Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Repo sync #35994

Merged
merged 6 commits into from
Jan 20, 2025
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Original file line number Diff line number Diff line change
Expand Up @@ -19,15 +19,15 @@ type: how_to

If you need to share workflows and other {% data variables.product.prodname_actions %} features with your team, then consider collaborating within a {% data variables.product.prodname_dotcom %} organization. An organization allows you to centrally store and manage secrets, artifacts, and self-hosted runners. You can also create workflow templates in the `.github` repository and share them with other users in your organization.

## Sharing {% ifversion internal-actions %}actions and {% endif %}workflows
## Sharing {% ifversion ghec or ghes %}actions and {% endif %}workflows

{% ifversion internal-actions %}
{% ifversion ghec or ghes %}
You can share both individual actions and entire workflows with your organization, with or without publishing the actions or workflows publicly. You can reuse actions and workflows exactly by referencing them in your workflow file, and you can create workflow templates.
{% else %}
Your organization can share workflows by reusing the workflows exactly or by creating workflow templates
{% endif %}

{% ifversion internal-actions %}
{% ifversion ghec or ghes %}

### Sharing actions with your enterprise

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -208,7 +208,7 @@ The same principles described above for using third-party actions also apply to

{% data reusables.actions.dependabot-version-updates-for-actions %}

{% ifversion internal-actions %}
{% ifversion ghec or ghes %}

## Allowing workflows to access internal and private repositories

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ topics:
You can create actions by writing custom code that interacts with your repository in any way you'd like, including integrating with {% data variables.product.prodname_dotcom %}'s APIs and any publicly available third-party API. For example, an action can publish npm modules, send SMS alerts when urgent issues are created, or deploy production-ready code.

{% ifversion fpt or ghec %}
You can write your own actions to use in your workflow or share the actions you build with the {% data variables.product.prodname_dotcom %} community. To share actions you've built with everyone, your repository must be public. {% ifversion internal-actions %}To share actions only within your enterprise, your repository must be internal.{% endif %}
You can write your own actions to use in your workflow or share the actions you build with the {% data variables.product.prodname_dotcom %} community. To share actions you've built with everyone, your repository must be public. {% ifversion ghec %}To share actions only within your enterprise, your repository must be internal.{% endif %}
{% endif %}

Actions can run directly on a machine or in a Docker container. You can define an action's inputs, outputs, and environment variables.
Expand Down
14 changes: 3 additions & 11 deletions content/actions/sharing-automations/reusing-workflows.md
Original file line number Diff line number Diff line change
Expand Up @@ -60,7 +60,7 @@
You cannot directly use reusable workflows defined on {% data variables.product.prodname_dotcom_the_website %}. Instead store a copy of the reusable workflow on {% data variables.location.product_location %}, and call the workflow from that path.

{% elsif actions-workflow-policy %}, and your {% ifversion ghec %}enterprise{% else %}organization{% endif %} allows you to use public reusable workflows.{% endif %}{% ifversion ghes or ghec %}
* The called workflow is stored in an internal repository and the settings for that repository allow it to be accessed. For more information, see {% ifversion internal-actions %}[AUTOTITLE](/actions/creating-actions/sharing-actions-and-workflows-with-your-enterprise){% else %}[AUTOTITLE](/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#allowing-access-to-components-in-an-internal-repository){% endif %}.{% endif %}
* The called workflow is stored in an internal repository and the settings for that repository allow it to be accessed. For more information, see [AUTOTITLE](/actions/creating-actions/sharing-actions-and-workflows-with-your-enterprise).{% endif %}
* The called workflow is stored in a private repository and the settings for that repository allow it to be accessed. For more information, see {% ifversion ghes or ghec %}[AUTOTITLE](/actions/creating-actions/sharing-actions-and-workflows-with-your-enterprise).{% else %}[AUTOTITLE](/actions/creating-actions/sharing-actions-and-workflows-with-your-organization) and [AUTOTITLE](/actions/creating-actions/sharing-actions-and-workflows-from-your-private-repository).{% endif %}

The following table shows the accessibility of reusable workflows to a caller workflow, depending on the visibility of the host repository.
Expand Down Expand Up @@ -93,15 +93,11 @@

## Limitations

{% ifversion nested-reusable-workflow %}
* You can connect up to four levels of workflows. For more information, see [Nesting reusable workflows](#nesting-reusable-workflows).
* You can call a maximum of 20 unique reusable workflows from a single workflow file. This limit includes any trees of nested reusable workflows that may be called starting from your top-level caller workflow file.

