reusables.enterprise-accounts.access-enterprise-on-dotcom %}
{% data reusables.enterprise-accounts.settings-tab %}
{% data reusables.enterprise-accounts.enterprise-licensing-tab %}
3. In the left sidebar, click **Enterprise licensing**.
!["Enterprise licensing" tab in the enterprise account settings sidebar](/assets/images/help/enterprises/enterprise-licensing-tab.png)
4. Review your current {% data variables.product.prodname_enterprise %} license, as well as consumed and available user licenses.
### Automatically syncing user license usage with {% data variables.product.prodname_ghe_cloud %}
@@ -68,10 +70,11 @@ You can download a JSON file from {% data variables.product.prodname_ghe_server
{% data reusables.enterprise-accounts.license-tab %}
5. Under "Quick links", to download a file containing your current license usage on {% data variables.product.prodname_ghe_server %}, click **Export license usage**.
![Export license usage link](/assets/images/enterprise/business-accounts/export-license-usage-link.png)
6. Navigate to {% data variables.product.prodname_ghe_cloud %}.
{% data reusables.enterprise-accounts.access-enterprise %}
{% data reusables.enterprise-accounts.access-enterprise-on-dotcom %}
{% data reusables.enterprise-accounts.settings-tab %}
{% data reusables.enterprise-accounts.enterprise-licensing-tab %}
8. In the left sidebar, click **Enterprise licensing**.
!["Enterprise licensing" tab in the enterprise account settings sidebar](/assets/images/help/enterprises/enterprise-licensing-tab.png)
{% data reusables.enterprise-accounts.license-tab %}
10. Under "Enterprise Server Instances", click **Add server usage**.
![Upload GitHub Enterprise Servers usage link](/assets/images/help/business-accounts/upload-ghe-server-usage-link.png)
11. Upload the JSON file you downloaded from {% data variables.product.prodname_ghe_server %}.

4
content/developers/apps/authenticating-with-github-apps.md
View File

@@ -38,7 +38,7 @@ To generate a private key:
{% endnote %}
### Verifying private keys
{% data variables.product.product_name %} generates a fingerprint for each private and public key pair using a SHA-1 hash function. You can verify that your private key matches the public key stored on {% data variables.product.product_name %} by generating the fingerprint of your private key and comparing it to the fingerprint shown on {% data variables.product.product_name %}.
{% data variables.product.product_name %} generates a fingerprint for each private and public key pair using the {% if currentVersion ver_lt "enterprise-server@2.23" %}SHA-1{% else %}SHA-256{% endif %} hash function. You can verify that your private key matches the public key stored on {% data variables.product.product_name %} by generating the fingerprint of your private key and comparing it to the fingerprint shown on {% data variables.product.product_name %}.
To verify a private key:
@@ -46,7 +46,7 @@ To verify a private key:
![Private key fingerprint](/assets/images/github-apps/github_apps_private_key_fingerprint.png)
2. Generate the fingerprint of your private key (PEM) locally by using the following command:
```shell
$ openssl rsa -in PATH_TO_PEM_FILE -pubout -outform DER | openssl sha1 -c
$ openssl rsa -in <em>PATH_TO_PEM_FILE</em> -pubout -outform DER | openssl {% if currentVersion ver_lt "enterprise-server@2.23" %}sha1 -c{% else %}sha256 -binary | openssl base64{% endif %}
```
3. Compare the results of the locally generated fingerprint to the fingerprint you see in {% data variables.product.product_name %}.

2
content/developers/apps/scopes-for-oauth-apps.md
View File

@@ -71,7 +71,7 @@ Name | Description
**`admin:gpg_key`** | Fully manage GPG keys.
&emsp;`write:gpg_key`| Create, list, and view details for GPG keys.
&emsp;`read:gpg_key`| List and view details for GPG keys.{% if currentVersion == "free-pro-team@latest" %}
**`workflow`** | Grants the ability to add and update {% data variables.product.prodname_actions %} workflow files. Workflow files can be committed without this scope if the same file (with both the same path and contents) exists on another branch in the same repository.{% endif %}
**`workflow`** | Grants the ability to add and update {% data variables.product.prodname_actions %} workflow files. Workflow files can be committed without this scope if the same file (with both the same path and contents) exists on another branch in the same repository. Workflow files can expose `GITHUB_TOKEN` which may have a different set of scopes, see https://docs.github.com/en/free-pro-team@latest/actions/reference/authentication-in-a-workflow#permissions-for-the-github_token for details.{% endif %}
{% note %}

2
content/developers/github-marketplace/about-github-marketplace.md
View File

@@ -14,7 +14,7 @@ versions:
{% data reusables.actions.actions-not-verified %}
To learn about publishing {% data variables.product.prodname_actions %} in the {% data variables.product.prodname_marketplace %}, see "[{% data variables.product.prodname_actions %} in the {% data variables.product.prodname_marketplace %}](/marketplace/actions/)."
To learn about publishing {% data variables.product.prodname_actions %} in the {% data variables.product.prodname_marketplace %}, see "[Publishing actions in GitHub Marketplace](/actions/creating-actions/publishing-actions-in-github-marketplace)."
### Apps

