diff --git a/.github/instructions/content.instructions.md b/.github/instructions/content.instructions.md index cd1efe7f3b94..fa81f86f60f3 100644 --- a/.github/instructions/content.instructions.md +++ b/.github/instructions/content.instructions.md @@ -16,6 +16,14 @@ Before committing content changes, always: 3. **Verify [AUTOTITLE] links** point to existing articles 4. **Run tests** on changed content: `npm run test -- src/content-render/tests/render-changed-and-deleted-files.ts` +## Accuracy and flagging uncertainty + +AI assistants can produce plausible but incorrect information. To protect readers and writers: + +* Never fabricate product behavior, settings, permissions, API parameters, or limits. If you cannot verify a detail from the source material or the product itself, say so instead of guessing. +* Flag uncertainty at the level of the specific claim, not the whole article. Identify the individual sentence, step, value, or setting you are unsure about, rather than labeling an entire article as "needs review." +* After writing or editing, give the writer a checklist of each specific claim to verify, noting where it appears (the exact step or sentence) and why it needs checking. Prioritize claims where being wrong could have serious consequences, such as security, authentication, permissions, billing, or any irreversible action, and recommend confirming those with the relevant product or engineering team. + ## Bullet lists The bulleted points in a bullet list should always be denoted in Markdown using an asterisk, not a hyphen. diff --git a/content/actions/concepts/billing-and-usage.md b/content/actions/concepts/billing-and-usage.md index cd8f832aec0a..929adcba70cc 100644 --- a/content/actions/concepts/billing-and-usage.md +++ b/content/actions/concepts/billing-and-usage.md @@ -19,9 +19,9 @@ contentType: concepts ## About billing for {% data variables.product.prodname_actions %} {% ifversion fpt or ghec %} -{% data reusables.actions.actions-billing %} For more information, see [AUTOTITLE](/billing/managing-billing-for-github-actions/about-billing-for-github-actions). +{% data reusables.actions.actions-billing %} For more information, see [AUTOTITLE](/billing/concepts/product-billing/github-actions). {% else %} -{% data variables.product.prodname_actions %} usage is free for {% data variables.product.prodname_ghe_server %} instances that use self-hosted runners. For more information, see [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners/about-self-hosted-runners). +{% data variables.product.prodname_actions %} usage is free for {% data variables.product.prodname_ghe_server %} instances that use self-hosted runners. For more information, see [AUTOTITLE](/actions/concepts/runners/self-hosted-runners). {% endif %} {% ifversion fpt or ghec %} @@ -34,7 +34,7 @@ contentType: concepts ## Usage limits and policy -There are several limits on {% data variables.product.prodname_actions %} usage when using {% data variables.product.prodname_dotcom %}-hosted runners. See [AUTOTITLE](/actions/reference/actions-limits). +There are several limits on {% data variables.product.prodname_actions %} usage when using {% data variables.product.prodname_dotcom %}-hosted runners. See [AUTOTITLE](/actions/reference/limits). In addition to the usage limits, you must ensure that you use {% data variables.product.prodname_actions %} within the [GitHub Terms of Service](/free-pro-team@latest/site-policy/github-terms/github-terms-of-service). For more information on {% data variables.product.prodname_actions %}-specific terms, see the [GitHub Additional Product Terms](/free-pro-team@latest/site-policy/github-terms/github-terms-for-additional-products-and-features#a-actions-usage). @@ -42,7 +42,7 @@ In addition to the usage limits, you must ensure that you use {% data variables. ## {% data variables.product.prodname_actions %} usage metrics -Organization owners and users with the "View organization Actions metrics" permission can view {% data variables.product.prodname_actions %} usage metrics for their organization. These metrics can help you understand how and where your Actions minutes are being used. For more information, see [AUTOTITLE](/enterprise-cloud@latest/organizations/collaborating-with-groups-in-organizations/viewing-usage-metrics-for-github-actions). +Organization owners and users with the "View organization Actions metrics" permission can view {% data variables.product.prodname_actions %} usage metrics for their organization. These metrics can help you understand how and where your Actions minutes are being used. For more information, see [AUTOTITLE](/enterprise-cloud@latest/organizations/collaborating-with-groups-in-organizations/viewing-github-actions-metrics-for-your-organization). When you view usage metrics, it is important to remember that {% data reusables.actions.actions-usage-metrics-not-billing-metrics %} @@ -52,7 +52,7 @@ When you view usage metrics, it is important to remember that {% data reusables. If you reuse a workflow, billing is always associated with the caller workflow. Assignment of {% data variables.product.prodname_dotcom %}-hosted runners is always evaluated using only the caller's context. The caller cannot use {% data variables.product.prodname_dotcom %}-hosted runners from the called repository. -For more information see, [AUTOTITLE](/actions/using-workflows/reusing-workflows). +For more information see, [AUTOTITLE](/actions/how-tos/reuse-automations/reuse-workflows). ## Next steps @@ -60,4 +60,4 @@ You can manage your {% data variables.product.prodname_actions %} usage and rete * [AUTOTITLE](/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository) * [AUTOTITLE](/organizations/managing-organization-settings/configuring-the-retention-period-for-github-actions-artifacts-and-logs-in-your-organization) * [AUTOTITLE](/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization) -* [AUTOTITLE](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise) +* [AUTOTITLE](/admin/enforcing-policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise) diff --git a/content/actions/concepts/metrics.md b/content/actions/concepts/metrics.md index d80c54333903..fb2e6cc4ba82 100644 --- a/content/actions/concepts/metrics.md +++ b/content/actions/concepts/metrics.md @@ -26,4 +26,4 @@ contentType: concepts ## Next steps -To learn how to find metrics for your organization or repository, see [AUTOTITLE](/actions/how-tos/administering-github-actions/viewing-github-actions-metrics). +To learn how to find metrics for your organization or repository, see [AUTOTITLE](/actions/how-tos/administer/view-metrics). diff --git a/content/actions/concepts/runners/actions-runner-controller.md b/content/actions/concepts/runners/actions-runner-controller.md index 094add6723fe..f6e5b30ae7a5 100644 --- a/content/actions/concepts/runners/actions-runner-controller.md +++ b/content/actions/concepts/runners/actions-runner-controller.md @@ -84,9 +84,9 @@ ARC consists of several custom resource definitions (CRDs). For more information * [actions.github.com/v1alpha1](https://pkg.go.dev/github.com/actions/actions-runner-controller/apis/actions.github.com/v1alpha1) * [actions.summerwind.net/v1alpha1](https://pkg.go.dev/github.com/actions/actions-runner-controller/apis/actions.summerwind.net/v1alpha1) -Because custom resources are extensions of the Kubernetes API, they won't be available in a default Kubernetes installation. You will need to install these custom resources to use ARC. For more information on installing custom resources, see [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners-with-actions-runner-controller/quickstart-for-actions-runner-controller). +Because custom resources are extensions of the Kubernetes API, they won't be available in a default Kubernetes installation. You will need to install these custom resources to use ARC. For more information on installing custom resources, see [AUTOTITLE](/actions/tutorials/use-actions-runner-controller/get-started). -Once the custom resources are installed, you can deploy ARC into your Kubernetes cluster. For information about deploying ARC, see [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners-with-actions-runner-controller/deploying-runner-scale-sets-with-actions-runner-controller). +Once the custom resources are installed, you can deploy ARC into your Kubernetes cluster. For information about deploying ARC, see [AUTOTITLE](/actions/how-tos/manage-runners/use-actions-runner-controller/deploy-runner-scale-sets). ### About the runner container image @@ -102,7 +102,7 @@ For example, if the `FROM` line in the runner image Dockerfile is `mcr.microsoft You can create your own runner image that meets your requirements. Your runner image must fulfill the following conditions. -* Use a base image that can run the self-hosted runner application. See [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners). +* Use a base image that can run the self-hosted runner application. See [AUTOTITLE](/actions/how-tos/manage-runners/self-hosted-runners). * The [runner binary](https://github.com/actions/runner/releases) must be placed under `/home/runner/` and launched using `/home/runner/run.sh`. * If you use Kubernetes mode, the [runner container hooks](https://github.com/actions/runner-container-hooks/releases) must be placed under `/home/runner/k8s`. @@ -178,8 +178,8 @@ The supported runner image is released as a separate container image, which you If you're new to ARC, see [AUTOTITLE](/actions/tutorials/use-actions-runner-controller/get-started) to try out the basics. -When you're ready to use ARC to execute workflows, see [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners-with-actions-runner-controller/using-actions-runner-controller-runners-in-a-workflow). +When you're ready to use ARC to execute workflows, see [AUTOTITLE](/actions/how-tos/manage-runners/use-actions-runner-controller/use-arc-in-a-workflow). -{% data reusables.actions.actions-runner-controller-labels %} See [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners/using-self-hosted-runners-in-a-workflow). +{% data reusables.actions.actions-runner-controller-labels %} See [AUTOTITLE](/actions/how-tos/manage-runners/self-hosted-runners/use-in-a-workflow). -You can scale runners statically or dynamically depending on your needs. See [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners-with-actions-runner-controller/deploying-runner-scale-sets-with-actions-runner-controller#scaling-runners). +You can scale runners statically or dynamically depending on your needs. See [AUTOTITLE](/actions/how-tos/manage-runners/use-actions-runner-controller/deploy-runner-scale-sets). diff --git a/content/actions/concepts/runners/github-hosted-runners.md b/content/actions/concepts/runners/github-hosted-runners.md index d326fccb75a1..96f9edc9a269 100644 --- a/content/actions/concepts/runners/github-hosted-runners.md +++ b/content/actions/concepts/runners/github-hosted-runners.md @@ -29,13 +29,13 @@ contentType: concepts Runners are the machines that execute jobs in a {% data variables.product.prodname_actions %} workflow. For example, a runner can clone your repository locally, install testing software, and then run commands that evaluate your code. -{% data variables.product.prodname_dotcom %} provides runners that you can use to run your jobs, or you can [host your own runners](/actions/hosting-your-own-runners/managing-self-hosted-runners/about-self-hosted-runners). {% data reusables.actions.single-cpu-runners %} +{% data variables.product.prodname_dotcom %} provides runners that you can use to run your jobs, or you can [host your own runners](/actions/concepts/runners/self-hosted-runners). {% data reusables.actions.single-cpu-runners %} Each runner comes with the runner application and other tools preinstalled. {% data variables.product.prodname_dotcom %}-hosted runners are available with Ubuntu Linux, Windows, or macOS operating systems. When you use a {% data variables.product.prodname_dotcom %}-hosted runner, machine maintenance and upgrades are taken care of for you. {% ifversion not ghes %} -You can choose one of the standard {% data variables.product.prodname_dotcom %}-hosted runner options or, if you are on the {% data variables.product.prodname_team %} or {% data variables.product.prodname_ghe_cloud %} plan, you can provision a runner with more cores, or a runner that's powered by a GPU processor. These machines are referred to as "{% data variables.actions.hosted_runner %}." For more information, see [AUTOTITLE](/enterprise-cloud@latest/actions/using-github-hosted-runners/about-larger-runners/about-larger-runners). +You can choose one of the standard {% data variables.product.prodname_dotcom %}-hosted runner options or, if you are on the {% data variables.product.prodname_team %} or {% data variables.product.prodname_ghe_cloud %} plan, you can provision a runner with more cores, or a runner that's powered by a GPU processor. These machines are referred to as "{% data variables.actions.hosted_runner %}." For more information, see [AUTOTITLE](/enterprise-cloud@latest/actions/concepts/runners/larger-runners). {% data variables.actions.hosted_runners_caps %} also support custom images, which let you create and manage your own preconfigured VM images. For more information, see [Custom images](#custom-images). @@ -46,7 +46,7 @@ Using {% data variables.product.prodname_dotcom %}-hosted runners requires netwo {% ifversion github-hosted-runners-emus-entitlements %} > [!NOTE] -> {% data reusables.actions.entitlement-minutes-emus %} For more information, see [AUTOTITLE](/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/about-enterprise-managed-users). +> {% data reusables.actions.entitlement-minutes-emus %} For more information, see [AUTOTITLE](/admin/concepts/identity-and-access-management/enterprise-managed-users). {% endif %} @@ -62,13 +62,13 @@ The software tools included in our GitHub-owned images are updated weekly. The u Workflow logs include a link to the preinstalled tools on the exact runner. To find this information in the workflow log, expand the `Set up job` section. Under that section, expand the `Runner Image` section. The link following `Included Software` will describe the preinstalled tools on the runner that ran the workflow. -For more information, see [AUTOTITLE](/actions/monitoring-and-troubleshooting-workflows/viewing-workflow-run-history). +For more information, see [AUTOTITLE](/actions/how-tos/monitor-workflows/view-workflow-run-history). {% data variables.product.prodname_dotcom %}-hosted runners include the operating system's default built-in tools, in addition to the packages listed in the above references. For example, Ubuntu and macOS runners include `grep`, `find`, and `which`, among other default tools. {% ifversion actions-sbom %} -You can also view a software bill of materials (SBOM) for each build of the Windows and Ubuntu runner images. For more information, see [AUTOTITLE](/actions/security-guides/security-hardening-for-github-actions#reviewing-the-supply-chain-for-github-hosted-runners). +You can also view a software bill of materials (SBOM) for each build of the Windows and Ubuntu runner images. For more information, see [AUTOTITLE](/actions/reference/security/secure-use#reviewing-the-supply-chain-for-github-hosted-runners). {% endif %} @@ -79,7 +79,7 @@ We recommend using actions to interact with the software installed on runners. T If there is a tool that you'd like to request, please open an issue at [actions/runner-images](https://github.com/actions/runner-images). This repository also contains announcements about all major software updates on runners. > [!NOTE] -> * You can also install additional software on {% data variables.product.prodname_dotcom %}-hosted runners. See [AUTOTITLE](/actions/using-github-hosted-runners/customizing-github-hosted-runners). +> * You can also install additional software on {% data variables.product.prodname_dotcom %}-hosted runners. See [AUTOTITLE](/actions/how-tos/manage-runners/github-hosted-runners/customize-runners). > * While nested virtualization is technically possible while using runners, it is not officially supported. Any use of nested VMs is experimental and done at your own risk, we offer no guarantees regarding stability, performance, or compatibility. ### Custom images diff --git a/content/actions/concepts/runners/larger-runners.md b/content/actions/concepts/runners/larger-runners.md index 270632f64b47..1bae56fdd30e 100644 --- a/content/actions/concepts/runners/larger-runners.md +++ b/content/actions/concepts/runners/larger-runners.md @@ -18,7 +18,7 @@ contentType: concepts {% ifversion ghes %} {% data reusables.actions.enterprise-github-hosted-runners %} -To learn about larger runners, see [the {% data variables.product.prodname_ghe_cloud %} documentation](/enterprise-cloud@latest/actions/concepts/runners/about-larger-runners). +To learn about larger runners, see [the {% data variables.product.prodname_ghe_cloud %} documentation](/enterprise-cloud@latest/actions/concepts/runners/larger-runners). {% else %} ## About {% data variables.actions.hosted_runners %} @@ -50,7 +50,7 @@ Consider configuring {% data variables.actions.hosted_runners %} for {% data var * Your scans with standard {% data variables.product.prodname_dotcom %}-hosted runners are returning memory or disk errors. * You want to customize aspects of your {% data variables.product.prodname_code_scanning %} runner, such as the runner size, runner image, and job concurrency, without using self-hosted runners. -For more information on configuring {% data variables.actions.hosted_runners %} for {% data variables.product.prodname_code_scanning %} default setup, see [AUTOTITLE](/code-security/how-tos/scan-code-for-vulnerabilities/manage-your-configuration/configuring-larger-runners-for-default-setup). +For more information on configuring {% data variables.actions.hosted_runners %} for {% data variables.product.prodname_code_scanning %} default setup, see [AUTOTITLE](/code-security/how-tos/find-and-fix-code-vulnerabilities/manage-your-configuration/configure-larger-runners). {% endif %} @@ -59,13 +59,13 @@ For more information on configuring {% data variables.actions.hosted_runners %} > [!NOTE] > {% data variables.actions.hosted_runner_caps %}s are not eligible for the use of included minutes on private repositories. For both private and public repositories, when {% data variables.actions.hosted_runners %} are in use, they will always be billed at the per-minute rate. -Compared to standard {% data variables.product.github %}-hosted runners, {% data variables.actions.hosted_runners %} are billed differently. {% data reusables.actions.about-larger-runners-billing %} For more information, see [AUTOTITLE](/billing/reference/actions-minute-multipliers). +Compared to standard {% data variables.product.github %}-hosted runners, {% data variables.actions.hosted_runners %} are billed differently. {% data reusables.actions.about-larger-runners-billing %} For more information, see [AUTOTITLE](/billing/reference/actions-runner-pricing). ## Next steps -To start using larger runners, see [AUTOTITLE](/actions/how-tos/using-github-hosted-runners/using-larger-runners/managing-larger-runners). +To start using larger runners, see [AUTOTITLE](/actions/how-tos/manage-runners/larger-runners/manage-larger-runners). -To find reference information about using {% data variables.actions.hosted_runners %}, see [AUTOTITLE](/actions/reference/larger-runners-reference). +To find reference information about using {% data variables.actions.hosted_runners %}, see [AUTOTITLE](/actions/reference/runners/larger-runners). {% endif %} diff --git a/content/actions/concepts/runners/private-networking.md b/content/actions/concepts/runners/private-networking.md index c214883bc511..282abe23bb39 100644 --- a/content/actions/concepts/runners/private-networking.md +++ b/content/actions/concepts/runners/private-networking.md @@ -25,11 +25,11 @@ There are a few different approaches you could take to configure this access, ea ## Using an API Gateway with OIDC -{% data reusables.actions.private-networking-oidc-intro %} For more information, see [AUTOTITLE](/actions/using-github-hosted-runners/connecting-to-a-private-network/using-an-api-gateway-with-oidc). +{% data reusables.actions.private-networking-oidc-intro %} For more information, see [AUTOTITLE](/actions/how-tos/manage-runners/github-hosted-runners/connect-to-a-private-network/connect-with-oidc). ## Using WireGuard to create a network overlay -{% data reusables.actions.private-networking-wireguard-intro %} For more information, see [AUTOTITLE](/actions/using-github-hosted-runners/connecting-to-a-private-network/using-wireguard-to-create-a-network-overlay). +{% data reusables.actions.private-networking-wireguard-intro %} For more information, see [AUTOTITLE](/actions/how-tos/manage-runners/github-hosted-runners/connect-to-a-private-network/connect-with-wireguard). {% ifversion actions-private-networking-azure-vnet %} @@ -45,7 +45,7 @@ Organization owners using the {% data variables.product.prodname_team %} plan ca {% ifversion ghec %} -Enterprises and organizations on {% data variables.product.prodname_ghe_cloud %} or {% data variables.product.prodname_team %} plans can configure Azure private networking for {% data variables.product.company_short %}-hosted runners. For more information, see [AUTOTITLE](/enterprise-cloud@latest/admin/configuration/configuring-private-networking-for-hosted-compute-products/about-azure-private-networking-for-github-hosted-runners-in-your-enterprise) and [AUTOTITLE](/admin/configuration/configuring-private-networking-for-hosted-compute-products/configuring-private-networking-for-github-hosted-runners-in-your-enterprise#enabling-creation-of-network-configurations-for-organizations). +Enterprises and organizations on {% data variables.product.prodname_ghe_cloud %} or {% data variables.product.prodname_team %} plans can configure Azure private networking for {% data variables.product.company_short %}-hosted runners. For more information, see [AUTOTITLE](/enterprise-cloud@latest/admin/configuring-settings/configuring-private-networking-for-hosted-compute-products/about-azure-private-networking-for-github-hosted-runners-in-your-enterprise) and [AUTOTITLE](/admin/configuring-settings/configuring-private-networking-for-hosted-compute-products/configuring-private-networking-for-github-hosted-runners-in-your-enterprise#enabling-creation-of-network-configurations-for-organizations). {% endif %} {% endif %} diff --git a/content/actions/concepts/runners/runner-groups.md b/content/actions/concepts/runners/runner-groups.md index 31a4075e913d..80e61b082356 100644 --- a/content/actions/concepts/runners/runner-groups.md +++ b/content/actions/concepts/runners/runner-groups.md @@ -29,6 +29,6 @@ You can also disable standard {% data variables.product.github %}-hosted runners ## Next steps -{% ifversion fpt or ghec %}To learn how to use runner groups to control access to larger runners, see [AUTOTITLE](/actions/how-tos/using-larger-runners/controlling-access-to-larger-runners).