repo sync

components/parameter-table/ParameterRow.tsx

@@ -136,7 +136,8 @@ export function ParameterRow({
           nested parameters so we show a stub <details> element that triggers
           an API request to get the nested parameter data.
        */}
-      {(rowParams.type === 'object' || rowParams.type.includes('array of')) &&
+      {rowParams.type &&
+        (rowParams.type === 'object' || rowParams.type.includes('array of')) &&
         rowParams.childParamsGroups &&
         rowParams.childParamsGroups.length === 0 &&
         !NO_CHILD_WEBHOOK_PROPERTIES.includes(rowParams.name) && (

content/admin/configuration/configuring-your-enterprise/initializing-github-ae.md

@@ -33,15 +33,13 @@ During initialization, the enterprise owner will name your enterprise, configure
 To begin initialization, you will receive an invitation email from {% data variables.product.company_short %}. Before you configure {% data variables.product.prodname_ghe_managed %}, review the following prerequisites.
 
 
-1. To initialize {% data variables.location.product_location %}, you must have a SAML identity provider (IdP). {% data reusables.saml.ae-uses-saml-sso %} To connect your IdP to your enterprise during initialization, you should have your IdP's Entity ID (SSO) URL, Issuer ID URL, and public signing certificate (Base64-encoded). For more information, see "[About identity and access management for your enterprise](/admin/authentication/about-identity-and-access-management-for-your-enterprise)."
+To initialize {% data variables.location.product_location %}, you must have a SAML identity provider (IdP). {% data reusables.saml.ae-uses-saml-sso %} To connect your IdP to your enterprise during initialization, you should have your IdP's Entity ID (SSO) URL, Issuer ID URL, and public signing certificate (Base64-encoded). For more information, see "[About identity and access management for your enterprise](/admin/authentication/about-identity-and-access-management-for-your-enterprise)."
 
-    {% note %}
-
-    **Note**: {% data reusables.saml.create-a-machine-user %}
+{% note %}
 
-    {% endnote %}
+**Note**: {% data reusables.saml.create-a-machine-user %}
 
-2. {% data reusables.saml.assert-the-administrator-attribute %}
+{% endnote %}
 
 ## Signing in and naming your enterprise
 
@@ -66,6 +64,7 @@ To configure authentication for {% data variables.product.product_name %}, you m
   !["Test SAML configuration" button](/assets/images/enterprise/configuration/ae-test-saml-configuration.png)
 1. Click **Save**.
   !["Save" button for IdP configuration](/assets/images/enterprise/configuration/ae-save.png)
+1. {% data reusables.saml.assert-the-administrator-attribute %}
 
 ## Setting your enterprise policies
 

content/admin/enterprise-management/configuring-clustering/about-cluster-nodes.md

@@ -50,7 +50,7 @@ Clustering allows services that make up {% data variables.product.prodname_ghe_s
 - Establish tiers of nodes that make sense for your organization. An example configuration:
   - Front-end tier with two nodes and the following services:
     - `web-server`
-    - `jobs-server`
+    - `job-server`
     - `memcache-server`
   - Database tier with three nodes and the following services:
     - `consul-server`

content/admin/enterprise-management/configuring-clustering/initializing-the-cluster.md

@@ -41,74 +41,118 @@ To check the status of a running cluster use the `ghe-cluster-status` command.
 The cluster configuration file (`cluster.conf`) defines the nodes in the cluster, and what services they run.
 For more information, see "[About cluster nodes](/enterprise/admin/guides/clustering/about-cluster-nodes)."
 
-This example `cluster.conf` defines a cluster with five nodes.
+This example `cluster.conf` defines a cluster with 11 nodes.
 
-  - Two nodes (called `ghe-app-node-\*`) run the `web-server` and `job-server` services responsible for responding to client requests.
-  - Three nodes (called `ghe-data-node-\*`) run the services responsible for storage and retrieval of {% data variables.product.prodname_ghe_server %} data.
+  - Two nodes called `ghes-front-end-node-\*` run services responsible for responding to client requests.
+  - Three nodes called `ghes-database-node-\*` run services responsible for storage, retrieval, and replication of database data.
+  - Three nodes called `ghes-search-node-\*` run services responsible for search functionality.
+  - Three nodes called `ghes-storage-node-\*` run services responsible for storage, retrieval, and replication of data.
 