27
content/developers/webhooks-and-events/securing-your-webhooks.md
View File

@@ -34,9 +34,17 @@ $ export SECRET_TOKEN=<em>your_token</em>
### Validating payloads from GitHub
When your secret token is set, GitHub uses it to create a hash signature with each payload.
When your secret token is set, {% data variables.product.product_name %} uses it to create a hash signature with each payload. This hash signature is included with the headers of each request as {% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@2.22" or currentVersion == "private-instances@latest" %}`X-Hub-Signature-256`{% else if currentVersion ver_lt "enterprise-server@2.23" %}`X-Hub-Signature`{% endif %}.
This hash signature is passed along with each request in the headers as `X-Hub-Signature`. Suppose you have a basic server listening to webhooks that looks like this:
{% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@2.22" or currentVersion == "private-instances@latest" %}
{% note %}
**Note:** For backward-compatibility, we also include the `X-Hub-Signature` header that is generated using the SHA-1 hash function. If possible, we recommend that you use the `X-Hub-Signature-256` header for improved security. The example below demonstrate using the `X-Hub-Signature-256` header.
{% endnote %}
{% endif %}
For example, if you have a basic server that listens for webhooks, it might be configured similar to this:
``` ruby
require 'sinatra'
@@ -48,7 +56,7 @@ post '/payload' do
end
```
The goal is to compute a hash using your `SECRET_TOKEN`, and ensure that the hash from GitHub matches. GitHub uses an HMAC hexdigest to compute the hash, so you could change your server to look a little like this:
The intention is to calculate a hash using your `SECRET_TOKEN`, and ensure that the result matches the hash from {% data variables.product.product_name %}. {% data variables.product.product_name %} uses an HMAC hex digest to compute the hash, so you could reconfigure your server to look a little like this:
``` ruby
post '/payload' do
@@ -59,16 +67,21 @@ post '/payload' do
"I got some JSON: #{push.inspect}"
end
{% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@2.22" or currentVersion == "private-instances@latest" %}
def verify_signature(payload_body)
signature = 'sha256=' + OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'), ENV['SECRET_TOKEN'], payload_body)
return halt 500, "Signatures didn't match!" unless Rack::Utils.secure_compare(signature, request.env['HTTP_X_HUB_SIGNATURE_2'])
end{% else if currentVersion ver_lt "enterprise-server@2.23" %}
def verify_signature(payload_body)
signature = 'sha1=' + OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha1'), ENV['SECRET_TOKEN'], payload_body)
return halt 500, "Signatures didn't match!" unless Rack::Utils.secure_compare(signature, request.env['HTTP_X_HUB_SIGNATURE'])
end
end{% endif %}
```
Obviously, your language and server implementations may differ than this code. There are a couple of very important things to point out, however:
Your language and server implementations may differ from this example code. However, there are a number of very important things to point out:
* No matter which implementation you use, the hash signature starts with `sha1=`, using the key of your secret token and your payload body.
* No matter which implementation you use, the hash signature starts with {% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@2.22" or "private-instances@latest" %}`sha256=`{% else if currentVersion ver_lt "enterprise-server@2.23" %}`sha1=`{% endif %}, using the key of your secret token and your payload body.
* Using a plain `==` operator is **not advised**. A method like [`secure_compare`][secure_compare] performs a "constant time" string comparison, which renders it safe from certain timing attacks against regular equality operators.
* Using a plain `==` operator is **not advised**. A method like [`secure_compare`][secure_compare] performs a "constant time" string comparison, which helps mitigate certain timing attacks against regular equality operators.
[secure_compare]: http://rubydoc.info/github/rack/rack/master/Rack/Utils.secure_compare

2
content/developers/webhooks-and-events/testing-webhooks.md
View File

@@ -15,7 +15,7 @@ view provides some tooling for testing your deployed payloads.
### Listing recent deliveries
Every webhook has its own "Recent Deliveries" section, which lists, at a glance whether a deployment was successful (green check) or failed (red x). You can also identify when each delivery was attempted.
Every webhook has its own "Recent Deliveries" section, which lists, at a glance whether a delivery was successful (green check) or failed (red x). You can also identify when each delivery was attempted.
{% data variables.product.product_name %} keeps a log of each webhook delivery for {% if currentVersion == "free-pro-team@latest" %} 30 {% else %} 8 {% endif %} days.

10
content/developers/webhooks-and-events/webhook-events-and-payloads.md
View File

@@ -49,8 +49,9 @@ Header | Description
`X-GitHub-Event`| Name of the event that triggered the delivery.
`X-GitHub-Delivery`| A [GUID](http://en.wikipedia.org/wiki/Globally_unique_identifier) to identify the delivery.{% if currentVersion != "free-pro-team@latest" %}
`X-GitHub-Enterprise-Version` | The version of the {% data variables.product.prodname_ghe_server %} instance that sent the HTTP POST payload.
`X-GitHub-Enterprise-Host` | The hostname of the {% data variables.product.prodname_ghe_server %} instance that sent the HTTP POST payload.{% endif %}
`X-Hub-Signature`| The HMAC hex digest of the response body. This header will be sent if the webhook is configured with a [`secret`](/v3/repos/hooks/#create-hook-config-params). The HMAC hex digest is generated using the `sha1` hash function and the `secret` as the HMAC `key`.
`X-GitHub-Enterprise-Host` | The hostname of the {% data variables.product.prodname_ghe_server %} instance that sent the HTTP POST payload.{% endif %}{% if currentVersion != "private-instances@latest" %}
`X-Hub-Signature`| This header is sent if the webhook is configured with a [`secret`](/v3/repos/hooks/#create-hook-config-params). This is the HMAC hex digest of the request body, and is generated using the SHA-1 hash function and the `secret` as the HMAC `key`.{% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@2.22" %} `X-Hub-Signature` is provided for compatibility with existing integrations, and we recommend that you use the more secure `X-Hub-Signature-256` instead.{% endif %}{% endif %}{% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@2.22" or currentVersion == "private-instances@latest" %}
`X-Hub-Signature-256`| This header is sent if the webhook is configured with a [`secret`](/v3/repos/hooks/#create-hook-config-params). This is the HMAC hex digest of the request body, and is generated using the SHA-256 hash function and the `secret` as the HMAC `key`.{% endif %}
Also, the `User-Agent` for the requests will have the prefix `GitHub-Hookshot/`.
@@ -62,8 +63,9 @@ Also, the `User-Agent` for the requests will have the prefix `GitHub-Hookshot/`.
> Host: localhost:4567
> X-GitHub-Delivery: 72d3162e-cc78-11e3-81ab-4c9367dc0958{% if currentVersion != "free-pro-team@latest" %}
> X-GitHub-Enterprise-Version: 2.15.0
> X-GitHub-Enterprise-Host: example.com{% endif %}
> X-Hub-Signature: sha1=7d38cdd689735b008b3c702edd92eea23791c5f6
> X-GitHub-Enterprise-Host: example.com{% endif %}{% if currentVersion != "private-instances@latest" %}
> X-Hub-Signature: sha1=7d38cdd689735b008b3c702edd92eea23791c5f6{% endif %}{% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@2.22" or currentVersion == "private-instances@latest" %}
> X-Hub-Signature-256: sha256=d57c68ca6f92289e6987922ff26938930f6e66a2d161ef06abdf1859230aa23c{% endif %}
> User-Agent: GitHub-Hookshot/044aadd
> Content-Type: application/json
> Content-Length: 6615

