Merge branch 'main' into test

github · Nov 15, 2023 · f3773c7 · f3773c7
2 parents 302e6ae + d8b355d
commit f3773c7
Show file tree

Hide file tree

Showing 1,066 changed files with 912,702 additions and 6,940 deletions.
diff --git a/.eslintrc.cjs b/.eslintrc.cjs
diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS
@@ -14,4 +14,16 @@ src/ghes-releases/lib/enterprise-dates.json @github/docs-content-enterprise
 content/actions/deployment/security-hardening-your-deployments/** @github/oidc
 
 # RAI - CELA
-content/copilot/github-copilot-chat/about-github-copilot-chat.md @github/legal-product
+data/reusables/copilot/about-copilot-chat.md @github/legal-product
+content/copilot/github-copilot-in-the-cli/about-github-copilot-in-the-cli.md @github/legal-product
+
+content/code-security/secret-scanning/about-the-regular-expression-generator-for-custom-patterns @github/legal-product
+data/reusables/secret-scanning/beta-custom-pattern-regular-expression-generator.md @github/legal-product
+
+content/code-security/secret-scanning/about-the-detection-of-generic-secrets-with-secret-scanning.md @github/legal-product
+data/reusables/secret-scanning/generic-secret-detection-ai.md @github/legal-product
+
+content/code-security/code-scanning/managing-code-scanning-alerts/about-autofix-for-codeql-code-scanning.md @github/legal-product
+data/reusables/rai/ @github/legal-product
+
+content/copilot/github-copilot-enterprise/copilot-pull-request-summaries/about-copilot-pull-request-summaries.md @github/legal-product
diff --git a/CODE_OF_CONDUCT.md → .github/CODE_OF_CONDUCT.md b/CODE_OF_CONDUCT.md → .github/CODE_OF_CONDUCT.md
diff --git a/CONTRIBUTING.md → .github/CONTRIBUTING.md b/CONTRIBUTING.md → .github/CONTRIBUTING.md
@@ -20,7 +20,7 @@ To get an overview of the project, read the [README](README.md) file. Here are s
 
 ## Getting started
 
-To navigate our codebase with confidence, see [the introduction to working in the docs repository](/contributing/working-in-docs-repository.md) :confetti_ball:. For more information on how we write our markdown files, see [the GitHub Markdown reference](contributing/content-markup-reference.md).
+To navigate our codebase with confidence, see [the introduction to working in the docs repository](/contributing/README.md) :confetti_ball:. For more information on how we write our markdown files, see "[Using Makrdown and Liquid in GitHub Docs](https://docs.github.com/en/contributing/writing-for-github-docs/using-markdown-and-liquid-in-github-docs).
 
 Check to see what [types of contributions](/contributing/types-of-contributions.md) we accept before making changes. Some of them don't even require writing a single line of code :sparkles:.
 
@@ -32,7 +32,7 @@ If you spot a problem with the docs, [search if an issue already exists](https:/
 
 #### Solve an issue
 
-Scan through our [existing issues](https://github.com/github/docs/issues) to find one that interests you. You can narrow down the search using `labels` as filters. See [Labels](/contributing/how-to-use-labels.md) for more information. As a general rule, we don’t assign issues to anyone. If you find an issue to work on, you are welcome to open a PR with a fix.
+Scan through our [existing issues](https://github.com/github/docs/issues) to find one that interests you. You can narrow down the search using `labels` as filters. See "[Label reference](https://docs.github.com/en/contributing/collaborating-on-github-docs/label-reference)" for more information. As a general rule, we don’t assign issues to anyone. If you find an issue to work on, you are welcome to open a PR with a fix.
 
 ### Make Changes
 
@@ -62,7 +62,7 @@ For more information about using a codespace for working on GitHub documentation
 
 ### Commit your update
 
-Commit the changes once you are happy with them. Don't forget to [self-review](/contributing/self-review.md) to speed up the review process:zap:.
+Commit the changes once you are happy with them. Don't forget to use the "[Self review checklist](https://docs.github.com/en/contributing/collaborating-on-github-docs/self-review-checklist) to speed up the review process :zap:.
 
