From 5ced8c08fab4bb40a42ce899ff148a58afb37cd0 Mon Sep 17 00:00:00 2001 From: Felicity Chapman Date: Wed, 15 Jan 2025 08:33:57 +0000 Subject: [PATCH 1/3] Hack week 2025: fix warnings in account-and-profile (except code length) - renamed branch (#53917) Co-authored-by: Vanessa --- .../configuring-notifications.md | 10 +++------- .../personalizing-your-profile.md | 4 ---- ...ontinuity-of-your-personal-accounts-repositories.md | 2 +- .../managing-accessibility-settings.md | 4 ---- ...-and-analysis-settings-for-your-personal-account.md | 2 +- ...eferences-for-githubs-enterprise-marketing-pages.md | 2 +- .../managing-your-scheduled-reminders.md | 6 +++--- .../publicizing-or-hiding-organization-membership.md | 2 +- .../requesting-organization-approval-for-oauth-apps.md | 2 +- .../converting-a-user-into-an-organization.md | 2 +- .../about-oauth-app-access-restrictions.md | 3 +-- .../approving-oauth-apps-for-your-organization.md | 3 +-- .../about-programmatic-access-in-your-organization.md | 2 +- data/reusables/dependency-graph/sbom-intro.md | 8 ++++---- 14 files changed, 19 insertions(+), 33 deletions(-) diff --git a/content/account-and-profile/managing-subscriptions-and-notifications-on-github/setting-up-notifications/configuring-notifications.md b/content/account-and-profile/managing-subscriptions-and-notifications-on-github/setting-up-notifications/configuring-notifications.md index e4f61014d69d..3543aa1229ad 100644 --- a/content/account-and-profile/managing-subscriptions-and-notifications-on-github/setting-up-notifications/configuring-notifications.md +++ b/content/account-and-profile/managing-subscriptions-and-notifications-on-github/setting-up-notifications/configuring-notifications.md @@ -79,7 +79,7 @@ Anytime you comment in a conversation or when someone @mentions your username, y For conversations you're watching or participating in, you can choose whether you want to receive notifications by email or through the notifications inbox. For more information, see [Choosing your notification settings](/account-and-profile/managing-subscriptions-and-notifications-on-github/setting-up-notifications/configuring-notifications#choosing-your-notification-settings). -![Screenshot of the "Notification settings" page. The "Participating" and "Watching" settings are shown, each with two checkbox options, titled "Email" and "Web and Mobile".](/assets/images/help/notifications-v2/participating-and-watching-options.png){% endif %} +![Screenshot of the "Notification settings" page. "Participating" and "Watching" each have two checkbox options: "Email" and "Web and Mobile".](/assets/images/help/notifications-v2/participating-and-watching-options.png){% endif %} For example, on your "Notification settings" page: * If you don't want notifications to be sent to your email, deselect **email** for participating and watching notifications. @@ -236,8 +236,6 @@ For more information about the notification delivery methods available to you, a For more information on how to configure notifications for {% data variables.secret-scanning.alerts %}, see [AUTOTITLE](/code-security/secret-scanning/managing-alerts-from-secret-scanning/monitoring-alerts). -{% ifversion update-notification-settings-22 or ghes %} - ## {% data variables.product.prodname_actions %} notification options For repositories that are set up with {% data variables.product.prodname_actions %} and that you are watching, you can choose how you want to receive workflow run updates. @@ -245,7 +243,7 @@ For repositories that are set up with {% data variables.product.prodname_actions {% ifversion update-notification-settings-22 %} 1. On the "Notification settings" page, under "System", then under "Actions", select the **Don't notify** dropdown menu. - ![Screenshot of the "System" section of the notification settings. Under "Actions," a dropdown menu, titled "Don't notify", is highlighted with an orange outline.](/assets/images/help/notifications/github-actions-customize-notifications.png) + ![Screenshot of the "System" section of the notification settings. Under "Actions," a dropdown menu, titled "Don't notify", is outlined in orange.](/assets/images/help/notifications/github-actions-customize-notifications.png) 1. To opt into web notifications, from the dropdown menu, select "On {% data variables.product.prodname_dotcom %}." To opt into email notifications, from the dropdown menu, select "Email." @@ -254,9 +252,7 @@ For repositories that are set up with {% data variables.product.prodname_actions {% ifversion ghes %} On the "Notification settings" page, select "Email" or "Web" notifications. Optionally, to only receive notifications for failed workflow runs, select "Send notifications for failed workflows only". -![Screenshot of the "Actions" section on the "Notification settings" page. Three checkboxes, titled "Email", "Web", and "Send notifications for failed workflows only", are shown.](/assets/images/help/notifications-v2/github-actions-notification-options.png){% endif %} - -{% endif %} +![Screenshot of the "Actions" section of "Notification settings" with checkboxes: "Email", "Web", and "Send notifications for failed workflows only."](/assets/images/help/notifications-v2/github-actions-notification-options.png){% endif %} ## Organization alerts notification options diff --git a/content/account-and-profile/setting-up-and-managing-your-github-profile/customizing-your-profile/personalizing-your-profile.md b/content/account-and-profile/setting-up-and-managing-your-github-profile/customizing-your-profile/personalizing-your-profile.md index cd27989dd8a6..eacef672a92d 100644 --- a/content/account-and-profile/setting-up-and-managing-your-github-profile/customizing-your-profile/personalizing-your-profile.md +++ b/content/account-and-profile/setting-up-and-managing-your-github-profile/customizing-your-profile/personalizing-your-profile.md @@ -92,8 +92,6 @@ Add pronouns to your public user profile to share information about yourself wit {% endif %} -{% ifversion profile-time-zone %} - ## Setting your location and time zone You can set a location and time zone on your profile to show other people your local time. Your location and time zone will be visible: @@ -111,8 +109,6 @@ When you view your profile, you will see your location, local time, and your tim * Select the **Time zone** dropdown menu, then click your local time zone. {% data reusables.profile.update-profile %} -{% endif %} - {% ifversion profile-social-links %} ## Adding links to your social accounts diff --git a/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-access-to-your-personal-repositories/maintaining-ownership-continuity-of-your-personal-accounts-repositories.md b/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-access-to-your-personal-repositories/maintaining-ownership-continuity-of-your-personal-accounts-repositories.md index d5151af2ae21..6052b705a660 100644 --- a/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-access-to-your-personal-repositories/maintaining-ownership-continuity-of-your-personal-accounts-repositories.md +++ b/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-access-to-your-personal-repositories/maintaining-ownership-continuity-of-your-personal-accounts-repositories.md @@ -36,7 +36,7 @@ The person you invite to be your successor must have a {% data variables.product 1. Under "Successor settings", to invite a successor, begin typing a username, full name, or email address, then click their name when it appears. - ![Screenshot of the "Successor settings" section. The string "octocat" is entered in a search field, and Octocat's profile is listed in a dropdown below.](/assets/images/help/settings/settings-invite-successor-search-field.png) + ![Screenshot of the "Successor settings" section. The string "octocat" is entered in a search field, and Octocat's profile is listed in a dropdown.](/assets/images/help/settings/settings-invite-successor-search-field.png) 1. Click **Add successor**. {% data reusables.user-settings.sudo-mode-popup %} diff --git a/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-user-account-settings/managing-accessibility-settings.md b/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-user-account-settings/managing-accessibility-settings.md index 3c1e08293999..297de01bebb3 100644 --- a/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-user-account-settings/managing-accessibility-settings.md +++ b/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-user-account-settings/managing-accessibility-settings.md @@ -48,8 +48,6 @@ By default, all keyboard shortcuts are enabled on {% data variables.product.prod * To customize the keyboard shortcuts for triggering the command palette, under "Command palette", use the drop-down menus to choose a keyboard shortcut. For more information, see [AUTOTITLE](/get-started/accessibility/github-command-palette). {%- endif %} -{% ifversion motion-management %} - ## Managing motion You can control how {% data variables.product.product_name %} displays animated _.gif_ images. @@ -61,5 +59,3 @@ By default, {% data variables.product.product_name %} syncs with your system-lev 1. Under "Motion", manage settings for motion. * To control how {% data variables.product.product_name %} displays animated images, under "Autoplay animated images", select **Sync with system**, **Enabled**, or **Disabled**. - -{% endif %} diff --git a/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-user-account-settings/managing-security-and-analysis-settings-for-your-personal-account.md b/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-user-account-settings/managing-security-and-analysis-settings-for-your-personal-account.md index 617534c2cd67..0a4a9725b6be 100644 --- a/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-user-account-settings/managing-security-and-analysis-settings-for-your-personal-account.md +++ b/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-user-account-settings/managing-security-and-analysis-settings-for-your-personal-account.md @@ -35,7 +35,7 @@ For an overview of repository-level security, see [AUTOTITLE](/code-security/get 1. Under {% ifversion code-security-wording-only %}"Code security"{% else %}"Code security and analysis"{% endif %}, to the right of the feature, click **Disable all** or **Enable all**. 1. Optionally, enable the feature by default for new repositories that you own.