{% endif %} +{% ifversion fpt or ghec %}To learn how to use runner groups to control access to larger runners, see [AUTOTITLE](/actions/how-tos/manage-runners/larger-runners/control-access).{% endif %} -For information on how to route jobs to runners in a specific group, see [AUTOTITLE](/actions/using-jobs/choosing-the-runner-for-a-job#choosing-runners-in-a-group). +For information on how to route jobs to runners in a specific group, see [AUTOTITLE](/actions/how-tos/write-workflows/choose-where-workflows-run/choose-the-runner-for-a-job#choosing-runners-in-a-group). diff --git a/content/actions/concepts/runners/runner-scale-sets.md b/content/actions/concepts/runners/runner-scale-sets.md index 9fd67070431d..2e4134ecea7a 100644 --- a/content/actions/concepts/runners/runner-scale-sets.md +++ b/content/actions/concepts/runners/runner-scale-sets.md @@ -19,7 +19,7 @@ A runner scale set is a group of homogeneous runners that can be assigned jobs f You can use runner groups to manage runner scale sets. Similar to self-hosted runners, you can add runner scale sets to existing runner groups. However, runner scale sets can belong to only one runner group at a time and can only have one label assigned to them. -To assign jobs to a runner scale set, you must configure your workflow to reference the runner scale set’s name. For more information, see [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners-with-actions-runner-controller/using-actions-runner-controller-runners-in-a-workflow). +To assign jobs to a runner scale set, you must configure your workflow to reference the runner scale set’s name. For more information, see [AUTOTITLE](/actions/how-tos/manage-runners/use-actions-runner-controller/use-arc-in-a-workflow). ## Legal notice @@ -27,5 +27,5 @@ To assign jobs to a runner scale set, you must configure your workflow to refere ## Next steps -* For more information about the {% data variables.product.prodname_actions_runner_controller %} as a concept, see [AUTOTITLE](/actions/concepts/runners/about-actions-runner-controller). -* To learn about runner groups, see [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners/managing-access-to-self-hosted-runners-using-groups). +* For more information about the {% data variables.product.prodname_actions_runner_controller %} as a concept, see [AUTOTITLE](/actions/concepts/runners/actions-runner-controller). +* To learn about runner groups, see [AUTOTITLE](/actions/how-tos/manage-runners/self-hosted-runners/manage-access). diff --git a/content/actions/concepts/runners/self-hosted-runners.md b/content/actions/concepts/runners/self-hosted-runners.md index d0628461267d..0fc2b2284d43 100644 --- a/content/actions/concepts/runners/self-hosted-runners.md +++ b/content/actions/concepts/runners/self-hosted-runners.md @@ -28,7 +28,7 @@ Self-hosted runners: * Let you create custom hardware configurations that meet your needs with processing power or memory to run larger jobs, install software available on your local network. * Receive automatic updates for the self-hosted runner application only, though you may disable automatic updates of the runner. * Don't need to have a clean instance for every job execution.{% ifversion ghec or ghes %} -* Can be organized into groups to restrict access to specific workflows, organizations, and repositories. See [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners/managing-access-to-self-hosted-runners-using-groups).{% endif %} +* Can be organized into groups to restrict access to specific workflows, organizations, and repositories. See [AUTOTITLE](/actions/how-tos/manage-runners/self-hosted-runners/manage-access).{% endif %} * Can be physical, virtual, in a container, on-premises, or in a cloud. You can use self-hosted runners anywhere in the management hierarchy. Repository-level runners are dedicated to a single repository, while organization-level runners can process jobs for multiple repositories in an organization. Organization owners can choose which repositories are allowed to create repository-level self-hosted runners. See [AUTOTITLE](/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization#limiting-the-use-of-self-hosted-runners). Finally, enterprise-level runners can be assigned to multiple organizations in an enterprise account. @@ -36,9 +36,9 @@ You can use self-hosted runners anywhere in the management hierarchy. Repository ## Next steps {% ifversion ghec or ghes %} -To get hands-on experience with the policies and usage of self-hosted runners, see [AUTOTITLE](/admin/github-actions/getting-started-with-github-actions-for-your-enterprise/getting-started-with-self-hosted-runners-for-your-enterprise) +To get hands-on experience with the policies and usage of self-hosted runners, see [AUTOTITLE](/admin/managing-github-actions-for-your-enterprise/getting-started-with-github-actions-for-your-enterprise/getting-started-with-self-hosted-runners-for-your-enterprise) {% else %} -To set up a self-hosted runner in your workspace, see [AUTOTITLE](/actions/how-tos/managing-self-hosted-runners/adding-self-hosted-runners). +To set up a self-hosted runner in your workspace, see [AUTOTITLE](/actions/how-tos/manage-runners/self-hosted-runners/add-runners). {% endif %} -To find information about the requirements and supported software and hardware for self-hosted runners, see [AUTOTITLE](/actions/reference/self-hosted-runners-reference). +To find information about the requirements and supported software and hardware for self-hosted runners, see [AUTOTITLE](/actions/reference/runners/self-hosted-runners). diff --git a/content/actions/concepts/runners/support-for-arc.md b/content/actions/concepts/runners/support-for-arc.md index 1523b2e68c72..686650ddece5 100644 --- a/content/actions/concepts/runners/support-for-arc.md +++ b/content/actions/concepts/runners/support-for-arc.md @@ -49,4 +49,4 @@ For more information about contacting {% data variables.contact.github_support % ## Working with {% data variables.contact.github_support %} for Actions Runner Controller -{% data variables.contact.github_support %} may ask questions about your Actions Runner Controller deployment and request that you collect and attach [controller logs, listener logs](/actions/hosting-your-own-runners/managing-self-hosted-runners-with-actions-runner-controller/troubleshooting-actions-runner-controller-errors#checking-the-logs-of-the-controller-and-runner-set-listener), runner logs, and Helm charts (`values.yaml`) to the support ticket. +{% data variables.contact.github_support %} may ask questions about your Actions Runner Controller deployment and request that you collect and attach [controller logs, listener logs](/actions/tutorials/use-actions-runner-controller/troubleshoot#checking-the-logs-of-the-controller-and-runner-set-listener), runner logs, and Helm charts (`values.yaml`) to the support ticket. diff --git a/content/actions/concepts/security/artifact-attestations.md b/content/actions/concepts/security/artifact-attestations.md index c10cf6570cf7..a18595ffdd11 100644 --- a/content/actions/concepts/security/artifact-attestations.md +++ b/content/actions/concepts/security/artifact-attestations.md @@ -17,7 +17,7 @@ contentType: concepts The SLSA framework is an industry standard used to evaluate supply chain security. It is organized into levels. Each level represents an increasing degree of security and trustworthiness for a software supply chain. Artifact attestations by itself provides SLSA v1.0 Build Level 2. -This provides a link between your artifact and its build instructions, but you can take this a step further by requiring builds make use of known, vetted build instructions. A great way to do this is to have your build take place in a reusable workflow that many repositories across your organization share. Reusable workflows can provide isolation between the build process and the calling workflow, to meet SLSA v1.0 Build Level 3. For more information, see [AUTOTITLE](/actions/security-guides/using-artifact-attestations-and-reusable-workflows-to-achieve-slsa-v1-build-level-3). +This provides a link between your artifact and its build instructions, but you can take this a step further by requiring builds make use of known, vetted build instructions. A great way to do this is to have your build take place in a reusable workflow that many repositories across your organization share. Reusable workflows can provide isolation between the build process and the calling workflow, to meet SLSA v1.0 Build Level 3. For more information, see [AUTOTITLE](/actions/how-tos/secure-your-work/use-artifact-attestations/increase-security-rating). For more information on SLSA levels, see [SLSA Security Levels](https://slsa.dev/spec/v1.0/levels). @@ -51,4 +51,4 @@ If you consume software that publishes artifact attestations, you can use the {% ## Next steps -To start generating and verifying artifact attestations for your builds, see [AUTOTITLE](/actions/how-tos/security-for-github-actions/using-artifact-attestations/using-artifact-attestations-to-establish-provenance-for-builds). +To start generating and verifying artifact attestations for your builds, see [AUTOTITLE](/actions/how-tos/secure-your-work/use-artifact-attestations/use-artifact-attestations). diff --git a/content/actions/concepts/security/compromised-runners.md b/content/actions/concepts/security/compromised-runners.md index 4ec941c3de2e..3485c297cc82 100644 --- a/content/actions/concepts/security/compromised-runners.md +++ b/content/actions/concepts/security/compromised-runners.md @@ -45,7 +45,7 @@ Although {% data variables.product.prodname_actions %} scrubs secrets from memor ### Exfiltrating data from a runner -An attacker can exfiltrate any stolen secrets or other data from the runner. To help prevent accidental secret disclosure, {% data variables.product.prodname_actions %} [automatically redact secrets printed to the log](/actions/security-guides/using-secrets-in-github-actions#accessing-your-secrets), but this is not a true security boundary because secrets can be intentionally sent to the log. For example, obfuscated secrets can be exfiltrated using `echo ${SOME_SECRET:0:4}; echo ${SOME_SECRET:4:200};`. In addition, since the attacker may run arbitrary commands, they could use HTTP requests to send secrets or other repository data to an external server. +An attacker can exfiltrate any stolen secrets or other data from the runner. To help prevent accidental secret disclosure, {% data variables.product.prodname_actions %} [automatically redact secrets printed to the log](/actions/how-tos/write-workflows/choose-what-workflows-do/use-secrets), but this is not a true security boundary because secrets can be intentionally sent to the log. For example, obfuscated secrets can be exfiltrated using `echo ${SOME_SECRET:0:4}; echo ${SOME_SECRET:4:200};`. In addition, since the attacker may run arbitrary commands, they could use HTTP requests to send secrets or other repository data to an external server. ### Stealing the job's `GITHUB_TOKEN` @@ -53,26 +53,26 @@ It is possible for an attacker to steal a job's `GITHUB_TOKEN`. The {% data vari ### Modifying the contents of a repository -The attacker server can use the {% data variables.product.github %} API to [modify repository content](/actions/reference/workflows-and-actions/workflow-syntax#permissions), including releases, if the assigned permissions of `GITHUB_TOKEN` [are not restricted](/actions/security-guides/automatic-token-authentication#modifying-the-permissions-for-the-github_token). +The attacker server can use the {% data variables.product.github %} API to [modify repository content](/actions/reference/workflows-and-actions/workflow-syntax#permissions), including releases, if the assigned permissions of `GITHUB_TOKEN` [are not restricted](/actions/tutorials/authenticate-with-github_token#modifying-the-permissions-for-the-github_token). ### Cross-repository access {% data variables.product.prodname_actions %} is intentionally scoped for a single repository at a time. The `GITHUB_TOKEN` grants the same level of access as a write-access user, because any write-access user can access this token by creating or modifying a workflow file, elevating the permissions of the `GITHUB_TOKEN` if necessary. Users have specific permissions for each repository, so allowing the `GITHUB_TOKEN` for one repository to grant access to another would impact the {% data variables.product.prodname_dotcom %} permission model if not implemented carefully. Similarly, caution must be taken when adding {% data variables.product.prodname_dotcom %} authentication tokens to a workflow, because this can also affect the {% data variables.product.prodname_dotcom %} permission model by inadvertently granting broad access to collaborators. -If your organization is owned by an enterprise account, then you can share and reuse {% data variables.product.prodname_actions %} by storing them in internal repositories. For more information, see [AUTOTITLE](/actions/creating-actions/sharing-actions-and-workflows-with-your-enterprise). +If your organization is owned by an enterprise account, then you can share and reuse {% data variables.product.prodname_actions %} by storing them in internal repositories. For more information, see [AUTOTITLE](/actions/how-tos/reuse-automations/share-with-your-enterprise). You can perform other privileged, cross-repository interactions by referencing a {% data variables.product.prodname_dotcom %} authentication token or SSH key as a secret within the workflow. Because many authentication token types do not allow for granular access to specific resources, there is significant risk in using the wrong token type, as it can grant much broader access than intended. This list describes the recommended approaches for accessing repository data within a workflow, in descending order of preference: 1. **The `GITHUB_TOKEN`** - * This token is intentionally scoped to the single repository that invoked the workflow, and can have the same level of access as a write-access user on the repository. The token is created before each job begins and expires when the job is finished. For more information, see [AUTOTITLE](/actions/security-guides/automatic-token-authentication). + * This token is intentionally scoped to the single repository that invoked the workflow, and can have the same level of access as a write-access user on the repository. The token is created before each job begins and expires when the job is finished. For more information, see [AUTOTITLE](/actions/tutorials/authenticate-with-github_token). * The `GITHUB_TOKEN` should be used whenever possible. 1. **Repository deploy key** * Deploy keys are one of the only credential types that grant read or write access to a single repository, and can be used to interact with another repository within a workflow. For more information, see [AUTOTITLE](/authentication/connecting-to-github-with-ssh/managing-deploy-keys#deploy-keys). * Note that deploy keys can only clone and push to the repository using Git, and cannot be used to interact with the REST or GraphQL API, so they may not be appropriate for your requirements. 1. **{% data variables.product.prodname_github_app %} tokens** - * {% data variables.product.prodname_github_apps %} can be installed on select repositories, and even have granular permissions on the resources within them. You could create a {% data variables.product.prodname_github_app %} internal to your organization, install it on the repositories you need access to within your workflow, and authenticate as the installation within your workflow to access those repositories. For more information, see [AUTOTITLE](/apps/creating-github-apps/guides/making-authenticated-api-requests-with-a-github-app-in-a-github-actions-workflow). + * {% data variables.product.prodname_github_apps %} can be installed on select repositories, and even have granular permissions on the resources within them. You could create a {% data variables.product.prodname_github_app %} internal to your organization, install it on the repositories you need access to within your workflow, and authenticate as the installation within your workflow to access those repositories. For more information, see [AUTOTITLE](/apps/creating-github-apps/authenticating-with-a-github-app/making-authenticated-api-requests-with-a-github-app-in-a-github-actions-workflow). 