2
content/github/authenticating-to-github/adding-a-new-ssh-key-to-your-github-account.md
View File

@@ -87,7 +87,7 @@ After adding a new SSH key to your {% data variables.product.product_name %} acc
$ sudo apt-get install xclip
# Downloads and installs xclip. If you don't have `apt-get`, you might need to use another installer (like `yum`)
$ xclip -sel clip &lt; ~/.ssh/id_rsa.pub
$ xclip -selection clipboard &lt; ~/.ssh/id_rsa.pub
# Copies the contents of the id_rsa.pub file to your clipboard
```
{% tip %}

2
content/github/building-a-strong-community/creating-a-default-community-health-file.md
View File

@@ -44,7 +44,7 @@ You cannot create a default license file. License files must be added to individ
![Owner drop-down menu](/assets/images/help/repository/create-repository-owner.png)
3. Type **.github** as the name for your repository, and an optional description.
![Create repository field](/assets/images/help/repository/default-file-repository-name.png)
4. Choose to make the repository public.
4. Make sure the repository status is set to **Public** (a repository for default files cannot be private).
![Radio buttons to select private or public status](/assets/images/help/repository/create-repository-public-private.png)
{% data reusables.repositories.initialize-with-readme %}
{% data reusables.repositories.create-repo %}

2
content/github/collaborating-with-issues-and-pull-requests/about-comparing-branches-in-pull-requests.md
View File

@@ -54,7 +54,7 @@ A two-dot diff compares two Git committish references, such as SHAs or OIDs (Obj
If you want to simulate a two-dot diff in a pull request and see a comparison between the most recent versions of each branch, you can merge the base branch into your topic branch, which updates the last common ancestor between your branches.
For more information about Git commands to compare changes, see "[Git diff options ](https://git-scm.com/docs/git-diff#git-diff-emgitdiffemltoptionsgtltcommitgtltcommitgt--ltpathgt82308203)" from the _Pro Git_ book site.
For more information about Git commands to compare changes, see "[Git diff options](https://git-scm.com/docs/git-diff#git-diff-emgitdiffemltoptionsgtltcommitgtltcommitgt--ltpathgt82308203)" from the _Pro Git_ book site.
### Reasons diffs will not display
- You've exceeded the total limit of files or certain file types. For more information, see "[Limits for viewing content and diffs in a repository](/articles/limits-for-viewing-content-and-diffs-in-a-repository/#diff-limits)."

7
content/github/collaborating-with-issues-and-pull-requests/about-pull-requests.md
View File

@@ -53,6 +53,13 @@ When you create a pull request, you can choose to create a pull request that is
{% data reusables.pull_requests.mark-ready-review %} You can convert a pull request to a draft at any time. For more information, see "[Changing the stage of a pull request](/articles/changing-the-stage-of-a-pull-request)."
### Differences between commits on compare and pull request pages
The compare and pull request pages use different methods to calculate the diff for changed files:
- Compare pages show the diff between the tip of the head ref and the current common ancestor (that is, the merge base) of the head and base ref.
- Pull request pages show the diff between the tip of the head ref and the common ancestor of the head and base ref at the time when the pull request was created. Consequently, the merge base used for the comparison might be different.
### Further reading
- "[Pull request](/articles/github-glossary/#pull-request)" in the {% data variables.product.prodname_dotcom %} glossary

3
content/github/creating-cloning-and-archiving-repositories/about-code-owners.md
View File

@@ -78,7 +78,8 @@ docs/* docs@example.com
apps/ @octocat
# In this example, @doctocat owns any file in the `/docs`
# directory in the root of your repository.
# directory in the root of your repository and any of its
# subdirectories.
/docs/ @doctocat
```

10
content/github/customizing-your-github-workflow/github-extensions-and-integrations.md
View File