{% ifversion not ghes %} - ![Screenshot of the "Enable FEATURE" modal dialog, with the "Enable by default for new private repositories" option highlighted with a dark orange outline.](/assets/images/help/settings/security-and-analysis-enable-by-default-in-modal.png){% endif %} + ![Screenshot of the "Enable FEATURE" modal dialog, with the "Enable by default for new private repositories" option outlined in dark orange.](/assets/images/help/settings/security-and-analysis-enable-by-default-in-modal.png){% endif %} 1. Click **Disable FEATURE** or **Enable FEATURE** to disable or enable the feature for all the repositories you own. diff --git a/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-user-account-settings/managing-your-cookie-preferences-for-githubs-enterprise-marketing-pages.md b/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-user-account-settings/managing-your-cookie-preferences-for-githubs-enterprise-marketing-pages.md index d76b125e9d4a..a0c8eb10c64a 100644 --- a/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-user-account-settings/managing-your-cookie-preferences-for-githubs-enterprise-marketing-pages.md +++ b/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-user-account-settings/managing-your-cookie-preferences-for-githubs-enterprise-marketing-pages.md @@ -27,6 +27,6 @@ You can customize how non-essential cookies behave on any {% data variables.prod 1. Under "Manage cookie preferences," to accept or reject each non-essential cookie, click **Accept** or **Reject**. - ![Screenshot of the "Manage cookie preferences" dialog window. Under "Analytics," two radio buttons, labeled "Accept" and "Reject," are outlined in orange.](/assets/images/help/settings/cookie-settings-accept-or-reject.png) + ![Screenshot of the "Manage cookie preferences" dialog. Under "Analytics", two radio buttons, labeled "Accept" and "Reject," are outlined.](/assets/images/help/settings/cookie-settings-accept-or-reject.png) 1. Click **Save changes**. diff --git a/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-your-membership-in-organizations/managing-your-scheduled-reminders.md b/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-your-membership-in-organizations/managing-your-scheduled-reminders.md index d23dab9157d0..5af4ef321ce5 100644 --- a/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-your-membership-in-organizations/managing-your-scheduled-reminders.md +++ b/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-your-membership-in-organizations/managing-your-scheduled-reminders.md @@ -28,7 +28,7 @@ You can set scheduled reminders for personal or team-level review requests for p {% data reusables.reminders.scheduled-reminders %} 1. Next to the organization you'd like to schedule reminders for, click {% octicon "pencil" aria-label="Edit reminder" %}. - ![Screenshot of the settings for a personal account showing the name of a GitHub organization. An edit button with a pencil icon is outlined in dark orange.](/assets/images/help/settings/scheduled-reminders-org-choice.png) + ![Screenshot of the settings for a personal account showing the name of a GitHub organization. An edit button with a pencil icon is outlined in orange.](/assets/images/help/settings/scheduled-reminders-org-choice.png) {% data reusables.reminders.authorize-slack %} {% data reusables.reminders.days-dropdown %} @@ -45,7 +45,7 @@ You can set scheduled reminders for personal or team-level review requests for p {% data reusables.reminders.scheduled-reminders %} 1. Next to the organization you'd like to edit scheduled reminders for, click {% octicon "pencil" aria-label="Edit reminder" %}. - ![Screenshot of the settings for a personal account showing the name of a GitHub organization. An edit button with a pencil icon is outlined in dark orange.](/assets/images/help/settings/scheduled-reminders-org-choice.png) + ![Screenshot of the settings for a personal account showing the name of a GitHub organization. An edit button with a pencil icon is outlined in orange.](/assets/images/help/settings/scheduled-reminders-org-choice.png) {% data reusables.reminders.edit-page %} {% data reusables.reminders.update-buttons %} @@ -57,7 +57,7 @@ You can set scheduled reminders for personal or team-level review requests for p {% data reusables.reminders.scheduled-reminders %} 1. Next to the organization you'd like to delete reminders for, click {% octicon "pencil" aria-label="Edit reminder" %}. - ![Screenshot of the settings for a personal account showing the name of a GitHub organization. An edit button with a pencil icon is outlined in dark orange.](/assets/images/help/settings/scheduled-reminders-org-choice.png) + ![Screenshot of the settings for a personal account showing the name of a GitHub organization. An edit button with a pencil icon is outlined in orange.](/assets/images/help/settings/scheduled-reminders-org-choice.png) {% data reusables.reminders.delete %} diff --git a/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-your-membership-in-organizations/publicizing-or-hiding-organization-membership.md b/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-your-membership-in-organizations/publicizing-or-hiding-organization-membership.md index 4c06ba1d5898..febd59177a0a 100644 --- a/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-your-membership-in-organizations/publicizing-or-hiding-organization-membership.md +++ b/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-your-membership-in-organizations/publicizing-or-hiding-organization-membership.md @@ -27,4 +27,4 @@ shortTitle: Show or hide membership * To publicize your membership, choose **Public**. * To hide your membership, choose **Private**. - ![Screenshot of an entry in the list of organization members. To the right of the username, a dropdown menu, labeled "Private", is outlined in dark orange.](/assets/images/help/organizations/member-visibility-link.png) + ![Screenshot of an entry in the list of organization members. Next to the username, a dropdown menu, labeled "Private", is outlined in dark orange.](/assets/images/help/organizations/member-visibility-link.png) diff --git a/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-your-membership-in-organizations/requesting-organization-approval-for-oauth-apps.md b/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-your-membership-in-organizations/requesting-organization-approval-for-oauth-apps.md index ffa4af89d45b..58dfa736d07e 100644 --- a/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-your-membership-in-organizations/requesting-organization-approval-for-oauth-apps.md +++ b/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-your-membership-in-organizations/requesting-organization-approval-for-oauth-apps.md @@ -18,7 +18,7 @@ shortTitle: Request {% data variables.product.prodname_oauth_app %} approval ## About requesting organization approval for an {% data variables.product.prodname_oauth_app %} -Organization members can always request owner approval for {% data variables.product.prodname_oauth_apps %} they'd like to use, and organization owners receive a notification of pending requests.{% ifversion limit-app-access-requests %} Outside collaborators can request owner approval for {% data variables.product.prodname_oauth_apps %} they'd like to use if integration access requests are enabled. For more information, see [AUTOTITLE](/organizations/managing-programmatic-access-to-your-organization/limiting-oauth-app-and-github-app-access-requests).{% endif %} +Organization members can always request owner approval for {% data variables.product.prodname_oauth_apps %} they'd like to use, and organization owners receive a notification of pending requests. Outside collaborators can request owner approval for {% data variables.product.prodname_oauth_apps %} they'd like to use if integration access requests are enabled. For more information, see [AUTOTITLE](/organizations/managing-programmatic-access-to-your-organization/limiting-oauth-app-and-github-app-access-requests). ## Requesting organization approval for an {% data variables.product.prodname_oauth_app %} you've already authorized for your personal account diff --git a/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-your-personal-account/converting-a-user-into-an-organization.md b/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-your-personal-account/converting-a-user-into-an-organization.md index cf5c5930c17b..8d3aec2a258f 100644 --- a/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-your-personal-account/converting-a-user-into-an-organization.md +++ b/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-your-personal-account/converting-a-user-into-an-organization.md @@ -32,7 +32,7 @@ shortTitle: User into an organization > * Since organizations cannot star repositories, you will no longer have access to your original list of starred repositories. > * You will no longer have access to the list of users you were following from your user account. > * Any followers of your user account will not automatically follow the new organization. -{% ifversion projects-v2 %}> * Any existing collaborators on your projects will still have access to those projects in the new organization.{% endif %} +> * Any existing collaborators on your projects will still have access to those projects in the new organization. > * {% data variables.product.prodname_actions %} is not automatically enabled on the account after converting it to an organization, and will have to be re-enabled. To re-enable {% data variables.product.prodname_actions %}, create a new workflow file in the `.github/workflows` directory of your repository. ## Prerequisites diff --git a/content/organizations/managing-oauth-access-to-your-organizations-data/about-oauth-app-access-restrictions.md b/content/organizations/managing-oauth-access-to-your-organizations-data/about-oauth-app-access-restrictions.md index 050825348c59..1c24860a48f9 100644 --- a/content/organizations/managing-oauth-access-to-your-organizations-data/about-oauth-app-access-restrictions.md +++ b/content/organizations/managing-oauth-access-to-your-organizations-data/about-oauth-app-access-restrictions.md @@ -19,8 +19,7 @@ shortTitle: '{% data variables.product.prodname_oauth_app %} restrictions' {% data reusables.apps.oauth-app-access-restrictions %} -{% ifversion limit-app-access-requests %} -{% data reusables.organizations.restricted-app-access-requests %}{% endif %} +{% data reusables.organizations.restricted-app-access-requests %} Even if you restrict {% data variables.product.prodname_oauth_apps %} access in your organization, users can still authorize internal {% data variables.product.prodname_oauth_apps %} apps and use them to access data from the organization. For more information, see [AUTOTITLE](/apps/oauth-apps/using-oauth-apps/internal-oauth-apps). diff --git a/content/organizations/managing-oauth-access-to-your-organizations-data/approving-oauth-apps-for-your-organization.md b/content/organizations/managing-oauth-access-to-your-organizations-data/approving-oauth-apps-for-your-organization.md index b1656a8d5553..16f77317046b 100644 --- a/content/organizations/managing-oauth-access-to-your-organizations-data/approving-oauth-apps-for-your-organization.md +++ b/content/organizations/managing-oauth-access-to-your-organizations-data/approving-oauth-apps-for-your-organization.md @@ -16,8 +16,7 @@ shortTitle: Approve {% data variables.product.prodname_oauth_app %} access --- When {% data variables.product.prodname_oauth_app %} access restrictions are enabled, organization members and outside collaborators must [request approval](/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-your-membership-in-organizations/requesting-organization-approval-for-oauth-apps) from an organization owner before they can authorize an {% data variables.product.prodname_oauth_app %} that has access to the organization's resources. -{% ifversion limit-app-access-requests %} -{% data reusables.organizations.restricted-app-access-requests %}{% endif %} +{% data reusables.organizations.restricted-app-access-requests %} {% data reusables.profile.access_org %} {% data reusables.profile.org_settings %} diff --git a/content/organizations/managing-programmatic-access-to-your-organization/about-programmatic-access-in-your-organization.md b/content/organizations/managing-programmatic-access-to-your-organization/about-programmatic-access-in-your-organization.md index 238f0a0a429f..78f84356120f 100644 --- a/content/organizations/managing-programmatic-access-to-your-organization/about-programmatic-access-in-your-organization.md +++ b/content/organizations/managing-programmatic-access-to-your-organization/about-programmatic-access-in-your-organization.md @@ -22,7 +22,7 @@ versions: Organization owners can install {% data variables.product.prodname_github_apps %} on their organization. Repository admins can also install a {% data variables.product.prodname_github_app %} on the organization if the app does not request organization resources and if they only grant the app access to repositories where they are an admin. Organization members can submit a request for their organization owner to install a {% data variables.product.prodname_github_app %} on the organization. For more information, see {% ifversion fpt or ghec %}[AUTOTITLE](/apps/using-github-apps/installing-an-app-in-your-organization).