Skip to content

Commit

Permalink
Merge branch 'main' into patch-1
Browse files Browse the repository at this point in the history
  • Loading branch information
marcandre-larochelle authored Oct 25, 2024
2 parents d7aa0af + 159ac36 commit af9a8f6
Show file tree
Hide file tree
Showing 143 changed files with 164,646 additions and 74,175 deletions.
2 changes: 1 addition & 1 deletion .devcontainer/Dockerfile
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
# To find available Node images, see https://mcr.microsoft.com/en-us/product/devcontainers/javascript-node/tags

# [Choice] Node.js version
ARG VARIANT="dev-20-bullseye"
ARG VARIANT="dev-22-bullseye"
FROM mcr.microsoft.com/devcontainers/javascript-node:${VARIANT}

# [Optional] Uncomment this section to install additional OS packages.
Expand Down
110 changes: 55 additions & 55 deletions .devcontainer/devcontainer.json
Original file line number Diff line number Diff line change
Expand Up @@ -2,67 +2,67 @@
// https://github.com/microsoft/vscode-dev-containers/tree/v0.177.0/containers/javascript-node
// -
{
"name": "docs.github.com",
"build": {
"dockerfile": "Dockerfile",
// Update 'VARIANT' to pick a Node version
"args": { "VARIANT": "20" }
},
"name": "docs.github.com",
"build": {
"dockerfile": "Dockerfile",
// Update 'VARIANT' to pick a Node version
"args": { "VARIANT": "22" }
},

// Install features. Type 'feature' in the VS Code command palette for a full list.
"features": {
"sshd": "latest"
},
// Install features. Type 'feature' in the VS Code command palette for a full list.
"features": {
"sshd": "latest"
},

"customizations": {
"vscode": {
// Set *default* container specific settings.json values on container create.
"settings": {
"terminal.integrated.shell.linux": "/bin/bash",
"cSpell.language": ",en"
},
// Visual Studio Code extensions which help authoring for docs.github.com.
"extensions": [
"dbaeumer.vscode-eslint",
"sissel.shopify-liquid",
"davidanson.vscode-markdownlint",
"bierner.markdown-preview-github-styles",
"streetsidesoftware.code-spell-checker",
"alistairchristie.open-reusables",
"AlistairChristie.version-identifier",
"peterbe.ghdocs-goer",
"GitHub.copilot",
"GitHub.copilot-chat"
]
},
"codespaces": {
"repositories": {
// allow Codespaces to pull from separate repo when user has access
"github/docs-early-access": {
"permissions": {
"contents": "write"
}
}
}
}
"customizations": {
"vscode": {
// Set *default* container specific settings.json values on container create.
"settings": {
"terminal.integrated.shell.linux": "/bin/bash",
"cSpell.language": ",en"
},
// Visual Studio Code extensions which help authoring for docs.github.com.
"extensions": [
"dbaeumer.vscode-eslint",
"sissel.shopify-liquid",
"davidanson.vscode-markdownlint",
"bierner.markdown-preview-github-styles",
"streetsidesoftware.code-spell-checker",
"alistairchristie.open-reusables",
"AlistairChristie.version-identifier",
"peterbe.ghdocs-goer",
"GitHub.copilot",
"GitHub.copilot-chat"
]
},
"codespaces": {
"repositories": {
// allow Codespaces to pull from separate repo when user has access
"github/docs-early-access": {
"permissions": {
"contents": "write"
}
}
}
}
},

// Use 'forwardPorts' to make a list of ports inside the container available locally.
"forwardPorts": [4000],
// Use 'forwardPorts' to make a list of ports inside the container available locally.
"forwardPorts": [4000],

"portsAttributes": {
"4000": {
"label": "Preview"
}
},
"portsAttributes": {
"4000": {
"label": "Preview"
}
},