@@ -10,7 +10,7 @@ versions:
### Editor tools
To streamline your workflow, you can connect to {% data variables.product.product_name %} repositories within third-party editor tools, such as Atom, Unity, and Visual Studio.
You can connect to {% data variables.product.product_name %} repositories within third-party editor tools, such as Atom, Unity, and Visual Studio.
#### {% data variables.product.product_name %} for Atom
@@ -30,8 +30,12 @@ With the {% data variables.product.prodname_dotcom %} for Visual Studio Code ext
### Project management tools
To streamline your workflow, you can integrate your {% data variables.product.product_name %} personal account or organization with third-party project management tools, such as Jira.
You can integrate your {% data variables.product.product_name %} personal account or organization with third-party project management tools, such as Jira or Slack.
#### Jira Cloud and {% data variables.product.product_name %}.com integration
You can integrate Jira Cloud with your personal or organization account to scan commits and pull requests, creating relevant metadata and hyperlinks in any mentioned Jira issues.
You can integrate Jira Cloud with your personal or organization account to scan commits and pull requests, creating relevant metadata and hyperlinks in any mentioned Jira issues. For more information, visit the [Jira integration app](https://github.com/marketplace/jira-software-github) in the marketplace.
#### Slack and {% data variables.product.product_name %} integration
You can integrate Slack with your personal or organization account to subscribe for notifications, close or open issues, and provide rich references to issues and pull requests without leaving Slack. For more information, visit the [Slack integration app](https://github.com/marketplace/slack-github) in the marketplace.

2
content/github/finding-security-vulnerabilities-and-errors-in-your-code/about-integration-with-code-scanning.md
View File

@@ -22,5 +22,5 @@ You can use {% data variables.product.prodname_code_scanning %} webhooks to buil
### Further reading
* "[About {% data variables.product.prodname_code_scanning %}](/github/finding-security-vulnerabilities-and-errors-in-your-code/about-code-scanning)"
* "[Using {% data variables.product.prodname_codeql %} {% data variables.product.prodname_code_scanning %} with your existing CI system
* "[Using {% data variables.product.prodname_codeql %} {% data variables.product.prodname_code_scanning %} with your existing CI system](/github/finding-security-vulnerabilities-and-errors-in-your-code/using-codeql-code-scanning-with-your-existing-ci-system)"
* "[SARIF support for {% data variables.product.prodname_code_scanning %}](/github/finding-security-vulnerabilities-and-errors-in-your-code/sarif-support-for-code-scanning)"

46
content/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning.md
View File