 The names of the nodes can be any valid hostname you choose. The names are set as the hostname of each node, and will also be added to `/etc/hosts` on each node, so that the nodes are locally resolvable to each other.
 
 Specify the first cluster node you configured as the MySQL primary via `mysql-server` and `mysql-master`.
 
 ```ini
 [cluster]
-  mysql-master = ghe-data-node-1
-  redis-master = ghe-data-node-1
-  primary-datacenter = default
-[cluster "ghe-app-node-1"]
-  hostname = ghe-app-node-1
+  mysql-master = ghes-database-node-1
+  redis-master = ghes-database-node-1
+  primary-datacenter = primary
+[cluster "ghes-front-end-node-1"]
+  hostname = ghes-front-end-node-1
   ipv4 = 192.168.0.2
   # ipv6 = fd12:3456:789a:1::2
+  consul-datacenter = primary
+  datacenter = primary
   web-server = true
   job-server = true
-[cluster "ghe-app-node-2"]
-  hostname = ghe-app-node-2
+  memcache-server = true
+[cluster "ghes-front-end-node-2"]
+  hostname = ghes-front-end-node-2
   ipv4 = 192.168.0.3
   # ipv6 = fd12:3456:789a:1::3
+  consul-datacenter = primary
+  datacenter = primary
   web-server = true
   job-server = true
-[cluster "ghe-data-node-1"]
-  hostname = ghe-data-node-1
+  memcache-server = true
+[cluster "ghes-database-node-1"]
+  hostname = ghes-database-node-1
   ipv4 = 192.168.0.4
   # ipv6 = fd12:3456:789a:1::4
+  consul-datacenter = primary
+  datacenter = primary
   consul-server = true
-  consul-datacenter = default
-  git-server = true
-  pages-server = true
   mysql-server = true
-  elasticsearch-server = true
   redis-server = true
-  memcache-server = true
-  metrics-server = true
-  storage-server = true
-[cluster "ghe-data-node-2"]
-  hostname = ghe-data-node-2
+[cluster "ghes-database-node-2"]
+  hostname = ghes-database-node-2
   ipv4 = 192.168.0.5
   # ipv6 = fd12:3456:789a:1::5
+  consul-datacenter = primary
+  datacenter = primary
   consul-server = true
-  consul-datacenter = default
-  git-server = true
-  pages-server = true
   mysql-server = true
-  elasticsearch-server = true
   redis-server = true
-  memcache-server = true
-  metrics-server = true
-  storage-server = true
-[cluster "ghe-data-node-3"]
-  hostname = ghe-data-node-3
+[cluster "ghes-database-node-3"]
+  hostname = ghes-database-node-3
   ipv4 = 192.168.0.6
   # ipv6 = fd12:3456:789a:1::6
+  consul-datacenter = primary
+  datacenter = primary
   consul-server = true
-  consul-datacenter = default
-  git-server = true
-  pages-server = true
   mysql-server = true
-  elasticsearch-server = true
   redis-server = true
-  memcache-server = true
+[cluster "ghes-search-node-1"]
+  hostname = ghes-search-node-1
+  ipv4 = 192.168.0.7
+  # ipv6 = fd12:3456:789a:1::7
+  consul-datacenter = primary
+  datacenter = primary
+  elasticsearch-server = true
+[cluster "ghes-search-node-2"]
+  hostname = ghes-search-node-2
+  ipv4 = 192.168.0.8
+  # ipv6 = fd12:3456:789a:1::8
+  consul-datacenter = primary
+  datacenter = primary
+  elasticsearch-server = true
+[cluster "ghes-search-node-3"]
+  hostname = ghes-search-node-3
+  ipv4 = 192.168.0.9
+  # ipv6 = fd12:3456:789a:1::9
+  consul-datacenter = primary
+  datacenter = primary
+  elasticsearch-server = true
+[cluster "ghes-storage-node-1"]
+  hostname = ghes-storage-node-1
+  ipv4 = 192.168.0.10
+  # ipv6 = fd12:3456:789a:1::10
+  consul-datacenter = primary
+  datacenter = primary
+  git-server = true
+  pages-server = true
+  storage-server = true
   metrics-server = true
+[cluster "ghes-storage-node-2"]
+  hostname = ghes-storage-node-2
+  ipv4 = 192.168.0.11
+  # ipv6 = fd12:3456:789a:1::11
+  consul-datacenter = primary
+  datacenter = primary
+  git-server = true
+  pages-server = true
   storage-server = true
+  metrics-server = true
+[cluster "ghes-storage-node-3"]
+  hostname = ghes-storage-node-3
+  ipv4 = 192.168.0.12
+  # ipv6 = fd12:3456:789a:1::12
+  consul-datacenter = primary
+  datacenter = primary
+  git-server = true
+  pages-server = true
+  storage-server = true
+  metrics-server = true
 ```
 
