From cb0d3cc126bfbcfbe3beb90a0d41a79a13284401 Mon Sep 17 00:00:00 2001 From: Jacob Wallraff Date: Thu, 16 Oct 2025 01:40:02 -0700 Subject: [PATCH] Add repo-ci-cd-admin version and update relevant docs (#57803) Co-authored-by: Ben Ahmady <32935794+subatoi@users.noreply.github.com> --- .../repository-roles-for-an-organization.md | 10 ++++------ data/features/repo-ci-cd-admin.yml | 5 +++++ ...rmissions-statement-secrets-variables-repository.md | 2 +- 3 files changed, 10 insertions(+), 7 deletions(-) create mode 100644 data/features/repo-ci-cd-admin.yml diff --git a/content/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/repository-roles-for-an-organization.md b/content/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/repository-roles-for-an-organization.md index 44f0828cf5..e2a0dd198f 100644 --- a/content/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/repository-roles-for-an-organization.md +++ b/content/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/repository-roles-for-an-organization.md @@ -99,17 +99,15 @@ Some of the features listed below are limited to organizations using {% data var | {% ifversion fpt or ghec %} | | Create, edit, run, re-run, and cancel [GitHub Actions workflows](/actions) | | | | | | | {% endif %} | -| {% ifversion fpt or ghec %} | +| {% ifversion repo-ci-cd-admin %} | | Create, update, and delete [GitHub Actions secrets](/actions/security-guides/using-secrets-in-github-actions) on GitHub.com | | | | | | -| {% endif %} | -| {% ifversion ghes %} | +| {% else %} | | Create, update, and delete [GitHub Actions secrets](/actions/security-guides/using-secrets-in-github-actions) on GitHub.com | | | | | | | {% endif %} | | Create, update, and delete [GitHub Actions secrets](/rest/actions/secrets) using the REST API | | | | | | -| {% ifversion fpt or ghec %} | +| {% ifversion repo-ci-cd-admin %} | | Create, update, and delete [GitHub Actions variables](/actions/how-tos/writing-workflows/choosing-what-your-workflow-does/store-information-in-variables) on GitHub.com | | | | | | -| {% endif %} | -| {% ifversion ghes %} | +| {% else %} | | Create, update, and delete [GitHub Actions variables](/actions/how-tos/writing-workflows/choosing-what-your-workflow-does/store-information-in-variables) on GitHub.com | | | | | | | {% endif %} | | Create, update, and delete [GitHub Actions variables](/rest/actions/variables) using the REST API | | | | | | diff --git a/data/features/repo-ci-cd-admin.yml b/data/features/repo-ci-cd-admin.yml new file mode 100644 index 0000000000..ce685cdd0e --- /dev/null +++ b/data/features/repo-ci-cd-admin.yml @@ -0,0 +1,5 @@ +# Versioning for repo/org/enterprise policy settings for actions blocklist and SHA pinning policies. +versions: + fpt: '*' + ghec: '*' + ghes: '>=3.19' diff --git a/data/reusables/actions/permissions-statement-secrets-variables-repository.md b/data/reusables/actions/permissions-statement-secrets-variables-repository.md index 0e7a451322..f1c4a073ca 100644 --- a/data/reusables/actions/permissions-statement-secrets-variables-repository.md +++ b/data/reusables/actions/permissions-statement-secrets-variables-repository.md @@ -1 +1 @@ -To create secrets or variables on {% data variables.product.prodname_dotcom %} for a personal account repository, you must be the repository owner. To create secrets or variables on {% data variables.product.prodname_dotcom %} for an organization repository, you must have {% ifversion ghec %} `write` {% endif %}{% ifversion fpt or ghes %} `admin` {% endif %} access. Lastly, to create secrets or variables for a personal account repository or an organization repository through the REST API, you must have collaborator access. +{% ifversion repo-ci-cd-admin %}To create secrets or variables on {% data variables.product.prodname_dotcom %} for an organization repository, you must have `write` access.{% else %}To create secrets or variables on {% data variables.product.prodname_dotcom %} for an organization repository, you must have `admin` access.{% endif %} For a personal account repository, you must be the repository owner to create secrets or variable in the web UI or a repository collaborator to create secrets or variables through the REST API.