@@ -130,6 +130,52 @@ If your workflow does not contain a matrix called `language`, then {% data varia
with:
languages: cpp, csharp, python
```
{% if currentVersion == "free-pro-team@latest" %}
### Analyzing Python dependencies
For GitHub-hosted runners that use Linux only, the {% data variables.product.prodname_codeql_workflow %} will try to auto-install Python dependencies to give more results for the CodeQL analysis. You can control this behavior by specifying the `setup-python-dependencies` parameter for the action called by the "Initialize CodeQL" step. By default, this parameter is set to `true`:
- If the repository contains code written in Python, the "Initialize CodeQL" step installs the necessary dependencies on the GitHub-hosted runner. If the auto-install succeeds, the action also sets the environment variable `CODEQL_PYTHON` to the Python executable file that includes the dependencies.
- If the repository doesn't have any Python dependencies, or the dependencies are specified in an unexpected way, you'll get a warning and the action will continue with the remaining jobs. The action can run successfully even when there are problems interpreting dependencies, but the results may be incomplete.
Alternatively, you can install Python dependencies manually on any operating system. You will need to add `setup-python-dependencies` and set it to `false`, as well as set `CODEQL_PYTHON` to the Python executable that includes the dependencies, as shown in this workflow extract:
```yaml
jobs:
CodeQL-Build:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v2
with:
fetch-depth: 2
- name: Set up Python
uses: actions/setup-python@v2
with:
python-version: '3.x'
- name: Install dependencies
run: |
python -m pip install --upgrade pip
if [ -f requirements.txt ];
then pip install -r requirements.txt;
fi
# Set the `CODEQL-PYTHON` environment variable to the Python executable
# that includes the dependencies
echo "::set-env name=CODEQL_PYTHON::$(which python)"
- run: git checkout HEAD^2
if: ${{ github.event_name == 'pull_request' }}
- name: Initialize CodeQL
uses: github/codeql-action/init@v1
with:
languages: python
# Override the default behavior so that the action doesn't attempt
# to auto-install Python dependencies
setup-python-dependencies: false
```
{% endif %}
### Running additional queries

1
content/github/finding-security-vulnerabilities-and-errors-in-your-code/index.md
View File

@@ -18,6 +18,7 @@ versions:
{% link_in_list /configuring-code-scanning %}
{% link_in_list /configuring-the-codeql-workflow-for-compiled-languages %}
{% link_in_list /troubleshooting-the-codeql-workflow %}
{% link_in_list /running-codeql-code-scanning-in-a-container %}
{% topic_link_in_list /integrating-with-code-scanning %}
{% link_in_list /about-integration-with-code-scanning %}
{% link_in_list /uploading-a-sarif-file-to-github %}

68
content/github/finding-security-vulnerabilities-and-errors-in-your-code/managing-code-scanning-alerts-for-your-repository.md
View File

@@ -1,7 +1,7 @@
---
title: Managing code scanning alerts for your repository
shortTitle: Managing alerts
intro: 'You can view, fix, and close alerts for potential vulnerabilities or errors in your project''s code.'
intro: 'You can view, fix, dismiss, or delete alerts for potential vulnerabilities or errors in your project''s code.'
product: '{% data reusables.gated-features.code-scanning %}'
permissions: 'People with write permission to a repository can manage {% data variables.product.prodname_code_scanning %} alerts for the repository.'
versions:
@@ -28,7 +28,7 @@ Each alert highlights a problem with the code and the name of the tool that iden
If you enable {% data variables.product.prodname_code_scanning %} using {% data variables.product.prodname_codeql %}, this can also detect data-flow problems in your code. Data-flow analysis finds potential security issues in code, such as: using data insecurely, passing dangerous arguments to functions, and leaking sensitive information.
When {% data variables.product.prodname_code_scanning %} reports data-flow alerts, {% data variables.product.prodname_dotcom %} shows you how data moves through the code. {% data variables.product.prodname_code_scanning_capc %} allows you to identify the areas of your code that leak sensitive information, and that could be the entry point for attacks by malicious users.
When {% data variables.product.prodname_code_scanning_capc %} reports data-flow alerts, {% data variables.product.prodname_dotcom %} shows you how data moves through the code. {% data variables.product.prodname_code_scanning_capc %} allows you to identify the areas of your code that leak sensitive information, and that could be the entry point for attacks by malicious users.
### Viewing an alert
@@ -37,26 +37,72 @@ Anyone with read permission for a repository can see {% data variables.product.p
{% data reusables.repositories.navigate-to-repo %}
{% data reusables.repositories.sidebar-security %}
{% data reusables.repositories.sidebar-code-scanning-alerts %}
{% data reusables.code-scanning.click-alert-in-list %}
5. Optionally, if the alert highlights a problem with data flow, click **Show paths** to display the path from the data source to the sink where it's used.
![Example data-flow alert](/assets/images/help/repository/code-scanning-show-paths.png)
1. Under "{% data variables.product.prodname_code_scanning %}," click the alert you'd like to explore.
![Summary of alerts](/assets/images/help/repository/code-scanning-click-alert.png)
1. Optionally, if the alert highlights a problem with data flow, click **Show paths** to display the path from the data source to the sink where it's used.
![The "Show paths" link on an alert](/assets/images/help/repository/code-scanning-show-paths.png)
1. Alerts from {% data variables.product.prodname_codeql %} analysis include a description of the problem. Click **Show more** for guidance on how to fix your code.
![Details for an alert](/assets/images/help/repository/code-scanning-alert-details.png)
### Fixing an alert
Anyone with write permission for a repository can fix an alert by committing a correction to the code. If the repository has {% data variables.product.prodname_code_scanning %} scheduled to run on pull requests, it's best to raise a pull request with your correction. This will trigger {% data variables.product.prodname_code_scanning %} analysis of the changes and test that your fix doesn't introduce any new problems. For more information, see "[Configuring {% data variables.product.prodname_code_scanning %}](/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning)" and "[Triaging {% data variables.product.prodname_code_scanning %} alerts in pull requests](/github/finding-security-vulnerabilities-and-errors-in-your-code/triaging-code-scanning-alerts-in-pull-requests)."
### Closing an alert
If you have write permission for a repository, you can view fixed alerts by viewing the summary of alerts and clicking **Closed**. For more information, see "[Viewing an alert](#viewing-an-alert)." The "Closed" list shows fixed alerts and alerts that users have dismissed.
Closing an alert is a way to resolve an alert that you don't think needs to be fixed. {% data reusables.code-scanning.close-alert-examples %}
Alerts may be fixed in one branch but not in another. You can use the "Branch" drop-down menu, on the summary of alerts, to check whether an alert is fixed in a particular branch.
![Filtering alerts by branch](/assets/images/help/repository/code-scanning-branch-filter.png)