// Use 'postCreateCommand' to run commands after the container is created.
"postCreateCommand": "npm ci",
// Use 'postCreateCommand' to run commands after the container is created.
"postCreateCommand": "npm ci",

// Comment out connect as root instead. More info: https://aka.ms/vscode-remote/containers/non-root.
"remoteUser": "node",
// Comment out connect as root instead. More info: https://aka.ms/vscode-remote/containers/non-root.
"remoteUser": "node",

"hostRequirements": {
"memory": "8gb"
}
"hostRequirements": {
"memory": "8gb"
}
}
10 changes: 9 additions & 1 deletion .github/workflows/azure-preview-env-deploy-public.yml
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,15 @@ jobs:
build-and-deploy-azure-preview-public:
name: Build and deploy Azure preview environment (public)
runs-on: ubuntu-latest
if: github.repository == 'github/docs'
# Ensure this is actually a pull request and not a merge group
# If its a merge group, report success without doing anything
# See https://bit.ly/3qB9nZW > If a job in a workflow is skipped due to a conditional, it will report its status as "Success".
if: |
(
(github.event.pull_request.head.sha)
&& (github.event.number || github.run_id)
)
&& github.repository == 'github/docs'
timeout-minutes: 15
environment:
name: preview-env-${{ github.event.number }}
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/link-check-daily.yml
Original file line number Diff line number Diff line change
Expand Up @@ -86,7 +86,7 @@ jobs:
# treat it as a warning and not as a broken link.
EXTERNAL_SERVER_ERRORS_AS_WARNINGS: true
FAIL_ON_FLAW: false
timeout-minutes: 60
timeout-minutes: 120
run: npm run rendered-content-link-checker

- name: Insight into external link checker DB json file (after)
Expand Down
3 changes: 1 addition & 2 deletions .github/workflows/local-dev.yml
Original file line number Diff line number Diff line change
Expand Up @@ -21,8 +21,7 @@ jobs:
- name: Check out repo
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1

- name: Install dependencies
run: npm install
- uses: ./.github/actions/node-npm-setup

- uses: ./.github/actions/get-docs-early-access
if: ${{ github.repository == 'github/docs-internal' }}
Expand Down
2 changes: 1 addition & 1 deletion Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@
# --------------------------------------------------------------------------------
# To update the sha, run `docker pull node:$VERSION-alpine`
# look for something like: `Digest: sha256:0123456789abcdef`
FROM node:20-alpine@sha256:66f7f89199daea88a6b5d5aadaa6d20f7a16a90fc35274deda8e901e267d4bd7 AS base
FROM node:22-alpine@sha256:c13b26e7e602ef2f1074aef304ce6e9b7dd284c419b35d89fcf3cc8e44a8def9 AS base

# This directory is owned by the node user
ARG APP_HOME=/home/node/app
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -48,6 +48,8 @@ To ensure that commits are attributed to you and appear in your contributions gr

