Merge branch 'github:main' into main

.github/workflows/azure-preview-env-deploy.yml

@@ -192,7 +192,6 @@ jobs:
           rsync -rptovR ./user-code/content/./**/*.md ./content
           rsync -rptovR ./user-code/assets/./**/*.png ./assets
           rsync -rptovR ./user-code/data/./**/*.{yml,md} ./data
-          rsync -rptovR ./user-code/src/./**/*.{scss,ts,tsx} ./src
 
       - uses: ./.github/actions/warmup-remotejson-cache
         with:

.github/workflows/codeowners-docs-engineering.yml

@@ -46,11 +46,12 @@ jobs:
 
       - name: Add Docs Engineering as a reviewer
         run: |
-          has_reviewer=$(
+          needs_review=$(
             gh pr view $PR --json reviews |
-            jq 'any(.reviews[]; select(length > 0))'
+            jq '.reviews |
+            length == 0 or all(.author.login == "${{github.event.pull_request.user.login}}")'
           )
-          if ! $has_reviewer
+          if $needs_review
           then
             gh pr edit $PR --add-reviewer github/docs-engineering
           fi

.github/workflows/content-changes-table-comment.yml

@@ -27,6 +27,7 @@ on:
       - synchronize
     paths:
       - 'content/**'
+      - 'data/reusables/**'
 
 permissions:
   contents: read
@@ -62,7 +63,7 @@ jobs:
           APP_URL: ${{ env.APP_URL }}
           BASE_SHA: ${{ github.event.pull_request.base.sha || inputs.BASE_SHA }}
           HEAD_SHA: ${{ github.event.pull_request.head.sha || inputs.HEAD_SHA }}
-        run: src/workflows/content-changes-table-comment.js
+        run: npm run content-changes-table-comment
 
       - name: Find content directory changes comment
         uses: peter-evans/find-comment@d5fe37641ad8451bdd80312415672ba26c86575e

.github/workflows/index-autocomplete-elasticsearch.yml

@@ -0,0 +1,52 @@
+name: Index autocomplete Elasticsearch
+
+# **What it does**: Indexes autocomplete data into Elasticsearch.
+# **Why we have it**: So we can power the API for autocomplete.
+# **Who does it impact**: docs-engineering
+
+on:
+  workflow_dispatch:
+  schedule:
+    - cron: '20 16 * * *' # Run every day at 16:20 UTC / 8:20 PST
+  pull_request:
+    paths:
+      - .github/workflows/index-autocomplete-elasticsearch.yml
+      - 'src/search/scripts/index/**'
+      - 'package*.json'
+
+permissions:
+  contents: read
+
+jobs:
+  index-autocomplete-elasticsearch:
+    if: ${{ github.repository == 'github/docs-internal' }}
+    runs-on: ubuntu-20.04-xl
+    steps:
+      - name: Checkout
+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+
+      - uses: ./.github/actions/node-npm-setup
+
+      - uses: ./.github/actions/setup-elasticsearch
+        if: ${{ github.event_name == 'pull_request' }}
+
+      - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+        with:
+          token: ${{ secrets.DOCS_BOT_PAT_READPUBLICKEY }}
+          repository: github/docs-internal-data
+          path: docs-internal-data
+
+      - name: Check that Elasticsearch is accessible
+        if: ${{ github.event_name == 'pull_request' }}
+        run: curl --fail --retry-connrefused --retry 5 -I http://localhost:9200
+
+      - name: Run indexing
+        env:
+          ELASTICSEARCH_URL: ${{ github.event_name == 'pull_request' && 'http://localhost:9200' || secrets.ELASTICSEARCH_URL }}
+        run: npm run index -- autocomplete docs-internal-data
+
+      - uses: ./.github/actions/slack-alert
+        if: ${{ failure() && github.event_name == 'schedule' }}
+        with:
+          slack_channel_id: ${{ secrets.DOCS_ALERTS_SLACK_CHANNEL_ID }}
+          slack_token: ${{ secrets.SLACK_DOCS_BOT_TOKEN }}

.github/workflows/sync-audit-logs.yml

@@ -33,7 +33,7 @@ jobs:
           # need to use a token from a user with access to github/audit-log-allowlists for this step
           GITHUB_TOKEN: ${{ secrets.DOCS_BOT_PAT_WRITEORG_PROJECT }}
         run: |
-          src/audit-logs/scripts/sync.js
+          npm run audit-log-sync
 