### Dismissing or deleting alerts
There are two ways of closing an alert. You can fix the problem in the code, or you can dismiss the alert. Alternatively, you can delete alerts. Deleting alerts is useful in situations where you have enabled a {% data variables.product.prodname_code_scanning %} tool and then decided to remove it, or where you have enabled {% data variables.product.prodname_codeql %} analysis with a larger set of queries than you want to continue using, and you've then removed some queries from the tool. In both cases, deleting alerts allows you to clean up your {% data variables.product.prodname_code_scanning %} results. You can delete alerts from the summary list within the **Security** tab.
Dismissing an alert is a way of closing an alert that you don't think needs to be fixed. {% data reusables.code-scanning.close-alert-examples %} You can dismiss alerts from {% data variables.product.prodname_code_scanning %} annotations in code, or from the summary list within the **Security** tab.
When you dismiss an alert:
- It's dismissed in all branches.
- The alert is removed from the number of current alerts for your project.
- The alert is moved to the "Closed" list in the summary of alerts, from where you can reopen it, if required.
- The reason why you closed the alert is recorded.
- Next time {% data variables.product.prodname_code_scanning %} runs, the same code won't generate an alert.
When you delete an alert:
- It's deleted in all branches.
- The alert is removed from the number of current alerts for your project.
- It is _not_ added to the "Closed" list in the summary of alerts.
- If the code that generated the alert stays the same, and the same {% data variables.product.prodname_code_scanning %} tool runs again without any configuration changes, the alert will be shown again in your analysis results.
To dismiss or delete alerts:
{% data reusables.repositories.navigate-to-repo %}
{% data reusables.repositories.sidebar-security %}
{% data reusables.repositories.sidebar-code-scanning-alerts %}
{% data reusables.code-scanning.click-alert-in-list %}
5. Select the Close drop-down menu and click a reason for closing the alert.
![Choosing reason for closing the alert via the Close drop-down](/assets/images/help/repository/code-scanning-alert-close-drop-down.png)
{% data reusables.code-scanning.false-positive-fix-codeql %}
1. If you want to delete alerts for this {% data variables.product.prodname_code_scanning %} tool, select some or all of the check boxes and click **Delete**.
![Deleting alerts](/assets/images/help/repository/code-scanning-delete-alerts.png)
Optionally, you can use the filters to display a subset of alerts and then delete all matching alerts at once. For example, if you have removed a query from {% data variables.product.prodname_codeql %} analysis, you can use the "Rule" filter to list just the alerts for that query and then select and delete all of those alerts.
![Filter alerts by rule](/assets/images/help/repository/code-scanning-filter-by-rule.png)
1. If you want to dismiss an alert, it's important to explore the alert first, so that you can choose the correct dismissal reason. Click the alert you'd like to explore.
![Open an alert from the summary list](/assets/images/help/repository/code-scanning-click-alert.png)
1. Review the alert, then click **Dismiss** and choose a reason for closing the alert.
![Choosing a reason for dismissing an alert](/assets/images/help/repository/code-scanning-alert-close-drop-down.png)
{% data reusables.code-scanning.choose-alert-dismissal-reason %}
{% data reusables.code-scanning.false-positive-fix-codeql %}
#### Dismissing multiple alerts at once
If a project has multiple alerts that you want to dismiss for the same reason, you can bulk dismiss them from the summary of alerts. Typically, you'll want to filter the list and then dismiss all of the matching alerts. For example, you might want to dismiss all of the current alerts in the project that have been tagged for a particular Common Weakness Enumeration (CWE) vulnerability.
### Further reading

69
content/github/finding-security-vulnerabilities-and-errors-in-your-code/running-codeql-code-scanning-in-a-container.md Normal file
View File

@@ -0,0 +1,69 @@
---
title: 'Running CodeQL code scanning in a container'
shortTitle: '{% data variables.product.prodname_code_scanning_capc %} in a container'
intro: 'You can run {% data variables.product.prodname_code_scanning %} in a container by ensuring that all processes run in the same container.'
product: '{% data reusables.gated-features.code-scanning %}'
versions:
free-pro-team: '*'
enterprise-server: '>=2.22'
---
{% data reusables.code-scanning.beta %}
### About {% data variables.product.prodname_code_scanning %} with a containerized build
If you're setting up {% data variables.product.prodname_code_scanning %} for a compiled language, and you're building the code in a containerized environment, the analysis may fail with the error message "No source code was seen during the build." This indicates that {% data variables.product.prodname_codeql %} was unable to monitor your code as it was compiled.
You must run {% data variables.product.prodname_codeql %} in the same container in which you build your code. This applies whether you are using the {% data variables.product.prodname_codeql_runner %}, or {% data variables.product.prodname_actions %}. If you're using the {% data variables.product.prodname_codeql_runner %}, run it in the container where your code builds. For more information about the {% data variables.product.prodname_codeql_runner %}, see "[Running {% data variables.product.prodname_codeql %} in your CI system](/github/finding-security-vulnerabilities-and-errors-in-your-code/running-code-scanning-in-your-ci-system)." If you're using {% data variables.product.prodname_actions %}, configure your workflow to run all the actions in the same container. For more information, see "[Example workflow](#example-workflow)."
### Dependencies
You may have difficulty running {% data variables.product.prodname_code_scanning %} if the container you're using is missing certain dependencies (for example, Git must be installed and added to the PATH variable). If you encounter dependency issues, review the list of software typically included on {% data variables.product.prodname_dotcom %}'s virtual environments. For more information, see the version-specific `readme` files in these locations:
* Linux: https://github.com/actions/virtual-environments/tree/main/images/linux
* MacOS: https://github.com/actions/virtual-environments/tree/main/images/macos
* Windows: https://github.com/actions/virtual-environments/tree/main/images/win
### Example workflow
This sample workflow uses {% data variables.product.prodname_actions %} to run {% data variables.product.prodname_codeql %} analysis in a containerized environment. The value of `container.image` identifies the container to use. In this example the image is named `codeql-container`, with a tag of `f0f91db`. For more information, see "[Workflow syntax for {% data variables.product.prodname_actions %}](/actions/reference/workflow-syntax-for-github-actions#jobsjob_idcontainer)."
``` yaml
name: "{% data variables.product.prodname_codeql %}"
on:
push:
branches: [main]
pull_request:
branches: [main]
schedule:
- cron: '0 0 * * 0'
jobs:
analyze:
name: Analyze
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
language: [java]
# Specify the container in which actions will run
container:
image: codeql-container:f0f91db
steps:
- name: Checkout repository
uses: actions/checkout@v2
- name: Initialize {% data variables.product.prodname_codeql %}
uses: github/codeql-action/init@v1
with:
languages: {% raw %}${{ matrix.language }}{% endraw %}