For example, _top-level-caller-workflow.yml_ → _called-workflow-1.yml_ → _called-workflow-2.yml_ counts as 2 reusable workflows.
{% else %}
* Reusable workflows can't call other reusable workflows.
* You can call a maximum of 20 unique reusable workflows from a single workflow file.
{% endif %}

* Any environment variables set in an `env` context defined at the workflow level in the caller workflow are not propagated to the called workflow. For more information, see [AUTOTITLE](/actions/learn-github-actions/variables) and [AUTOTITLE](/actions/learn-github-actions/contexts#env-context).
* Similarly, environment variables set in the `env` context, defined in the called workflow, are not accessible in the `env` context of the caller workflow. Instead, you must use outputs of the reusable workflow. For more information, see [Using outputs from a reusable workflow](#using-outputs-from-a-reusable-workflow).
* To reuse variables in multiple workflows, set them at the organization, repository, or environment levels and reference them using the `vars` context. For more information see [AUTOTITLE](/actions/learn-github-actions/variables) and [AUTOTITLE](/actions/learn-github-actions/contexts#vars-context).
Expand Down Expand Up @@ -294,8 +290,6 @@

{% endraw %}

{% ifversion nested-reusable-workflow %}

## Nesting reusable workflows

You can connect a maximum of four levels of workflows - that is, the top-level caller workflow and up to three levels of reusable workflows. For example: _caller-workflow.yml_ → _called-workflow-1.yml_ → _called-workflow-2.yml_ → _called-workflow-3.yml_. Loops in the workflow tree are not permitted.
Expand Down Expand Up @@ -349,7 +343,6 @@
`GITHUB_TOKEN` permissions can only be the same or more restrictive in nested workflows. For example, in the workflow chain A > B > C, if workflow A has `package: read` token permission, then B and C cannot have `package: write` permission. For more information, see [AUTOTITLE](/actions/security-guides/automatic-token-authentication).

For information on how to use the API to determine which workflow files were involved in a particular workflow run, see [Monitoring which workflows are being used](#monitoring-which-workflows-are-being-used).
{% endif %}

## Using outputs from a reusable workflow

Expand Down Expand Up @@ -428,9 +421,8 @@
* `repo` - the organization/repository where the workflow job is located. For a job that calls another workflow, this is the organization/repository of the caller workflow.
* `@timestamp` - the date and time that the job was started, in Unix epoch format.
* `job_name` - the name of the job that was run.
{% ifversion nested-reusable-workflow %}
* `calling_workflow_refs` - an array of file paths for all the caller workflows involved in this workflow job. The items in the array are in the reverse order that they were called in. For example, in a chain of workflows A > B > C, when viewing the logs for a job in workflow C, the array would be `["octo-org/octo-repo/.github/workflows/B.yml", "octo-org/octo-repo/.github/workflows/A.yml"]`.
* `calling_workflow_shas` - an array of SHAs for all the caller workflows involved in this workflow job. The array contains the same number of items, in the same order, as the `calling_workflow_refs` array. {% endif %}
* `calling_workflow_shas` - an array of SHAs for all the caller workflows involved in this workflow job. The array contains the same number of items, in the same order, as the `calling_workflow_refs` array.
* `job_workflow_ref` - the workflow file that was used, in the form `{owner}/{repo}/{path}/{filename}@{ref}`. For a job that calls another workflow, this identifies the called workflow.

For information about using the REST API to query the audit log for an organization, see [AUTOTITLE](/rest/orgs#get-the-audit-log-for-an-organization).
Expand All @@ -438,7 +430,7 @@
> [!NOTE]
> Audit data for `prepared_workflow_job` can only be viewed using the REST API. It is not visible in the {% data variables.product.prodname_dotcom %} web interface, or included in JSON/CSV exported audit data.

{% ifversion partial-reruns-with-reusable %}

Check warning on line 433 in content/actions/sharing-automations/reusing-workflows.md

View workflow job for this annotation

GitHub Actions / lint-content

The Liquid ifversion condition 'partial-reruns-with-reusable' includes all possible versions and will always be true.