{% else %}[AUTOTITLE](/apps/maintaining-github-apps/installing-github-apps).{% endif %} -{% ifversion limit-app-access-requests %}Organization owners can prevent outside collaborators from requesting {% data variables.product.prodname_github_apps %} or from installing a {% data variables.product.prodname_github_app %} even if the collaborator is a repository admin. For more information, see [AUTOTITLE](/organizations/managing-programmatic-access-to-your-organization/limiting-oauth-app-and-github-app-access-requests).{% endif %} +Organization owners can prevent outside collaborators from requesting {% data variables.product.prodname_github_apps %} or from installing a {% data variables.product.prodname_github_app %} even if the collaborator is a repository admin. For more information, see [AUTOTITLE](/organizations/managing-programmatic-access-to-your-organization/limiting-oauth-app-and-github-app-access-requests). Organization owners can review the {% data variables.product.prodname_github_apps %} that are installed on their organization and modify the repositories that each app can access. For more information, see [AUTOTITLE](/organizations/managing-programmatic-access-to-your-organization/reviewing-github-apps-installed-in-your-organization). diff --git a/data/reusables/dependency-graph/sbom-intro.md b/data/reusables/dependency-graph/sbom-intro.md index 2635121b2341..c5c80e1b3a7b 100644 --- a/data/reusables/dependency-graph/sbom-intro.md +++ b/data/reusables/dependency-graph/sbom-intro.md @@ -1,6 +1,6 @@ An SBOM is a formal, machine-readable inventory of a project's dependencies and associated information (such as {% ifversion ghes %}versions and package identifiers{% else %}versions, package identifiers, licenses, and copyright information{% endif %}). SBOMs help reduced supply chain risks by: -* providing transparency about the dependencies used by your repository -* allowing vulnerabilities to be identified early in the process -* providing insights in the license compliance, security, or quality issues that may exist in your codebase -* enabling you to better comply with various data protection standards +* Providing transparency about the dependencies used by your repository +* Allowing vulnerabilities to be identified early in the process +* Providing insights in the license compliance, security, or quality issues that may exist in your codebase +* Enabling you to better comply with various data protection standards From 29ce8769824b823caf8ddec529a4341a75625688 Mon Sep 17 00:00:00 2001 From: mc <42146119+mchammer01@users.noreply.github.com> Date: Wed, 15 Jan 2025 09:04:54 +0000 Subject: [PATCH 2/3] Hack week 2025: remove unneeded FBV instances (6) - Actions & Audit log (#53898) Co-authored-by: Felicity Chapman --- .../introducing-github-actions-to-your-enterprise.md | 4 +--- .../about-the-audit-log-for-your-enterprise.md | 4 +--- .../configuring-the-audit-log-for-your-enterprise.md | 2 +- .../streaming-the-audit-log-for-your-enterprise.md | 2 +- .../getting-started/auditing-security-alerts.md | 2 +- .../rate-limits-and-node-limits-for-the-graphql-api.md | 4 ---- ...or-limiting-github-actions-for-your-organization.md | 10 +++------- .../about-custom-repository-roles.md | 2 +- ...anaging-github-actions-settings-for-a-repository.md | 3 --- ...guring-autolinks-to-reference-external-resources.md | 4 ---- .../using-the-rest-api/rate-limits-for-the-rest-api.md | 2 +- .../actions/actions-do-not-trigger-workflows.md | 2 +- .../reusables/actions/inputs-vs-github-event-inputs.md | 4 ---- .../actions/workflow-dispatch-inputs-example.md | 4 ++-- data/reusables/actions/workflow-dispatch-inputs.md | 2 +- .../actions/workflow-pr-approval-permissions-intro.md | 2 +- .../reusables/audit_log/audit-log-action-categories.md | 2 -- data/reusables/audit_log/retention-periods.md | 2 +- 18 files changed, 16 insertions(+), 41 deletions(-) diff --git a/content/admin/managing-github-actions-for-your-enterprise/getting-started-with-github-actions-for-your-enterprise/introducing-github-actions-to-your-enterprise.md b/content/admin/managing-github-actions-for-your-enterprise/getting-started-with-github-actions-for-your-enterprise/introducing-github-actions-to-your-enterprise.md index 88dedd6690aa..1fae152244f2 100644 --- a/content/admin/managing-github-actions-for-your-enterprise/getting-started-with-github-actions-for-your-enterprise/introducing-github-actions-to-your-enterprise.md +++ b/content/admin/managing-github-actions-for-your-enterprise/getting-started-with-github-actions-for-your-enterprise/introducing-github-actions-to-your-enterprise.md @@ -29,11 +29,9 @@ Then,{% else %}First,{% endif %} decide whether you'll allow third-party actions For more information, see [AUTOTITLE](/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#managing-github-actions-permissions-for-your-repository), [AUTOTITLE](/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization#managing-github-actions-permissions-for-your-organization), and [AUTOTITLE](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise#enforcing-a-policy-to-restrict-the-use-of-github-actions-in-your-enterprise). -{% ifversion ghec or ghes %} Consider combining OpenID Connect (OIDC) with reusable workflows to enforce consistent deployments across your repository, organization, or enterprise. You can do this by defining trust conditions on cloud roles based on reusable workflows. For more information, see [AUTOTITLE](/actions/deployment/security-hardening-your-deployments/using-openid-connect-with-reusable-workflows). -{% endif %} -You can access information about activity related to {% data variables.product.prodname_actions %} in the audit logs for your enterprise. If your business needs require retaining this information longer than audit log data is retained, plan how you'll export and store this data outside of {% data variables.product.prodname_dotcom %}. For more information, see {% ifversion ghec %}[AUTOTITLE](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/exporting-audit-log-activity-for-your-enterprise) and [AUTOTITLE](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/streaming-the-audit-log-for-your-enterprise).{% else %}{% ifversion audit-log-streaming %}[AUTOTITLE](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/streaming-the-audit-log-for-your-enterprise) and {% endif %}[AUTOTITLE](/admin/monitoring-activity-in-your-enterprise/exploring-user-activity/log-forwarding).{% endif %} +You can access information about activity related to {% data variables.product.prodname_actions %} in the audit logs for your enterprise. If your business needs require retaining this information longer than audit log data is retained, plan how you'll export and store this data outside of {% data variables.product.prodname_dotcom %}. For more information, see {% ifversion ghec %}[AUTOTITLE](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/exporting-audit-log-activity-for-your-enterprise) and [AUTOTITLE](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/streaming-the-audit-log-for-your-enterprise).{% else %}[AUTOTITLE](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/streaming-the-audit-log-for-your-enterprise) and [AUTOTITLE](/admin/monitoring-activity-in-your-enterprise/exploring-user-activity/log-forwarding).{% endif %} {% ifversion custom-org-roles %}You can practice the principle of least privilege by administering custom organization roles for access to settings in your {% data variables.product.prodname_actions %} CI/CD pipeline. For more information about custom organization roles, see [AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/about-custom-organization-roles).{% endif %} diff --git a/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/about-the-audit-log-for-your-enterprise.md b/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/about-the-audit-log-for-your-enterprise.md index 2016679a1073..d0287b74020d 100644 --- a/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/about-the-audit-log-for-your-enterprise.md +++ b/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/about-the-audit-log-for-your-enterprise.md @@ -43,14 +43,12 @@ In addition to viewing your audit log, you can monitor activity in your enterpri As an enterprise owner{% ifversion ghes %} or site administrator{% endif %}, you can interact with the audit log data for your enterprise in several ways: * You can view the audit log for your enterprise. For more information, see [AUTOTITLE](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/accessing-the-audit-log-for-your-enterprise). * You can search the audit log for specific events{% ifversion ghec %} and export audit log data{% endif %}. For more information, see [AUTOTITLE](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/searching-the-audit-log-for-your-enterprise){% ifversion ghec %} and [AUTOTITLE](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/exporting-audit-log-activity-for-your-enterprise){% endif %}.{% ifversion token-audit-log %} -* You can identify all events that were performed by a specific access token. For more information, see [AUTOTITLE](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/identifying-audit-log-events-performed-by-an-access-token).{% endif %}{% ifversion audit-data-retention-tab %} +* You can identify all events that were performed by a specific access token. For more information, see [AUTOTITLE](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/identifying-audit-log-events-performed-by-an-access-token).{% endif %}{% ifversion ghes %} * You can configure settings, such as the retention period for audit log events{% ifversion enable-git-events %} and whether Git events are included{% endif %}. For more information, see [AUTOTITLE](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/configuring-the-audit-log-for-your-enterprise).{% endif %} {%- ifversion enterprise-audit-log-ip-addresses %} * You can display the IP address associated with events in the audit log. For more information, see [AUTOTITLE](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/displaying-ip-addresses-in-the-audit-log-for-your-enterprise). {%- endif %} -{%- ifversion audit-log-streaming %} * You can stream audit and Git events data from {% data variables.product.prodname_dotcom %} to an external data management system. For more information, see [AUTOTITLE](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/streaming-the-audit-log-for-your-enterprise). -{%- endif %} {%- ifversion ghes %} * You can forward audit and system logs, from your enterprise to an third-party hosted monitoring system. For more information, see [AUTOTITLE](/admin/monitoring-activity-in-your-enterprise/exploring-user-activity/log-forwarding). {%- endif %} diff --git a/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/configuring-the-audit-log-for-your-enterprise.md b/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/configuring-the-audit-log-for-your-enterprise.md index 348342a317c4..efc6cec325e0 100644 --- a/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/configuring-the-audit-log-for-your-enterprise.md +++ b/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/configuring-the-audit-log-for-your-enterprise.md @@ -4,7 +4,7 @@ intro: You can configure settings for your enterprise's audit log. shortTitle: Configure audit logs permissions: Enterprise owners can configure the audit log. versions: - feature: audit-data-retention-tab + ghes: '*' type: how_to topics: - Auditing diff --git a/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/streaming-the-audit-log-for-your-enterprise.md b/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/streaming-the-audit-log-for-your-enterprise.md