1. **{% data variables.product.pat_generic %}s** * You should never use a {% data variables.product.pat_v1 %}. These tokens grant access to all repositories within the organizations that you have access to, as well as all personal repositories in your personal account. This indirectly grants broad access to all write-access users of the repository the workflow is in. * If you do use a {% data variables.product.pat_generic %}, you should never use a {% data variables.product.pat_generic %} from your own account. If you later leave an organization, workflows using this token will immediately break, and debugging this issue can be challenging. Instead, you should use a {% data variables.product.pat_v2 %} for a new account that belongs to your organization and that is only granted access to the specific repositories that are needed for the workflow. Note that this approach is not scalable and should be avoided in favor of alternatives, such as deploy keys. @@ -81,4 +81,4 @@ This list describes the recommended approaches for accessing repository data wit ## Next steps -For security best practices with {% data variables.product.prodname_actions %}, see [AUTOTITLE](/actions/reference/secure-use-reference). +For security best practices with {% data variables.product.prodname_actions %}, see [AUTOTITLE](/actions/reference/security/secure-use). diff --git a/content/actions/concepts/security/github_token.md b/content/actions/concepts/security/github_token.md index 71664d6301a6..97d671b024e5 100644 --- a/content/actions/concepts/security/github_token.md +++ b/content/actions/concepts/security/github_token.md @@ -14,7 +14,7 @@ contentType: concepts At the start of each workflow job, {% data variables.product.prodname_dotcom %} automatically creates a unique `GITHUB_TOKEN` secret to use in your workflow. You can use the `GITHUB_TOKEN` to authenticate in the workflow job. -When you enable {% data variables.product.prodname_actions %}, {% data variables.product.prodname_dotcom %} installs a {% data variables.product.prodname_github_app %} on your repository. The `GITHUB_TOKEN` secret is a {% data variables.product.prodname_github_app %} installation access token. You can use the installation access token to authenticate on behalf of the {% data variables.product.prodname_github_app %} installed on your repository. The token's permissions are limited to the repository that contains your workflow. For more information, see [AUTOTITLE](/actions/reference/workflow-syntax-for-github-actions#permissions). +When you enable {% data variables.product.prodname_actions %}, {% data variables.product.prodname_dotcom %} installs a {% data variables.product.prodname_github_app %} on your repository. The `GITHUB_TOKEN` secret is a {% data variables.product.prodname_github_app %} installation access token. You can use the installation access token to authenticate on behalf of the {% data variables.product.prodname_github_app %} installed on your repository. The token's permissions are limited to the repository that contains your workflow. For more information, see [AUTOTITLE](/actions/reference/workflows-and-actions/workflow-syntax#permissions). Before each job begins, {% data variables.product.github %} fetches an installation access token for the job. The `GITHUB_TOKEN` expires when the job finishes or after its effective maximum lifetime. @@ -23,7 +23,7 @@ The effective maximum lifetime of the token depends on the type of runner: * **{% data variables.product.github %}-hosted runners** The maximum job execution time is 6 hours, so the `GITHUB_TOKEN` can live for a maximum of 6 hours. * **Self-hosted runners** The maximum job execution time is 5 days. However, because the `GITHUB_TOKEN` is an installation access token, it can only be refreshed for up to 24 hours. If your job runs longer than 24 hours, use a {% data variables.product.pat_generic %} or other authentication method instead. -The token is also available in the `github.token` context. For more information, see [AUTOTITLE](/actions/learn-github-actions/contexts#github-context). +The token is also available in the `github.token` context. For more information, see [AUTOTITLE](/actions/reference/workflows-and-actions/contexts#github-context). ## When `GITHUB_TOKEN` triggers workflow runs @@ -38,5 +38,5 @@ The token is also available in the `github.token` context. For more information, ## Next steps -* [AUTOTITLE](/actions/how-tos/security-for-github-actions/security-guides/use-github_token-in-workflows) -* [AUTOTITLE](/actions/reference/workflow-syntax-for-github-actions#permissions) +* [AUTOTITLE](/actions/tutorials/authenticate-with-github_token) +* [AUTOTITLE](/actions/reference/workflows-and-actions/workflow-syntax#permissions) diff --git a/content/actions/concepts/security/kubernetes-admissions-controller.md b/content/actions/concepts/security/kubernetes-admissions-controller.md index 36ce5a2645be..e43b3ca83d9d 100644 --- a/content/actions/concepts/security/kubernetes-admissions-controller.md +++ b/content/actions/concepts/security/kubernetes-admissions-controller.md @@ -11,19 +11,19 @@ contentType: concepts ## About Kubernetes admission controller -[Artifact attestations](/actions/security-guides/using-artifact-attestations-to-establish-provenance-for-builds) enable you to create unfalsifiable provenance and integrity guarantees for the software you build. In turn, people who consume your software can verify where and how your software was built. +[Artifact attestations](/actions/how-tos/secure-your-work/use-artifact-attestations/use-artifact-attestations) enable you to create unfalsifiable provenance and integrity guarantees for the software you build. In turn, people who consume your software can verify where and how your software was built. Kubernetes admission controllers are plugins that govern the behavior of the Kubernetes API server. They are commonly used to enforce security policies and best practices in a Kubernetes cluster. Using the open source [Sigstore Policy Controller](https://docs.sigstore.dev/policy-controller/overview/) project you can add an admission controller to your Kubernetes cluster that can enforce artifact attestations. This way, you can ensure that only artifacts with valid attestations can be deployed. -To [install the controller](/actions/how-tos/security-for-github-actions/using-artifact-attestations/enforcing-artifact-attestations-with-a-kubernetes-admission-controller), we offer [two Helm charts](https://github.com/github/artifact-attestations-helm-charts): one for deploying the Sigstore Policy Controller, and another for loading the GitHub trust root and a default policy. +To [install the controller](/actions/how-tos/secure-your-work/use-artifact-attestations/enforce-artifact-attestations), we offer [two Helm charts](https://github.com/github/artifact-attestations-helm-charts): one for deploying the Sigstore Policy Controller, and another for loading the GitHub trust root and a default policy. ### About image verification When the Policy Controller is installed, it will intercept all image pull requests and verify the attestation for the image. The attestation must be stored in the image registry as an [OCI attached artifact](https://oras.land/docs/concepts/reftypes/) containing a [Sigstore Bundle](https://docs.sigstore.dev/about/bundle/) which contains the attestation and cryptographic material (e.g. certificates and signatures) used to verify the attestation. A verification process is then performed that ensures the image was built with the specified build provenance and matches any policies enabled by the cluster administrator. -In order for an image to be verifiable, it must have a valid provenance attestation in the registry, which can be done by enabling the `push-to-registry: true` attribute in the `actions/attest` action. See [Generating build provenance for container images](/actions/security-guides/using-artifact-attestations-to-establish-provenance-for-builds#generating-build-provenance-for-container-images) for more details on how to generate attestations for container images. +In order for an image to be verifiable, it must have a valid provenance attestation in the registry, which can be done by enabling the `push-to-registry: true` attribute in the `actions/attest` action. See [Generating build provenance for container images](/actions/how-tos/secure-your-work/use-artifact-attestations/use-artifact-attestations) for more details on how to generate attestations for container images. ### About trust roots and policies @@ -33,4 +33,4 @@ A `TrustRoot` may also contain a [TUF](https://theupdateframework.io/) repositor ## Next steps -When you're ready to use an admission controller, see [AUTOTITLE](/actions/how-tos/security-for-github-actions/using-artifact-attestations/enforcing-artifact-attestations-with-a-kubernetes-admission-controller). +When you're ready to use an admission controller, see [AUTOTITLE](/actions/how-tos/secure-your-work/use-artifact-attestations/enforce-artifact-attestations). diff --git a/content/actions/concepts/security/openid-connect.md b/content/actions/concepts/security/openid-connect.md index 182e782e4e8c..8a0f0b41df90 100644 --- a/content/actions/concepts/security/openid-connect.md +++ b/content/actions/concepts/security/openid-connect.md @@ -96,13 +96,13 @@ To use OIDC in your workflows, you must establish a trust relationship between { Before granting an access token, your cloud provider checks that the [`subject`](https://openid.net/specs/openid-connect-core-1_0.html#StandardClaims) and any other claims used to set conditions in its trust settings match those in the request's JSON Web Token (JWT). If the trust configuration matches, your cloud provider issues a temporary access token to the workflow. -For steps and syntax for configuring OIDC trust and setting conditions for cloud providers, see [AUTOTITLE](/actions/reference/openid-connect-reference#oidc-claims-used-to-define-trust-conditions-on-cloud-roles). +For steps and syntax for configuring OIDC trust and setting conditions for cloud providers, see [AUTOTITLE](/actions/reference/security/oidc#oidc-claims-used-to-define-trust-conditions-on-cloud-roles). ## Configuring OIDC on {% data variables.enterprise.data_residency_site %} If you are part of an enterprise that uses {% data variables.enterprise.data_residency %} and you're setting up OIDC on {% data variables.enterprise.data_residency_site %}, you must **substitute certain values** while configuring OIDC. -For more information, see [AUTOTITLE](/enterprise-cloud@latest/actions/reference/openid-connect-reference#substituted-values-on-ghecom). +For more information, see [AUTOTITLE](/enterprise-cloud@latest/actions/reference/security/oidc#substituted-values-on-ghecom). {% endif %} @@ -110,11 +110,11 @@ For more information, see [AUTOTITLE](/enterprise-cloud@latest/actions/reference Custom actions use the `getIDToken()` method from the Actions toolkit or a `curl` command to authenticate using OIDC. -For more information, see [AUTOTITLE](/actions/reference/openid-connect-reference#methods-for-requesting-the-oidc-token). +For more information, see [AUTOTITLE](/actions/reference/security/oidc#methods-for-requesting-the-oidc-token). ## Updating your workflows for OIDC -{% data variables.product.prodname_actions %} workflows can use OIDC tokens instead of secrets to authenticate with cloud providers. Many popular cloud providers offer official login actions that simplify the process of using OIDC in your workflows. For more information about updating your workflows with specific cloud providers, see [AUTOTITLE](/actions/how-tos/security-for-github-actions/security-hardening-your-deployments). +{% data variables.product.prodname_actions %} workflows can use OIDC tokens instead of secrets to authenticate with cloud providers. Many popular cloud providers offer official login actions that simplify the process of using OIDC in your workflows. For more information about updating your workflows with specific cloud providers, see [AUTOTITLE](/actions/how-tos/secure-your-work/security-harden-deployments). {% ifversion oidc-custom-properties %} @@ -162,7 +162,7 @@ The following example shows an OIDC token that includes two custom properties: a } ``` -You can use the `repo_property_*` claims in your cloud provider's trust conditions to create flexible, attribute-based access control policies. For more information about the claim format, supported property types, and limits, see [AUTOTITLE](/actions/reference/openid-connect-reference#including-repository-custom-properties-in-oidc-tokens). +You can use the `repo_property_*` claims in your cloud provider's trust conditions to create flexible, attribute-based access control policies. For more information about the claim format, supported property types, and limits, see [AUTOTITLE](/actions/reference/security/oidc#including-repository-custom-properties-in-oidc-tokens). {% endif %} @@ -180,12 +180,12 @@ The benefits of OIDC authentication for {% data variables.product.prodname_depen * **Simpler management:** Enables secure, policy-compliant access to private registries. * **Avoid rate limiting:** Dynamic credentials help you avoid hitting rate limits associated with static tokens. -For more information, see [AUTOTITLE](/code-security/dependabot/working-with-dependabot/configuring-access-to-private-registries-for-dependabot#using-oidc-for-authentication). +For more information, see [AUTOTITLE](/code-security/how-tos/secure-your-supply-chain/manage-your-dependency-security/configure-access-to-private-registries#using-oidc-for-authentication). {% endif %} ## Next steps -For more information about configuring OIDC, see [AUTOTITLE](/actions/how-tos/security-for-github-actions/security-hardening-your-deployments). +For more information about configuring OIDC, see [AUTOTITLE](/actions/how-tos/secure-your-work/security-harden-deployments). -For reference information about OIDC, see [AUTOTITLE](/actions/reference/openid-connect-reference). +For reference information about OIDC, see [AUTOTITLE](/actions/reference/security/oidc). diff --git a/content/actions/concepts/security/script-injections.md b/content/actions/concepts/security/script-injections.md index e20c1cc4cb75..a2b642d9e9f3 100644 --- a/content/actions/concepts/security/script-injections.md +++ b/content/actions/concepts/security/script-injections.md @@ -12,11 +12,11 @@ contentType: concepts ## Understanding the risk of script injections -When creating workflows, [custom actions](/actions/creating-actions/about-custom-actions), and [composite actions](/actions/creating-actions/creating-a-composite-action), you should always consider whether your code might execute untrusted input from attackers. This can occur when an attacker adds malicious commands and scripts to a context. When your workflow runs, those strings might be interpreted as code which is then executed on the runner. +When creating workflows, [custom actions](/actions/concepts/workflows-and-actions/custom-actions), and [composite actions](/actions/tutorials/create-actions/create-a-composite-action), you should always consider whether your code might execute untrusted input from attackers. This can occur when an attacker adds malicious commands and scripts to a context. When your workflow runs, those strings might be interpreted as code which is then executed on the runner. -Attackers can add their own malicious content to the [`github` context](/actions/learn-github-actions/contexts#github-context), which should be treated as potentially untrusted input. These contexts typically end with `body`, `default_branch`, `email`, `head_ref`, `label`, `message`, `name`, `page_name`,`ref`, and `title`. For example: `github.event.issue.title`, or `github.event.pull_request.body`. +Attackers can add their own malicious content to the [`github` context](/actions/reference/workflows-and-actions/contexts#github-context), which should be treated as potentially untrusted input. These contexts typically end with `body`, `default_branch`, `email`, `head_ref`, `label`, `message`, `name`, `page_name`,`ref`, and `title`. For example: `github.event.issue.title`, or `github.event.pull_request.body`. -You should ensure that these values do not flow directly into workflows, actions, API calls, or anywhere else where they could be interpreted as executable code. By adopting the same defensive programming posture you would use for any other privileged application code, you can help security harden your use of {% data variables.product.prodname_actions %}. For information on some of the steps an attacker could take, see [AUTOTITLE](/actions/security-guides/security-hardening-for-github-actions#potential-impact-of-a-compromised-runner). +You should ensure that these values do not flow directly into workflows, actions, API calls, or anywhere else where they could be interpreted as executable code. By adopting the same defensive programming posture you would use for any other privileged application code, you can help security harden your use of {% data variables.product.prodname_actions %}. For information on some of the steps an attacker could take, see [AUTOTITLE](/actions/reference/security/secure-use#potential-impact-of-a-compromised-runner). In addition, there are other less obvious sources of potentially untrusted input, such as branch names and email addresses, which can be quite flexible in terms of their permitted content. For example, `zzz";echo${IFS}"hello";#` would be a valid branch name and would be a possible attack vector for a target repository. @@ -58,4 +58,4 @@ code.yml example.js ``` -For best practices keeping runners secure, see [AUTOTITLE](/actions/reference/secure-use-reference#good-practices-for-mitigating-script-injection-attacks). +For best practices keeping runners secure, see [AUTOTITLE](/actions/reference/security/secure-use#good-practices-for-mitigating-script-injection-attacks). diff --git a/content/actions/concepts/security/secrets.md b/content/actions/concepts/security/secrets.md index 87a7e7302a4a..aed4c350523f 100644 --- a/content/actions/concepts/security/secrets.md +++ b/content/actions/concepts/security/secrets.md @@ -23,7 +23,7 @@ Secrets allow you to store sensitive information in your organization, repositor ## How secrets work -Secrets use [Libsodium sealed boxes](https://libsodium.gitbook.io/doc/public-key_cryptography/sealed_boxes), so that they are encrypted before reaching {% data variables.product.github %}. This occurs when the secret is submitted [using the UI](/actions/security-guides/using-secrets-in-github-actions#creating-secrets-for-a-repository) or through the [REST API](/rest/actions/secrets). This client-side encryption helps minimize the risks related to accidental logging (for example, exception logs and request logs, among others) within {% data variables.product.github %}'s infrastructure. Once the secret is uploaded, {% data variables.product.github %} is then able to decrypt it so that it can be injected into the workflow runtime. +Secrets use [Libsodium sealed boxes](https://libsodium.gitbook.io/doc/public-key_cryptography/sealed_boxes), so that they are encrypted before reaching {% data variables.product.github %}. This occurs when the secret is submitted [using the UI](/actions/how-tos/write-workflows/choose-what-workflows-do/use-secrets#creating-secrets-for-a-repository) or through the [REST API](/rest/actions/secrets). This client-side encryption helps minimize the risks related to accidental logging (for example, exception logs and request logs, among others) within {% data variables.product.github %}'s infrastructure. Once the secret is uploaded, {% data variables.product.github %} is then able to decrypt it so that it can be injected into the workflow runtime. {% endif %} @@ -35,7 +35,7 @@ When creating a secret for an organization, you can use a policy to limit access For environment secrets, you can enable required reviewers to control access to the secrets. A workflow job cannot access environment secrets until approval is granted by required approvers. -To make a secret available to an action, you must set the secret as an input or environment variable in your workflow file. Review the action's README file to learn about which inputs and environment variables the action expects. See [AUTOTITLE](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsenv). +To make a secret available to an action, you must set the secret as an input or environment variable in your workflow file. Review the action's README file to learn about which inputs and environment variables the action expects. See [AUTOTITLE](/actions/reference/workflows-and-actions/workflow-syntax#jobsjob_idstepsenv). ## Limiting credential permissions @@ -43,17 +43,17 @@ When generating credentials, we recommend that you grant the minimum permissions When generating a {% data variables.product.pat_v1 %}, select the fewest scopes necessary. When generating a {% data variables.product.pat_v2 %}, select the minimum permissions and repository access required. -Instead of using a {% data variables.product.pat_generic %}, consider using a {% data variables.product.prodname_github_app %}, which uses fine-grained permissions and short lived tokens, similar to a {% data variables.product.pat_v2 %}. Unlike a {% data variables.product.pat_generic %}, a {% data variables.product.prodname_github_app %} is not tied to a user, so the workflow will continue to work even if the user who installed the app leaves your organization. For more information, see [AUTOTITLE](/apps/creating-github-apps/guides/making-authenticated-api-requests-with-a-github-app-in-a-github-actions-workflow). +Instead of using a {% data variables.product.pat_generic %}, consider using a {% data variables.product.prodname_github_app %}, which uses fine-grained permissions and short lived tokens, similar to a {% data variables.product.pat_v2 %}. Unlike a {% data variables.product.pat_generic %}, a {% data variables.product.prodname_github_app %} is not tied to a user, so the workflow will continue to work even if the user who installed the app leaves your organization. For more information, see [AUTOTITLE](/apps/creating-github-apps/authenticating-with-a-github-app/making-authenticated-api-requests-with-a-github-app-in-a-github-actions-workflow). ## Automatically redacted secrets {% data variables.product.prodname_actions %} automatically redacts the contents of all {% data variables.product.prodname_dotcom %} secrets that are printed to workflow logs. -{% data variables.product.prodname_actions %} also redacts information that is recognized as sensitive, but is not stored as a secret. For a list of automatically redacted secrets, see [AUTOTITLE](/actions/reference/secrets-reference#automatically-redacted-secrets). +{% data variables.product.prodname_actions %} also redacts information that is recognized as sensitive, but is not stored as a secret. For a list of automatically redacted secrets, see [AUTOTITLE](/actions/reference/security/secrets#automatically-redacted-secrets). -Because there are multiple ways a secret value can be transformed, this redaction is not guaranteed. Additionally, the runner can only redact secrets used within the current job. As a result, there are certain security proactive steps you should follow to help ensure secrets are redacted, and to limit other risks associated with secrets. For a reference list of security best practices with secrets, see [AUTOTITLE](/actions/reference/secrets-reference#security-best-practices). +Because