## Re-running workflows and jobs with reusable workflows

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,8 @@
title: Sharing actions and workflows with your enterprise
intro: You can share an action or reusable workflow with your enterprise without publishing the action or workflow publicly.
versions:
feature: internal-actions
ghec: '*'
ghes: '*'
type: tutorial
topics:
- Actions
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ redirect_from:
- /actions/creating-actions/sharing-actions-and-workflows-with-your-organization
---

## About {% data variables.product.prodname_actions %} access to private {% ifversion internal-actions %} or internal {% endif %}repositories
## About {% data variables.product.prodname_actions %} access to private {% ifversion ghec or ghes %} or internal {% endif %}repositories

You can share actions and reusable workflows within your organization, without publishing them publicly, by allowing {% data variables.product.prodname_actions %} workflows to access a private repository that contains the action or reusable workflow.

Expand All @@ -24,7 +24,7 @@ Any actions or reusable workflows stored in the private repository can be used i

## Sharing actions and workflows with your organization

1. Store the action or reusable workflow in a private {% ifversion internal-actions %} or internal {% endif %}repository. For more information, see [AUTOTITLE](/repositories/creating-and-managing-repositories/about-repositories#about-repository-visibility).
1. Store the action or reusable workflow in a private {% ifversion ghec or ghes %} or internal {% endif %}repository. For more information, see [AUTOTITLE](/repositories/creating-and-managing-repositories/about-repositories#about-repository-visibility).
1. Configure the repository to allow access to workflows in other private repositories. For more information, see [AUTOTITLE](/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#allowing-access-to-components-in-a-private-repository).

## Further reading
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -284,7 +284,7 @@ We strongly recommend that actions use variables to access the filesystem rather
| `GITHUB_RUN_ATTEMPT` | A unique number for each attempt of a particular workflow run in a repository. This number begins at 1 for the workflow run's first attempt, and increments with each re-run. For example, `3`. |
| `GITHUB_RUN_ID` | {% data reusables.actions.run_id_description %} For example, `1658821493`. |
| `GITHUB_RUN_NUMBER` | {% data reusables.actions.run_number_description %} For example, `3`. |
| `GITHUB_SERVER_URL`| The URL of {% data variables.location.product_location_enterprise %}. For example: `https://{% data variables.product.product_url %}`. |
| `GITHUB_SERVER_URL`| The URL of the {% data variables.product.github %} server. For example: `https://{% data variables.product.product_url %}`. |
| `GITHUB_SHA` | {% data reusables.actions.github_sha_description %} |
| `GITHUB_STEP_SUMMARY` | The path on the runner to the file that contains job summaries from workflow commands. The path to this file is unique to the current step and changes for each step in a job. For example, `/home/runner/_layout/_work/_temp/_runner_file_commands/step_summary_1cb22d7f-5663-41a8-9ffc-13472605c76c`. For more information, see [AUTOTITLE](/actions/using-workflows/workflow-commands-for-github-actions#adding-a-job-summary). |
| `GITHUB_TRIGGERING_ACTOR` | {% data reusables.actions.github-triggering-actor-description %} |
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@ Actions can be:

The actions you use in your workflow can be defined in:

* The same repository as your workflow file{% ifversion internal-actions %}
* The same repository as your workflow file{% ifversion ghec or ghes %}
* An internal repository within the same enterprise account that is configured to allow access to workflows{% endif %}
* Any public repository
* A published Docker container image on Docker Hub
Expand Down Expand Up @@ -91,7 +91,7 @@ The `action.yml` file is used to provide metadata for the action. Learn about th

If an action is defined in a different repository than your workflow file, you can reference the action with the `{owner}/{repo}@{ref}` syntax in your workflow file.