index e21f2f319282..018a9f422a69 100644 --- a/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/streaming-the-audit-log-for-your-enterprise.md +++ b/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/streaming-the-audit-log-for-your-enterprise.md @@ -2,7 +2,7 @@ title: Streaming the audit log for your enterprise intro: 'Learn how to stream audit and Git events data from {% data variables.product.prodname_dotcom %} to an external data management system.' versions: - feature: audit-log-streaming + ghes: '*' ghec: '*' type: tutorial topics: diff --git a/content/code-security/getting-started/auditing-security-alerts.md b/content/code-security/getting-started/auditing-security-alerts.md index 55651cd83964..d10e64e0ee5c 100644 --- a/content/code-security/getting-started/auditing-security-alerts.md +++ b/content/code-security/getting-started/auditing-security-alerts.md @@ -47,7 +47,7 @@ For a list of audit log events, see [AUTOTITLE](/admin/monitoring-activity-in-yo For information on how to access the audit log for your enterprise or organization, see [AUTOTITLE](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/accessing-the-audit-log-for-your-enterprise) and [AUTOTITLE](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization). -{% ifversion audit-log-streaming %} +{% ifversion ghec or ghes %} You can also stream audit data from {% data variables.product.prodname_dotcom %} to an external data management system, which enables you to analyze and collect data for internal charts. Enterprise owners can configure audit log streaming. For more information, see [Streaming the audit log for your enterprise](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/streaming-the-audit-log-for-your-enterprise). diff --git a/content/graphql/overview/rate-limits-and-node-limits-for-the-graphql-api.md b/content/graphql/overview/rate-limits-and-node-limits-for-the-graphql-api.md index deebb242896a..46623ad2b848 100644 --- a/content/graphql/overview/rate-limits-and-node-limits-for-the-graphql-api.md +++ b/content/graphql/overview/rate-limits-and-node-limits-for-the-graphql-api.md @@ -276,10 +276,6 @@ To avoid exceeding a rate limit, you should pause at least 1 second between muta You should also subscribe to webhook events instead of polling the API for data. For more information, see [AUTOTITLE](/webhooks). -{% ifversion audit-log-streaming %} - You can also stream the audit log in order to view API requests. This can help you troubleshoot integrations that are exceeding the rate limit. For more information, see [AUTOTITLE](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/streaming-the-audit-log-for-your-enterprise). {% endif %} - -{% endif %} diff --git a/content/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization.md b/content/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization.md index 36dd28daac30..603904feb051 100644 --- a/content/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization.md +++ b/content/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization.md @@ -171,23 +171,19 @@ By default, when you create a new organization,{% ifversion ghec or ghes %} the {% data reusables.actions.workflows.github-token-access %} 1. Click **Save** to apply the settings. -{% ifversion allow-actions-to-approve-pr %} - -### Preventing {% data variables.product.prodname_actions %} from {% ifversion allow-actions-to-approve-pr-with-ent-repo %}creating or {% endif %}approving pull requests +### Preventing {% data variables.product.prodname_actions %} from creating or approving pull requests {% data reusables.actions.workflow-pr-approval-permissions-intro %} -By default, when you create a new organization, workflows are not allowed to {% ifversion allow-actions-to-approve-pr-with-ent-repo %}create or {% endif %}approve pull requests. +By default, when you create a new organization, workflows are not allowed to create or approve pull requests. {% data reusables.profile.access_profile %} {% data reusables.profile.access_org %} {% data reusables.profile.org_settings %} {% data reusables.organizations.settings-sidebar-actions-general %} -1. Under "Workflow permissions", use the **Allow GitHub Actions to {% ifversion allow-actions-to-approve-pr-with-ent-repo %}create and {% endif %}approve pull requests** setting to configure whether `GITHUB_TOKEN` can {% ifversion allow-actions-to-approve-pr-with-ent-repo %}create and {% endif %}approve pull requests. +1. Under "Workflow permissions", use the **Allow GitHub Actions to create and approve pull requests** setting to configure whether `GITHUB_TOKEN` can create and approve pull requests. 1. Click **Save** to apply the settings. -{% endif %} - ## Managing {% data variables.product.prodname_actions %} cache storage for your organization Organization administrators can view {% ifversion ghes %}and manage {% endif %}{% data variables.product.prodname_actions %} cache storage for all repositories in the organization. diff --git a/content/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/about-custom-repository-roles.md b/content/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/about-custom-repository-roles.md index 72742a5cff76..40870b9348ce 100644 --- a/content/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/about-custom-repository-roles.md +++ b/content/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/about-custom-repository-roles.md @@ -19,7 +19,7 @@ To perform any actions on {% data variables.product.product_name %}, such as cre Within an organization, you can assign roles at the organization, team, and repository level. For more information about the different levels of roles, see [AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/roles-in-an-organization). -You can have more granular control over the permissions you grant at the repository level by creating up to {% ifversion authz-increased-custom-repo-roles %}five {% else %}three {% endif %} custom repository roles. {% data reusables.organizations.about-custom-repo-roles %} For more information, see [AUTOTITLE](/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/managing-custom-repository-roles-for-an-organization). +You can have more granular control over the permissions you grant at the repository level by creating up to five custom repository roles. {% data reusables.organizations.about-custom-repo-roles %} For more information, see [AUTOTITLE](/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/managing-custom-repository-roles-for-an-organization). After you create a custom role, anyone with admin access to a repository can assign the role to an individual or team. For more information, see [AUTOTITLE](/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/managing-an-individuals-access-to-an-organization-repository) and [AUTOTITLE](/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/managing-team-access-to-an-organization-repository). diff --git a/content/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository.md b/content/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository.md index d1f1ff89b2fa..e731911e9310 100644 --- a/content/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository.md +++ b/content/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository.md @@ -101,8 +101,6 @@ By default, when you create a new repository in your personal account, `GITHUB_T {% data reusables.actions.workflows.github-token-access %} 1. Click **Save** to apply the settings. -{% ifversion allow-actions-to-approve-pr-with-ent-repo %} - ### Preventing {% data variables.product.prodname_actions %} from creating or approving pull requests {% data reusables.actions.workflow-pr-approval-permissions-intro %} @@ -116,7 +114,6 @@ By default, when you create a new repository in your personal account, workflows {% data reusables.repositories.settings-sidebar-actions-general %} 1. Under "Workflow permissions", use the **Allow GitHub Actions to create and approve pull requests** setting to configure whether `GITHUB_TOKEN` can create and approve pull requests. 1. Click **Save** to apply the settings. -{% endif %} {% ifversion ghes or ghec %} diff --git a/content/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/configuring-autolinks-to-reference-external-resources.md b/content/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/configuring-autolinks-to-reference-external-resources.md index f5c2a2a1ea18..becde5bd19ec 100644 --- a/content/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/configuring-autolinks-to-reference-external-resources.md +++ b/content/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/configuring-autolinks-to-reference-external-resources.md @@ -19,13 +19,11 @@ shortTitle: Configure autolinks Anyone with admin permissions to a repository can configure autolink references to link issues, pull requests, commit messages, and release descriptions to external third-party services. -{% ifversion autolink-reference-alphanumeric %} Autolink references can now accept alphanumeric characters. When originally introduced, custom autolinks were limited to external resources that used numeric identifiers. Custom autolinks now work with alphanumeric and numeric identifiers. You define custom autolinks by specifying a reference prefix and a target URL. * Reference prefixes cannot have overlapping names. For example, a repository cannot have two custom autolinks with prefixes such as `TICKET` and `TICK`, since both prefixes would match the string `TICKET123a`. * Target URLs include a `` variable which represents the reference identifier of the linked resource. -{% endif %} ## Configuring autolinks to reference external resources @@ -37,9 +35,7 @@ This procedure demonstrates how to configure autolinks to reference external res 1. At the top right of the page, click **Add autolink reference**. ![Screenshot of the "autolink references" page. The "Add autolink reference" button is highlighted by a dark orange outline.](/assets/images/help/repository/add-autolink-reference-details.png) -{% ifversion autolink-reference-alphanumeric %} 1. Select the format of the reference identifier used in the external resource, either **Alphanumeric** or **Numeric**. -{% endif %} 1. Under "Reference prefix", type a short, meaningful prefix. Collaborators will use this text to generate autolinks for the external resource. 1. Under "Target URL", type the format of the link to the external system you want to create. Use the `` variable as a placeholder for the reference identifier. 