 Create the file `/data/user/common/cluster.conf` on the configured first node. For example, using `vim`:

content/admin/identity-and-access-management/using-saml-for-enterprise-iam/configuring-authentication-and-provisioning-for-your-enterprise-using-azure-ad.md

@@ -44,8 +44,6 @@ For more information about managing identity and access for your enterprise on {
 - {% data reusables.saml.ghes-you-must-configure-saml-sso %}
 {%- endif %}
 
-- {% data reusables.saml.assert-the-administrator-attribute %} For more information about including the `administrator` attribute in the SAML claim from Azure AD, see [How to: customize claims issued in the SAML token for enterprise applications](https://docs.microsoft.com/azure/active-directory/develop/active-directory-saml-claims-customization) in the Microsoft Docs.
-
 - {% data reusables.saml.create-a-machine-user %}
 
 ## Configuring authentication and user provisioning with Azure AD
@@ -77,3 +75,7 @@ In your Azure AD tenant, add the application for {% data variables.product.produ
 1. After you ensure a successful connection, at the top of the page, click **Save**.
 
 {% endif %}
+
+1. Assign an enterprise owner for {% data variables.product.product_name %} in Azure AD. The process you should follow depends on whether you configured provisioning. For more information about enterprise owners, see "[Roles in an enterprise](/admin/user-management/managing-users-in-your-enterprise/roles-in-an-enterprise#enterprise-owners)."
+   - If you configured provisioning, to grant the user enterprise ownership in {% data variables.product.product_name %}, assign the enterprise owner role to the user in Azure AD.
+   - If you did not configure provisioning, to grant the user enterprise ownership in {% data variables.product.product_name %}, include the `administrator` attribute in the SAML assertion for the user account on the IdP, with the value of `true`. For more information about including the `administrator` attribute in the SAML claim from Azure AD, see [How to: customize claims issued in the SAML token for enterprise applications](https://docs.microsoft.com/azure/active-directory/develop/active-directory-saml-claims-customization) in the Microsoft Docs.

content/codespaces/managing-your-codespaces/managing-gpg-verification-for-github-codespaces.md

@@ -20,7 +20,13 @@ shortTitle: GPG verification
 
 After you enable GPG verification, {% data variables.product.company_short %} will automatically sign commits you make in {% data variables.product.prodname_github_codespaces %}, and the commits will have a verified status on {% data variables.product.product_name %}. By default, GPG verification is disabled for codespaces you create. You can choose to allow GPG verification for all repositories or specific repositories. Only enable GPG verification for repositories that you trust. For more information about {% data variables.product.product_name %}-signed commits, see "[About commit signature verification](/github/authenticating-to-github/about-commit-signature-verification)."
 