there are multiple ways a secret value can be transformed, this redaction is not guaranteed. Additionally, the runner can only redact secrets used within the current job. As a result, there are certain security proactive steps you should follow to help ensure secrets are redacted, and to limit other risks associated with secrets. For a reference list of security best practices with secrets, see [AUTOTITLE](/actions/reference/security/secrets#security-best-practices). ## Further reading -* [AUTOTITLE](/actions/security-for-github-actions/security-guides/using-secrets-in-github-actions) +* [AUTOTITLE](/actions/how-tos/write-workflows/choose-what-workflows-do/use-secrets) * [AUTOTITLE](/rest/actions/secrets) diff --git a/content/actions/concepts/workflows-and-actions/concurrency.md b/content/actions/concepts/workflows-and-actions/concurrency.md index c375a5286ea6..2830d5666110 100644 --- a/content/actions/concepts/workflows-and-actions/concurrency.md +++ b/content/actions/concepts/workflows-and-actions/concurrency.md @@ -20,4 +20,4 @@ When you limit concurrency, by default only one run can be pending in a concurre {% endif %} -To start controlling concurrency in your own workflows with the `concurrency` keyword, see [AUTOTITLE](/actions/how-tos/writing-workflows/choosing-when-your-workflow-runs/control-the-concurrency-of-workflows-and-jobs). +To start controlling concurrency in your own workflows with the `concurrency` keyword, see [AUTOTITLE](/actions/how-tos/write-workflows/choose-when-workflows-run/control-workflow-concurrency). diff --git a/content/actions/concepts/workflows-and-actions/contexts.md b/content/actions/concepts/workflows-and-actions/contexts.md index 564c0c239025..7e30f1904028 100644 --- a/content/actions/concepts/workflows-and-actions/contexts.md +++ b/content/actions/concepts/workflows-and-actions/contexts.md @@ -14,9 +14,9 @@ category: {% data reusables.actions.actions-contexts-about-description %} Each context is an object that contains properties, which can be strings or other objects. -{% data reusables.actions.context-contents %} For example, the `matrix` context is only populated for jobs in a [matrix](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstrategymatrix). +{% data reusables.actions.context-contents %} For example, the `matrix` context is only populated for jobs in a [matrix](/actions/reference/workflows-and-actions/workflow-syntax#jobsjob_idstrategymatrix). -You can access contexts using the expression syntax. For more information, see [AUTOTITLE](/actions/learn-github-actions/expressions). +You can access contexts using the expression syntax. For more information, see [AUTOTITLE](/actions/reference/workflows-and-actions/expressions). {% raw %} `${{ }}` @@ -28,8 +28,8 @@ You can access contexts using the expression syntax. For more information, see [ {% data variables.product.prodname_actions %} includes a collection of variables called _contexts_ and a similar collection of variables called _default variables_. These variables are intended for use at different points in the workflow: -* **Default environment variables:** These environment variables exist only on the runner that is executing your job. For more information, see [AUTOTITLE](/actions/learn-github-actions/variables#default-environment-variables). -* **Contexts:** You can use most contexts at any point in your workflow, including when _default variables_ would be unavailable. For example, you can use contexts with expressions to perform initial processing before the job is routed to a runner for execution; this allows you to use a context with the conditional `if` keyword to determine whether a step should run. Once the job is running, you can also retrieve context variables from the runner that is executing the job, such as `runner.os`. For details of where you can use various contexts within a workflow, see [AUTOTITLE](/actions/reference/accessing-contextual-information-about-workflow-runs#context-availability). +* **Default environment variables:** These environment variables exist only on the runner that is executing your job. For more information, see [AUTOTITLE](/actions/how-tos/write-workflows/choose-what-workflows-do/use-variables). +* **Contexts:** You can use most contexts at any point in your workflow, including when _default variables_ would be unavailable. For example, you can use contexts with expressions to perform initial processing before the job is routed to a runner for execution; this allows you to use a context with the conditional `if` keyword to determine whether a step should run. Once the job is running, you can also retrieve context variables from the runner that is executing the job, such as `runner.os`. For details of where you can use various contexts within a workflow, see [AUTOTITLE](/actions/reference/workflows-and-actions/contexts#context-availability). The following example demonstrates how these different types of variables can be used together in a job: @@ -48,4 +48,4 @@ jobs: {% endraw %} -In this example, the `if` statement checks the [`github.ref`](/actions/learn-github-actions/contexts#github-context) context to determine the current branch name; if the name is `refs/heads/main`, then the subsequent steps are executed. The `if` check is processed by {% data variables.product.prodname_actions %}, and the job is only sent to the runner if the result is `true`. Once the job is sent to the runner, the step is executed and refers to the [`$GITHUB_REF`](/actions/learn-github-actions/variables#default-environment-variables) variable from the runner. +In this example, the `if` statement checks the [`github.ref`](/actions/reference/workflows-and-actions/contexts#github-context) context to determine the current branch name; if the name is `refs/heads/main`, then the subsequent steps are executed. The `if` check is processed by {% data variables.product.prodname_actions %}, and the job is only sent to the runner if the result is `true`. Once the job is sent to the runner, the step is executed and refers to the [`$GITHUB_REF`](/actions/how-tos/write-workflows/choose-what-workflows-do/use-variables#default-environment-variables) variable from the runner. diff --git a/content/actions/concepts/workflows-and-actions/custom-actions.md b/content/actions/concepts/workflows-and-actions/custom-actions.md index 6ff2f93b0dbe..90cb91e879b6 100644 --- a/content/actions/concepts/workflows-and-actions/custom-actions.md +++ b/content/actions/concepts/workflows-and-actions/custom-actions.md @@ -64,8 +64,8 @@ If you're developing a Node.js project, the {% data variables.product.prodname_a ### Composite Actions -A _composite_ action allows you to combine multiple workflow steps within one action. For example, you can use this feature to bundle together multiple run commands into an action, and then have a workflow that executes the bundled commands as a single step using that action. To see an example, check out [AUTOTITLE](/actions/creating-actions/creating-a-composite-action). +A _composite_ action allows you to combine multiple workflow steps within one action. For example, you can use this feature to bundle together multiple run commands into an action, and then have a workflow that executes the bundled commands as a single step using that action. To see an example, check out [AUTOTITLE](/actions/tutorials/create-actions/create-a-composite-action). ## Next steps -To learn about how to manage your custom actions, see [AUTOTITLE](/actions/how-tos/administering-github-actions/managing-custom-actions). +To learn about how to manage your custom actions, see [AUTOTITLE](/actions/how-tos/create-and-publish-actions/manage-custom-actions). diff --git a/content/actions/concepts/workflows-and-actions/dependency-caching.md b/content/actions/concepts/workflows-and-actions/dependency-caching.md index cea6d3c7659a..6a51f5ce17d0 100644 --- a/content/actions/concepts/workflows-and-actions/dependency-caching.md +++ b/content/actions/concepts/workflows-and-actions/dependency-caching.md @@ -25,7 +25,7 @@ Workflow runs often reuse the same outputs or downloaded dependencies from one r {% data reusables.actions.comparing-artifacts-caching %} -For more information on workflow run artifacts, see [AUTOTITLE](/actions/using-workflows/storing-workflow-data-as-artifacts). +For more information on workflow run artifacts, see [AUTOTITLE](/actions/tutorials/store-and-share-data). ## Cache security @@ -33,8 +33,8 @@ Caches are shared based on the branch or tag a workflow run uses, not on the ide Untrusted workflows can read sensitive cache contents, such as when a `pull_request` from a fork restores a cache. Poisoned caches can lead to code execution in trusted workflows. To limit the risk of cache poisoning, {% data variables.product.github %} gives workflows that run in response to low-trust triggers read-only access to caches in the default branch's scope. -For details on cache scope, access restrictions, and best practices for using caches securely, see [AUTOTITLE](/actions/reference/dependency-caching-reference#cache-access-for-low-trust-workflow-triggers). +For details on cache scope, access restrictions, and best practices for using caches securely, see [AUTOTITLE](/actions/reference/workflows-and-actions/dependency-caching#cache-access-for-low-trust-workflow-triggers). ## Next steps -To implement dependency caching in your workflows, see [AUTOTITLE](/actions/reference/dependency-caching-reference). +To implement dependency caching in your workflows, see [AUTOTITLE](/actions/reference/workflows-and-actions/dependency-caching). diff --git a/content/actions/concepts/workflows-and-actions/deployment-environments.md b/content/actions/concepts/workflows-and-actions/deployment-environments.md index e68041a960f2..d1c5d17af246 100644 --- a/content/actions/concepts/workflows-and-actions/deployment-environments.md +++ b/content/actions/concepts/workflows-and-actions/deployment-environments.md @@ -14,4 +14,4 @@ category: Each job in a workflow can reference a single environment. Any protection rules configured for the environment must pass before a job referencing the environment is sent to a runner. The job can access the environment's secrets only after the job is sent to a runner. -When a workflow references an environment, the environment will appear in the repository's deployments. For more information about viewing current and previous deployments, see [AUTOTITLE](/actions/deployment/managing-your-deployments/viewing-deployment-history). +When a workflow references an environment, the environment will appear in the repository's deployments. For more information about viewing current and previous deployments, see [AUTOTITLE](/actions/how-tos/deploy/configure-and-manage-deployments/view-deployment-history). diff --git a/content/actions/concepts/workflows-and-actions/expressions.md b/content/actions/concepts/workflows-and-actions/expressions.md index d7a1fe9b6f02..07f2a8c6d66f 100644 --- a/content/actions/concepts/workflows-and-actions/expressions.md +++ b/content/actions/concepts/workflows-and-actions/expressions.md @@ -12,7 +12,7 @@ category: ## About expressions -You can use expressions to programmatically set environment variables in workflow files and access contexts. An expression can be any combination of literal values, references to a context, or functions. You can combine literals, context references, and functions using operators. For more information about contexts, see [AUTOTITLE](/actions/learn-github-actions/contexts). +You can use expressions to programmatically set environment variables in workflow files and access contexts. An expression can be any combination of literal values, references to a context, or functions. You can combine literals, context references, and functions using operators. For more information about contexts, see [AUTOTITLE](/actions/reference/workflows-and-actions/contexts). Expressions are commonly used with the conditional `if` keyword in a workflow file to determine whether a step should run. When an `if` conditional is `true`, the step will run. @@ -23,7 +23,7 @@ Expressions are commonly used with the conditional `if` keyword in a workflow fi {% endraw %} > [!NOTE] -> The exception to this rule is when you are using expressions in an `if` clause, where, optionally, you can usually omit {% raw %}`${{`{% endraw %} and {% raw %}`}}`{% endraw %}. For more information about `if` conditionals, see [AUTOTITLE](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idif). +> The exception to this rule is when you are using expressions in an `if` clause, where, optionally, you can usually omit {% raw %}`${{`{% endraw %} and {% raw %}`}}`{% endraw %}. For more information about `if` conditionals, see [AUTOTITLE](/actions/reference/workflows-and-actions/workflow-syntax#jobsjob_idif). {% data reusables.actions.context-injection-warning %} @@ -40,4 +40,4 @@ env: ## Further reading -For technical reference information about expressions you can use in workflows and actions, see [AUTOTITLE](/actions/reference/evaluate-expressions-in-workflows-and-actions). +For technical reference information about expressions you can use in workflows and actions, see [AUTOTITLE](/actions/reference/workflows-and-actions/expressions). diff --git a/content/actions/concepts/workflows-and-actions/notifications-for-workflow-runs.md b/content/actions/concepts/workflows-and-actions/notifications-for-workflow-runs.md index 73bfa68f50d4..d19b8eeaa77a 100644 --- a/content/actions/concepts/workflows-and-actions/notifications-for-workflow-runs.md +++ b/content/actions/concepts/workflows-and-actions/notifications-for-workflow-runs.md @@ -13,10 +13,10 @@ category: contentType: concepts --- -If you enable email or web notifications for {% data variables.product.prodname_actions %}, you'll receive a notification when any workflow runs that you've triggered have completed. The notification will include the workflow run's status (including successful, failed, neutral, and canceled runs). You can also choose to receive a notification only when a workflow run has failed. For more information about enabling or disabling notifications, see [AUTOTITLE](/account-and-profile/managing-subscriptions-and-notifications-on-github/setting-up-notifications/about-notifications). +If you enable email or web notifications for {% data variables.product.prodname_actions %}, you'll receive a notification when any workflow runs that you've triggered have completed. The notification will include the workflow run's status (including successful, failed, neutral, and canceled runs). You can also choose to receive a notification only when a workflow run has failed. For more information about enabling or disabling notifications, see [AUTOTITLE](/subscriptions-and-notifications/concepts/about-notifications). Notifications for scheduled workflows are sent to the user who initially created the workflow. * If a different user updates the cron syntax, in the `schedule` event in the workflow file, subsequent notifications will be sent to that user instead. * If a scheduled workflow is disabled and then re-enabled, notifications will be sent to the user who re-enabled the workflow rather than the user who last modified the cron syntax. -You can also see the status of workflow runs on a repository's Actions tab. For more information, see [AUTOTITLE](/actions/managing-workflow-runs). +You can also see the status of workflow runs on a repository's Actions tab. For more information, see [AUTOTITLE](/actions/how-tos/manage-workflow-runs). diff --git a/content/actions/concepts/workflows-and-actions/reusing-workflow-configurations.md b/content/actions/concepts/workflows-and-actions/reusing-workflow-configurations.md index 7e32d16f2348..264b5632c4a7 100644 --- a/content/actions/concepts/workflows-and-actions/reusing-workflow-configurations.md +++ b/content/actions/concepts/workflows-and-actions/reusing-workflow-configurations.md @@ -36,7 +36,7 @@ A workflow that uses another workflow is referred to as a "caller" workflow. The If you reuse a workflow from a different repository, any actions in the called workflow run as if they were part of the caller workflow. For example, if the called workflow uses `actions/checkout`, the action checks out the contents of the repository that hosts the caller workflow, not the called workflow. -You can view the reused workflows referenced in your {% data variables.product.prodname_actions %} workflows as dependencies in the dependency graph of the repository containing your workflows. For more information, see “[About the dependency graph](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph).” +You can view the reused workflows referenced in your {% data variables.product.prodname_actions %} workflows as dependencies in the dependency graph of the repository containing your workflows. For more information, see “[About the dependency graph](/code-security/concepts/supply-chain-security/dependency-graph).” ### Reusable workflows versus composite actions @@ -67,7 +67,7 @@ Let's compare some aspects of each solution: Workflow templates allow everyone in your organization who has permission to create workflows to do so more quickly and easily. When people create a new workflow, they can choose a workflow template and some or all of the work of writing the workflow will be done for them. Within a workflow template, you can also reference reusable workflows to make it easy for people to benefit from reusing centrally managed workflow code. -If you use a commit SHA when referencing the reusable workflow, you can ensure that everyone who reuses that workflow will always be using the same YAML code. However, if you reference a reusable workflow by a tag or branch, be sure that you can trust that version of the workflow. For more information, see [AUTOTITLE](/actions/security-guides/security-hardening-for-github-actions#reusing-third-party-workflows). +If you use a commit SHA when referencing the reusable workflow, you can ensure that everyone who reuses that workflow will always be using the same YAML code. However, if you reference a reusable workflow by a tag or branch, be sure that you can trust that version of the workflow. For more information, see [AUTOTITLE](/actions/reference/security/secure-use#reusing-third-party-workflows). {% data variables.product.github %} offers workflow templates for a variety of languages and tooling. When you set up workflows in your repository, {% data variables.product.github %} analyzes the code in your repository and recommends workflows based on the language and framework in your repository. For example, if you use Node.js, {% data variables.product.github %} will suggest a workflow template file that installs your Node.js packages and runs your tests. You can search and filter to find relevant workflow templates. @@ -75,7 +75,7 @@ If you use a commit SHA when referencing the reusable workflow, you can ensure t {% data reusables.actions.workflow-templates-repo-link %} -For more information, see [AUTOTITLE](/actions/using-workflows/creating-starter-workflows-for-your-organization). +For more information, see [AUTOTITLE](/actions/how-tos/reuse-automations/create-workflow-templates). {% ifversion fpt or ghec %} @@ -89,6 +89,6 @@ For reference information and examples, see [AUTOTITLE](/actions/reference/workf ## Next steps -To start reusing your workflows, see [AUTOTITLE](/actions/how-tos/sharing-automations/reuse-workflows). +To start reusing your workflows, see [AUTOTITLE](/actions/how-tos/reuse-automations/reuse-workflows). -To find information on the intricacies of reusing workflows, see [AUTOTITLE](/actions/reference/reusable-workflows-reference). +To find information on the intricacies of reusing workflows, see [AUTOTITLE](/actions/reference/workflows-and-actions/reusing-workflow-configurations). diff --git a/content/actions/concepts/workflows-and-actions/variables.md b/content/actions/concepts/workflows-and-actions/variables.md index 57eec8ab176c..efd210e56400 100644 --- a/content/actions/concepts/workflows-and-actions/variables.md +++ b/content/actions/concepts/workflows-and-actions/variables.md @@ -18,10 +18,10 @@ You can set your own custom variables or use the default environment variables t You can set a custom variable in two ways. -* To define an environment variable for use in a single workflow, you can use the `env` key in the workflow file. For more information, see [Defining environment variables for a single workflow](/actions/how-tos/writing-workflows/choosing-what-your-workflow-does/store-information-in-variables#defining-environment-variables-for-a-single-workflow). -* To define a configuration variable across multiple workflows, you can define it at the organization, repository, or environment level. When creating a variable in an organization, you can use a policy to limit access by repository. For example, you can grant access to all repositories, or limit access to only private repositories or a specified list of