{% ifversion fpt or ghec %}

<a name="about-no-reply-email"></a>

{% note %}

**Note:** If you created your account _after_ July 18, 2017, your `noreply` email address for is an ID number and your username in the form of <code>[email protected]</code>. If you created your account _prior to_ July 18, 2017, and enabled **Keep my email address private** prior to that date, your `noreply` email address is <code>[email protected]</code>. You can get an ID-based `noreply` email address by selecting (or deselecting and reselecting) **Keep my email address private** in your email settings.
Expand Down
2 changes: 1 addition & 1 deletion content/actions/sharing-automations/reusing-workflows.md
Original file line number Diff line number Diff line change
Expand Up @@ -361,7 +361,7 @@ jobs:
workflowB-calls-workflowC:
uses: different-org/example-repo/.github/workflows/C.yml@main
secrets:
repo-token: ${{ secrets.person_access_token }} # pass just this secret
repo-token: ${{ secrets.personal_access_token }} # pass just this secret
```

{% endraw %}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -151,6 +151,24 @@ Across all organizations owned by your enterprise, you can set the default branc
1. Optionally, to enforce the default branch name for all organizations in the enterprise, select **Enforce across this enterprise**.
1. Click **Update**.

{% ifversion deploy-keys-enterprise-org-policy %}

## Enforcing a policy for deploy keys

Across all organizations owned by your enterprise, you can allow members to create deploy keys in repositories, restrict deploy key creation, or allow owners to administer the setting on the organization level.

For more information about using deploy keys, see "[AUTOTITLE](/authentication/connecting-to-github-with-ssh/managing-deploy-keys#deploy-keys)." If you want fine-grained control over permissions, consider using a {% data variables.product.prodname_github_app %} instead. See "[AUTOTITLE](/apps/overview)."

> [!WARNING]
> Changing this setting to disabled will result in **existing deploy keys being disabled** in all repositories in the enterprise. Scripts, apps, or workflows that create, use, or delete deploy keys will no longer work.
{% data reusables.enterprise-accounts.access-enterprise %}
{% data reusables.enterprise-accounts.policies-tab %}
{% data reusables.enterprise-accounts.repositories-tab %}
1. Under "Deploy keys", review the information about changing the setting, then select a policy.
1. Click **Save**.
{% endif %}

## Enforcing a policy for changes to repository visibility

Across all organizations owned by your enterprise, you can allow members with admin access to change a repository's visibility, restrict repository visibility changes to organization owners, or allow owners to administer the setting on the organization level. When you prevent members from changing repository visibility, only enterprise owners can change the visibility of a repository.
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,47 @@
---
title: Creating GitHub Apps for your enterprise
intro: 'Learn how to create a {% data variables.product.prodname_github_app %} for organizations within your enterprise.'
versions:
feature: enterprise-apps-public-beta
type: how_to
topics:
- Enterprise
permissions: Enterprise owners.
shortTitle: Create a GitHub App
---

{% data reusables.apps.enterprise-apps-beta %}

You can create a {% data variables.product.prodname_github_app %} under your enterprise account. The app can only be installed on organizations within your enterprise, and can only be authorized by members of your enterprise. The app can't be installed on user accounts.

## Step 1: Registering a {% data variables.product.prodname_github_app %}

To create a {% data variables.product.prodname_github_app %}, you must first register the app. See "[AUTOTITLE](/apps/creating-github-apps/registering-a-github-app/registering-a-github-app)."

## Step 2: Building a {% data variables.product.prodname_github_app %}

After registering a {% data variables.product.prodname_github_app %}, you will want to write code to make your {% data variables.product.prodname_github_app %} do something. For examples of how to write code, see:

* "[AUTOTITLE](/apps/creating-github-apps/writing-code-for-a-github-app/quickstart)"
* "[AUTOTITLE](/apps/creating-github-apps/guides/building-a-github-app-that-responds-to-webhook-events)"
* "[AUTOTITLE](/apps/creating-github-apps/guides/building-a-login-with-github-button-with-a-github-app)"
* "[AUTOTITLE](/apps/creating-github-apps/guides/building-a-cli-with-a-github-app)"
* "[AUTOTITLE](/apps/creating-github-apps/writing-code-for-a-github-app/making-authenticated-api-requests-with-a-github-app-in-a-github-actions-workflow)"

You should aim to follow best practices. See "[AUTOTITLE](/apps/creating-github-apps/setting-up-a-github-app/best-practices-for-creating-a-github-app)."