       - name: Get the audit-log-allowlists SHA being synced
         id: audit-log-allowlists

Dockerfile

@@ -5,7 +5,7 @@
 # --------------------------------------------------------------------------------
 # To update the sha, run `docker pull node:$VERSION-alpine`
 # look for something like: `Digest: sha256:0123456789abcdef`
-FROM node:20-alpine@sha256:ec0c413b1d84f3f7f67ec986ba885930c57b5318d2eb3abc6960ee05d4f2eb28 as base
+FROM node:20-alpine@sha256:7a91aa397f2e2dfbfcdad2e2d72599f374e0b0172be1d86eeb73f1d33f36a4b2 as base
 
 # This directory is owned by the node user
 ARG APP_HOME=/home/node/app
@@ -93,6 +93,7 @@ COPY --chown=node:node .remotejson-cache* ./.remotejson-cache
 COPY --chown=node:node .pageinfo-cache.json.br* ./.pageinfo-cache.json.br
 COPY --chown=node:node data ./data
 COPY --chown=node:node next.config.js ./
+COPY --chown=node:node tsconfig.json ./
 
 EXPOSE $PORT
 

content/account-and-profile/setting-up-and-managing-your-github-profile/customizing-your-profile/about-your-profile.md

@@ -29,7 +29,7 @@ People who visit your profile can also see the following information:
 - An overview of your activity in organizations, repositories, and teams you're most active in. For more information, see "[AUTOTITLE](/account-and-profile/setting-up-and-managing-your-github-profile/managing-contribution-settings-on-your-profile/showing-an-overview-of-your-activity-on-your-profile)."{% ifversion fpt or ghec %}
 - Badges and Achievements that highlight your activity and show if you use {% data variables.product.prodname_pro %} or participate in programs like the {% data variables.product.prodname_arctic_vault %}, {% data variables.product.prodname_sponsors %}, or the {% data variables.product.company_short %} Developer Program. For more information, see "[AUTOTITLE](/account-and-profile/setting-up-and-managing-your-github-profile/customizing-your-profile/personalizing-your-profile#displaying-badges-on-your-profile)."{% endif %}
 {%- ifversion profile-pronouns %}
-- Your pronouns if you've set them. For more information, see "[AUTOTITLE](/account-and-profile/setting-up-and-managing-your-github-profile/customizing-your-profile/personalizing-your-profile#adding-pronouns-to-your-profile).
+- Your pronouns if you've set them. For more information, see "[AUTOTITLE](/account-and-profile/setting-up-and-managing-your-github-profile/customizing-your-profile/personalizing-your-profile#adding-pronouns-to-your-profile)."
 {%- endif %}
 {%- ifversion fpt or ghec %}
 - Mutual connections you share with someone who is viewing your profile. The person viewing your profile can see which of the people they follow are also followed by you.

content/account-and-profile/setting-up-and-managing-your-github-profile/customizing-your-profile/managing-your-profile-readme.md

@@ -7,6 +7,7 @@ versions:
   ghec: '*'
 topics:
   - Profiles
+permissions: 'Profile READMEs are not available to {% data variables.enterprise.prodname_managed_users %}.'
 redirect_from:
   - /github/setting-up-and-managing-your-github-profile/managing-your-profile-readme
   - /github/setting-up-and-managing-your-github-profile/customizing-your-profile/managing-your-profile-readme

content/account-and-profile/setting-up-and-managing-your-github-profile/managing-contribution-settings-on-your-profile/why-are-my-contributions-not-showing-up-on-my-profile.md

@@ -42,7 +42,6 @@ In addition, **at least one** of the following must be true:
 - You are a collaborator on the repository or are a member of the organization that owns the repository.
 - You have forked the repository.
 - You have opened a pull request or issue in the repository.
-- You have starred the repository.
 
 ## Common reasons that contributions are not counted
 

content/actions/deployment/managing-your-deployments/viewing-deployment-history.md

@@ -14,8 +14,6 @@ redirect_from:
 ---
 {% ifversion actions-deployment-history-beta %}
 
-{% data reusables.actions.deployment-history-beta-note %}
-
 ## About deployment history
 
 {% data reusables.actions.about-deployment-with-github-actions %}
@@ -33,43 +31,23 @@ On the deployments page of your repository, you can view the following aspects o
 
 By default, the deployments page shows currently active deployments from select environments and a timeline of the latest deployments for all environments.
 