repositories. For more information, see [Defining configuration variables for multiple workflows](/actions/how-tos/writing-workflows/choosing-what-your-workflow-does/store-information-in-variables#defining-configuration-variables-for-multiple-workflows). +* To define an environment variable for use in a single workflow, you can use the `env` key in the workflow file. For more information, see [Defining environment variables for a single workflow](/actions/how-tos/write-workflows/choose-what-workflows-do/use-variables#defining-environment-variables-for-a-single-workflow). +* To define a configuration variable across multiple workflows, you can define it at the organization, repository, or environment level. When creating a variable in an organization, you can use a policy to limit access by repository. For example, you can grant access to all repositories, or limit access to only private repositories or a specified list of repositories. For more information, see [Defining configuration variables for multiple workflows](/actions/how-tos/write-workflows/choose-what-workflows-do/use-variables#defining-configuration-variables-for-multiple-workflows). > [!WARNING] -> By default, variables render unmasked in your build outputs. If you need greater security for sensitive information, such as passwords, use secrets instead. For more information, see [AUTOTITLE](/actions/security-for-github-actions/security-guides/about-secrets). +> By default, variables render unmasked in your build outputs. If you need greater security for sensitive information, such as passwords, use secrets instead. For more information, see [AUTOTITLE](/actions/concepts/security/secrets). -For reference documentation, see [AUTOTITLE](/actions/reference/variables-reference). +For reference documentation, see [AUTOTITLE](/actions/reference/workflows-and-actions/variables). diff --git a/content/actions/concepts/workflows-and-actions/workflow-artifacts.md b/content/actions/concepts/workflows-and-actions/workflow-artifacts.md index d093e4dd8215..ec18bc9d21e2 100644 --- a/content/actions/concepts/workflows-and-actions/workflow-artifacts.md +++ b/content/actions/concepts/workflows-and-actions/workflow-artifacts.md @@ -25,7 +25,7 @@ Common artifacts include: {% data reusables.actions.comparing-artifacts-caching %} -For more information on dependency caching, see [AUTOTITLE](/actions/using-workflows/caching-dependencies-to-speed-up-workflows#comparing-artifacts-and-dependency-caching). +For more information on dependency caching, see [AUTOTITLE](/actions/reference/workflows-and-actions/dependency-caching#comparing-artifacts-and-dependency-caching). {% ifversion artifact-attestations %} @@ -35,7 +35,7 @@ For more information on dependency caching, see [AUTOTITLE](/actions/using-workf You can access attestations after a build run, underneath the list of the artifacts the build produced. -For more information, see [AUTOTITLE](/actions/security-guides/using-artifact-attestations-to-establish-provenance-for-builds). +For more information, see [AUTOTITLE](/actions/how-tos/secure-your-work/use-artifact-attestations/use-artifact-attestations). {% endif %} diff --git a/content/actions/concepts/workflows-and-actions/workflows.md b/content/actions/concepts/workflows-and-actions/workflows.md index 11782395e9a1..4de87397817a 100644 --- a/content/actions/concepts/workflows-and-actions/workflows.md +++ b/content/actions/concepts/workflows-and-actions/workflows.md @@ -31,7 +31,7 @@ A workflow must contain the following basic components: 1. One or more _jobs_, each of which will execute on a _runner_ machine and run a series of one or more _steps_. 1. Each step can either run a script that you define or run an action, which is a reusable extension that can simplify your workflow. -For more information on these basic components, see [AUTOTITLE](/actions/learn-github-actions/understanding-github-actions#the-components-of-github-actions). +For more information on these basic components, see [AUTOTITLE](/actions/get-started/understand-github-actions#the-components-of-github-actions). ![Diagram of an event triggering Runner 1 to run Job 1, which triggers Runner 2 to run Job 2. Each of the jobs is broken into multiple steps.](/assets/images/help/actions/overview-actions-simple.png) @@ -39,8 +39,8 @@ For more information on these basic components, see [AUTOTITLE](/actions/learn-g {% data reusables.actions.about-triggers %} -For more information, see [AUTOTITLE](/actions/using-workflows/triggering-a-workflow). +For more information, see [AUTOTITLE](/actions/how-tos/write-workflows/choose-when-workflows-run/trigger-a-workflow). ## Next steps -To build your first workflow, see [AUTOTITLE](/actions/tutorials/creating-an-example-workflow). +To build your first workflow, see [AUTOTITLE](/actions/tutorials/create-an-example-workflow). diff --git a/content/actions/get-started/continuous-deployment.md b/content/actions/get-started/continuous-deployment.md index 650e14f8e3b6..8bd59e8dffd3 100644 --- a/content/actions/get-started/continuous-deployment.md +++ b/content/actions/get-started/continuous-deployment.md @@ -24,15 +24,15 @@ category: _Continuous deployment_ (CD) is the practice of using automation to publish and deploy software updates. As part of the typical CD process, the code is automatically built and tested before deployment. -Continuous deployment is often coupled with continuous integration. For more information about continuous integration, see [AUTOTITLE](/actions/automating-builds-and-tests/about-continuous-integration). +Continuous deployment is often coupled with continuous integration. For more information about continuous integration, see [AUTOTITLE](/actions/get-started/continuous-integration). ## About continuous deployment using {% data variables.product.prodname_actions %} You can set up a {% data variables.product.prodname_actions %} workflow to deploy your software product. To verify that your product works as expected, your workflow can build the code in your repository and run your tests before deploying. -You can configure your CD workflow to run when an event occurs (for example, when new code is pushed to the default branch of your repository), on a set schedule, manually, or when an external event occurs using the repository dispatch webhook. For more information about when your workflow can run, see [AUTOTITLE](/actions/using-workflows/events-that-trigger-workflows). +You can configure your CD workflow to run when an event occurs (for example, when new code is pushed to the default branch of your repository), on a set schedule, manually, or when an external event occurs using the repository dispatch webhook. For more information about when your workflow can run, see [AUTOTITLE](/actions/reference/workflows-and-actions/events-that-trigger-workflows). -{% data variables.product.prodname_actions %} provides features that give you more control over deployments. For example, you can use environments to require approval for a job to proceed, restrict which branches can trigger a workflow, or limit access to secrets. You can use concurrency to limit your CD pipeline to a maximum of one in-progress deployment{% ifversion actions-nga %}{% else %} and one pending deployment{% endif %}. For more information about these features, see [AUTOTITLE](/actions/deployment/about-deployments/deploying-with-github-actions) and [AUTOTITLE](/actions/deployment/targeting-different-environments/managing-environments-for-deployment). +{% data variables.product.prodname_actions %} provides features that give you more control over deployments. For example, you can use environments to require approval for a job to proceed, restrict which branches can trigger a workflow, or limit access to secrets. You can use concurrency to limit your CD pipeline to a maximum of one in-progress deployment{% ifversion actions-nga %}{% else %} and one pending deployment{% endif %}. For more information about these features, see [AUTOTITLE](/actions/how-tos/deploy/configure-and-manage-deployments/control-deployments) and [AUTOTITLE](/actions/how-tos/deploy/configure-and-manage-deployments/manage-environments). ## Workflow templates and third-party actions @@ -40,4 +40,4 @@ You can configure your CD workflow to run when an event occurs (for example, whe ## Next steps -If your {% data variables.product.prodname_actions %} workflows need to access resources from a cloud provider that supports OpenID Connect (OIDC), you can configure your workflows to authenticate directly to the cloud provider. This will let you stop storing these credentials as long-lived secrets and provide other security benefits. For more information, see [AUTOTITLE](/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect). +If your {% data variables.product.prodname_actions %} workflows need to access resources from a cloud provider that supports OpenID Connect (OIDC), you can configure your workflows to authenticate directly to the cloud provider. This will let you stop storing these credentials as long-lived secrets and provide other security benefits. For more information, see [AUTOTITLE](/actions/concepts/security/openid-connect). diff --git a/content/actions/get-started/continuous-integration.md b/content/actions/get-started/continuous-integration.md index 4f9a8d9a6d46..3acc5b4809bc 100644 --- a/content/actions/get-started/continuous-integration.md +++ b/content/actions/get-started/continuous-integration.md @@ -33,7 +33,7 @@ Building and testing your code requires a server. You can build and test updates ## About continuous integration using {% data variables.product.prodname_actions %} - CI using {% data variables.product.prodname_actions %} offers workflows that can build the code in your repository and run your tests. Workflows can run on {% data variables.product.prodname_dotcom %}-hosted virtual machines, or on machines that you host yourself. For more information, see [AUTOTITLE](/actions/using-github-hosted-runners/about-github-hosted-runners) and [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners/about-self-hosted-runners). + CI using {% data variables.product.prodname_actions %} offers workflows that can build the code in your repository and run your tests. Workflows can run on {% data variables.product.prodname_dotcom %}-hosted virtual machines, or on machines that you host yourself. For more information, see [AUTOTITLE](/actions/concepts/runners/github-hosted-runners) and [AUTOTITLE](/actions/concepts/runners/self-hosted-runners). You can configure your CI workflow to run when a {% data variables.product.prodname_dotcom %} event occurs (for example, when new code is pushed to your repository), on a set schedule, or when an external event occurs using the repository dispatch webhook. @@ -41,10 +41,10 @@ You can configure your CI workflow to run when a {% data variables.product.prodn When you set up CI in your repository, {% data variables.product.github %} analyzes the code in your repository and recommends CI workflows based on the language and framework in your repository. For example, if you use [Node.js](https://nodejs.org/en/), {% data variables.product.github %} will suggest a workflow template that installs your Node.js packages and runs your tests. You can use the CI workflow template suggested by {% data variables.product.github %}, customize the suggested workflow template, or create your own custom workflow file to run your CI tests. -In addition to helping you set up CI workflows for your project, you can use {% data variables.product.prodname_actions %} to create workflows across the full software development life cycle. For example, you can use actions to deploy, package, or release your project. For more information, see [AUTOTITLE](/actions/learn-github-actions). +In addition to helping you set up CI workflows for your project, you can use {% data variables.product.prodname_actions %} to create workflows across the full software development life cycle. For example, you can use actions to deploy, package, or release your project. For more information, see [AUTOTITLE](/actions/how-tos/write-workflows). -For a definition of common terms, see [AUTOTITLE](/actions/learn-github-actions/understanding-github-actions). +For a definition of common terms, see [AUTOTITLE](/actions/get-started/understand-github-actions). ## Next steps -{% data variables.product.github %} offers CI workflow templates for a variety of languages and frameworks. For tutorials on setting up continuous integration with these templates, see [AUTOTITLE](/actions/use-cases-and-examples/building-and-testing). +{% data variables.product.github %} offers CI workflow templates for a variety of languages and frameworks. For tutorials on setting up continuous integration with these templates, see [AUTOTITLE](/actions/tutorials/build-and-test-code). diff --git a/content/actions/get-started/quickstart.md b/content/actions/get-started/quickstart.md index 256b8dfe6a0a..649311969336 100644 --- a/content/actions/get-started/quickstart.md +++ b/content/actions/get-started/quickstart.md @@ -27,7 +27,7 @@ This quickstart guide shows you how to use the user interface of {% data variabl {% data reusables.actions.workflow-templates-for-more-information %} -For an overview of {% data variables.product.prodname_actions %} workflows, see [AUTOTITLE](/actions/using-workflows/about-workflows). If you want to learn about the various components that make up {% data variables.product.prodname_actions %}, see [AUTOTITLE](/actions/learn-github-actions/understanding-github-actions). +For an overview of {% data variables.product.prodname_actions %} workflows, see [AUTOTITLE](/actions/concepts/workflows-and-actions/workflows). If you want to learn about the various components that make up {% data variables.product.prodname_actions %}, see [AUTOTITLE](/actions/get-started/understand-github-actions). ## Using workflow templates @@ -78,7 +78,7 @@ This guide assumes that: - run: echo "🍏 This job's status is {% raw %}${{ job.status }}{% endraw %}." ``` - At this stage you don't need to understand the details of this workflow. For now, you can just copy and paste the contents into the file. After completing this quickstart guide, you can learn about the syntax of workflow files in [AUTOTITLE](/actions/using-workflows/about-workflows#understanding-the-workflow-file), and for an explanation of {% data variables.product.prodname_actions %} contexts, such as `{% raw %}${{ github.actor }}{% endraw %}` and `{% raw %}${{ github.event_name }}{% endraw %}`, see [AUTOTITLE](/actions/learn-github-actions/contexts). + At this stage you don't need to understand the details of this workflow. For now, you can just copy and paste the contents into the file. After completing this quickstart guide, you can learn about the syntax of workflow files in [AUTOTITLE](/actions/concepts/workflows-and-actions/workflows), and for an explanation of {% data variables.product.prodname_actions %} contexts, such as `{% raw %}${{ github.actor }}{% endraw %}` and `{% raw %}${{ github.event_name }}{% endraw %}`, see [AUTOTITLE](/actions/reference/workflows-and-actions/contexts). 1. Click **Commit changes**. 1. In the "Propose changes" dialog, select either the option to commit to the default branch or the option to create a new branch and start a pull request. Then click **Commit changes** or **Propose changes**. @@ -110,7 +110,7 @@ If you chose to start a pull request, you can continue and create the pull reque ![Screenshot of the "List files in the repository" step expanded to show the log output. The output for the step is highlighted with an orange outline.](/assets/images/help/repository/actions-quickstart-log-detail.png) -The example workflow you just added is triggered each time code is pushed to the branch, and shows you how {% data variables.product.prodname_actions %} can work with the contents of your repository. For an in-depth tutorial, see [AUTOTITLE](/actions/learn-github-actions/understanding-github-actions). +The example workflow you just added is triggered each time code is pushed to the branch, and shows you how {% data variables.product.prodname_actions %} can work with the contents of your repository. For an in-depth tutorial, see [AUTOTITLE](/actions/get-started/understand-github-actions). ## Next steps diff --git a/content/actions/get-started/understand-github-actions.md b/content/actions/get-started/understand-github-actions.md index 1c2b9e6bb539..badf3b244bed 100644 --- a/content/actions/get-started/understand-github-actions.md +++ b/content/actions/get-started/understand-github-actions.md @@ -43,7 +43,7 @@ You must host your own Linux, Windows, or macOS virtual machines to run workflow {% ifversion ghec or ghes %} -For more information about introducing {% data variables.product.prodname_actions %} to your enterprise, see [AUTOTITLE](/admin/github-actions/getting-started-with-github-actions-for-your-enterprise/introducing-github-actions-to-your-enterprise). +For more information about introducing {% data variables.product.prodname_actions %} to your enterprise, see [AUTOTITLE](/admin/managing-github-actions-for-your-enterprise/getting-started-with-github-actions-for-your-enterprise/introducing-github-actions-to-your-enterprise). {% endif %} @@ -57,15 +57,15 @@ You can configure a {% data variables.product.prodname_actions %} **workflow** t {% data reusables.actions.about-workflows-long %} -You can reference a workflow within another workflow. For more information, see [AUTOTITLE](/actions/using-workflows/reusing-workflows). +You can reference a workflow within another workflow. For more information, see [AUTOTITLE](/actions/how-tos/reuse-automations/reuse-workflows). -For more information, see [AUTOTITLE](/actions/using-workflows). +For more information, see [AUTOTITLE](/actions/how-tos/write-workflows). ### Events -An **event** is a specific activity in a repository that triggers a **workflow** run. For example, an activity can originate from {% data variables.product.prodname_dotcom %} when someone creates a pull request, opens an issue, or pushes a commit to a repository. You can also trigger a workflow to run on a [schedule](/actions/using-workflows/events-that-trigger-workflows#schedule), by [posting to a REST API](/rest/repos/repos#create-a-repository-dispatch-event), or manually. +An **event** is a specific activity in a repository that triggers a **workflow** run. For example, an activity can originate from {% data variables.product.prodname_dotcom %} when someone creates a pull request, opens an issue, or pushes a commit to a repository. You can also trigger a workflow to run on a [schedule](/actions/reference/workflows-and-actions/events-that-trigger-workflows#schedule), by [posting to a REST API](/rest/repos/repos#create-a-repository-dispatch-event), or manually. -For a complete list of events that can be used to trigger workflows, see [Events that trigger workflows](/actions/using-workflows/events-that-trigger-workflows). +For a complete list of events that can be used to trigger workflows, see [Events that trigger workflows](/actions/reference/workflows-and-actions/events-that-trigger-workflows). ### Jobs @@ -81,7 +81,7 @@ You can also use a **matrix** to run the same job multiple times, each with a di For example, you might configure multiple build jobs for different architectures without any job dependencies and a packaging job that depends on those builds. The build jobs run in parallel, and once they complete successfully, the packaging job runs. -For more information, see [AUTOTITLE](/actions/using-jobs). +For more information, see [AUTOTITLE](/actions/how-tos/write-workflows/choose-what-workflows-do). ### Actions @@ -95,7 +95,7 @@ You can write your own actions, or you can find actions to use in your workflows {% data reusables.actions.internal-actions-summary %} -For more information on actions, see [AUTOTITLE](/actions/creating-actions). +For more information on actions, see [AUTOTITLE](/actions/how-tos/reuse-automations). ### Runners @@ -103,12 +103,12 @@ A **runner** is a server that runs your workflows when they're triggered. Each r {% ifversion ghes %} You must host your own runners for {% data variables.product.prodname_ghe_server %}. {% elsif fpt or ghec %}{% data variables.product.company_short %} provides Ubuntu Linux, Microsoft Windows, and macOS runners to run your **workflows**. Each workflow run executes in a fresh, newly-provisioned virtual machine. -{% ifversion actions-hosted-runners %} {% data variables.product.prodname_dotcom %} also offers {% data variables.actions.hosted_runner %}s, which are available in larger configurations. For more information, see [AUTOTITLE](/actions/using-github-hosted-runners/using-larger-runners). +{% ifversion actions-hosted-runners %} {% data variables.product.prodname_dotcom %} also offers {% data variables.actions.hosted_runner %}s, which are available in larger configurations. For more information, see [AUTOTITLE](/actions/how-tos/manage-runners/larger-runners). {% endif %} If you need a different operating system or require a specific hardware configuration, you can host your own runners. {% endif %} -For more information{% ifversion fpt or ghec %} about self-hosted runners{% endif %}, see [AUTOTITLE](/actions/how-tos/managing-self-hosted-runners). +For more information{% ifversion fpt or ghec %} about self-hosted runners{% endif %}, see [AUTOTITLE](/actions/how-tos/manage-runners/self-hosted-runners). ## Next steps @@ -118,5 +118,5 @@ For more information{% ifversion fpt or ghec %} about self-hosted runners{% endi ## Further reading -* [AUTOTITLE](/admin/github-actions/getting-started-with-github-actions-for-your-enterprise/about-github-actions-for-enterprises) +* [AUTOTITLE](/admin/managing-github-actions-for-your-enterprise/getting-started-with-github-actions-for-your-enterprise/about-github-actions-for-enterprises) {% endif %} diff --git a/content/actions/how-tos/create-and-publish-actions/create-a-cli-action.md b/content/actions/how-tos/create-and-publish-actions/create-a-cli-action.md index 183764390295..2fbdc0356fc1 100644 --- a/content/actions/how-tos/create-and-publish-actions/create-a-cli-action.md +++ b/content/actions/how-tos/create-and-publish-actions/create-a-cli-action.md @@ -31,7 +31,7 @@ This article will demonstrate how to write an action that retrieves a specific v ## Prerequisites -You should have an understanding of how to write a custom action. For more information, see [AUTOTITLE](/actions/how-tos/creating-and-publishing-actions/managing-custom-actions). +You should have an understanding of how to write a custom action. For more information, see [AUTOTITLE](/actions/how-tos/create-and-publish-actions/manage-custom-actions). ## Example @@ -64,7 +64,7 @@ module.exports = setup {% endraw %} -To use this script, replace `getDownloadURL` with a function that downloads your CLI. You will also need to create an actions metadata file (`action.yml`) that accepts a `version` input and that runs this script. For full details about how to create an action, see [AUTOTITLE](/actions/creating-actions/creating-a-javascript-action). +To use this script, replace `getDownloadURL` with a function that downloads your CLI. You will also need to create an actions metadata file (`action.yml`) that accepts a `version` input and that runs this script. For full details about how to create an action, see [AUTOTITLE](/actions/tutorials/create-actions/create-a-javascript-action). ## Further reading diff --git a/content/actions/how-tos/create-and-publish-actions/manage-custom-actions.md b/content/actions/how-tos/create-and-publish-actions/manage-custom-actions.md index 1c512f175aad..f3c382ee709d 100644 --- a/content/actions/how-tos/create-and-publish-actions/manage-custom-actions.md +++ b/content/actions/how-tos/create-and-publish-actions/manage-custom-actions.md @@ -32,7 +32,7 @@ Many people access {% data variables.product.github %} at a domain other than {% To ensure that your action is compatible with other platforms, do not use any hard-coded references to API URLs such as `https://api.github.com`. Instead, you can: -* Use environment variables (see [AUTOTITLE](/actions/reference/variables-reference#default-environment-variables)): +* Use environment variables (see [AUTOTITLE](/actions/reference/workflows-and-actions/variables#default-environment-variables)): * For the REST API, use the `GITHUB_API_URL` environment variable. * For GraphQL, use the `GITHUB_GRAPHQL_URL` environment variable. diff --git a/content/actions/how-tos/create-and-publish-actions/publish-in-github-marketplace.md b/content/actions/how-tos/create-and-publish-actions/publish-in-github-marketplace.md index d80633d1bac6..f12008832dc0 100644 --- a/content/actions/how-tos/create-and-publish-actions/publish-in-github-marketplace.md +++ b/content/actions/how-tos/create-and-publish-actions/publish-in-github-marketplace.md @@ -23,7 +23,7 @@ contentType: how-tos >[!NOTE] > You must accept the terms of service to publish actions in {% data variables.product.prodname_marketplace %}. -Before you can publish an action, you'll need to create an action in your repository. For more information, see [AUTOTITLE](/actions/creating-actions). +Before you can publish an action, you'll need to create an action in your repository. For more information, see [AUTOTITLE](/actions/how-tos/reuse-automations). When you plan to publish your action to {% data variables.product.prodname_marketplace %}, you'll need to ensure that the repository only includes the metadata file, code, and files necessary for the action. Creating a single repository for the action allows you to tag, release, and package the code in a single unit. {% data variables.product.prodname_dotcom %} also uses the action's metadata on your {% data variables.product.prodname_marketplace %} page. diff --git a/content/actions/how-tos/create-and-publish-actions/release-and-maintain-actions.md b/content/actions/how-tos/create-and-publish-actions/release-and-maintain-actions.md index a2b3d67b232a..3e57793bad69 100644 --- a/content/actions/how-tos/create-and-publish-actions/release-and-maintain-actions.md +++ b/content/actions/how-tos/create-and-publish-actions/release-and-maintain-actions.md @@ -70,9 +70,9 @@ Here is an example process that you can follow to automatically run tests, creat * When a pull request is opened, either from a branch or a fork, your testing workflow will again run the tests, this time with the merge commit. - * **Note:** for security reasons, workflows triggered by `pull_request` from forks have restricted `GITHUB_TOKEN` permissions and do not have access to secrets. If your tests or other workflows triggered upon pull request require access to secrets, consider using a different event like a [manual trigger](/actions/using-workflows/events-that-trigger-workflows#manual-events) or a [`pull_request_target`](/actions/using-workflows/events-that-trigger-workflows#pull_request_target). For more information, see [AUTOTITLE](/actions/using-workflows/events-that-trigger-workflows#pull-request-events-for-forked-repositories). + * **Note:** for security reasons, workflows triggered by `pull_request` from forks have restricted `GITHUB_TOKEN` permissions and do not have access to secrets. If your tests or other workflows triggered upon pull request require access to secrets, consider using a different event like a [manual trigger](/actions/reference/workflows-and-actions/events-that-trigger-workflows#manual-events) or a [`pull_request_target`](/actions/reference/workflows-and-actions/events-that-trigger-workflows#pull_request_target). For more information, see [AUTOTITLE](/actions/reference/workflows-and-actions/events-that-trigger-workflows#pull-request-events-for-forked-repositories). -1. Create a semantically tagged release. {% ifversion fpt or ghec %} You may also publish to {% data variables.product.prodname_marketplace %} with a simple checkbox. {% endif %} For more information, see [AUTOTITLE](/repositories/releasing-projects-on-github/managing-releases-in-a-repository#creating-a-release){% ifversion fpt or ghec %} and [AUTOTITLE](/actions/creating-actions/publishing-actions-in-github-marketplace#publishing-an-action){% endif %}. +1. Create a semantically tagged release. {% ifversion fpt or ghec %} You may also publish to {% data variables.product.prodname_marketplace %} with a simple checkbox. {% endif %} For more information, see [AUTOTITLE](/repositories/releasing-projects-on-github/managing-releases-in-a-repository#creating-a-release){% ifversion fpt or ghec %} and [AUTOTITLE](/actions/how-tos/create-and-publish-actions/publish-in-github-marketplace#publishing-an-action){% endif %}. * When a release is published or edited, your release workflow will automatically take care of compilation and adjusting tags. @@ -89,10 +89,10 @@ Using semantic releases means that the users of your actions can pin their workf {% data variables.product.github %} provides tools and guides to help you work with the open source community. Here are a few tools we recommend setting up for healthy bidirectional communication. By providing the following signals to the community, you encourage others to use, modify, and contribute to your action: * Maintain a `README` with plenty of usage examples and guidance. For more information, see [AUTOTITLE](/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/about-readmes). -* Include a workflow status badge in your `README` file. For more information, see [AUTOTITLE](/actions/monitoring-and-troubleshooting-workflows/adding-a-workflow-status-badge). Also visit [shields.io](https://shields.io/) to learn about other badges that you can add.{% ifversion fpt or ghec %} +* Include a workflow status badge in your `README` file. For more information, see [AUTOTITLE](/actions/how-tos/monitor-workflows/add-a-status-badge). Also visit [shields.io](https://shields.io/) to learn about other badges that you can add.{% ifversion fpt or ghec %} * Add community health files like `CODE_OF_CONDUCT`, `CONTRIBUTING`, and `SECURITY`. For more information, see [AUTOTITLE](/communities/setting-up-your-project-for-healthy-contributions/creating-a-default-community-health-file#supported-file-types).{% endif %} * Keep issues current by utilizing actions like [actions/stale](https://github.com/actions/stale).{% ifversion fpt or ghec %} -* Use {% data variables.product.github %}'s security features to communicate about vulnerabilities and how to fix them. For more information, see [AUTOTITLE](/actions/security-guides/using-githubs-security-features-to-secure-your-use-of-github-actions#protecting-actions-youve-created).{% endif %} +* Use {% data variables.product.github %}'s security features to communicate about vulnerabilities and how to fix them. For more information, see [AUTOTITLE](/actions/reference/security/secure-use#protecting-actions-youve-created).{% endif %} ## Further reading diff --git a/content/actions/how-tos/create-and-publish-actions/set-exit-codes.md b/content/actions/how-tos/create-and-publish-actions/set-exit-codes.md index 41c26d756308..a37b9779d626 100644 --- a/content/actions/how-tos/create-and-publish-actions/set-exit-codes.md +++ b/content/actions/how-tos/create-and-publish-actions/set-exit-codes.md @@ -40,7 +40,7 @@ try { } ``` -For more information, see [AUTOTITLE](/actions/creating-actions/creating-a-javascript-action). +For more information, see [AUTOTITLE](/actions/tutorials/create-actions/create-a-javascript-action). ## Setting a failure exit code in a Docker container action @@ -53,4 +53,4 @@ if ; then fi ``` -For more information, see [AUTOTITLE](/actions/creating-actions/creating-a-docker-container-action). +For more information, see [AUTOTITLE](/actions/tutorials/use-containerized-services/create-a-docker-container-action). diff --git a/content/actions/how-tos/deploy/configure-and-manage-deployments/configure-custom-protection-rules.md b/content/actions/how-tos/deploy/configure-and-manage-deployments/configure-custom-protection-rules.md index 42df17d53cd1..1346f866586c 100644 --- a/content/actions/how-tos/deploy/configure-and-manage-deployments/configure-custom-protection-rules.md +++ b/content/actions/how-tos/deploy/configure-and-manage-deployments/configure-custom-protection-rules.md @@ -22,11 +22,11 @@ contentType: how-tos Custom deployment protection rules are powered by {% data variables.product.prodname_github_apps %}. Once a deployment protection rule is configured and installed in a repository, it can be enabled for any environments in the repository. -After you enable a custom deployment protection rule on an environment, every time a workflow step targets that environment, the deployment protection rule will run automatically. For more information about targeting an environment for deployments, see [AUTOTITLE](/actions/deployment/targeting-different-environments/managing-environments-for-deployment). +After you enable a custom deployment protection rule on an environment, every time a workflow step targets that environment, the deployment protection rule will run automatically. For more information about targeting an environment for deployments, see [AUTOTITLE](/actions/how-tos/deploy/configure-and-manage-deployments/manage-environments). When a custom deployment protection rule is triggered it will wait for up to 30 days for a webhook event response before it times out and the workflow job fails. -For more information about creating your own custom deployment protection rules, see [AUTOTITLE](/actions/deployment/protecting-deployments/creating-custom-deployment-protection-rules). +For more information about creating your own custom deployment protection rules, see [AUTOTITLE](/actions/how-tos/deploy/configure-and-manage-deployments/create-custom-protection-rules). {% data reusables.actions.custom-deployment-protection-rules-limits %} @@ -44,7 +44,7 @@ The following is a list of official partner implementations for deployment prote ## Prerequisites -In order for a custom deployment protection rule to be available to all environments in a repository, you must first install the custom deployment protection rule on the repository. For more information, see [AUTOTITLE](/apps/maintaining-github-apps/installing-github-apps). +In order for a custom deployment protection rule to be available to all environments in a repository, you must first install the custom deployment protection rule on the repository. For more information, see [AUTOTITLE](/apps/using-github-apps/installing-your-own-github-app). After a custom deployment protection rule has been installed in a repository, it must be enabled for each environment where you want the rule to apply. @@ -57,4 +57,4 @@ After a custom deployment protection rule has been installed in a repository, it 1. Under "Deployment protection rules," check the box next to each custom deployment protection rule you want to enable for the environment. 1. Click **Save protection rules**. -Once a custom deployment protection rule has been enabled for an environment, it will automatically run whenever a workflow reaches a job that references the environment. You can see the results of an approval or rejection for your deployment by reviewing the details of the deployment. For more information, see [AUTOTITLE](/actions/managing-workflow-runs/reviewing-deployments). +Once a custom deployment protection rule has been enabled for an environment, it will automatically run whenever a workflow reaches a job that references the environment. You can see the results of an approval or rejection for your deployment by reviewing the details of the deployment. For more information, see [AUTOTITLE](/actions/how-tos/deploy/configure-and-manage-deployments/review-deployments). diff --git a/content/actions/how-tos/deploy/configure-and-manage-deployments/control-deployments.md b/content/actions/how-tos/deploy/configure-and-manage-deployments/control-deployments.md index 766f603beb38..cfc0e9a9eb4f 100644 --- a/content/actions/how-tos/deploy/configure-and-manage-deployments/control-deployments.md +++ b/content/actions/how-tos/deploy/configure-and-manage-deployments/control-deployments.md @@ -19,7 +19,7 @@ category: ## Prerequisites -You should be familiar with the syntax for {% data variables.product.prodname_actions %}. For more information, see [AUTOTITLE](/actions/learn-github-actions). +You should be familiar with the syntax for {% data variables.product.prodname_actions %}. For more information, see [AUTOTITLE](/actions/how-tos/write-workflows). ## Triggering your deployment @@ -42,7 +42,7 @@ on: workflow_dispatch: ``` -For more information, see [AUTOTITLE](/actions/using-workflows/events-that-trigger-workflows). +For more information, see [AUTOTITLE](/actions/reference/workflows-and-actions/events-that-trigger-workflows). ## Using environments @@ -52,7 +52,7 @@ You can configure environments with protection rules and secrets. When a workflo ## Using concurrency -Concurrency ensures that only a single job or workflow using the same concurrency group will run at a time. You can use concurrency so that an environment has a maximum of one deployment in progress{% ifversion actions-nga %}{% else %} and one deployment pending{% endif %} at a time. For more information about concurrency, see [AUTOTITLE](/actions/using-jobs/using-concurrency). +Concurrency ensures that only a single job or workflow using the same concurrency group will run at a time. You can use concurrency so that an environment has a maximum of one deployment in progress{% ifversion actions-nga %}{% else %} and one deployment pending{% endif %} at a time. For more information about concurrency, see [AUTOTITLE](/actions/how-tos/write-workflows/choose-when-workflows-run/control-workflow-concurrency). {% ifversion actions-environments-without-deployments %} @@ -171,7 +171,7 @@ For guidance on writing deployment-specific steps, see [Finding deployment examp ## Viewing deployment history -When a {% data variables.product.prodname_actions %} workflow deploys to an environment, the environment is displayed on the main page of the repository. For more information about viewing deployments to environments, see [AUTOTITLE](/actions/deployment/managing-your-deployments/viewing-deployment-history). +When a {% data variables.product.prodname_actions %} workflow deploys to an environment, the environment is displayed on the main page of the repository. For more information about viewing deployments to environments, see [AUTOTITLE](/actions/how-tos/deploy/configure-and-manage-deployments/view-deployment-history). {% ifversion virtual-registry %} @@ -181,15 +181,15 @@ Your organization can collect deployment records for all your builds in a single ## Monitoring workflow runs -Every workflow run generates a real-time graph that illustrates the run progress. You can use this graph to monitor and debug deployments. For more information see, [AUTOTITLE](/actions/monitoring-and-troubleshooting-workflows/using-the-visualization-graph). +Every workflow run generates a real-time graph that illustrates the run progress. You can use this graph to monitor and debug deployments. For more information see, [AUTOTITLE](/actions/how-tos/monitor-workflows/use-the-visualization-graph). -You can also view the logs of each workflow run and the history of workflow runs. For more information, see [AUTOTITLE](/actions/monitoring-and-troubleshooting-workflows/viewing-workflow-run-history). +You can also view the logs of each workflow run and the history of workflow runs. For more information, see [AUTOTITLE](/actions/how-tos/monitor-workflows/view-workflow-run-history). ## Using required reviews in workflows Jobs that reference an environment configured with required reviewers will wait for an approval before starting. While a job is awaiting approval, it has a status of "Waiting". If a job is not approved within 30 days, it will automatically fail. -For more information about environments and required approvals, see [AUTOTITLE](/actions/deployment/targeting-different-environments/managing-environments-for-deployment). For information about how to review deployments with the REST API, see [AUTOTITLE](/rest/actions/workflow-runs). +For more information about environments and required approvals, see [AUTOTITLE](/actions/how-tos/deploy/configure-and-manage-deployments/manage-environments). For information about how to review deployments with the REST API, see [AUTOTITLE](/rest/actions/workflow-runs). ## Using custom deployment protection rules @@ -197,7 +197,7 @@ For more information about environments and required approvals, see [AUTOTITLE]( {% data reusables.actions.about-custom-deployment-protection-rules %} -Custom deployment protection rules are powered by {% data variables.product.prodname_github_apps %} and run based on webhooks and callbacks. Approval or rejection of a workflow job is based on consumption of the `deployment_protection_rule` webhook. For more information, see [AUTOTITLE](/webhooks-and-events/webhooks/webhook-events-and-payloads#deployment_protection_rule) and [Approving or rejecting deployments](/actions/how-tos/managing-workflow-runs-and-deployments/managing-deployments/creating-custom-deployment-protection-rules#approving-or-rejecting-deployments). +Custom deployment protection rules are powered by {% data variables.product.prodname_github_apps %} and run based on webhooks and callbacks. Approval or rejection of a workflow job is based on consumption of the `deployment_protection_rule` webhook. For more information, see [AUTOTITLE](/webhooks/webhook-events-and-payloads#deployment_protection_rule) and [Approving or rejecting deployments](/actions/how-tos/deploy/configure-and-manage-deployments/create-custom-protection-rules#approving-or-rejecting-deployments). Once you have created a custom deployment protection rule and installed it on your repository, the custom deployment protection rule will automatically be available for all environments in the repository. @@ -212,20 +212,20 @@ Alternatively, you can write your own