- name: Build
run: |
./configure
make
- name: Perform {% data variables.product.prodname_codeql %} Analysis
uses: github/codeql-action/analyze@v1
```

24
content/github/finding-security-vulnerabilities-and-errors-in-your-code/triaging-code-scanning-alerts-in-pull-requests.md
View File

@@ -15,9 +15,9 @@ versions:
In repositories where {% data variables.product.prodname_code_scanning %} is configured as a pull request check, {% data variables.product.prodname_code_scanning %} checks the code in the pull request. By default, this is limited to pull requests that target the default branch or protected branches, but you can change this configuration within {% data variables.product.prodname_actions %} or in a third-party CI/CD system. If merging the changes would introduce new {% data variables.product.prodname_code_scanning %} alerts to the target branch, these are reported as check results in the pull request. The alerts are also shown as annotations in the **Files changed** tab of the pull request. If you have write permission for the repository, you can see any existing {% data variables.product.prodname_code_scanning %} alerts on the **Security** tab. For information about repository alerts, see "[Managing {% data variables.product.prodname_code_scanning %} alerts for your repository](/github/finding-security-vulnerabilities-and-errors-in-your-code/managing-code-scanning-alerts-for-your-repository)."
If {% data variables.product.prodname_code_scanning %} has any results with a severity of `error`, the check fails and the error is reported in the check results. If all the results found by {% data variables.product.prodname_code_scanning %} have lower severities, the alerts are treated as warnings or notices and the check succeeds. If your pull request targets a protected branch, and the repository owner has configured required status checks, then you must either fix or close any error alerts before the pull request can be merged. For more information, see "[About required status checks](/github/administering-a-repository/about-required-status-checks)."
If {% data variables.product.prodname_code_scanning %} has any results with a severity of `error`, the check fails and the error is reported in the check results. If all the results found by {% data variables.product.prodname_code_scanning %} have lower severities, the alerts are treated as warnings or notices and the check succeeds. If your pull request targets a protected branch, and the repository owner has configured required status checks, then you must either fix or dismiss all error alerts before the pull request can be merged. For more information, see "[About required status checks](/github/administering-a-repository/about-required-status-checks)."
![Example pull request check status with {% data variables.product.prodname_code_scanning %} alert](/assets/images/help/repository/code-scanning-check-failure.png)
![Failed {% data variables.product.prodname_code_scanning %} check on a pull request](/assets/images/help/repository/code-scanning-check-failure.png)
### About {% data variables.product.prodname_code_scanning %} as a pull request check
@@ -29,20 +29,28 @@ If the repository uses the {% data variables.product.prodname_codeql_workflow %}
When you look at the **Files changed** tab for a pull request, you see annotations for any lines of code that triggered the alert.
![Example {% data variables.product.prodname_code_scanning %} alert shown as an annotation in the "Files changed" view of a pull request](/assets/images/help/repository/code-scanning-pr-annotation.png)
![Alert annotation within a pull request diff](/assets/images/help/repository/code-scanning-pr-annotation.png)
Some annotations contain links with extra context for the alert. In the example above, from {% data variables.product.prodname_codeql %} analysis, you can click **user-provided value** to see where the untrusted data enters the data flow (this is referred to as the source). In this case you can view the full path from the source to the code that uses the data (the sink) by clicking **Show paths**. This makes it easy to check whether the data is untrusted or if the analysis failed to recognize a data sanitization step between the source and the sink. For information about analyzing data flow using {% data variables.product.prodname_codeql %}, see "[About data flow analysis](https://help.semmle.com/QL/learn-ql/intro-to-data-flow.html)."
For more information about an alert, click **Show more details** on the annotation. This allows you to see all of the context and metadata provided by the tool in an alert view. In the example below, you can see tags showing the severity, type, and relevant common weakness enumerations (CWEs) for the problem. The view also shows which commit introduced the problem.
Alerts from some tools, like {% data variables.product.prodname_codeql %}, also include a description and a **Show more** link for guidance on how to fix the problem in the code.
In the detailed view for an alert, some {% data variables.product.prodname_code_scanning %} tools, like {% data variables.product.prodname_codeql %} analysis, also include a description of the problem and a **Show more** link for guidance on how to fix your code.
![Example of "Show more details" for a {% data variables.product.prodname_code_scanning %} alert in a pull request](/assets/images/help/repository/code-scanning-pr-alert.png)
![Alert description and link to show more information](/assets/images/help/repository/code-scanning-pr-alert.png)
### Resolving an alert on your pull request
### Fixing an alert on your pull request
Anyone with write permission for a repository can resolve alerts on a pull request. If you commit changes to the pull request this triggers a new run of the pull request checks. If your changes fix the problem, the alert is resolved and the annotation removed.
Anyone with write permission for a repository can fix a {% data variables.product.prodname_code_scanning %} alert that's identified on a pull request. If you commit changes to the pull request this triggers a new run of the pull request checks. If your changes fix the problem, the alert is closed and the annotation removed.
If you don't think that an alert needs to be fixed, you can close the alert manually. {% data reusables.code-scanning.close-alert-examples %} The **Close** button is available in annotations and in the alerts view if you have write permission for the repository.
### Dismissing an alert on your pull request
An alternative way of closing an alert is to dismiss it. You can dismiss an alert if you don't think it needs to be fixed. {% data reusables.code-scanning.close-alert-examples %} If you have write permission for the repository, the **Dismiss** button is available in code annotations and in the alerts summary. When you click **Dismiss** you will be prompted to choose a reason for closing the alert.
![Choosing a reason for dismissing an alert](/assets/images/help/repository/code-scanning-alert-close-drop-down.png)
{% data reusables.code-scanning.choose-alert-dismissal-reason %}
{% data reusables.code-scanning.false-positive-fix-codeql %}
For more information about dismissing alerts, see "[Managing {% data variables.product.prodname_code_scanning %} alerts for your repository](/github/finding-security-vulnerabilities-and-errors-in-your-code/managing-code-scanning-alerts-for-your-repository#dismissing-or-deleting-alerts)."

2
content/github/finding-security-vulnerabilities-and-errors-in-your-code/troubleshooting-codeql-code-scanning-in-your-ci-system.md
View File