-Once you enable GPG verification, it will immediately take effect for all your codespaces.
+{% data reusables.codespaces.gpg-in-active-codespaces %}
+
+{% note %}
+
+**Note:** If you have linked a dotfiles repository with {% data variables.product.prodname_github_codespaces %}, the Git configuration in your dotfiles may conflict with the configuration that {% data variables.product.prodname_github_codespaces %} requires to sign commits. For more information, see "[Troubleshooting GPG verification for {% data variables.product.prodname_github_codespaces %}](/codespaces/troubleshooting/troubleshooting-gpg-verification-for-github-codespaces)."
+
+{% endnote %}
 
 {% data reusables.user-settings.access_settings %}
 {% data reusables.user-settings.codespaces-tab %}
@@ -30,8 +36,4 @@ Once you enable GPG verification, it will immediately take effect for all your c
   !["Selected repositories" dropdown menu](/assets/images/help/settings/codespaces-gpg-verification-repository-drop-down.png) 
 
 
-{% note %}
-
-**Note:** Once you have enabled GPG verification for {% data variables.product.prodname_github_codespaces %}, you also must append `-S` to each commit in order for it to be signed. To do this in {% data variables.product.prodname_vscode %}, ensure the "Git: Enable Commit Signing" option is enabled from the Settings.
-
-{% endnote %}
+Once you have enabled GPG verification for {% data variables.product.prodname_github_codespaces %}, all commits are signed by default in your codespaces.

content/codespaces/troubleshooting/index.md

@@ -19,6 +19,7 @@ children:
   - /troubleshooting-dotfiles-for-codespaces
   - /troubleshooting-port-forwarding-for-github-codespaces
   - /troubleshooting-github-codespaces-clients
+  - /troubleshooting-gpg-verification-for-github-codespaces
   - /working-with-support-for-github-codespaces
 ---
 

content/codespaces/troubleshooting/troubleshooting-gpg-verification-for-github-codespaces.md