protection rules for any of the above use ## Tracking deployments through apps {% ifversion fpt or ghec %} -If your personal account or organization on {% data variables.product.github %} is integrated with Microsoft Teams or Slack, you can track deployments that use environments through Microsoft Teams or Slack. For example, you can receive notifications through the app when a deployment is pending approval, when a deployment is approved, or when the deployment status changes. For more information about integrating Microsoft Teams or Slack, see [AUTOTITLE](/get-started/exploring-integrations/github-extensions-and-integrations#team-communication-tools). +If your personal account or organization on {% data variables.product.github %} is integrated with Microsoft Teams or Slack, you can track deployments that use environments through Microsoft Teams or Slack. For example, you can receive notifications through the app when a deployment is pending approval, when a deployment is approved, or when the deployment status changes. For more information about integrating Microsoft Teams or Slack, see [AUTOTITLE](/integrations/concepts/featured-github-integrations#team-communication-tools). {% endif %} -You can also build an app that uses deployment and deployment status webhooks to track deployments. {% data reusables.actions.environment-deployment-event %} For more information, see [AUTOTITLE](/apps) and [AUTOTITLE](/webhooks-and-events/webhooks/webhook-events-and-payloads#deployment). +You can also build an app that uses deployment and deployment status webhooks to track deployments. {% data reusables.actions.environment-deployment-event %} For more information, see [AUTOTITLE](/apps) and [AUTOTITLE](/webhooks/webhook-events-and-payloads#deployment). ## Choosing a runner -You can run your deployment workflow on {% data variables.product.company_short %}-hosted runners or on self-hosted runners. Traffic from {% data variables.product.company_short %}-hosted runners can come from a [wide range of network addresses](/rest/meta/meta#get-github-meta-information). If you are deploying to an internal environment and your company restricts external traffic into private networks, {% data variables.product.prodname_actions %} workflows running on {% data variables.product.company_short %}-hosted runners may not be able to communicate with your internal services or resources. To overcome this, you can host your own runners. For more information, see [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners/about-self-hosted-runners) and [AUTOTITLE](/actions/using-github-hosted-runners/about-github-hosted-runners). +You can run your deployment workflow on {% data variables.product.company_short %}-hosted runners or on self-hosted runners. Traffic from {% data variables.product.company_short %}-hosted runners can come from a [wide range of network addresses](/rest/meta/meta#get-github-meta-information). If you are deploying to an internal environment and your company restricts external traffic into private networks, {% data variables.product.prodname_actions %} workflows running on {% data variables.product.company_short %}-hosted runners may not be able to communicate with your internal services or resources. To overcome this, you can host your own runners. For more information, see [AUTOTITLE](/actions/concepts/runners/self-hosted-runners) and [AUTOTITLE](/actions/concepts/runners/github-hosted-runners). ## Displaying a status badge You can use a status badge to display the status of your deployment workflow. {% data reusables.repositories.actions-workflow-status-badge-intro %} -For more information, see [AUTOTITLE](/actions/monitoring-and-troubleshooting-workflows/adding-a-workflow-status-badge). +For more information, see [AUTOTITLE](/actions/how-tos/monitor-workflows/add-a-status-badge). ## Finding deployment examples diff --git a/content/actions/how-tos/deploy/configure-and-manage-deployments/create-custom-protection-rules.md b/content/actions/how-tos/deploy/configure-and-manage-deployments/create-custom-protection-rules.md index b9dc5ce22365..5b8692fa28a6 100644 --- a/content/actions/how-tos/deploy/configure-and-manage-deployments/create-custom-protection-rules.md +++ b/content/actions/how-tos/deploy/configure-and-manage-deployments/create-custom-protection-rules.md @@ -20,12 +20,12 @@ contentType: how-tos {% data reusables.actions.custom-deployment-protection-rules-beta-note %} -For general information about deployment protection rules, see [AUTOTITLE](/actions/concepts/use-cases/deploying-with-github-actions#using-custom-deployment-protection-rules). +For general information about deployment protection rules, see [AUTOTITLE](/actions/how-tos/deploy/configure-and-manage-deployments/control-deployments#using-custom-deployment-protection-rules). ## Creating a custom deployment protection rule with {% data variables.product.prodname_github_apps %} -1. Create a {% data variables.product.prodname_github_app %}. For more information, see [AUTOTITLE](/apps/creating-github-apps/creating-github-apps/creating-a-github-app). Configure the {% data variables.product.prodname_github_app %} as follows. - 1. Optionally, in the **Callback URL** text field under "Identifying and authorizing users," enter the callback URL. For more information, see [AUTOTITLE](/apps/creating-github-apps/creating-github-apps/about-the-user-authorization-callback-url). +1. Create a {% data variables.product.prodname_github_app %}. For more information, see [AUTOTITLE](/apps/creating-github-apps/registering-a-github-app/registering-a-github-app). Configure the {% data variables.product.prodname_github_app %} as follows. + 1. Optionally, in the **Callback URL** text field under "Identifying and authorizing users," enter the callback URL. For more information, see [AUTOTITLE](/apps/creating-github-apps/registering-a-github-app/about-the-user-authorization-callback-url). 1. Under "Permissions," select **Repository permissions**. 1. To the right of "Actions," click the drop down menu and select **Access: Read-only**. ![Screenshot of the "Repository permissions" section for a new GitHub App. The Actions permission shows "Read-only" and is outlined in orange.](/assets/images/help/actions/actions-repo-permissions-read-only.png) @@ -34,7 +34,7 @@ For general information about deployment protection rules, see [AUTOTITLE](/acti 1. Under "Subscribe to events," select **Deployment protection rule**. ![Screenshot of the "Subscribe to events section" section for a new GitHub App. The checkbox for the Deployment protection rule is outlined in orange.](/assets/images/help/actions/actions-subscribe-to-events-deployment-protection-rules.png) -1. Install the custom deployment protection rule in your repositories and enable it for use. For more information, see [AUTOTITLE](/actions/deployment/protecting-deployments/configuring-custom-deployment-protection-rules). +1. Install the custom deployment protection rule in your repositories and enable it for use. For more information, see [AUTOTITLE](/actions/how-tos/deploy/configure-and-manage-deployments/configure-custom-protection-rules). ## Approving or rejecting deployments @@ -46,9 +46,9 @@ Custom deployment protection rules are not compatible when a workflow job's envi {% endif %} -1. Validate the incoming `POST` request. For more information, see [AUTOTITLE](/webhooks-and-events/webhooks/securing-your-webhooks#validating-payloads-from-github). +1. Validate the incoming `POST` request. For more information, see [AUTOTITLE](/webhooks/using-webhooks/validating-webhook-deliveries#validating-payloads-from-github). 1. Use a JSON Web Token to authenticate as a {% data variables.product.prodname_github_app %}. For more information, see [AUTOTITLE](/apps/creating-github-apps/authenticating-with-a-github-app/authenticating-as-a-github-app#about-authentication-as-a-github-app). -1. Using the installation ID from the `deployment_protection_rule` webhook payload, generate an install token. For more information, see [AUTOTITLE](/developers/apps/building-github-apps/authenticating-with-github-apps#authenticating-as-a-github-app). +1. Using the installation ID from the `deployment_protection_rule` webhook payload, generate an install token. For more information, see [AUTOTITLE](/apps/creating-github-apps/authenticating-with-a-github-app/about-authentication-with-a-github-app#authenticating-as-a-github-app). ```shell curl --request POST \ @@ -71,12 +71,12 @@ Custom deployment protection rules are not compatible when a workflow job's envi 1. Optionally, request the status of an approval for a workflow run by sending a `GET` request to `/repos/OWNER/REPOSITORY_ID/actions/runs/RUN_ID/approvals`. For more information, see [AUTOTITLE](/rest/actions/workflow-runs#get-the-review-history-for-a-workflow-run). -1. Optionally, review the deployment on {% data variables.product.prodname_dotcom %}. For more information, see [AUTOTITLE](/actions/managing-workflow-runs/reviewing-deployments). +1. Optionally, review the deployment on {% data variables.product.prodname_dotcom %}. For more information, see [AUTOTITLE](/actions/how-tos/deploy/configure-and-manage-deployments/review-deployments). {% ifversion fpt or ghec %} ## Publishing custom deployment protection rules in the {% data variables.product.prodname_marketplace %} -You can publish your {% data variables.product.prodname_github_app %} to the {% data variables.product.prodname_marketplace %} to allow developers to discover suitable protection rules and install it across their {% data variables.product.company_short %} repositories. Or you can browse existing custom deployment protection rules to suit your needs. For more information, see [AUTOTITLE](/apps/publishing-apps-to-github-marketplace/github-marketplace-overview/about-github-marketplace) and [AUTOTITLE](/apps/publishing-apps-to-github-marketplace/listing-an-app-on-github-marketplace). +You can publish your {% data variables.product.prodname_github_app %} to the {% data variables.product.prodname_marketplace %} to allow developers to discover suitable protection rules and install it across their {% data variables.product.company_short %} repositories. Or you can browse existing custom deployment protection rules to suit your needs. For more information, see [AUTOTITLE](/apps/github-marketplace/github-marketplace-overview/about-github-marketplace-for-apps) and [AUTOTITLE](/apps/github-marketplace/listing-an-app-on-github-marketplace). {% endif %} diff --git a/content/actions/how-tos/deploy/configure-and-manage-deployments/manage-environments.md b/content/actions/how-tos/deploy/configure-and-manage-deployments/manage-environments.md index c8c10faf9786..e1cb8bb731cb 100644 --- a/content/actions/how-tos/deploy/configure-and-manage-deployments/manage-environments.md +++ b/content/actions/how-tos/deploy/configure-and-manage-deployments/manage-environments.md @@ -35,8 +35,8 @@ contentType: how-tos {% endif %} -* For general information about environments, see [AUTOTITLE](/actions/concepts/use-cases/deploying-with-github-actions#using-environments). -* For information about available rules, see [AUTOTITLE](/actions/reference/deployments-and-environments). +* For general information about environments, see [AUTOTITLE](/actions/how-tos/deploy/configure-and-manage-deployments/control-deployments#using-environments). +* For information about available rules, see [AUTOTITLE](/actions/reference/workflows-and-actions/deployments-and-environments). ## Creating an environment @@ -55,22 +55,22 @@ contentType: how-tos {% data reusables.actions.sidebar-environment %} {% data reusables.actions.new-environment %} {% data reusables.actions.name-environment %} -1. Optionally, specify people or teams that must approve workflow jobs that use this environment. For more information, see [AUTOTITLE](/actions/reference/deployments-and-environments#required-reviewers). +1. Optionally, specify people or teams that must approve workflow jobs that use this environment. For more information, see [AUTOTITLE](/actions/reference/workflows-and-actions/deployments-and-environments#required-reviewers). 1. Select **Required reviewers**. 1. Enter up to 6 people or teams. Only one of the required reviewers needs to approve the job for it to proceed. 1. Optionally, to prevent users from approving workflows runs that they triggered, select **Prevent self-review**. 1. Click **Save protection rules**. -1. Optionally, specify the amount of time to wait before allowing workflow jobs that use this environment to proceed. For more information, see [AUTOTITLE](/actions/reference/deployments-and-environments#wait-timer). +1. Optionally, specify the amount of time to wait before allowing workflow jobs that use this environment to proceed. For more information, see [AUTOTITLE](/actions/reference/workflows-and-actions/deployments-and-environments#wait-timer). 1. Select **Wait timer**. 1. Enter the number of minutes to wait. 1. Click **Save protection rules**. -1. Optionally, disallow bypassing configured protection rules. For more information, see [AUTOTITLE](/actions/reference/deployments-and-environments#allow-administrators-to-bypass-configured-protection-rules). +1. Optionally, disallow bypassing configured protection rules. For more information, see [AUTOTITLE](/actions/reference/workflows-and-actions/deployments-and-environments#allow-administrators-to-bypass-configured-protection-rules). 1. Deselect **Allow administrators to bypass configured protection rules**. 1. Click **Save protection rules**. -1. Optionally, enable any custom deployment protection rules that have been created with {% data variables.product.prodname_github_apps %}. For more information, see [AUTOTITLE](/actions/reference/deployments-and-environments#custom-deployment-protection-rules). +1. Optionally, enable any custom deployment protection rules that have been created with {% data variables.product.prodname_github_apps %}. For more information, see [AUTOTITLE](/actions/reference/workflows-and-actions/deployments-and-environments#custom-deployment-protection-rules). 1. Select the custom protection rule you want to enable. 1. Click **Save protection rules**. -1. Optionally, specify what branches and tags can deploy to this environment. For more information, see [AUTOTITLE](/actions/reference/deployments-and-environments#deployment-branches-and-tags). +1. Optionally, specify what branches and tags can deploy to this environment. For more information, see [AUTOTITLE](/actions/reference/workflows-and-actions/deployments-and-environments#deployment-branches-and-tags). 1. Select the desired option in the **Deployment branches** dropdown. 1. If you chose **Selected branches and tags**, to add a new rule, click **Add deployment branch or tag rule** 1. In the "Ref type" dropdown menu, depending on what rule you want to apply, click **{% octicon "git-branch" aria-hidden="true" aria-label="git-branch" %} Branch** or **{% octicon "tag" aria-hidden="true" aria-label="tag" %} Tag**. @@ -79,12 +79,12 @@ contentType: how-tos {% data reusables.actions.branch-and-tag-deployment-rules-configuration %} 1. Click **Add rule**. -1. Optionally, add environment secrets. These secrets are only available to workflow jobs that use the environment. Additionally, workflow jobs that use this environment can only access these secrets after any configured rules (for example, required reviewers) pass. For more information, see [AUTOTITLE](/actions/reference/deployments-and-environments#environment-secrets). +1. Optionally, add environment secrets. These secrets are only available to workflow jobs that use the environment. Additionally, workflow jobs that use this environment can only access these secrets after any configured rules (for example, required reviewers) pass. For more information, see [AUTOTITLE](/actions/reference/workflows-and-actions/deployments-and-environments#environment-secrets). 1. Under **Environment secrets**, click **Add Secret**. 1. Enter the secret name. 1. Enter the secret value. 1. Click **Add secret**. -1. Optionally, add environment variables. These variables are only available to workflow jobs that use the environment, and are only accessible using the [`vars`](/actions/learn-github-actions/contexts#vars-context) context. For more information, see [AUTOTITLE](/actions/reference/deployments-and-environments#environment-variables). +1. Optionally, add environment variables. These variables are only available to workflow jobs that use the environment, and are only accessible using the [`vars`](/actions/reference/workflows-and-actions/contexts#vars-context) context. For more information, see [AUTOTITLE](/actions/reference/workflows-and-actions/deployments-and-environments#environment-variables). 1. Under **Environment variables**, click **Add Variable**. 1. Enter the variable name. 1. Enter the variable value. @@ -112,8 +112,8 @@ You can also delete environments through the REST API. For more information, see {% data reusables.actions.environment-deployment-event %} -You can access these objects through the REST API or GraphQL API. You can also subscribe to these webhook events. For more information, see [AUTOTITLE](/rest/repos#deployments), [AUTOTITLE](/graphql/reference/deployments#object-deployment) (GraphQL API), or [AUTOTITLE](/webhooks-and-events/webhooks/webhook-events-and-payloads#deployment). +You can access these objects through the REST API or GraphQL API. You can also subscribe to these webhook events. For more information, see [AUTOTITLE](/rest/repos#deployments), [AUTOTITLE](/graphql/reference/deployments#object-deployment) (GraphQL API), or [AUTOTITLE](/webhooks/webhook-events-and-payloads#deployment). ## Next steps -{% data variables.product.prodname_actions %} provides several features for managing your deployments. For more information, see [AUTOTITLE](/actions/deployment/about-deployments/deploying-with-github-actions). +{% data variables.product.prodname_actions %} provides several features for managing your deployments. For more information, see [AUTOTITLE](/actions/how-tos/deploy/configure-and-manage-deployments/control-deployments). diff --git a/content/actions/how-tos/deploy/configure-and-manage-deployments/review-deployments.md b/content/actions/how-tos/deploy/configure-and-manage-deployments/review-deployments.md index bd51d9d48e17..8ff1637cbb46 100644 --- a/content/actions/how-tos/deploy/configure-and-manage-deployments/review-deployments.md +++ b/content/actions/how-tos/deploy/configure-and-manage-deployments/review-deployments.md @@ -18,7 +18,7 @@ contentType: how-tos ## Approving or rejecting a job -1. Navigate to the workflow run that requires review. For more information about navigating to a workflow run, see [AUTOTITLE](/actions/monitoring-and-troubleshooting-workflows/viewing-workflow-run-history). +1. Navigate to the workflow run that requires review. For more information about navigating to a workflow run, see [AUTOTITLE](/actions/how-tos/monitor-workflows/view-workflow-run-history). 1. If the run requires review, you will see a notification for the review request. On the notification, click **Review deployments**. 1. Select the job environment(s) to approve or reject. Optionally, leave a comment. 1. Approve or reject: @@ -26,17 +26,17 @@ contentType: how-tos * To reject the job, click **Reject**. If a job is rejected, the workflow will fail. > [!NOTE] -> If the targeted environment is configured to prevent self-approvals for deployments, you will not be able to approve a deployment from a workflow run you initiated. For more information, see [AUTOTITLE](/actions/deployment/targeting-different-environments/managing-environments-for-deployment#required-reviewers). +> If the targeted environment is configured to prevent self-approvals for deployments, you will not be able to approve a deployment from a workflow run you initiated. For more information, see [AUTOTITLE](/actions/how-tos/deploy/configure-and-manage-deployments/manage-environments). ## Bypassing deployment protection rules If you have configured deployment protection rules that control whether software can be deployed to an environment, you can bypass these rules and force all pending jobs referencing the environment to proceed. > [!NOTE] -> * You cannot bypass deployment protection rules if the environment has been configured to prevent admins from bypassing configured protection rules. For more information, see [AUTOTITLE](/actions/deployment/targeting-different-environments/managing-environments-for-deployment#creating-an-environment). +> * You cannot bypass deployment protection rules if the environment has been configured to prevent admins from bypassing configured protection rules. For more information, see [AUTOTITLE](/actions/how-tos/deploy/configure-and-manage-deployments/manage-environments#creating-an-environment). > * You can only bypass deployment protection rules during workflow execution when a job referencing the environment is in a "Pending" state. -1. Navigate to the workflow run. For more information about navigating to a workflow run, see [AUTOTITLE](/actions/monitoring-and-troubleshooting-workflows/viewing-workflow-run-history). +1. Navigate to the workflow run. For more information about navigating to a workflow run, see [AUTOTITLE](/actions/how-tos/monitor-workflows/view-workflow-run-history). 