The action must be stored in a public repository{% ifversion internal-actions %} or an internal repository that is configured to allow access to workflows. For more information, see [AUTOTITLE](/actions/creating-actions/sharing-actions-and-workflows-with-your-enterprise).{% else %}.{% endif %}
The action must be stored in a public repository{% ifversion ghec or ghes %} or an internal repository that is configured to allow access to workflows. For more information, see [AUTOTITLE](/actions/creating-actions/sharing-actions-and-workflows-with-your-enterprise).{% else %}.{% endif %}

```yaml
jobs:
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -24,12 +24,8 @@ To access the {% data variables.enterprise.management_console %}, you can use th

The {% data variables.enterprise.management_console %} password hash is stored in `/data/user/common/secrets.conf`. If high availability or clustering is configured, the file is automatically synced from the primary node to any additional nodes. Any change to the primary's password will automatically be replicated to all of the instance's nodes. For more information about high availability, see [AUTOTITLE](/admin/enterprise-management/configuring-high-availability/about-high-availability-configuration).

{% ifversion management-console-events-audit-log %}

When someone performs an action in the {% data variables.enterprise.management_console %} via the web interface or REST API, an event appears in the audit log. For more information, see [AUTOTITLE](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/audit-log-events-for-your-enterprise).

{% endif %}

## Examples of activities in the {% data variables.enterprise.management_console %}

In the {% data variables.enterprise.management_console %}, you can perform administrative tasks for {% data variables.location.product_location %}, including:
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -70,20 +70,10 @@ You can also use a command-line utility to configure the IP exception list. For
{% data reusables.enterprise_management_console.custom-maintenance-message %}
1. Click **Save**.

{% ifversion maintenance-management-api %}

## Managing maintenance mode using the REST API

You can manage maintenance mode on {% data variables.location.product_location %} using the REST API. For more information, see [AUTOTITLE](/rest/enterprise-admin/manage-ghes#get-the-status-of-maintenance-mode).

{% else %}

## Scheduling maintenance mode with the {% data variables.product.prodname_enterprise_api %}

You can schedule maintenance for different times or dates with the {% data variables.product.prodname_enterprise_api %}. For more information, see [AUTOTITLE](/rest/enterprise-admin/management-console#enable-or-disable-maintenance-mode).

{% endif %}

{% ifversion ghes-manage-api-cli-extension %}

## Managing maintenance mode using the {% data variables.product.prodname_cli %}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -75,10 +75,6 @@ With reusable workflows, your team can call one workflow from another workflow,

To provide a starting place for developers building new workflows, you can use workflow templates. This not only saves time for your developers, but promotes consistency and best practice across your enterprise. For more information, see [AUTOTITLE](/actions/using-workflows/creating-starter-workflows-for-your-organization).

{% ifversion not internal-actions %}
Whenever your workflow developers want to use an action that's stored in a private repository, they must configure the workflow to clone the repository first. To reduce the number of repositories that must be cloned, consider grouping commonly used actions in a single repository. For more information, see [AUTOTITLE](/actions/creating-actions/about-custom-actions#choosing-a-location-for-your-action).
{% endif %}

## Managing resources

You should plan for how you'll manage the resources required to use {% data variables.product.prodname_actions %}.
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -51,7 +51,7 @@ Use the number to estimate the amount of disk space the MySQL audit logs will ne

{% data reusables.enterprise_installation.preflight-checks %}

{% ifversion mysql-8-upgrade %}
{% ifversion ghes = 3.10 %}

## Known issues

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ redirect_from:

{% data variables.product.company_short %} strongly recommends regular backups of your instance's configuration and data. Before you proceed with any upgrade, back up your instance, then validate the backup in a staging environment. For more information, see [AUTOTITLE](/admin/configuration/configuring-your-enterprise/configuring-backups-on-your-appliance) and [AUTOTITLE](/admin/installation/setting-up-a-github-enterprise-server-instance/setting-up-a-staging-instance).

{% ifversion mysql-8-upgrade %}
{% ifversion ghes = 3.10 %}

## Increased I/O utilization from MySQL 8 upgrade in {% data variables.product.prodname_ghe_server %} 3.9 or later

Expand Down
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
---
title: Authenticating with SAML single sign-on
intro: 'You can authenticate to {% data variables.product.product_name %} with SAML single sign-on (SSO){% ifversion ghec %} and view your active sessions{% endif %}.'
intro: 'You can authenticate to {% data variables.product.github %} with SAML single sign-on (SSO){% ifversion ghec %} and view your active sessions{% endif %}.'
redirect_from:
- /articles/authenticating-to-a-github-organization-with-saml-single-sign-on
- /articles/authenticating-with-saml-single-sign-on
Expand Down
Loading
Loading