 ### Pull Request
 

diff --git a/.github/ISSUE_TEMPLATE/partner-contributed-documentation.yml b/.github/ISSUE_TEMPLATE/partner-contributed-documentation.yml
@@ -39,7 +39,7 @@ body:
           required: true
         - label: MUST emphasize how the third-party product works with GitHub.
           required: true
-        - label: MUST be written in Markdown format, using [one of the templates provided](contributing/github-partners/README.md#templates).
+        - label: MUST be written in Markdown format, using [one of the templates provided](https://docs.github.com/en/contributing/writing-for-github-docs/templates).
           required: true
         - label: MUST include the name and URL of the GitHub technology partner responsible for maintenance of the documentation being contributed. This should be added via the `contributor.name` and `contributor.URL` properties in the template's YAML frontmatter.
           required: true

diff --git a/.github/workflows/azure-preview-env-deploy.yml b/.github/workflows/azure-preview-env-deploy.yml
@@ -192,8 +192,7 @@ jobs:
           rsync -rptovR ./user-code/content/./**/*.md ./content
           rsync -rptovR ./user-code/assets/./**/*.png ./assets
           rsync -rptovR ./user-code/data/./**/*.{yml,md} ./data
-          rsync -rptovR ./user-code/components/./**/*.{scss,ts,tsx} ./components
-          rsync -rptovR ./user-code/src/./**/*.tsx ./src
+          rsync -rptovR ./user-code/src/./**/*.{scss,ts,tsx} ./src
 
       - uses: ./.github/actions/warmup-remotejson-cache
         with:
@@ -229,7 +228,7 @@ jobs:
         with:
           resourceGroupName: ${{ secrets.PREVIEW_ENV_RESOURCE_GROUP }}
           subscriptionId: ${{ secrets.NONPROD_SUBSCRIPTION_ID }}
-          template: ./azure-preview-env-template.json
+          template: ./src/workflows/azure-preview-env-template.json
           deploymentName: ${{ env.DEPLOYMENT_NAME }}
           parameters: appName="${{ env.APP_NAME }}"
             containerImage="${{ env.DOCKER_IMAGE }}"

diff --git a/.github/workflows/azure-prod-build-deploy.yml b/.github/workflows/azure-prod-build-deploy.yml
@@ -31,6 +31,9 @@ jobs:
     env:
       DOCKER_IMAGE: ${{ secrets.PROD_REGISTRY_SERVER }}/${{ github.repository }}:${{ github.sha }}
       DOCKER_IMAGE_CACHE_REF: ${{ secrets.PROD_REGISTRY_SERVER }}/${{ github.repository }}:main-production
+      RESOURCE_GROUP_NAME: docs-prod
+      APP_SERVICE_NAME: ghdocs-prod
+      SLOT_NAME: canary
 
     steps:
       - name: 'Az CLI login'
@@ -93,58 +96,23 @@ jobs:
 
       - name: 'Update docker-compose.prod.yaml template file'
         run: |
-          sed 's|#{IMAGE}#|${{ env.DOCKER_IMAGE }}|g' docker-compose.prod.tmpl.yaml > docker-compose.prod.yaml
+          sed 's|#{IMAGE}#|${{ env.DOCKER_IMAGE }}|g' src/workflows/docker-compose.prod.tmpl.yaml > docker-compose.prod.yaml
 
       - name: 'Apply updated docker-compose.prod.yaml config to canary slot'
         run: |
-          az webapp config container set --multicontainer-config-type COMPOSE --multicontainer-config-file docker-compose.prod.yaml --slot canary -n ghdocs-prod -g docs-prod
+          az webapp config container set --multicontainer-config-type COMPOSE --multicontainer-config-file docker-compose.prod.yaml --slot ${{ env.SLOT_NAME }} -n ${{ env.APP_SERVICE_NAME }} -g ${{ env.RESOURCE_GROUP_NAME }}
 
       # Watch canary slot instances to see when all the instances are ready
       - name: Check that canary slot is ready
-        uses: actions/github-script@98814c53be79b1d30f795b907e553d8679345975
         env:
           CHECK_INTERVAL: 10000
-        with:
-          script: |
-            const { execSync } = require('child_process')
-
-            const getStatesForSlot = (slot) => {
-              return JSON.parse(
-                execSync(
-                  `az webapp list-instances --slot ${slot} --query "[].state" -n ghdocs-prod -g docs-prod`,
-                  { encoding: 'utf8' }
-                )
-              )
-            }
-
-            let hasStopped = false
-            const waitDuration = parseInt(process.env.CHECK_INTERVAL, 10) || 10000
-            async function doCheck() {
-              const states = getStatesForSlot('canary')
-              console.log(`Instance states:`, states)
-
-              // We must wait until at-least 1 instance has STOPPED to know we're looking at the "next" deployment and not the "previous" one
-              // That way we don't immediately succeed just because all the previous instances were READY
-              if (!hasStopped) {
-                hasStopped = states.some((s) => s === 'STOPPED')
-              }
-
-              const isAllReady = states.every((s) => s === 'READY')
-
-              if (hasStopped && isAllReady) {
-                process.exit(0) // success
-              }
-
-              console.log(`checking again in ${waitDuration}ms`)
-              setTimeout(doCheck, waitDuration)
-            }
-
-            doCheck()
-
-      # TODO - make a request to verify the canary app version aligns with *this* github action workflow commit sha
+          EXPECTED_SHA: ${{ github.sha }}
+          CANARY_BUILD_URL: https://ghdocs-prod-canary.azurewebsites.net/_build
+        run: src/workflows/check-canary-slots.js
+
       - name: 'Swap canary slot to production'
         run: |
-          az webapp deployment slot swap --slot canary --target-slot production -n ghdocs-prod -g docs-prod
+          az webapp deployment slot swap --slot ${{ env.SLOT_NAME }}  --target-slot production -n ${{ env.APP_SERVICE_NAME }} -g ${{ env.RESOURCE_GROUP_NAME }}
 