@@ -0,0 +1,112 @@
+---
+title: Troubleshooting GPG verification for GitHub Codespaces
+shortTitle: GPG verification
+intro: This article provides troubleshooting advice for errors related to signing your commits in codespaces.
+versions:
+  fpt: '*'
+  ghec: '*'
+type: reference
+topics:
+  - Codespaces
+---
+
+If you enable GPG verification, {% data variables.product.prodname_github_codespaces %} automatically signs your commits in codespaces that you create from selected repositories. For more information, see "[Managing GPG verification for {% data variables.product.prodname_github_codespaces %}](/codespaces/managing-your-codespaces/managing-gpg-verification-for-github-codespaces)."
+
+{% data reusables.codespaces.gpg-in-active-codespaces %}
+
+If {% data variables.product.prodname_github_codespaces %} fails to sign a commit, you may see an error like the following.
+
+```Shell
+$ git commit -m 'Initial commit'
+error: gpg failed to sign the data
+fatal: failed to write commit object
+```
+
+You may encounter this error if: 
+
+- You have disabled GPG verification, and are trying to make a regular, unsigned commit in an existing codespace.
+- You have enabled GPG verification, but have overridden the Git configuration required for {% data variables.product.prodname_github_codespaces %} to sign your commits, for example by linking {% data variables.product.prodname_github_codespaces %} with a dotfiles repository that contains Git configuration files.
+
+## Errors after disabling GPG verification
+
+When you enable GPG verification, {% data variables.product.prodname_github_codespaces %} signs all the commits you make in codespaces by default. It does this by setting the `commit.gpgsign` Git configuration value to `true`.
+
+If you have disabled GPG verification, and are working in an existing codespace, then this value will still be set to `true`. This means that {% data variables.product.prodname_github_codespaces %} will try to sign your commits, but will be unable to do so, because you have disabled the GPG verification setting.
+
+To keep making regular, unsigned commits in your codespace, reset `commit.gpgsign` to the default value of `false` by entering the following command in the terminal.
+
+```Shell{:copy}
+git config --unset commit.gpgsign
+```
+
+To check that the value has been correctly removed from your configuration, you can enter `git config --list`. You should not see a value for `commit.gpgsign` in the list.
+
+## Errors caused by conflicting configuration
+
+To automatically sign your commits, {% data variables.product.prodname_github_codespaces %} sets certain Git configuration values in your codespace. If you override the values set by {% data variables.product.prodname_github_codespaces %}, you may be unable to sign your commits. 
+
+You may be inadvertently overriding these values if you have linked {% data variables.product.prodname_github_codespaces %} with a dotfiles repository that contains Git configuration files. For more information about using dotfiles with {% data variables.product.prodname_github_codespaces %}, see "[Personalizing {% data variables.product.prodname_github_codespaces %} for your account](/codespaces/customizing-your-codespace/personalizing-github-codespaces-for-your-account#dotfiles)."
+
+### Checking for conflicting configuration
+
+To sign your commits with GPG, {% data variables.product.prodname_github_codespaces %} automatically sets the following Git configuration values at the system level.
+
+| Configuration setting | Required value |
+| --------------------- | -------------- |
+| `user.name` | Must match the full name set on your {% data variables.product.prodname_dotcom %} profile |
+| `credential.helper` | Must be set to `/.codespaces/bin/gitcredential_github.sh` |
+| `gpg.program` | Must be set to `/.codespaces/bin/gh-gpgsign` |
+
+To check that these values are set correctly in a codespace, you can use the `git config --list --show-origin` command. Because {% data variables.product.prodname_github_codespaces %} sets this configuration at the system level, the required configuration settings should come from `/usr/local/etc/gitconfig`.
+
+```Shell
+$ git config --list --show-origin
+file:/usr/local/etc/gitconfig   credential.helper=/.codespaces/bin/gitcredential_github.sh
+file:/usr/local/etc/gitconfig   user.name=Mona Lisa
+file:/usr/local/etc/gitconfig   gpg.program=/.codespaces/bin/gh-gpgsign
+```
+
+In addition to the values listed above, you may run into errors if the dotfiles used in your codespaces contain any of the following values.
+
+- The `user.signingkey` Git config value
+- The `commit.gpgsign` Git config value
+- A manually set `GITHUB_TOKEN`
+
+### Removing conflicting configuration
+
+If you want to keep automatic GPG verification for {% data variables.product.prodname_github_codespaces %} enabled, you will need to remove any conflicting configuration from the dotfiles used in your codespaces.
+
+For example, if the global `.gitconfig` file on your local machine contains a `gpg.program` value, and you have pushed this file to a dotfiles repository that is linked with {% data variables.product.prodname_github_codespaces %}, then you may want to remove `gpg.program` from this file and set it at the system level on your local machine instead.
+
+{% note %}
+
+**Note:** Any changes to your dotfiles repository will apply to new codespaces you create, but not to your existing codespaces.
+
+{% endnote %}
+
+1. On your local machine, open a terminal.
+2. To remove the conflicting value from `~/.gitconfig` (Mac/Linux) or `C:\Users\YOUR-USER\.gitconfig` (Windows), use the `git config --global --unset` command.
+
+   ```Shell
+   $ git config --global --unset gpg.program
+   ```
+3. Push the change to your dotfiles repository on {% data variables.product.prodname_dotcom %}.
+4. Optionally, to keep your local configuration, set the value again in a Git configuration file that you do not push to your dotfiles repository. 
+
+   For example, you can use the `--system` flag to set the configuration in the system-level file at `PATH/etc/gitconfig`, where `PATH` is the directory in which Git is installed on your system.
+
+   ```Shell
+   $ git config --system gpg.program gpg2
+   ```
+
+Alternatively, if your dotfiles repository contains an installation script in a recognized file such as `install.sh`, you can use the `$CODESPACES` environment variable to add conditional logic, such as only setting `gpg.program` when you are not in a codespace. In the following example, `-z "$CODESPACES"` returns `true` if you are not in a codespace.
+
+```Shell{:copy}
+if [ -z "$CODESPACES" ]; then
+  git config --global gpg.program gpg2
+fi
+```
+
+## Further reading
+- "[About commit signature verification](/authentication/managing-commit-signature-verification/about-commit-signature-verification)"
+- [`git config`](https://git-scm.com/docs/git-config) in the official Git documentation