1. Review the preview and verify that the autolink and external reference are both correct, then click **Add autolink reference** to define the link. diff --git a/content/rest/using-the-rest-api/rate-limits-for-the-rest-api.md b/content/rest/using-the-rest-api/rate-limits-for-the-rest-api.md index e8e54e17fd4c..5927acbc1c01 100644 --- a/content/rest/using-the-rest-api/rate-limits-for-the-rest-api.md +++ b/content/rest/using-the-rest-api/rate-limits-for-the-rest-api.md @@ -109,7 +109,7 @@ Continuing to make requests while you are rate limited may result in the banning You should follow best practices to help you stay under the rate limits. See [AUTOTITLE](/rest/guides/best-practices-for-using-the-rest-api). -{% ifversion audit-log-streaming %} +{% ifversion ghec or ghes %} You can also stream the audit log in order to view API requests. This can help you troubleshoot integrations that are exceeding the rate limit. See [AUTOTITLE](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/streaming-the-audit-log-for-your-enterprise). diff --git a/data/reusables/actions/actions-do-not-trigger-workflows.md b/data/reusables/actions/actions-do-not-trigger-workflows.md index 5dfa0da36be2..01a0e89c3f80 100644 --- a/data/reusables/actions/actions-do-not-trigger-workflows.md +++ b/data/reusables/actions/actions-do-not-trigger-workflows.md @@ -1 +1 @@ -When you use the repository's `GITHUB_TOKEN` to perform tasks, events triggered by the `GITHUB_TOKEN`{% ifversion actions-token-updated-triggers %}, with the exception of `workflow_dispatch` and `repository_dispatch`,{% endif %} will not create a new workflow run. This prevents you from accidentally creating recursive workflow runs. For example, if a workflow run pushes code using the repository's `GITHUB_TOKEN`, a new workflow will not run even when the repository contains a workflow configured to run when `push` events occur. +When you use the repository's `GITHUB_TOKEN` to perform tasks, events triggered by the `GITHUB_TOKEN`, with the exception of `workflow_dispatch` and `repository_dispatch`, will not create a new workflow run. This prevents you from accidentally creating recursive workflow runs. For example, if a workflow run pushes code using the repository's `GITHUB_TOKEN`, a new workflow will not run even when the repository contains a workflow configured to run when `push` events occur. diff --git a/data/reusables/actions/inputs-vs-github-event-inputs.md b/data/reusables/actions/inputs-vs-github-event-inputs.md index 422e6d670c64..cf9dff3cbbc1 100644 --- a/data/reusables/actions/inputs-vs-github-event-inputs.md +++ b/data/reusables/actions/inputs-vs-github-event-inputs.md @@ -1,8 +1,4 @@ -{% ifversion actions-unified-inputs %} - > [!NOTE] > * The workflow will also receive the inputs in the `github.event.inputs` context. The information in the `inputs` context and `github.event.inputs` context is identical except that the `inputs` context preserves Boolean values as Booleans instead of converting them to strings. The `choice` type resolves to a string and is a single selectable option. > * The maximum number of top-level properties for `inputs` is 10. > * The maximum payload for `inputs` is 65,535 characters. - -{% endif %} diff --git a/data/reusables/actions/workflow-dispatch-inputs-example.md b/data/reusables/actions/workflow-dispatch-inputs-example.md index d414f1f8cc82..a191aba86425 100644 --- a/data/reusables/actions/workflow-dispatch-inputs-example.md +++ b/data/reusables/actions/workflow-dispatch-inputs-example.md @@ -27,8 +27,8 @@ on: jobs: print-tag: runs-on: ubuntu-latest - if: {% ifversion actions-unified-inputs %}{% raw %} ${{ inputs.print_tags }} {% endraw %}{% else %}{% raw %} ${{ github.event.inputs.print_tags == 'true' }} {% endraw %}{% endif %} + if:{% raw %} ${{ inputs.print_tags }} {% endraw %} steps: - name: Print the input tag to STDOUT - run: {% ifversion actions-unified-inputs %}echo {% raw %} The tags are ${{ inputs.tags }} {% endraw %}{% else %}echo {% raw %} The tags are ${{ github.event.inputs.tags }} {% endraw %}{% endif %} + run: echo {% raw %} The tags are ${{ inputs.tags }} {% endraw %} ``` diff --git a/data/reusables/actions/workflow-dispatch-inputs.md b/data/reusables/actions/workflow-dispatch-inputs.md index 8a777d26d5a7..204a6e805377 100644 --- a/data/reusables/actions/workflow-dispatch-inputs.md +++ b/data/reusables/actions/workflow-dispatch-inputs.md @@ -1,3 +1,3 @@ -The triggered workflow receives the inputs in the {% ifversion actions-unified-inputs %}`inputs`{% else %}`github.event.inputs`{% endif %} context. For more information, see [Contexts]({% ifversion actions-unified-inputs %}/actions/learn-github-actions/contexts#inputs-context{% else %}/actions/learn-github-actions/contexts#github-context{% endif %}). +The triggered workflow receives the inputs in the `inputs` context. For more information, see [Contexts](/actions/learn-github-actions/contexts#inputs-context). {% data reusables.actions.inputs-vs-github-event-inputs %} diff --git a/data/reusables/actions/workflow-pr-approval-permissions-intro.md b/data/reusables/actions/workflow-pr-approval-permissions-intro.md index 1806d22a032a..110b86506a5e 100644 --- a/data/reusables/actions/workflow-pr-approval-permissions-intro.md +++ b/data/reusables/actions/workflow-pr-approval-permissions-intro.md @@ -1 +1 @@ -You can choose to allow or prevent {% data variables.product.prodname_actions %} workflows from{% ifversion allow-actions-to-approve-pr-with-ent-repo %} creating or{% endif %} approving pull requests. +You can choose to allow or prevent {% data variables.product.prodname_actions %} workflows from creating or approving pull requests. diff --git a/data/reusables/audit_log/audit-log-action-categories.md b/data/reusables/audit_log/audit-log-action-categories.md index 05546a67d1b6..8e94dc75becc 100644 --- a/data/reusables/audit_log/audit-log-action-categories.md +++ b/data/reusables/audit_log/audit-log-action-categories.md @@ -5,9 +5,7 @@ | `advisory_credit` | Contains activities related to crediting a contributor for a security advisory in the {% data variables.product.prodname_advisory_database %}. For more information, see [AUTOTITLE](/code-security/security-advisories/working-with-repository-security-advisories/about-repository-security-advisories). | | {% endif %} | | `artifact` | Contains activities related to {% data variables.product.prodname_actions %} workflow run artifacts. | -| {% ifversion audit-log-streaming %} | | `audit_log_streaming` | Contains activities related to streaming audit logs for organizations in an enterprise account. | -| {% endif %} | | {% ifversion fpt or ghec %} | | `billing` | Contains activities related to an organization's billing. | | {% endif %} | diff --git a/data/reusables/audit_log/retention-periods.md b/data/reusables/audit_log/retention-periods.md index 56142efb7f69..e553639ff8bd 100644 --- a/data/reusables/audit_log/retention-periods.md +++ b/data/reusables/audit_log/retention-periods.md @@ -1,3 +1,3 @@ -The audit log lists events triggered by activities that affect your enterprise{% ifversion not ghec %}. Audit logs for {% data variables.product.product_name %} are retained indefinitely{% ifversion audit-data-retention-tab %}, unless an enterprise owner configured a different retention period. See [AUTOTITLE](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/configuring-the-audit-log-for-your-enterprise).{% else %}.{% endif %}{% else %} within the last 180 days. {% data reusables.audit_log.git-events-retention-period %}{% endif %} +The audit log lists events triggered by activities that affect your enterprise{% ifversion ghes %}. Audit logs for {% data variables.product.product_name %} are retained indefinitely, unless an enterprise owner configured a different retention period. See [AUTOTITLE](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/configuring-the-audit-log-for-your-enterprise).{% else %} within the last 180 days. {% data reusables.audit_log.git-events-retention-period %}{% endif %} {% data reusables.audit_log.only-three-months-displayed %} From 87776f2334e324464ea713c210a7ba8a8219ce59 Mon Sep 17 00:00:00 2001 From: mc <42146119+mchammer01@users.noreply.github.com> Date: Wed, 15 Jan 2025 09:05:18 +0000 Subject: [PATCH 3/3] Hack week 2025: remove unneeded FBV instances (5) - Actions (#53895) --- .../adding-self-hosted-runners.md | 4 --- .../autoscaling-with-self-hosted-runners.md | 4 --- .../removing-self-hosted-runners.md | 7 ----- .../automatic-token-authentication.md | 2 +- .../security-hardening-for-github-actions.md | 4 --- .../sharing-automations/required-workflows.md | 2 +- .../sharing-automations/reusing-workflows.md | 17 ++---------- .../building-and-testing-go.md | 27 +------------------ ...ithub-actions-with-google-cloud-storage.md | 2 +- ...ub-actions-for-github-enterprise-server.md | 4 --- .../about-server-statistics.md | 2 -- ...ng-github-actions-for-your-organization.md | 6 ++--- ...ithub-actions-settings-for-a-repository.md | 4 --- data/reusables/actions/action-setup-go.md | 2 +- ...gure-storage-provider-platform-commands.md | 5 +--- .../actions/configure-storage-provider.md | 3 --- .../actions/enterprise-storage-ha-backups.md | 2 +- .../pass-inputs-to-reusable-workflows.md | 3 --- .../actions/workflows/github-token-access.md | 2 +- .../required-workflow-prerequisites.md | 4 +-- .../required-workflow-source-notes.md | 2 -- 21 files changed, 14 insertions(+), 94 deletions(-) diff --git a/content/actions/hosting-your-own-runners/managing-self-hosted-runners/adding-self-hosted-runners.md b/content/actions/hosting-your-own-runners/managing-self-hosted-runners/adding-self-hosted-runners.md index f3be54b66527..6e51c2f69e23 100644 --- a/content/actions/hosting-your-own-runners/managing-self-hosted-runners/adding-self-hosted-runners.md +++ b/content/actions/hosting-your-own-runners/managing-self-hosted-runners/adding-self-hosted-runners.md @@ -28,12 +28,8 @@ For information on supported operating systems for self-hosted runners, or using You can set up automation to scale the number of self-hosted runners. For more information, see [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners/autoscaling-with-self-hosted-runners). -{% ifversion actions-single-use-tokens %} - You can register ephemeral runners that perform a single job before the registration is cleaned up by using just-in-time runner registration. For more information, see [AUTOTITLE](/actions/security-guides/security-hardening-for-github-actions#using-just-in-time-runners). -{% endif %} - ## Prerequisites {% data reusables.actions.self-hosted-runners-prerequisites %} diff --git a/content/actions/hosting-your-own-runners/managing-self-hosted-runners/autoscaling-with-self-hosted-runners.md b/content/actions/hosting-your-own-runners/managing-self-hosted-runners/autoscaling-with-self-hosted-runners.md index 930cb48970da..c76382f66238 100644 --- a/content/actions/hosting-your-own-runners/managing-self-hosted-runners/autoscaling-with-self-hosted-runners.md +++ b/content/actions/hosting-your-own-runners/managing-self-hosted-runners/autoscaling-with-self-hosted-runners.md @@ -48,12 +48,8 @@ The {% data variables.product.prodname_actions %} service will then automaticall > [!NOTE] > If a job is labeled for a certain type of runner, but none matching that type are available, the job does not immediately fail at the time of queueing. Instead, the job will remain queued until the 24 hour timeout period expires. -{% ifversion actions-single-use-tokens %} - Alternatively, you can create ephemeral, just-in-time runners using the REST API. For more information, see [AUTOTITLE](/rest/actions/self-hosted-runners). -{% endif %} - ## Controlling runner software updates on self-hosted runners By default, self-hosted runners will automatically perform a software update whenever a new version of the runner software is available. If you use ephemeral runners in containers then this can lead to repeated software updates when a new runner version is released. Turning off automatic updates allows you to update the runner version on the container image directly on your own schedule. diff --git a/content/actions/hosting-your-own-runners/managing-self-hosted-runners/removing-self-hosted-runners.md b/content/actions/hosting-your-own-runners/managing-self-hosted-runners/removing-self-hosted-runners.md index 3bac1dee60cb..cb1f3454ceef 100644 --- a/content/actions/hosting-your-own-runners/managing-self-hosted-runners/removing-self-hosted-runners.md +++ b/content/actions/hosting-your-own-runners/managing-self-hosted-runners/removing-self-hosted-runners.md @@ -20,9 +20,7 @@ shortTitle: Remove self-hosted runners > [!NOTE] > * {% data reusables.actions.self-hosted-runner-removal-impact %} > * {% data reusables.actions.self-hosted-runner-auto-removal %} -{%- ifversion actions-single-use-tokens %} > * {% data reusables.actions.jit-runner-removal %} -{%- endif %} To remove a self-hosted runner from a user repository you must be the repository owner. Organization owners{% ifversion custom-org-roles %} and users with the "Manage organization runners and runner groups" permission{% endif %} can remove a runner from a repository in the organization. {% ifversion custom-org-roles %}For more information about custom organization roles, see [AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/about-custom-organization-roles).