jprdonnelly/docs
1
0
Fork 0
mirror of synced 2026-01-07 09:01:31 -05:00
Code Issues Projects Releases Wiki Activity

Merge branch 'main' into update-gcm-info

Browse Source
This commit is contained in:
Vanessa
2021-11-25 09:05:54 +10:00
committed by GitHub
parent 1311b8e2c8 7e1dbaec8b
commit f2a109fa94
676 changed files with 25360 additions and 28172 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
data/learning-tracks/admin.yml
View File

@@ -1,6 +1,9 @@
get_started_with_github_ae:
title: 'Get started with {% data variables.product.prodname_ghe_managed %}'
description: 'Learn about {% data variables.product.prodname_ghe_managed %} and complete the initial configuration of a new enterprise.'
featured_track: true
versions:
ghae: '*'
guides:
- /admin/overview/about-github-ae
- /admin/overview/about-data-residency
@@ -12,6 +15,8 @@ deploy_an_instance:
title: 'Deploy an instance'
description: 'Install {% data variables.product.prodname_ghe_server %} on your platform of choice and configure SAML authentication.'
featured_track: true
versions:
ghes: '*'
guides:
- /admin/overview/system-overview
- /admin/installation
@@ -23,6 +28,8 @@ deploy_an_instance:
upgrade_your_instance:
title: 'Upgrade your instance'
description: 'Test upgrades in staging, notify users of maintenance, and upgrade your instance for the latest features and security updates.'
versions:
ghes: '*'
guides:
- /admin/enterprise-management/enabling-automatic-update-checks
- /admin/installation/setting-up-a-staging-instance
@@ -46,6 +53,8 @@ adopting_github_actions_for_your_enterprise:
increase_fault_tolerance:
title: 'Increase the fault tolerance of your instance'
description: "Back up your developers' code and configure high availability (HA) to ensure the reliability of {% data variables.product.prodname_ghe_server %} in your environment."
versions:
ghes: '*'
guides:
- /admin/configuration/accessing-the-administrative-shell-ssh
- /admin/configuration/configuring-backups-on-your-appliance
@@ -56,6 +65,8 @@ increase_fault_tolerance:
improve_security_of_your_instance:
title: 'Improve the security of your instance'
description: "Review network configuration and security features, and harden the instance running {% data variables.product.prodname_ghe_server %} to protect your enterprise's data."
versions:
ghes: '*'
guides:
- /admin/configuration/enabling-private-mode
- /admin/guides/installation/configuring-tls
@@ -70,6 +81,8 @@ improve_security_of_your_instance:
configure_github_actions:
title: 'Configure {% data variables.product.prodname_actions %}'
description: 'Allow your developers to create, automate, customize, and execute powerful software development workflows for {% data variables.product.product_location %} with {% data variables.product.prodname_actions %}.'
versions:
ghes: '*'
guides:
- /admin/github-actions/getting-started-with-github-actions-for-github-enterprise-server
- /admin/github-actions/enforcing-github-actions-policies-for-your-enterprise
@@ -81,6 +94,8 @@ configure_github_actions:
configure_github_advanced_security:
title: 'Configure {% data variables.product.prodname_GH_advanced_security %}'
description: "Improve the quality and security of your developers' code with {% data variables.product.prodname_GH_advanced_security %}."
versions:
ghes: '*'
guides:
- /admin/advanced-security/about-licensing-for-github-advanced-security
- /admin/advanced-security/enabling-github-advanced-security-for-your-enterprise
@@ -91,6 +106,9 @@ configure_github_advanced_security:
get_started_with_your_enterprise_account:
title: 'Get started with your enterprise account'
description: 'Get started with your enterprise account to centrally manage multiple organizations on {% data variables.product.product_name %}.'
versions:
ghes: '*'
ghec: '*'
guides:
- /admin/overview/about-enterprise-accounts
- /billing/managing-billing-for-your-github-account/about-billing-for-your-enterprise