## Step 3: Authorizing or sharing your {% data variables.product.prodname_github_app %}

Once your {% data variables.product.prodname_github_app %} is registered, you'll need to make it available to organizations in your enterprise, either through **authorization** or **installation**, depending on the app’s purpose.

### Step 3a: Authorizing your {% data variables.product.prodname_github_app %}

Some {% data variables.product.prodname_github_apps %}, like {% data variables.product.prodname_copilot_short %} extensions, require **authorization** but do not need to be installed on an organization. Users in your enterprise can authorize the app to access resources within organizations. However, the app will only have access to {% data variables.product.github %} resources where it is installed. See "[AUTOTITLE](/apps/using-github-apps/authorizing-github-apps)."

### Step 3b: Sharing your {% data variables.product.prodname_github_app %} via an installation link

For apps that require installation to function, you can provide organization owners with an installation link. Once the app is installed, it will have access to the organization's resources. See "[AUTOTITLE](/apps/sharing-github-apps/sharing-your-github-app#sharing-your-github-app-via-an-install-link)."

## Step 4: Installing your {% data variables.product.prodname_github_app %} (if required)

If your {% data variables.product.prodname_github_app %} requires installation (not just authorization), organization owners can use the install link to install the app on their organization. See "[AUTOTITLE](/apps/using-github-apps/installing-a-github-app-from-a-third-party)."
1 change: 1 addition & 0 deletions content/admin/managing-your-enterprise-account/index.md
Original file line number Diff line number Diff line change
Expand Up @@ -10,5 +10,6 @@ children:
- /creating-a-readme-for-an-enterprise
- /deleting-an-enterprise-account
- /changing-the-url-for-your-enterprise
- /creating-github-apps-for-your-enterprise
shortTitle: Manage enterprise account
---
2 changes: 1 addition & 1 deletion content/admin/overview/system-overview.md
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ topics:

The root filesystem is included in the distributed machine image. It contains the base operating system and the {% data variables.product.product_name %} application environment. The root filesystem should be treated as ephemeral. Any data on the root filesystem will be replaced when upgrading to future {% data variables.product.product_name %} releases.

The root storage volume is split into two equally-sized partitions. One of the partitions will be mounted as the root filesystem (`/`). The other partition is only mounted during upgrades and rollbacks of upgrades as `/mnt/upgrade`, to facilitate easier rollbacks if necessary. For example, if a 200GB root volume is allocated, there will be 100GB allocated to the root filesystem and 100GB reserved for the upgrades and rollbacks.
The root storage volume is split into two equally-sized partitions. One of the partitions will be mounted as the root filesystem (`/`). The other partition is only mounted during upgrades and rollbacks of upgrades as `/mnt/upgrade`, to facilitate easier rollbacks if necessary. For example, if a {% ifversion ghes > 3.14 %}400GB root volume is allocated, there will be 200GB allocated to the root filesystem and 200GB{% else %}200GB root volume is allocated, there will be 100GB allocated to the root filesystem and 100GB{% endif %} reserved for the upgrades and rollbacks.

{% ifversion ghes > 3.13 %}In new installations of 3.14 and later, the root storage volume is split into four partitions. Two small partitions are for the supported boot modes (BIOS and UEFI), and the other two equally large partitions are for the {% data variables.product.product_name %} primary, and upgrades and rollbacks.{% endif %}

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -25,14 +25,18 @@ A {% data variables.product.prodname_github_app %} is a type of integration that

Common use cases for {% data variables.product.prodname_github_apps %} include:
* Automating tasks or background processes
* Supporting "Sign in with GitHub," which allows users to sign in with their {% data variables.product.prodname_dotcom %} account to provide their identity in your ecosystem
* Supporting "Sign in with {% data variables.product.company_short %}," which allows users to sign in with their {% data variables.product.prodname_dotcom %} account to provide their identity in your ecosystem
* As a developer tool, allowing users to work with {% data variables.product.prodname_dotcom %} by signing into your {% data variables.product.prodname_github_app %}, which can then act on their behalf