-### Viewing your repository's deployment history
-
-In the right-hand sidebar of the home page of your repository, click **Deployments**.
-
-### Viewing an environment's deployment history
-
-To view recent deployments for a specific environment, under **Deployments**, click any currently active or recent environment.
-
-### Viewing commits that triggered deployments
-
-To view the associated commit that triggered the deployment, to the right of the deployment status badge, click the commit message.
-
-{% note %}
-
-**Note:** Deployments from commits originating from a fork outside of the repository will not show links to the source pull request and branch related to each deployment. For more information about forks, see "[AUTOTITLE](/pull-requests/collaborating-with-pull-requests/working-with-forks/about-forks)."
-
-{% endnote %}
-
-### Navigating to deployment URLs
-
-To view the URL for the deployment, to the right of the commit message, click {% octicon "link-external" aria-label="Navigate to deployment URL" %}.
-
-{% note %}
-
-**Note:** If a deployment does not have an associated URL, the {% octicon "link-external" aria-label="Navigate to deployment URL" %} button is not displayed.
-
-{% endnote %}
-
-### Accessing workflow run logs
-
-To navigate to the workflow run logs associated with the deployment, to the right of the commit message, click {% octicon "kebab-horizontal" aria-label="View logs" %}. Then click **View logs**.
-
-{% note %}
-
-**Note:** If a deployment does not have an associated workflow run, the {% octicon "kebab-horizontal" aria-label="View logs" %} button is not displayed.
-
-{% endnote %}
+## Viewing your repository's deployment history
+
+1. In the right-hand sidebar of the home page of your repository, click **Deployments**.
+1. Once you are on the "Deployments" page, you can view the following information about your deployment history.
+   - **To view recent deployments for a specific environment**, in the "Environments" section of the left sidebar, click an environment.{% ifversion deployment-dashboard-filter %}
+   - **To pin an environment to the top of the deployment history list**, repository administrators can click {% octicon "pin" aria-label="Pin environment" %} to the right of the environment. You can pin up to ten environments.{% endif %}
+   - **To view the commit that triggered a deployment**, in the deployment history list, click the commit message for the deployment you want to view.
+      >[!NOTE]Deployments from commits that originate from a fork outside of the repository will not show links to the source pull request and branch related to each deployment. For more information about forks, see "[AUTOTITLE](/pull-requests/collaborating-with-pull-requests/working-with-forks/about-forks)."
+   - **To view the URL for a deployment**, to the right of the commit message in the deployment history list, click {% octicon "link-external" aria-label="Navigate to deployment URL" %}.
+   - **To navigate to the workflow run logs associated with a deployment**, to the right of the commit message in the deployment history list, click {% octicon "kebab-horizontal" aria-label="View logs" %}, then click **View logs**.{% ifversion deployment-dashboard-filter %}
+1. Optionally, to filter the deployment history list, create a filter.
+   1. Click on the **{% octicon "filter" aria-hidden="true"  %} Filter** button.
+   1. Click **{% octicon "plus" aria-hidden="true"  %} Add a filter**.
+   1. Choose a qualifier you would like to filter the deployment history by.
+   1. Depending on the qualifier you chose, fill out information in the "Operator" and "Value" columns.
+   1. Optionally, click **{% octicon "plus" aria-hidden="true"  %} Add a filter** to add another filter.
+   1. Click **Apply**.{% endif %}
 
 {% else %}
 

content/actions/hosting-your-own-runners/managing-self-hosted-runners-with-actions-runner-controller/deploying-runner-scale-sets-with-actions-runner-controller.md

@@ -932,9 +932,12 @@ The following table shows the metrics emitted by the controller-manager and list
 | listener           | gha_idle_runners                              | gauge     | Number of registered runners not running a job                                                              |
 | listener           | gha_started_jobs_total                        | counter   | Total number of jobs started since the listener became ready [1]                                            |
 | listener           | gha_completed_jobs_total                      | counter   | Total number of jobs completed since the listener became ready [1]                                          |
-| listener           | gha_job_queue_duration_seconds                | histogram | Number of seconds spent waiting for workflow jobs to get assigned to the runner scale set after queueing    |
+| {% ifversion fpt or ghec or ghes > 3.9 %} |
 | listener           | gha_job_startup_duration_seconds              | histogram | Number of seconds spent waiting for workflow job to get started on the runner owned by the runner scale set |
+| {% endif %} |
+| {% ifversion fpt or ghec or ghes > 3.9 %} |
 | listener           | gha_job_execution_duration_seconds            | histogram | Number of seconds spent executing workflow jobs by the runner scale set                                     |
+| {% endif %} |
 