20
data/release-notes/enterprise-server/3-0/20.yml Normal file
View File

@@ -0,0 +1,20 @@
date: '2021-11-23'
sections:
security_fixes:
- Packages have been updated to the latest security versions.
bugs:
- Pre-receive hooks would fail due to undefined `PATH`.
- 'Running `ghe-repl-setup` would return an error: `cannot create directory /data/user/elasticsearch: File exists` if the instance had previously been configured as a replica.'
- In large cluster environments, the authentication backend could be unavailable on a subset of frontend nodes.
- Some critical services may not have been available on backend nodes in GHES Cluster.
changes:
- An additional outer layer of `gzip` compression when creating a cluster support bundle with `ghe-cluster-suport-bundle` is now turned off by default. This outer compression can optionally be applied with the `ghe-cluster-suport-bundle -c` command line option.
- We have added extra text to the admin console to remind users about the mobile apps' data collection for experience improvement purposes.
known_issues:
- On a freshly set up {% data variables.product.prodname_ghe_server %} without any users, an attacker could create the first admin user.
- Custom firewall rules are removed during the upgrade process.
- Git LFS tracked files [uploaded through the web interface](https://github.com/blog/2105-upload-files-to-your-repositories) are incorrectly added directly to the repository.
- Issues cannot be closed if they contain a permalink to a blob in the same repository, where the blob's file path is longer than 255 characters.
- When "Users can search GitHub.com" is enabled with GitHub Connect, issues in private and internal repositories are not included in GitHub.com search results.
- When a replica node is offline in a high availability configuration, {% data variables.product.product_name %} may still route {% data variables.product.prodname_pages %} requests to the offline node, reducing the availability of {% data variables.product.prodname_pages %} for users.
- Resource limits that are specific to processing pre-receive hooks may cause some pre-receive hooks to fail.

23
data/release-notes/enterprise-server/3-1/12.yml Normal file
View File

@@ -0,0 +1,23 @@
date: '2021-11-23'
sections:
security_fixes:
- Packages have been updated to the latest security versions.
bugs:
- Running `ghe-repl-start` or `ghe-repl-status` would sometimes return errors connecting to the database when GitHub Actions was enabled.
- Pre-receive hooks would fail due to undefined `PATH`.
- 'Running `ghe-repl-setup` would return an error: `cannot create directory /data/user/elasticsearch: File exists` if the instance had previously been configured as a replica.'
- 'After setting up a high availability replica, `ghe-repl-status` included an error in the output: `unexpected unclosed action in command`.'
- In large cluster environments, the authentication backend could be unavailable on a subset of frontend nodes.
- Some critical services may not have been available on backend nodes in GHES Cluster.
changes:
- An additional outer layer of `gzip` compression when creating a cluster support bundle with `ghe-cluster-suport-bundle` is now turned off by default. This outer compression can optionally be applied with the `ghe-cluster-suport-bundle -c` command line option.
- We have added extra text to the admin console to remind users about the mobile apps' data collection for experience improvement purposes.
known_issues:
- The {% data variables.product.prodname_registry %} npm registry no longer returns a time value in metadata responses. This was done to allow for substantial performance improvements. We continue to have all the data necessary to return a time value as part of the metadata response and will resume returning this value in the future once we have solved the existing performance issues.
- On a freshly set up {% data variables.product.prodname_ghe_server %} without any users, an attacker could create the first admin user.
- Custom firewall rules are removed during the upgrade process.
- Git LFS tracked files [uploaded through the web interface](https://github.com/blog/2105-upload-files-to-your-repositories) are incorrectly added directly to the repository.
- Issues cannot be closed if they contain a permalink to a blob in the same repository, where the blob's file path is longer than 255 characters.
- When "Users can search GitHub.com" is enabled with GitHub Connect, issues in private and internal repositories are not included in GitHub.com search results.
- If {% data variables.product.prodname_actions %} is enabled for {% data variables.product.prodname_ghe_server %}, teardown of a replica node with `ghe-repl-teardown` will succeed, but may return `ERROR:Running migrations`.
- Resource limits that are specific to processing pre-receive hooks may cause some pre-receive hooks to fail.

27
data/release-notes/enterprise-server/3-2/4.yml Normal file
View File

@@ -0,0 +1,27 @@
date: '2021-11-23'
sections:
security_fixes:
- Packages have been updated to the latest security versions.
bugs:
- Running `ghe-repl-start` or `ghe-repl-status` would sometimes return errors connecting to the database when GitHub Actions was enabled.
- Pre-receive hooks would fail due to undefined `PATH`.
- 'Running `ghe-repl-setup` would return an error: `cannot create directory /data/user/elasticsearch: File exists` if the instance had previously been configured as a replica.'
- 'Running `ghe-support-bundle` returned an error: `integer expression expected`.'
- 'After setting up a high availability replica, `ghe-repl-status` included an error in the output: `unexpected unclosed action in command`.'
- In large cluster environments, the authentication backend could be unavailable on a subset of frontend nodes.
- Some critical services may not have been available on backend nodes in GHES Cluster.
- The repository permissions to the user returned by the `/repos` API would not return the full list.
- The `childTeams` connection on the `Team` object in the GraphQL schema produced incorrect results under some circumstances.
- In a high availability configuration, repository maintenance always showed up as failed in stafftools, even when it succeeded.
- User defined patterns would not detect secrets in files like `package.json` or `yarn.lock`.
changes:
- An additional outer layer of `gzip` compression when creating a cluster support bundle with `ghe-cluster-suport-bundle` is now turned off by default. This outer compression can optionally be applied with the `ghe-cluster-suport-bundle -c` command line option.
- We have added extra text to the admin console to remind users about the mobile apps' data collection for experience improvement purposes.
known_issues:
- On a freshly set up {% data variables.product.prodname_ghe_server %} without any users, an attacker could create the first admin user.
- Custom firewall rules are removed during the upgrade process.
- Git LFS tracked files [uploaded through the web interface](https://github.com/blog/2105-upload-files-to-your-repositories) are incorrectly added directly to the repository.
- Issues cannot be closed if they contain a permalink to a blob in the same repository, where the blob's file path is longer than 255 characters.
- When "Users can search GitHub.com" is enabled with GitHub Connect, issues in private and internal repositories are not included in GitHub.com search results.
- The {% data variables.product.prodname_registry %} npm registry no longer returns a time value in metadata responses. This was done to allow for substantial performance improvements. We continue to have all the data necessary to return a time value as part of the metadata response and will resume returning this value in the future once we have solved the existing performance issues.
- Resource limits that are specific to processing pre-receive hooks may cause some pre-receive hooks to fail.