{% endif %} @@ -42,9 +40,7 @@ For information about how to remove a self-hosted runner with the REST API, see > [!NOTE] > * {% data reusables.actions.self-hosted-runner-removal-impact %} > * {% data reusables.actions.self-hosted-runner-auto-removal %} -{%- ifversion actions-single-use-tokens %} > * {% data reusables.actions.jit-runner-removal %} -{%- endif %} To remove a self-hosted runner from an organization, you must be an organization owner{% ifversion custom-org-roles %} or have the "Manage organization runners and runner groups" permission{% endif %}. We recommend that you also have access to the self-hosted runner machine. For information about how to remove a self-hosted runner with the REST API, see [AUTOTITLE](/rest/actions/self-hosted-runners). @@ -67,11 +63,8 @@ If you use {% data variables.product.prodname_ghe_cloud %}, you can also remove > [!NOTE] > * {% data reusables.actions.self-hosted-runner-removal-impact %} > * {% data reusables.actions.self-hosted-runner-auto-removal %} -{%- ifversion actions-single-use-tokens %} > * {% data reusables.actions.jit-runner-removal %} -{%- endif %} - To remove a self-hosted runner from an enterprise, you must be an enterprise owner. We recommend that you also have access to the self-hosted runner machine. For information about how to remove a self-hosted runner with the REST API, see the enterprise endpoints in the [{% data variables.product.prodname_actions %} REST API](/rest/actions/self-hosted-runners). {% data reusables.actions.self-hosted-runner-reusing %} diff --git a/content/actions/security-for-github-actions/security-guides/automatic-token-authentication.md b/content/actions/security-for-github-actions/security-guides/automatic-token-authentication.md index bc72270705d4..0f105441a286 100644 --- a/content/actions/security-for-github-actions/security-guides/automatic-token-authentication.md +++ b/content/actions/security-for-github-actions/security-guides/automatic-token-authentication.md @@ -92,7 +92,7 @@ The following table shows the permissions granted to the `GITHUB_TOKEN` by defau | {% endif %} | | issues | read/write | none | read | | metadata | read | read | read | -| packages | read/write | {% ifversion actions-default-workflow-permissions-restrictive %}read{% else %}none{% endif %} | read | +| packages | read/write | read | read | | pages | read/write | none | read | | pull-requests | read/write | none | read | | repository-projects | read/write | none | read | diff --git a/content/actions/security-for-github-actions/security-guides/security-hardening-for-github-actions.md b/content/actions/security-for-github-actions/security-guides/security-hardening-for-github-actions.md index 72baa66deb2e..75be3eb699f8 100644 --- a/content/actions/security-for-github-actions/security-guides/security-hardening-for-github-actions.md +++ b/content/actions/security-for-github-actions/security-guides/security-hardening-for-github-actions.md @@ -352,8 +352,6 @@ You should also consider the environment of the self-hosted runner machines: Some customers might attempt to partially mitigate these risks by implementing systems that automatically destroy the self-hosted runner after each job execution. However, this approach might not be as effective as intended, as there is no way to guarantee that a self-hosted runner only runs one job. Some jobs will use secrets as command-line arguments which can be seen by another job running on the same runner, such as `ps x -w`. This can lead to secret leakages. -{% ifversion actions-single-use-tokens %} - ### Using just-in-time runners To improve runner registration security, you can use the REST API to create ephemeral, just-in-time (JIT) runners. These self-hosted runners perform at most one job before being automatically removed from the repository, organization, or enterprise. For more information about configuring JIT runners, see [AUTOTITLE](/rest/actions/self-hosted-runners#create-configuration-for-a-just-in-time-runner-for-an-organization). @@ -367,8 +365,6 @@ Once you have the config file from the REST API response, you can pass it to the ./run.sh --jitconfig ${encoded_jit_config} ``` -{% endif %} - ### Planning your management strategy for self-hosted runners A self-hosted runner can be added to various levels in your {% data variables.product.prodname_dotcom %} hierarchy: the enterprise, organization, or repository level. This placement determines who will be able to manage the runner: diff --git a/content/actions/sharing-automations/required-workflows.md b/content/actions/sharing-automations/required-workflows.md index c443c5dbbc76..b8580826f40e 100644 --- a/content/actions/sharing-automations/required-workflows.md +++ b/content/actions/sharing-automations/required-workflows.md @@ -16,7 +16,7 @@ redirect_from: ## Overview -You can configure a workflow that must run in repositories in an organization for all pull requests opened against {% ifversion actions-required-workflow-improvements %}any target branch{% else %}the default branch{% endif %}. Required workflows allow you to implement organization-wide CI/CD policies that apply to current and future repositories. A required workflow is triggered by {% ifversion actions-required-workflow-improvements %}`pull_request` and `pull_request_target` default events{% else %}pull request events{% endif %} and appears as a required status check, which blocks the ability to merge the pull request until the required workflow succeeds. +You can configure a workflow that must run in repositories in an organization for all pull requests opened against any target branch. Required workflows allow you to implement organization-wide CI/CD policies that apply to current and future repositories. A required workflow is triggered by `pull_request` and `pull_request_target` default events and appears as a required status check, which blocks the ability to merge the pull request until the required workflow succeeds. Required workflows are not the same as reusable workflows. Reusable workflows can be called by another workflow. Required workflows are enforced on repositories by an organization owner. diff --git a/content/actions/sharing-automations/reusing-workflows.md b/content/actions/sharing-automations/reusing-workflows.md index 6832eb80beef..ed96fc35f5ef 100644 --- a/content/actions/sharing-automations/reusing-workflows.md +++ b/content/actions/sharing-automations/reusing-workflows.md @@ -104,7 +104,6 @@ Called workflows that are owned by the same user or organization{% ifversion ghe * You can call a maximum of 20 unique reusable workflows from a single workflow file. {% endif %} {% ifversion private-actions %}{% else %}- Reusable workflows stored within a private repository can only be used by workflows within the same repository.{% endif %} -{% ifversion actions-reusable-workflow-matrix %}{% else %}* The `strategy` property is not supported in any job that calls a reusable workflow.{% endif %} * Any environment variables set in an `env` context defined at the workflow level in the caller workflow are not propagated to the called workflow. For more information, see [AUTOTITLE](/actions/learn-github-actions/variables) and [AUTOTITLE](/actions/learn-github-actions/contexts#env-context). * Similarly, environment variables set in the `env` context, defined in the called workflow, are not accessible in the `env` context of the caller workflow. Instead, you must use outputs of the reusable workflow. For more information, see [Using outputs from a reusable workflow](#using-outputs-from-a-reusable-workflow). * To reuse variables in multiple workflows, set them at the organization, repository, or environment levels and reference them using the `vars` context. For more information see [AUTOTITLE](/actions/learn-github-actions/variables) and [AUTOTITLE](/actions/learn-github-actions/contexts#vars-context). @@ -142,16 +141,11 @@ You can define inputs and secrets, which can be passed from the caller workflow {% endraw %} For details of the syntax for defining inputs and secrets, see [`on.workflow_call.inputs`](/actions/using-workflows/workflow-syntax-for-github-actions#onworkflow_callinputs) and [`on.workflow_call.secrets`](/actions/using-workflows/workflow-syntax-for-github-actions#onworkflow_callsecrets). - {% ifversion actions-inherit-secrets-reusable-workflows %} 1. In the reusable workflow, reference the input or secret that you defined in the `on` key in the previous step. > [!NOTE] > If the secrets are inherited by using `secrets: inherit` in the calling workflow, you can reference them even if they are not explicitly defined in the `on` key. For more information, see [AUTOTITLE](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idsecretsinherit). - {%- else %} -1. In the reusable workflow, reference the input or secret that you defined in the `on` key in the previous step. - {%- endif %} - {% raw %} ```yaml @@ -225,8 +219,6 @@ You can call multiple workflows, referencing each in a separate job. {% data reusables.actions.pass-inputs-to-reusable-workflows %} -{% ifversion actions-reusable-workflow-matrix %} - ### Using a matrix strategy with a reusable workflow Jobs using the matrix strategy can call a reusable workflow. @@ -249,7 +241,6 @@ jobs: ``` {% endraw %} -{% endif %} ### Supported keywords for jobs that call a reusable workflow @@ -261,12 +252,8 @@ When you call a reusable workflow, you can only use the following keywords in th * [`jobs..with.`](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idwithinput_id) * [`jobs..secrets`](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idsecrets) * [`jobs..secrets.`](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idsecretssecret_id) -{%- ifversion actions-inherit-secrets-reusable-workflows %} * [`jobs..secrets.inherit`](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idsecretsinherit) -{%- endif %} -{%- ifversion actions-reusable-workflow-matrix %} * [`jobs..strategy`](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstrategy) -{%- endif %} * [`jobs..needs`](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idneeds) * [`jobs..if`](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idif) * [`jobs..concurrency`](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idconcurrency) @@ -368,10 +355,10 @@ For information on how to use the API to determine which workflow files were inv ## Using outputs from a reusable workflow -A reusable workflow may generate data that you want to use in the caller workflow. To use these outputs, you must specify them as the outputs of the reusable workflow.{% ifversion actions-reusable-workflow-matrix %} +A reusable workflow may generate data that you want to use in the caller workflow. To use these outputs, you must specify them as the outputs of the reusable workflow. If a reusable workflow that sets an output is executed with a matrix strategy, the output will be the output set by the last successful completing reusable workflow of the matrix which actually sets a value. -That means if the last successful completing reusable workflow sets an empty string for its output, and the second last successful completing reusable workflow sets an actual value for its output, the output will contain the value of the second last completing reusable workflow.