       - uses: ./.github/actions/slack-alert
         if: ${{ failure() && github.event_name != 'workflow_dispatch' }}

diff --git a/.github/workflows/azure-staging-build-deploy.yml b/.github/workflows/azure-staging-build-deploy.yml
@@ -102,57 +102,19 @@ jobs:
 
       - name: 'Update docker-compose.staging.yaml template file'
         run: |
-          sed 's|#{IMAGE}#|${{ env.DOCKER_IMAGE }}|g' docker-compose.staging.tmpl.yaml > docker-compose.staging.yaml
+          sed 's|#{IMAGE}#|${{ env.DOCKER_IMAGE }}|g' src/workflows/docker-compose.staging.tmpl.yaml > docker-compose.staging.yaml
 
       - name: 'Apply updated docker-compose.staging.yaml config to deployment slot'
         run: |
           az webapp config container set --multicontainer-config-type COMPOSE --multicontainer-config-file docker-compose.staging.yaml --slot ${{ env.SLOT_NAME }} -n ${{ env.APP_SERVICE_NAME }} -g ${{ env.RESOURCE_GROUP_NAME }}
 
       # Watch deployment slot instances to see when all the instances are ready
       - name: Check that deployment slot is ready
-        uses: actions/github-script@98814c53be79b1d30f795b907e553d8679345975
         env:
           CHECK_INTERVAL: 10000
-        with:
-          script: |
-            const { execSync } = require('child_process')
-
-            const slotName = process.env.SLOT_NAME
-            const appServiceName = process.env.APP_SERVICE_NAME
-            const resourceGroupName = process.env.RESOURCE_GROUP_NAME
-
-            const getStatesForSlot = (slot, appService, resourceGroup) => {
-              return JSON.parse(
-                execSync(
-                  `az webapp list-instances --slot ${slot} --query "[].state" -n ${appService} -g ${resourceGroup}`,
-                  { encoding: 'utf8' }
-                )
-              )
-            }
-
-            let hasStopped = false
-            const waitDuration = parseInt(process.env.CHECK_INTERVAL, 10) || 10000
-            async function doCheck() {
-              const states = getStatesForSlot(slotName, appServiceName, resourceGroupName)
-              console.log(`Instance states:`, states)
-
-              // We must wait until at-least 1 instance has STOPPED to know we're looking at the "next" deployment and not the "previous" one
-              // That way we don't immediately succeed just because all the previous instances were READY
-              if (!hasStopped) {
-                hasStopped = states.some((s) => s === 'STOPPED')
-              }
-
-              const isAllReady = states.every((s) => s === 'READY')
-
-              if (hasStopped && isAllReady) {
-                process.exit(0) // success
-              }
-
-              console.log(`checking again in ${waitDuration}ms`)
-              setTimeout(doCheck, waitDuration)
-            }
-
-            doCheck()
+          EXPECTED_SHA: ${{ github.sha }}
+          CANARY_BUILD_URL: https://ghdocs-staging-canary.azurewebsites.net/_build
+        run: src/workflows/check-canary-slots.js
 
       - name: 'Swap deployment slot to production'
         run: |

diff --git a/.github/workflows/check-broken-links-github-github.yml b/.github/workflows/check-broken-links-github-github.yml
@@ -12,15 +12,6 @@ on:
 permissions:
   contents: read
 
-# **IMPORTANT:** Do not change the FREEZE environment variable set here!
-# This workflow runs on a recurring basis. To temporarily disable it (e.g.,
-# during a docs deployment freeze), add an Actions Secret to the repo settings
-# called `FREEZE` with a value of `true`. To re-enable workflow, simply
-# delete that Secret from the repo settings. The environment variable here
-# will duplicate that Secret's value for later evaluation.
-env:
-  FREEZE: ${{ secrets.FREEZE }}
-
 jobs:
   check_github_github_links:
     if: github.repository == 'github/docs-internal'
@@ -33,11 +24,6 @@ jobs:
       REPORT_LABEL: github github broken link report
       REPORT_REPOSITORY: github/docs-content
     steps:
-      - if: ${{ env.FREEZE == 'true' }}
-        run: |
-          echo 'The repo is currently frozen! Exiting this workflow.'
-          exit 1 # prevents further steps from running
-
       - name: Checkout
         uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0
         with:
@@ -60,7 +46,7 @@ jobs:
           ENABLED_LANGUAGES: en
         run: |
 