 [1]: Listener metrics that have the counter type are reset when the listener pod restarts.
 

content/actions/hosting-your-own-runners/managing-self-hosted-runners/about-self-hosted-runners.md

@@ -175,6 +175,8 @@ api.github.com
 
 ```shell copy
 codeload.github.com
+ghcr.io
+*.actions.githubusercontent.com
 ```
 
 **Needed for uploading/downloading job summaries, logs, workflow artifacts, and caches:**
@@ -239,6 +241,8 @@ If you have enabled automatic access to {% data variables.product.prodname_dotco
 github.com
 api.github.com
 codeload.github.com
+ghcr.io
+*.actions.githubusercontent.com
 ```
 
 {% note %}

content/actions/hosting-your-own-runners/managing-self-hosted-runners/autoscaling-with-self-hosted-runners.md

@@ -35,6 +35,8 @@ For more information, see "[AUTOTITLE](/actions/hosting-your-own-runners/managin
 
 This approach allows you to manage your runners as ephemeral systems, since you can use automation to provide a clean environment for each job. This helps limit the exposure of any sensitive resources from previous jobs, and also helps mitigate the risk of a compromised runner receiving new jobs.
 
+>[!WARNING]The runner application log files for ephemeral runners must be forwarded to an external log storage solution for troubleshooting and diagnostic purposes. While it is not required for ephemeral runners to be deployed, {% data variables.product.prodname_dotcom %} recommends ensuring runner logs are forwarded and preserved externally before deploying an ephemeral runner autoscaling solution in a production environment. For more information, see "[AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners/monitoring-and-troubleshooting-self-hosted-runners#reviewing-the-self-hosted-runner-application-log-files)."
+
 To add an ephemeral runner to your environment, include the `--ephemeral` parameter when registering your runner using `config.sh`. For example:
 
 ```shell
@@ -95,6 +97,7 @@ Your access token will require the following scope:
 - For organizations, use an access token with the [`admin:org` scope](/apps/oauth-apps/building-oauth-apps/scopes-for-oauth-apps#available-scopes).
 
 To  authenticate using a {% data variables.product.prodname_dotcom %} App, it must be assigned the following permissions:
+
 - For repositories, assign the `administration` permission.
 - For organizations, assign the `organization_self_hosted_runners` permission.
 

content/actions/hosting-your-own-runners/managing-self-hosted-runners/monitoring-and-troubleshooting-self-hosted-runners.md

@@ -33,6 +33,7 @@ You may not be able to create a self-hosted runner for an organization-owned rep
 
 {% data reusables.actions.self-hosted-runner-navigate-repo-and-org %}
 {% data reusables.organizations.settings-sidebar-actions-runners %}
+
 1. Under "Runners", you can view a list of registered runners, including the runner's name, labels, and status.
 
     The status can be one of the following:
@@ -124,6 +125,8 @@ export GITHUB_ACTIONS_RUNNER_TLS_NO_VERIFY=1
 
 You can monitor the status of the self-hosted runner application and its activities. Log files are kept in the `_diag` directory where you installed the runner application, and a new log is generated each time the application is started. The filename begins with `Runner_`, and is followed by a UTC timestamp of when the application was started.
 
+>[!WARNING]Runner application log files for ephemeral runners must be forwarded and preserved externally for troubleshooting and diagnostic purposes. For more information about ephemeral runners and autoscaling self-hosted runners, see "[AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners/autoscaling-with-self-hosted-runners#using-ephemeral-runners-for-autoscaling)."
+
 For detailed logs on workflow job executions, see the next section describing the `Worker_` files.
 
 ## Reviewing a job's log file

content/actions/learn-github-actions/contexts.md

@@ -577,6 +577,7 @@ The `runner` context contains information about the runner that is executing the
 | `runner.temp` | `string` | {% data reusables.actions.runner-temp-directory-description %} |
 | `runner.tool_cache` | `string` | {% data reusables.actions.runner-tool-cache-description %} |
 | `runner.debug` | `string` | {% data reusables.actions.runner-debug-description %} |
+| `runner.environment` | `string` | {% data reusables.actions.runner-environment-description %} |
 
 {%- comment %}
 The `runner.workspace` property is purposefully not documented. It is an early Actions property that now isn't relevant for users, compared to `github.workspace`. It is kept around for compatibility.