{% endif %} +That means if the last successful completing reusable workflow sets an empty string for its output, and the second last successful completing reusable workflow sets an actual value for its output, the output will contain the value of the second last completing reusable workflow. The following reusable workflow has a single job containing two steps. In each of these steps we set a single word as the output: "hello" and "world." In the `outputs` section of the job, we map these step outputs to job outputs called: `output1` and `output2`. In the `on.workflow_call.outputs` section we then define two outputs for the workflow itself, one called `firstword` which we map to `output1`, and one called `secondword` which we map to `output2`. diff --git a/content/actions/use-cases-and-examples/building-and-testing/building-and-testing-go.md b/content/actions/use-cases-and-examples/building-and-testing/building-and-testing-go.md index 60b99176a879..031d0655569c 100644 --- a/content/actions/use-cases-and-examples/building-and-testing/building-and-testing-go.md +++ b/content/actions/use-cases-and-examples/building-and-testing/building-and-testing-go.md @@ -148,9 +148,8 @@ You can use `go get` to install dependencies: ### Caching dependencies -You can cache and restore dependencies using the [`setup-go` action](https://github.com/actions/setup-go). By default, caching is {% ifversion actions-setup-go-default-cache-enabled %}enabled when using the `setup-go` action.{% else %}disabled, but you can set the `cache` parameter to `true` to enable it.{% endif %} +You can cache and restore dependencies using the [`setup-go` action](https://github.com/actions/setup-go). By default, caching is enabled when using the `setup-go` action. -{% ifversion actions-setup-go-default-cache-enabled %} The `setup-go` action searches for the dependency file, `go.sum`, in the repository root and uses the hash of the dependency file as a part of the cache key. You can use the `cache-dependency-path` parameter for cases when multiple dependency files are used, or when they are located in different subdirectories. @@ -163,30 +162,6 @@ You can use the `cache-dependency-path` parameter for cases when multiple depend cache-dependency-path: subdir/go.sum ``` -{% else %} - -When caching is enabled, the `setup-go` action searches for the dependency file, `go.sum`, in the repository root and uses the hash of the dependency file as a part of the cache key. - -```yaml copy - - name: Setup Go - uses: {% data reusables.actions.action-setup-go %} - with: - go-version: '1.21.x' - cache: true -``` - -Alternatively, you can use the `cache-dependency-path` parameter for cases when multiple dependency files are used, or when they are located in different subdirectories. - -```yaml copy - - uses: {% data reusables.actions.action-setup-go %} - with: - go-version: '1.17' - cache: true - cache-dependency-path: subdir/go.sum -``` - -{% endif %} - If you have a custom requirement or need finer controls for caching, you can use the [`cache` action](https://github.com/marketplace/actions/cache). For more information, see [AUTOTITLE](/actions/using-workflows/caching-dependencies-to-speed-up-workflows). ## Building and testing your code diff --git a/content/admin/managing-github-actions-for-your-enterprise/enabling-github-actions-for-github-enterprise-server/enabling-github-actions-with-google-cloud-storage.md b/content/admin/managing-github-actions-for-your-enterprise/enabling-github-actions-for-github-enterprise-server/enabling-github-actions-with-google-cloud-storage.md index 83baa2a51626..f5f216e5f733 100644 --- a/content/admin/managing-github-actions-for-your-enterprise/enabling-github-actions-for-github-enterprise-server/enabling-github-actions-with-google-cloud-storage.md +++ b/content/admin/managing-github-actions-for-your-enterprise/enabling-github-actions-for-github-enterprise-server/enabling-github-actions-with-google-cloud-storage.md @@ -3,7 +3,7 @@ title: Enabling GitHub Actions with Google Cloud Storage intro: 'You can enable {% data variables.product.prodname_actions %} on {% data variables.product.prodname_ghe_server %} and use Google Cloud Storage to store data generated by workflow runs.' permissions: 'Site administrators can enable {% data variables.product.prodname_actions %} and configure enterprise settings.' versions: - feature: actions-ghes-gcp-storage + ghes: '*' type: how_to topics: - Actions diff --git a/content/admin/managing-github-actions-for-your-enterprise/getting-started-with-github-actions-for-your-enterprise/getting-started-with-github-actions-for-github-enterprise-server.md b/content/admin/managing-github-actions-for-your-enterprise/getting-started-with-github-actions-for-your-enterprise/getting-started-with-github-actions-for-github-enterprise-server.md index 8ed1ef4af57b..af706adcf3e7 100644 --- a/content/admin/managing-github-actions-for-your-enterprise/getting-started-with-github-actions-for-your-enterprise/getting-started-with-github-actions-for-github-enterprise-server.md +++ b/content/admin/managing-github-actions-for-your-enterprise/getting-started-with-github-actions-for-your-enterprise/getting-started-with-github-actions-for-github-enterprise-server.md @@ -79,9 +79,7 @@ All other {% data variables.product.prodname_actions %} data, such as the workfl * Azure Blob storage * Amazon S3 -{%- ifversion actions-ghes-gcp-storage %} * Google Cloud Storage -{%- endif %} * S3-compatible MinIO cluster > [!NOTE] @@ -101,9 +99,7 @@ Follow one of the procedures below to enable {% data variables.product.prodname_ * [Enabling GitHub Actions with Azure Blob storage](/admin/github-actions/enabling-github-actions-for-github-enterprise-server/enabling-github-actions-with-azure-blob-storage) * [Enabling GitHub Actions with Amazon S3 storage](/admin/github-actions/enabling-github-actions-for-github-enterprise-server/enabling-github-actions-with-amazon-s3-storage) -{%- ifversion actions-ghes-gcp-storage %} * [Enabling GitHub Actions with Google Cloud Storage](/admin/github-actions/enabling-github-actions-for-github-enterprise-server/enabling-github-actions-with-google-cloud-storage) -{%- endif %} * [Enabling GitHub Actions with MinIO storage](/admin/github-actions/enabling-github-actions-for-github-enterprise-server/enabling-github-actions-with-minio-storage) ## Managing access permissions for {% data variables.product.prodname_actions %} in your enterprise diff --git a/content/admin/monitoring-activity-in-your-enterprise/analyzing-how-your-team-works-with-server-statistics/about-server-statistics.md b/content/admin/monitoring-activity-in-your-enterprise/analyzing-how-your-team-works-with-server-statistics/about-server-statistics.md index a7dc76479802..d1eb5920d41c 100644 --- a/content/admin/monitoring-activity-in-your-enterprise/analyzing-how-your-team-works-with-server-statistics/about-server-statistics.md +++ b/content/admin/monitoring-activity-in-your-enterprise/analyzing-how-your-team-works-with-server-statistics/about-server-statistics.md @@ -96,7 +96,6 @@ The following aggregate metrics will be collected and transmitted on a daily bas | AN | `ghe_stats.users.total_users` | Number of user accounts | | AO | `ghe_stats.users.admin_users` | Number of user accounts that are site administrators | | AP | `ghe_stats.users.suspended_users` | Number of user accounts that are suspended | -| {% ifversion actions-server-statistics %} | | AQ | `actions_stats.number_of_repos_using_actions` | Number of repositories using {% data variables.product.prodname_actions %} | | AR | `actions_stats.percentage_of_repos_using_actions` | Percentage of repositories using {% data variables.product.prodname_actions %} | | AS | `packages_stats.registry_enabled` | Whether {% data variables.product.prodname_registry %} with repository-scoped packages is enabled for {% data variables.location.product_location %} | @@ -167,7 +166,6 @@ The following aggregate metrics will be collected and transmitted on a daily bas | DF |`packages_stats.ecosystems.containers.daily_update_count` | Number of container images updated | | DG |`packages_stats.ecosystems.containers.daily_delete_count` | Number of container images deleted | | DH | `packages_stats.ecosystems.containers.daily_create_count` | Number of container images created | -| {% endif %} | ## {% data variables.product.prodname_server_statistics %} data examples diff --git a/content/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization.md b/content/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization.md index 603904feb051..d29dc52582e6 100644 --- a/content/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization.md +++ b/content/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization.md @@ -98,7 +98,7 @@ You can configure this behavior for an organization using the procedure below. M {% data reusables.actions.workflows.required-workflow-beta %} -You can configure required workflows to run in all or selected repositories in an organization where you are an owner. Required workflows are triggered by {% ifversion actions-required-workflow-improvements %}`pull_request` and `pull_request_target` default events{% else %}pull requests{% endif %} and must pass before a pull request can be merged. For more information, see [AUTOTITLE](/actions/using-workflows/required-workflows). +You can configure required workflows to run in all or selected repositories in an organization where you are an owner. Required workflows are triggered by `pull_request` and `pull_request_target` default events and must pass before a pull request can be merged. For more information, see [AUTOTITLE](/actions/using-workflows/required-workflows). ### Prerequisites @@ -125,7 +125,7 @@ Note the following restrictions and behaviors for the target repositories: {% data reusables.organizations.settings-sidebar-actions-general %} 1. To the right of "Required Workflows", click **Add workflow**. -1. Under "Required workflow", use the drop-down menu to select the repository that contains the workflow. Then, enter the path to the workflow in the text field. {% ifversion actions-required-workflow-improvements %}You can reference any branch, tag, or commit SHA from the repository containing the workflow file using the `{path}@{ref}` syntax.{% endif %} +1. Under "Required workflow", use the drop-down menu to select the repository that contains the workflow. Then, enter the path to the workflow in the text field. You can reference any branch, tag, or commit SHA from the repository containing the workflow file using the `{path}@{ref}` syntax. 1. Under "Apply to repositories...", use the drop-down menu to select which repositories the required workflow applies to. Select **All repositories** to apply the required workflow to all repositories in your organization, or **Selected repositories** to choose which repositories it will apply to. @@ -160,9 +160,7 @@ You can set the default permissions for the `GITHUB_TOKEN` in the settings for y ### Configuring the default `GITHUB_TOKEN` permissions -{% ifversion actions-default-workflow-permissions-restrictive %} By default, when you create a new organization,{% ifversion ghec or ghes %} the setting is inherited from what is configured in the enterprise settings.{% else %} `GITHUB_TOKEN` only has read access for the `contents` and `packages` scopes.