-          node server.js &
+          node src/frame/server.js &
           sleep 5
           curl --retry-connrefused --retry 3 -I http://localhost:4000/
 
@@ -72,12 +58,12 @@ jobs:
         # If the file 'broken_github_github_links.md' got created,
         # the hash of it will not be an empty string. That means if found
         # broken links, we want to create an issue.
-        if: ${{ hashFiles('broken_github_github_links.md') != '' && env.FREEZE != 'true' }}
+        if: ${{ hashFiles('broken_github_github_links.md') != '' }}
         id: check
         run: echo "title=$(head -1 broken_github_github_links.md)" >> $GITHUB_OUTPUT
 
       - name: Create issue from file
-        if: ${{ hashFiles('broken_github_github_links.md') != '' && env.FREEZE != 'true' }}
+        if: ${{ hashFiles('broken_github_github_links.md') != '' }}
         id: github-github-broken-link-report
         uses: peter-evans/create-issue-from-file@433e51abf769039ee20ba1293a088ca19d573b7f
         with:

diff --git a/.github/workflows/enterprise-dates.yml b/.github/workflows/enterprise-dates.yml
@@ -17,26 +17,12 @@ permissions:
   contents: write
   pull-requests: write
 
-# **IMPORTANT:** Do not change the FREEZE environment variable set here!
-# This workflow runs on a recurring basis. To temporarily disable it (e.g.,
-# during a docs deployment freeze), add an Actions Secret to the repo settings
-# called `FREEZE` with a value of `true`. To re-enable updates, simply
-# delete that Secret from the repo settings. The environment variable here
-# will duplicate that Secret's value for later evaluation.
-env:
-  FREEZE: ${{ secrets.FREEZE }}
-
 jobs:
   open_enterprise_issue:
     name: Enterprise date updater
     if: github.repository == 'github/docs-internal'
     runs-on: ubuntu-latest
     steps:
-      - if: ${{ env.FREEZE == 'true' }}
-        run: |
-          echo 'The repo is currently frozen! Exiting this workflow.'
-          exit 1 # prevents further steps from running
-
       - name: Checkout repository code
         uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0
 
@@ -73,7 +59,7 @@ jobs:
           AUTOMERGE_PR_NUMBER: ${{ steps.create-pull-request.outputs.pull-request-number }}
         run: node src/workflows/enable-automerge.js
 
-      - if: ${{ failure() && env.FREEZE != 'true' }}
+      - if: ${{ failure() }}
         name: Delete remote branch (if previous steps failed)
         uses: dawidd6/action-delete-branch@47743101a121ad657031e6704086271ca81b1911
         with:

diff --git a/.github/workflows/hubber-contribution-help.yml b/.github/workflows/hubber-contribution-help.yml
@@ -18,7 +18,7 @@ permissions:
 
 jobs:
   check-team-membership:
-    if: github.repository == 'github/docs-internal' && github.actor != 'github-openapi-bot'
+    if: github.repository == 'github/docs-internal' && github.actor != 'github-openapi-bot' && github.actor != 'docs-bot'
     runs-on: ubuntu-latest
     steps:
       - name: Check out repo

diff --git a/.github/workflows/notify-about-deployment.yml b/.github/workflows/notify-about-deployment.yml
@@ -18,7 +18,12 @@ permissions:
 
 jobs:
   find-pr-and-post-comment:
-    if: ${{ github.repository == 'github/docs-internal' }}
+    if: >-
+      ${{
+        github.repository == 'github/docs-internal' &&
+        (github.event_name != 'workflow_run' ||
+        github.event.workflow_run.conclusion == 'success')
+      }}
     runs-on: ubuntu-latest
     steps:
       - name: Check out repo

diff --git a/.github/workflows/purge-fastly.yml b/.github/workflows/purge-fastly.yml
@@ -30,7 +30,12 @@ env:
 
 jobs:
   send-purges:
-    if: ${{ github.repository == 'github/docs-internal' && (github.event_name != 'workflow_run' || github.event.workflow_run.conclusion == 'success') }}
+    if: >-
+      ${{
+        github.repository == 'github/docs-internal' &&
+        (github.event_name != 'workflow_run' ||
+        github.event.workflow_run.conclusion == 'success')
+      }}
     runs-on: ubuntu-latest
     steps:
       - name: Check out repo