* Integrating your tool or external service with {% data variables.product.company_short %}

Like {% data variables.product.prodname_oauth_apps %}, {% data variables.product.prodname_github_apps %} use OAuth 2.0 and can act on behalf of a user. Unlike {% data variables.product.prodname_oauth_apps %}, {% data variables.product.prodname_github_apps %} can also act independently of a user.

{% data variables.product.prodname_github_apps %} can be installed directly on organizations and personal accounts and granted access to specific repositories. They come with built-in webhooks and narrow, specific permissions.

{% ifversion enterprise-apps-public-beta %}
You can also create an enterprise-owned {% data variables.product.prodname_github_app %} that can only be installed on organizations within your enterprise, and can only be authorized by members of your enterprise. For more information, see "[AUTOTITLE](/admin/managing-your-enterprise-account/creating-github-apps-for-your-enterprise)."
{% endif %}

{% data reusables.apps.app_manager_role %}

## Building a {% data variables.product.prodname_github_app %}
Expand All @@ -43,7 +47,13 @@ Then, you need to write code to add functionality to your {% data variables.prod

Once you have written the code for your {% data variables.product.prodname_github_app %}, your app needs to run somewhere. If your app is a website or web app, you might host your app on a server like [Azure App Service](https://azure.microsoft.com/products/app-service/). If your app is a client-side app, it might run on a user's device.

In order to use your {% data variables.product.prodname_github_app %}, you must install the app on your organization or personal account. If your {% data variables.product.prodname_github_app %} is private, you can only install the {% data variables.product.prodname_github_app %} on the account that owns the app. If your {% data variables.product.prodname_github_app %} is public, other users and organizations can install your app. For more information, see "[AUTOTITLE](/apps/using-github-apps/installing-your-own-github-app)" and "[AUTOTITLE](/apps/sharing-github-apps/sharing-your-github-app)."
To use your {% data variables.product.prodname_github_app %}, you need to install it on your organization or personal account.

* If your {% data variables.product.prodname_github_app %} is **private**, you can only install it on the account that owns the app.
* If your {% data variables.product.prodname_github_app %} is **public**, other users and organizations can also install it.{% ifversion enterprise-apps-public-beta %}
* If your {% data variables.product.prodname_github_app %} is owned by an **enterprise**, you can install it on any organization within that enterprise.{% endif %}

For more information, see "[AUTOTITLE](/apps/using-github-apps/installing-your-own-github-app)" and "[AUTOTITLE](/apps/sharing-github-apps/sharing-your-github-app)."

## Understanding what type of {% data variables.product.prodname_github_app %} to build

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -25,8 +25,7 @@ You must keep private keys for {% data variables.product.prodname_github_apps %}
To generate a private key:

{% data reusables.apps.settings-step %}
{% data reusables.user-settings.developer_settings %}
{% data reusables.user-settings.github_apps %}
{% data reusables.apps.enterprise-apps-steps %}
1. Next to the {% data variables.product.prodname_github_app %} that you want to generate a private key for, click **Edit**.
1. Under "Private keys", click **Generate a private key**.
1. You will see a private key in PEM format downloaded to your computer. Make sure to store this file because GitHub only stores the public portion of the key. For more information about securely storing your key, see "[Storing private keys](#storing-private-keys)."
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -33,8 +33,7 @@ If your refresh token expires before you use it, you can regenerate a user acces
When you create your app, expiration of user access tokens is enabled unless you opt out. For more information, see "[AUTOTITLE](/apps/creating-github-apps/setting-up-a-github-app/creating-a-github-app)." You can also configure this setting after your app has been created.

{% data reusables.apps.settings-step %}
{% data reusables.user-settings.developer_settings %}
{% data reusables.user-settings.github_apps %}
{% data reusables.apps.enterprise-apps-steps %}
1. Next to the {% data variables.product.prodname_github_app %} that you want to modify, click **Edit**.
1. In the {% data variables.product.prodname_github_apps %} settings sidebar, click **Optional Features**.
1. Next to "User-to-server token expiration", click **Opt-in** or **Opt-out**. This setting may take a couple of seconds to apply.
Expand Down
Loading

0 comments on commit af9a8f6

Please sign in to comment.