2
data/reusables/actions/actions-audit-events-workflow.md
View File

@@ -7,6 +7,6 @@
| `disable_workflow` | Triggered when a workflow is disabled.
| `enable_workflow` | Triggered when a workflow is enabled, after previously being disabled by `disable_workflow`.
| `rerun_workflow_run` | Triggered when a workflow run is re-run. For more information, see "[Re-running a workflow](/actions/managing-workflow-runs/re-running-a-workflow)."{% endif %}{% ifversion fpt or ghec or ghes > 3.2 or ghae-issue-4963 %}
| `prepared_workflow_job` | Triggered when a workflow job is started. Includes the list of secrets that were provided to the job. Can only be viewed using the REST API; not visible in the UI or the JSON/CSV export. For more information, see "[Events that trigger workflows](/actions/reference/events-that-trigger-workflows)."{% endif %}{% ifversion fpt or ghes > 3.1 or ghae-issue-1157 or ghec %}
| `prepared_workflow_job` | Triggered when a workflow job is started. Includes the list of secrets that were provided to the job. Can only be viewed using the REST API. It is not visible in the the {% data variables.product.prodname_dotcom %} web interface or included in the JSON/CSV export. For more information, see "[Events that trigger workflows](/actions/reference/events-that-trigger-workflows)."{% endif %}{% ifversion fpt or ghes > 3.1 or ghae-issue-1157 or ghec %}
| `approve_workflow_job` | Triggered when a workflow job has been approved. For more information, see "[Reviewing deployments](/actions/managing-workflow-runs/reviewing-deployments)."
| `reject_workflow_job` | Triggered when a workflow job has been rejected. For more information, see "[Reviewing deployments](/actions/managing-workflow-runs/reviewing-deployments)."{% endif %}

13
data/reusables/actions/pass-inputs-to-reusable-workflows.md Normal file
View File

@@ -0,0 +1,13 @@
To pass named inputs to a called workflow, use the `with` keyword in a job. Use the `secrets` keyword to pass named secrets. For inputs, the data type of the input value must match the type specified in the called workflow (either boolean, number, or string).
{% raw %}
```yaml
jobs:
call-workflow-passing-data:
uses: octo-org/example-repo/.github/workflows/reusable-workflow.yml@main
with:
username: mona
secrets:
envPAT: ${{ secrets.envPAT }}
```
{% endraw %}

3
data/reusables/actions/self-hosted-runner-ports-protocols.md Normal file
View File

@@ -0,0 +1,3 @@
{% ifversion ghes or ghae %}
The connection between self-hosted runners and {% data variables.product.product_name %} is over HTTP (port 80) and HTTPS (port 443).
{% endif %}

2
data/reusables/secret-scanning/api-beta.md
View File

@@ -1,4 +1,4 @@
{% ifversion ghes > 3.0 %}
{% ifversion ghes > 3.0 or ghae-next %}
{% note %}

4
data/reusables/secret-scanning/partner-secret-list-private-repo.md
View File

@@ -187,6 +187,10 @@ Shopify | Shopify Private App Password | shopify_private_app_password
Slack | Slack API Token | slack_api_token
Slack | Slack Incoming Webhook URL | slack_incoming_webhook_url
Slack | Slack Workflow Webhook URL | slack_workflow_webhook_url
{%- ifversion fpt or ghec or ghes > 3.3 %}
Square | Square Production Application Secret | square_production_application_secret{% endif %}
{%- ifversion fpt or ghec or ghes > 3.3 %}
Square | Square Sandbox Application Secret | square_sandbox_application_secret{% endif %}
SSLMate | SSLMate API Key | sslmate_api_key
SSLMate | SSLMate Cluster Secret | sslmate_cluster_secret
Stripe | Stripe API Key | stripe_api_key