{% endif %} -{% endif %} {% data reusables.profile.access_profile %} {% data reusables.profile.access_org %} diff --git a/content/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository.md b/content/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository.md index e731911e9310..b112f5929900 100644 --- a/content/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository.md +++ b/content/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository.md @@ -91,9 +91,7 @@ The default permissions can also be configured in the organization settings. If ### Configuring the default `GITHUB_TOKEN` permissions -{% ifversion actions-default-workflow-permissions-restrictive %} By default, when you create a new repository in your personal account, `GITHUB_TOKEN` only has read access for the `contents` and `packages` scopes. If you create a new repository in an organization, the setting is inherited from what is configured in the organization settings. -{% endif %} {% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.sidebar-settings %} @@ -105,9 +103,7 @@ By default, when you create a new repository in your personal account, `GITHUB_T {% data reusables.actions.workflow-pr-approval-permissions-intro %} -{% ifversion actions-default-workflow-permissions-restrictive %} By default, when you create a new repository in your personal account, workflows are not allowed to create or approve pull requests. If you create a new repository in an organization, the setting is inherited from what is configured in the organization settings. -{% endif %} {% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.sidebar-settings %} diff --git a/data/reusables/actions/action-setup-go.md b/data/reusables/actions/action-setup-go.md index 4f051db1e7f2..8c1318dbfc6b 100644 --- a/data/reusables/actions/action-setup-go.md +++ b/data/reusables/actions/action-setup-go.md @@ -1 +1 @@ -actions/setup-go@{% ifversion actions-setup-go-default-cache-enabled %}v5{% else %}v3{% endif %} +actions/setup-go@v5 diff --git a/data/reusables/actions/configure-storage-provider-platform-commands.md b/data/reusables/actions/configure-storage-provider-platform-commands.md index 5799a22b88cc..e04285571957 100644 --- a/data/reusables/actions/configure-storage-provider-platform-commands.md +++ b/data/reusables/actions/configure-storage-provider-platform-commands.md @@ -10,11 +10,8 @@ ghe-config secrets.actions.storage.blob-provider "s3" ``` -{%- ifversion actions-ghes-gcp-storage %} * Google Cloud Storage: - + ```shell copy ghe-config secrets.actions.storage.blob-provider "gcs" ``` - -{%- endif %} diff --git a/data/reusables/actions/configure-storage-provider.md b/data/reusables/actions/configure-storage-provider.md index 09a86c93735a..3adf422c12c8 100644 --- a/data/reusables/actions/configure-storage-provider.md +++ b/data/reusables/actions/configure-storage-provider.md @@ -21,7 +21,6 @@ ghe-config secrets.actions.storage.s3.force-path-style true ``` -{%- ifversion actions-ghes-gcp-storage %} * Google Cloud Storage: ```shell copy @@ -30,5 +29,3 @@ ghe-config secrets.actions.storage.gcs.access-key-id "HMAC ACCESS ID" ghe-config secrets.actions.storage.gcs.access-secret "HMAC SECRET" ``` - -{%- endif %} diff --git a/data/reusables/actions/enterprise-storage-ha-backups.md b/data/reusables/actions/enterprise-storage-ha-backups.md index 1fc6cd0c6e32..7dcba0f0dde8 100644 --- a/data/reusables/actions/enterprise-storage-ha-backups.md +++ b/data/reusables/actions/enterprise-storage-ha-backups.md @@ -1 +1 @@ -{% data variables.product.prodname_actions %} uses external storage to store workflow artifacts and logs. This data is stored on your external provider, such as Azure blob storage, Amazon S3,{% ifversion actions-ghes-gcp-storage %} Google Cloud Storage,{% endif %} or MinIO. As a result, {% data variables.product.prodname_ghe_server %} backups and {% data variables.product.prodname_ghe_server %} high availability configurations do not provide protection for the data stored on this external storage, and instead rely on the data protection and replication provided by the external storage provider, such as Azure{% ifversion actions-ghes-gcp-storage %}, Google Cloud,{% endif %} or AWS. +{% data variables.product.prodname_actions %} uses external storage to store workflow artifacts and logs. This data is stored on your external provider, such as Azure blob storage, Amazon S3, Google Cloud Storage, or MinIO. As a result, {% data variables.product.prodname_ghe_server %} backups and {% data variables.product.prodname_ghe_server %} high availability configurations do not provide protection for the data stored on this external storage, and instead rely on the data protection and replication provided by the external storage provider, such as Azure, Google Cloud, or AWS. diff --git a/data/reusables/actions/pass-inputs-to-reusable-workflows.md b/data/reusables/actions/pass-inputs-to-reusable-workflows.md index d862981d9168..990bc6cc1b2b 100644 --- a/data/reusables/actions/pass-inputs-to-reusable-workflows.md +++ b/data/reusables/actions/pass-inputs-to-reusable-workflows.md @@ -14,7 +14,6 @@ jobs: {% endraw %} -{% ifversion actions-inherit-secrets-reusable-workflows %} Workflows that call reusable workflows in the same organization or enterprise can use the `inherit` keyword to implicitly pass the secrets. {% raw %} @@ -29,5 +28,3 @@ jobs: ``` {% endraw %} - -{% endif %} diff --git a/data/reusables/actions/workflows/github-token-access.md b/data/reusables/actions/workflows/github-token-access.md index e729af1ab102..7012990f4a8e 100644 --- a/data/reusables/actions/workflows/github-token-access.md +++ b/data/reusables/actions/workflows/github-token-access.md @@ -1 +1 @@ -1. Under "Workflow permissions", choose whether you want the `GITHUB_TOKEN` to have read and write access for all permissions (the permissive setting), or just read access for the `contents` {% ifversion actions-default-workflow-permissions-restrictive %}and `packages` permissions{% else %}permission{% endif %} (the restricted setting). +1. Under "Workflow permissions", choose whether you want the `GITHUB_TOKEN` to have read and write access for all permissions (the permissive setting), or just read access for the `contents` and `packages` permissions (the restricted setting). diff --git a/data/reusables/actions/workflows/required-workflow-prerequisites.md b/data/reusables/actions/workflows/required-workflow-prerequisites.md index d35f1ba419c3..a23a793e0c64 100644 --- a/data/reusables/actions/workflows/required-workflow-prerequisites.md +++ b/data/reusables/actions/workflows/required-workflow-prerequisites.md @@ -1,8 +1,8 @@ * {% data variables.product.prodname_actions %} must be enabled for a repository in the organization's settings in order for required workflows to run. Once enabled at an organization-level, required workflows will run even when {% data variables.product.prodname_actions %} is disabled in the repository's settings. For more information on managing {% data variables.product.prodname_actions %} in your organization's repositories, see [AUTOTITLE](/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization#managing-github-actions-permissions-for-your-organization). * Required workflows are available for organizations and only in repositories where the organization's plan supports required status checks. If required status checks are not supported, the workflow will still run, but it will not be a required check and will not block merging. For more information about support for required status checks, see [AUTOTITLE](/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches). * The repository's default branch must match the organization's default branch setting in order for required workflows to run as required status checks. If the default branch names do not match, the workflow will still run, but it will not be a required check. For more information about managing default branch names, see [AUTOTITLE](/organizations/managing-organization-settings/managing-the-default-branch-name-for-repositories-in-your-organization) and [AUTOTITLE](/repositories/configuring-branches-and-merges-in-your-repository/managing-branches-in-your-repository/changing-the-default-branch). -* For required workflows to run, the pull request's source repository must be in the same organization as the target repository. {% data variables.product.product_name %} will source the required workflow from {% ifversion actions-required-workflow-improvements %}a specified branch, tag, or commit SHA {% else %}the HEAD commit of the default branch {% endif %}from the repository containing the workflow. +* For required workflows to run, the pull request's source repository must be in the same organization as the target repository. {% data variables.product.product_name %} will source the required workflow from a specified branch, tag, or commit SHA from the repository containing the workflow. * Secrets used in a required workflow should be created at either the organization level or in the target repositories. * Secrets in the source repository will not be fetched when a workflow runs in the target repository. -{% ifversion actions-required-workflow-improvements %}* When a workflow is run as a required workflow it will ignore all the filters in the `on:` section, for example: `branches`, `branches-ignore`, `paths`, `types` etc. The required workflow will run only for the `pull_request` and `pull_request_target` default events. For more information on default activity types, see [AUTOTITLE](/actions/using-workflows/events-that-trigger-workflows#pull_request).{% endif %} +* When a workflow is run as a required workflow it will ignore all the filters in the `on:` section, for example: `branches`, `branches-ignore`, `paths`, `types` etc. The required workflow will run only for the `pull_request` and `pull_request_target` default events. For more information on default activity types, see [AUTOTITLE](/actions/using-workflows/events-that-trigger-workflows#pull_request). * Required workflows are not automatically triggered on already existing pull requests even though they automatically appear as expected checks. To trigger required workflows for an already existing pull request, push a new change to that pull request. diff --git a/data/reusables/actions/workflows/required-workflow-source-notes.md b/data/reusables/actions/workflows/required-workflow-source-notes.md index cf3ad2c3767a..2853e8896de6 100644 --- a/data/reusables/actions/workflows/required-workflow-source-notes.md +++ b/data/reusables/actions/workflows/required-workflow-source-notes.md @@ -2,10 +2,8 @@ * If the required workflow is contained in a private {% ifversion ghes or ghec %}or internal {% endif %}repository, you must ensure that workflows within the repository are accessible by other repositories in your organization. For more information, see [AUTOTITLE](/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#managing-access-for-a-private-repository){% ifversion ghes or ghec %} and [AUTOTITLE](/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#allowing-access-to-components-in-an-internal-repository){% endif %}. * Workflows stored in a public repository can be configured as required workflows for any repository in your organization. Workflows stored in a private repository can only be configured as required workflows for other private repositories in your organization. {% ifversion ghes or ghec %} Workflows stored in internal repositories can be configured as required workflows for internal and private repositories in your organization.{% endif %} * {% data variables.product.prodname_codeql %} is not supported in required workflows because {% data variables.product.prodname_codeql %} requires configuration at the repository level. For information on configuring code scanning, see [AUTOTITLE](/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/configuring-advanced-setup-for-code-scanning). -{% ifversion actions-required-workflow-improvements %} {% ifversion fpt or ghec %} * To push to a branch where required workflows are enforced at the organizational level, create a pull request to make the necessary changes. You cannot push directly to branches with required workflow enforcements. * If you want to allow direct pushes for a particular repository, you must remove the repository as a target from respective required workflows. {% endif %} * Required workflows can be referenced using any branch, tag, or commit SHA from the repository containing the workflow file. -{% endif %}