@@ -50,4 +50,4 @@ If the `analyze` command for the {% data variables.product.prodname_codeql_runne
{% endnote %}
1. The code is built in a container or on a separate machine. If you use a containerized build or if you outsource the build to another machine, make sure to run the {% data variables.product.prodname_codeql_runner %} in the container or on the machine where your build task takes place.
1. The code is built in a container or on a separate machine. If you use a containerized build or if you outsource the build to another machine, make sure to run the {% data variables.product.prodname_codeql_runner %} in the container or on the machine where your build task takes place. For more information, see "[Running CodeQL code scanning in a container](/github/finding-security-vulnerabilities-and-errors-in-your-code/running-codeql-code-scanning-in-a-container)."

15
content/github/finding-security-vulnerabilities-and-errors-in-your-code/troubleshooting-the-codeql-workflow.md
View File

@@ -60,7 +60,11 @@ For more information, see the workflow extract in "[Automatic build for a compil
1. Your {% data variables.product.prodname_code_scanning %} workflow is analyzing a compiled language (C, C++, C#, or Java), but the code was not compiled. By default, the {% data variables.product.prodname_codeql %} analysis workflow contains an `autobuild` step, however, this step represents a best effort process, and may not succeed in building your code, depending on your specific build environment. Compilation may also fail if you have removed the `autobuild` step and did not include build steps manually. For more information about specifying build steps, see "[Configuring the {% data variables.product.prodname_codeql %} workflow for compiled languages](/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-the-codeql-workflow-for-compiled-languages#adding-build-steps-for-a-compiled-language)."
1. Your workflow is analyzing a compiled language (C, C++, C#, or Java), but portions of your build are cached to improve performance (most likely to occur with build systems like Gradle or Bazel). Since {% data variables.product.prodname_codeql %} observes the activity of the compiler to understand the data flows in a repository, {% data variables.product.prodname_codeql %} requires a complete build to take place in order to perform analysis.
1. Your workflow is analyzing a compiled language (C, C++, C#, or Java), but compilation does not occur between the `init` and `analyze` steps in the workflow. {% data variables.product.prodname_codeql %} requires that your build happens in between these two steps in order to observe the activity of the compiler and perform analysis.
1. Your compiled code (in C, C++, C#, or Java) was compiled successfully, but {% data variables.product.prodname_codeql %} was unable to detect the compiler invocations. The most common causes are certain configuration options like running your build process in a container, if you're building using a distributed build system external to {% data variables.product.prodname_actions %} using a daemon process, or if {% data variables.product.prodname_codeql %} isn't aware of the specific compiler you are using.
1. Your compiled code (in C, C++, C#, or Java) was compiled successfully, but {% data variables.product.prodname_codeql %} was unable to detect the compiler invocations. The most common causes are:
* Running your build process in a separate container to {% data variables.product.prodname_codeql %}. For more information, see "[Running CodeQL code scanning in a container](/github/finding-security-vulnerabilities-and-errors-in-your-code/running-codeql-code-scanning-in-a-container)."
* Building using a distributed build system external to GitHub Actions, using a daemon process.
* {% data variables.product.prodname_codeql %} isn't aware of the specific compiler you are using.
For C# projects using either `dotnet build` or `msbuild` which target .NET Core 2, you should specify `/p:UseSharedCompilation=false` in your workflow's `run` step, when you build your code. The `UseSharedCompilation` flag isn't necessary for .NET Core 3.0 and later.
@@ -114,3 +118,12 @@ If you split your analysis into multiple workflows as described above, we still
#### Run only during a `schedule` event
If your analysis is still too slow to be run during `push` or `pull_request` events, then you may want to only trigger analysis on the `schedule` event. For more information, see "[Events](/actions/learn-github-actions/introduction-to-github-actions#events)."
{% if currentVersion == "free-pro-team@latest" %}
### Results differ between analysis platforms
If you are analyzing code written in Python, you may see different results depending on whether you run the {% data variables.product.prodname_codeql_workflow %} on Linux, macOS, or Windows.
On GitHub-hosted runners that use Linux, the {% data variables.product.prodname_codeql_workflow %} tries to install and analyze Python dependencies, which could lead to more results. To disable the auto-install, add `setup-python-dependencies: false` to the "Initialize CodeQL" step of the workflow. For more information about configuring the analysis of Python dependencies, see "[Analyzing Python dependencies](/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#analyzing-python-dependencies)."
{% endif %}

1
content/github/managing-files-in-a-repository/navigating-code-on-github.md
View File

@@ -10,6 +10,7 @@ versions:
### About navigating code on {% data variables.product.prodname_dotcom %}
Navigating code functions use the open source library [`semantic`](https://github.com/github/semantic). The following languages are supported:
- C#
- CodeQL
- Go
- Java

10
content/github/managing-your-work-on-github/linking-a-pull-request-to-an-issue.md
View File

@@ -11,9 +11,15 @@ versions:
enterprise-server: '*'
---
{% note %}
**Note:** The special keywords in a pull request description are interpreted when the pull request targets the repository's *default* branch. However, if the PR's base is *any other branch*, then these keywords are ignored, no links are created and merging the PR has no effect on the issues. **If you want to link a pull request to an issue using a keyword, the PR must be on the default branch.**
{% endnote %}
### About linked issues and pull requests
You can link an issue to a pull request {% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@2.20" %}manually or {% endif %}using a supported keyword in the pull request description.
You can link an issue to a pull request {% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@2.20" %}manually or {% endif %}using a supported keyword in the pull request description.
When you link a pull request to the issue the pull request addresses, collaborators can see that someone is working on the issue. {% if currentVersion ver_lt "enterprise-server@2.21" %}If the pull request and the issue are in different repositories, {% data variables.product.product_name %} will display the link after the pull request is merged, if the person who merges the pull request also has permission to close the issue.{% endif %}
@@ -37,7 +43,7 @@ You can manually link up to ten issues to each pull request. The issue and pull
### Linking a pull request to an issue using a keyword
You can link a pull request to an issue by using a supported keyword in the pull request's description.
You can link a pull request to an issue by using a supported keyword in the pull request's description or in a commit message (please note that the pull request must be on the default branch).
* close
* closes

Some files were not shown because too many files have changed in this diff Show More