1. To the right of **Deployment protection rules**, click **Start all waiting jobs**. ![Screenshot of the "Deployment protection rules" section with the "Start all waiting jobs" button outlined in orange.](/assets/images/actions-bypass-env-protection-rules.png) 1. In the pop-up window, select the environments for which you want to bypass deployment protection rules. diff --git a/content/actions/how-tos/deploy/deploy-to-third-party-platforms/amazon-elastic-container-service.md b/content/actions/how-tos/deploy/deploy-to-third-party-platforms/amazon-elastic-container-service.md index 540b3cd81f2a..85ad0e646f17 100644 --- a/content/actions/how-tos/deploy/deploy-to-third-party-platforms/amazon-elastic-container-service.md +++ b/content/actions/how-tos/deploy/deploy-to-third-party-platforms/amazon-elastic-container-service.md @@ -67,7 +67,7 @@ Before creating your {% data variables.product.prodname_actions %} workflow, you 1. Create {% data variables.product.prodname_actions %} secrets named `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY` to store the values for your Amazon IAM access key. - For more information on creating secrets for {% data variables.product.prodname_actions %}, see [AUTOTITLE](/actions/security-guides/using-secrets-in-github-actions#creating-secrets-for-a-repository). + For more information on creating secrets for {% data variables.product.prodname_actions %}, see [AUTOTITLE](/actions/how-tos/write-workflows/choose-what-workflows-do/use-secrets#creating-secrets-for-a-repository). See the documentation for each action used below for the recommended IAM policies for the IAM user, and methods for handling the access key credentials. diff --git a/content/actions/how-tos/deploy/deploy-to-third-party-platforms/docker-to-azure-app-service.md b/content/actions/how-tos/deploy/deploy-to-third-party-platforms/docker-to-azure-app-service.md index fe9c70581b6c..08c51509ecee 100644 --- a/content/actions/how-tos/deploy/deploy-to-third-party-platforms/docker-to-azure-app-service.md +++ b/content/actions/how-tos/deploy/deploy-to-third-party-platforms/docker-to-azure-app-service.md @@ -40,7 +40,7 @@ Before creating your {% data variables.product.prodname_actions %} workflow, you 1. Set registry credentials for your web app. - Create a {% data variables.product.pat_v1 %} with the `repo` and `read:packages` scopes. For more information, see [AUTOTITLE](/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token). + Create a {% data variables.product.pat_v1 %} with the `repo` and `read:packages` scopes. For more information, see [AUTOTITLE](/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens). Set `DOCKER_REGISTRY_SERVER_URL` to `https://ghcr.io`, `DOCKER_REGISTRY_SERVER_USERNAME` to the GitHub username or organization that owns the repository, and `DOCKER_REGISTRY_SERVER_PASSWORD` to your {% data variables.product.pat_generic %} from above. This will give your web app credentials so it can pull the container image after your workflow pushes a newly built image to the registry. You can do this with the following Azure CLI command: diff --git a/content/actions/how-tos/deploy/deploy-to-third-party-platforms/google-kubernetes-engine.md b/content/actions/how-tos/deploy/deploy-to-third-party-platforms/google-kubernetes-engine.md index b2c14e777cf1..28a4dd919a54 100644 --- a/content/actions/how-tos/deploy/deploy-to-third-party-platforms/google-kubernetes-engine.md +++ b/content/actions/how-tos/deploy/deploy-to-third-party-platforms/google-kubernetes-engine.md @@ -92,11 +92,11 @@ This procedure demonstrates how to create the service account for your GKE integ export GKE_SA_KEY=$(cat key.json | base64) ``` - For more information about how to store a secret, see [AUTOTITLE](/actions/security-guides/using-secrets-in-github-actions). + For more information about how to store a secret, see [AUTOTITLE](/actions/how-tos/write-workflows/choose-what-workflows-do/use-secrets). ### Storing your project name -Store the name of your project as a secret named `GKE_PROJECT`. For more information about how to store a secret, see [AUTOTITLE](/actions/security-guides/using-secrets-in-github-actions). +Store the name of your project as a secret named `GKE_PROJECT`. For more information about how to store a secret, see [AUTOTITLE](/actions/how-tos/write-workflows/choose-what-workflows-do/use-secrets). ### (Optional) Configuring kustomize diff --git a/content/actions/how-tos/deploy/deploy-to-third-party-platforms/sign-xcode-applications.md b/content/actions/how-tos/deploy/deploy-to-third-party-platforms/sign-xcode-applications.md index e96c57798b74..20cf01c36113 100644 --- a/content/actions/how-tos/deploy/deploy-to-third-party-platforms/sign-xcode-applications.md +++ b/content/actions/how-tos/deploy/deploy-to-third-party-platforms/sign-xcode-applications.md @@ -25,8 +25,8 @@ contentType: how-tos You should be familiar with YAML and the syntax for {% data variables.product.prodname_actions %}. For more information, see: -* [AUTOTITLE](/actions/learn-github-actions) -* [AUTOTITLE](/actions/using-workflows/workflow-syntax-for-github-actions) +* [AUTOTITLE](/actions/how-tos/write-workflows) +* [AUTOTITLE](/actions/reference/workflows-and-actions/workflow-syntax) You should have an understanding of Xcode app building and signing. For more information, see the [Apple developer documentation](https://developer.apple.com/documentation/). @@ -34,7 +34,7 @@ You should have an understanding of Xcode app building and signing. For more inf The signing process involves storing certificates and provisioning profiles, transferring them to the runner, importing them to the runner's keychain, and using them in your build. -To use your certificate and provisioning profile on a runner, we strongly recommend that you use {% data variables.product.prodname_dotcom %} secrets. For more information on creating secrets and using them in a workflow, see [AUTOTITLE](/actions/security-guides/using-secrets-in-github-actions). +To use your certificate and provisioning profile on a runner, we strongly recommend that you use {% data variables.product.prodname_dotcom %} secrets. For more information on creating secrets and using them in a workflow, see [AUTOTITLE](/actions/how-tos/write-workflows/choose-what-workflows-do/use-secrets). Create secrets in your repository or organization for the following items: diff --git a/content/actions/how-tos/get-support.md b/content/actions/how-tos/get-support.md index 0e12d74f2b42..a2ff6f4db082 100644 --- a/content/actions/how-tos/get-support.md +++ b/content/actions/how-tos/get-support.md @@ -32,9 +32,9 @@ Some information that {% data variables.contact.github_support %} will request c For example: `https://github.com/ORG/REPO/actions/runs/0123456789` {% endif %} -* The workflow `.yml` file(s) attached to the ticket as `.txt` files. For more information about workflows, see [AUTOTITLE](/actions/using-workflows/about-workflows#about-workflows). -* A copy of your workflow run logs for an example workflow run failure. For more information about workflow run logs, see [AUTOTITLE](/actions/monitoring-and-troubleshooting-workflows/using-workflow-run-logs#downloading-logs). -* {% ifversion ghes %}A copy of your runner logs, {% else %}If you are running this workflow on a self-hosted runner, self-hosted runner logs{% endif %} which can be found under the `_diag` folder within the runner. For more information about self-hosted runners, see [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners/monitoring-and-troubleshooting-self-hosted-runners#reviewing-the-self-hosted-runner-application-log-files). +* The workflow `.yml` file(s) attached to the ticket as `.txt` files. For more information about workflows, see [AUTOTITLE](/actions/concepts/workflows-and-actions/workflows#about-workflows). +* A copy of your workflow run logs for an example workflow run failure. For more information about workflow run logs, see [AUTOTITLE](/actions/how-tos/monitor-workflows/use-workflow-run-logs#downloading-logs). +* {% ifversion ghes %}A copy of your runner logs, {% else %}If you are running this workflow on a self-hosted runner, self-hosted runner logs{% endif %} which can be found under the `_diag` folder within the runner. For more information about self-hosted runners, see [AUTOTITLE](/actions/how-tos/manage-runners/self-hosted-runners/monitor-and-troubleshoot#reviewing-the-self-hosted-runner-application-log-files). Self-hosted runner log file names are formatted: `Runner_YYYY####-xxxxxx-utc.log` and `Worker_YYYY####-xxxxxx-utc.log`. @@ -52,19 +52,19 @@ Depending on the nature of your inquiry, {% data variables.contact.github_suppor ### Ephemeral Runner Application Log Files -{% data variables.contact.github_support %} may request the runner application log files from ephemeral runners. {% data variables.product.prodname_dotcom %} expects and recommends that you have implemented a mechanism to forward and preserve the runner application log files from self-hosted ephemeral runners. For more information about runner application log files and troubleshooting self-hosted runners, see [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners/monitoring-and-troubleshooting-self-hosted-runners#reviewing-the-self-hosted-runner-application-log-files). +{% data variables.contact.github_support %} may request the runner application log files from ephemeral runners. {% data variables.product.prodname_dotcom %} expects and recommends that you have implemented a mechanism to forward and preserve the runner application log files from self-hosted ephemeral runners. For more information about runner application log files and troubleshooting self-hosted runners, see [AUTOTITLE](/actions/how-tos/manage-runners/self-hosted-runners/monitor-and-troubleshoot#reviewing-the-self-hosted-runner-application-log-files). ### {% data variables.product.prodname_actions_runner_controller %} -If you are using {% data variables.product.prodname_actions_runner_controller %} (ARC), {% data variables.contact.github_support %} may ask you to submit the complete logs for the controller, listeners, and runner pods. For more information about collecting {% data variables.product.prodname_actions_runner_controller %}'s logs, see [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners-with-actions-runner-controller/troubleshooting-actions-runner-controller-errors#checking-the-logs-of-the-controller-and-runner-set-listener). +If you are using {% data variables.product.prodname_actions_runner_controller %} (ARC), {% data variables.contact.github_support %} may ask you to submit the complete logs for the controller, listeners, and runner pods. For more information about collecting {% data variables.product.prodname_actions_runner_controller %}'s logs, see [AUTOTITLE](/actions/tutorials/use-actions-runner-controller/troubleshoot#checking-the-logs-of-the-controller-and-runner-set-listener). -For more information about the scope of support for {% data variables.product.prodname_actions_runner_controller %}, see [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners-with-actions-runner-controller/about-support-for-actions-runner-controller). +For more information about the scope of support for {% data variables.product.prodname_actions_runner_controller %}, see [AUTOTITLE](/actions/concepts/runners/support-for-arc). ### {% data variables.product.prodname_codeql %} and {% data variables.product.prodname_actions %} -If you are requesting assistance with a {% data variables.code-scanning.codeql_workflow %}, {% data variables.contact.github_support %} may request a copy of the {% data variables.product.prodname_codeql %} debugging artifacts. For more information about debugging artifacts for a {% data variables.code-scanning.codeql_workflow %}, see [AUTOTITLE](/code-security/code-scanning/troubleshooting-code-scanning/logs-not-detailed-enough#creating-codeql-debugging-artifacts). +If you are requesting assistance with a {% data variables.code-scanning.codeql_workflow %}, {% data variables.contact.github_support %} may request a copy of the {% data variables.product.prodname_codeql %} debugging artifacts. For more information about debugging artifacts for a {% data variables.code-scanning.codeql_workflow %}, see [AUTOTITLE](/code-security/reference/code-scanning/troubleshoot-analysis-errors/logs-not-detailed-enough#creating-codeql-debugging-artifacts). -To provide the debugging artifacts to {% data variables.contact.github_support %}, please download the {% data variables.product.prodname_codeql %} debugging artifacts from a sample workflow run and attach it to your ticket as a `.zip` file. For more information on downloading workflow artifacts, see [AUTOTITLE](/actions/managing-workflow-runs/downloading-workflow-artifacts). +To provide the debugging artifacts to {% data variables.contact.github_support %}, please download the {% data variables.product.prodname_codeql %} debugging artifacts from a sample workflow run and attach it to your ticket as a `.zip` file. For more information on downloading workflow artifacts, see [AUTOTITLE](/actions/how-tos/manage-workflow-runs/download-workflow-artifacts). If the {% data variables.product.prodname_codeql %} debugging artifacts `.zip` file is too large to upload to the ticket, please advise {% data variables.contact.github_support %}, and we will work with you to determine the next steps. diff --git a/content/actions/how-tos/manage-runners/github-hosted-runners/connect-to-a-private-network/connect-with-oidc.md b/content/actions/how-tos/manage-runners/github-hosted-runners/connect-to-a-private-network/connect-with-oidc.md index 0546796a9c94..9e497a37358c 100644 --- a/content/actions/how-tos/manage-runners/github-hosted-runners/connect-to-a-private-network/connect-with-oidc.md +++ b/content/actions/how-tos/manage-runners/github-hosted-runners/connect-to-a-private-network/connect-with-oidc.md @@ -23,7 +23,7 @@ The following diagram gives an overview of this solution's architecture: ![Diagram of an OIDC gateway architecture, starting with a {% data variables.product.prodname_actions %} runner and ending with a private network's private service.](/assets/images/help/actions/actions-oidc-gateway.png) -It's important that you verify not just that the OIDC token came from {% data variables.product.prodname_actions %}, but that it came specifically from your expected workflows, so that other {% data variables.product.prodname_actions %} users aren't able to access services in your private network. You can use OIDC claims to create these conditions. For more information, see [AUTOTITLE](/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect#defining-trust-conditions-on-cloud-roles-using-oidc-claims). +It's important that you verify not just that the OIDC token came from {% data variables.product.prodname_actions %}, but that it came specifically from your expected workflows, so that other {% data variables.product.prodname_actions %} users aren't able to access services in your private network. You can use OIDC claims to create these conditions. For more information, see [AUTOTITLE](/actions/reference/security/oidc#oidc-claims-used-to-define-trust-conditions-on-cloud-roles). The main disadvantages of this approach are that you must implement the API gateway to make requests on your behalf, and you must run the gateway on the edge of your network. @@ -32,4 +32,4 @@ The following advantages apply. * You don't need to configure any firewalls, or modify the routing of your private network. * The API gateway is stateless and scales horizontally to handle high availability and high throughput. -For more information, see [a reference implementation of an API Gateway](https://github.com/github/actions-oidc-gateway-example) in the github/actions-oidc-gateway repository. This implementation requires customization for your use case and is not ready-to-run as-is). For more information, see [AUTOTITLE](/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect). +For more information, see [a reference implementation of an API Gateway](https://github.com/github/actions-oidc-gateway-example) in the github/actions-oidc-gateway repository. This implementation requires customization for your use case and is not ready-to-run as-is. For more information, see [AUTOTITLE](/actions/concepts/security/openid-connect). diff --git a/content/actions/how-tos/manage-runners/github-hosted-runners/connect-to-a-private-network/connect-with-wireguard.md b/content/actions/how-tos/manage-runners/github-hosted-runners/connect-to-a-private-network/connect-with-wireguard.md index 2a629405a1f1..273e8c6cd798 100644 --- a/content/actions/how-tos/manage-runners/github-hosted-runners/connect-to-a-private-network/connect-with-wireguard.md +++ b/content/actions/how-tos/manage-runners/github-hosted-runners/connect-to-a-private-network/connect-with-wireguard.md @@ -66,7 +66,7 @@ jobs: - run: curl -vvv http://192.168.1.1 ``` -For more information, see [WireGuard's Quick Start](https://www.wireguard.com/quickstart/), as well as [AUTOTITLE](/actions/security-guides/using-secrets-in-github-actions) for how to securely store keys. +For more information, see [WireGuard's Quick Start](https://www.wireguard.com/quickstart/), as well as [AUTOTITLE](/actions/how-tos/write-workflows/choose-what-workflows-do/use-secrets) for how to securely store keys. ### Using Tailscale to create a network overlay @@ -76,4 +76,4 @@ Its disadvantages are similar to WireGuard: The connection is one-to-one, so you However, there are some advantages over WireGuard: NAT traversal is built-in, so you don't need to expose a port to the public internet. It is by far the quickest of these options to get up and running, since Tailscale provides an {% data variables.product.prodname_actions %} workflow with a single step to connect to the overlay network. -For more information, see the [Tailscale GitHub Action](https://github.com/tailscale/github-action), as well as [AUTOTITLE](/actions/security-guides/using-secrets-in-github-actions) for how to securely store keys. +For more information, see the [Tailscale GitHub Action](https://github.com/tailscale/github-action), as well as [AUTOTITLE](/actions/how-tos/write-workflows/choose-what-workflows-do/use-secrets) for how to securely store keys. diff --git a/content/actions/how-tos/manage-runners/github-hosted-runners/customize-runners.md b/content/actions/how-tos/manage-runners/github-hosted-runners/customize-runners.md index 10f99f0aff9d..d2e8edf1bc36 100644 --- a/content/actions/how-tos/manage-runners/github-hosted-runners/customize-runners.md +++ b/content/actions/how-tos/manage-runners/github-hosted-runners/customize-runners.md @@ -21,7 +21,7 @@ category: If you require additional software packages on {% data variables.product.prodname_dotcom %}-hosted runners, you can create a job that installs the packages as part of your workflow. -To see which packages are already installed by default, see [AUTOTITLE](/actions/using-github-hosted-runners/about-github-hosted-runners#preinstalled-software). +To see which packages are already installed by default, see [AUTOTITLE](/actions/concepts/runners/github-hosted-runners#preinstalled-software). This guide demonstrates how to create a job that installs additional software on a {% data variables.product.prodname_dotcom %}-hosted runner. diff --git a/content/actions/how-tos/manage-runners/github-hosted-runners/use-github-hosted-runners.md b/content/actions/how-tos/manage-runners/github-hosted-runners/use-github-hosted-runners.md index 329a1bc0bb62..595127dca0c5 100644 --- a/content/actions/how-tos/manage-runners/github-hosted-runners/use-github-hosted-runners.md +++ b/content/actions/how-tos/manage-runners/github-hosted-runners/use-github-hosted-runners.md @@ -22,7 +22,7 @@ contentType: how-tos ## Using a {% data variables.product.prodname_dotcom %}-hosted runner -To use a {% data variables.product.prodname_dotcom %}-hosted runner, create a job and use `runs-on` to specify the type of runner that will process the job, such as `ubuntu-latest`, `windows-latest`, or `macos-latest`. For the full list of runner types, see [AUTOTITLE](/actions/reference/github-hosted-runners-reference#supported-runners-and-hardware-resources).{% ifversion repository-actions-runners %} If you have `repo: write` access to a repository, you can view a list of the runners available to use in workflows in the repository. For more information, see [Viewing available runners for a repository](#viewing-available-runners-for-a-repository).{% endif %} +To use a {% data variables.product.prodname_dotcom %}-hosted runner, create a job and use `runs-on` to specify the type of runner that will process the job, such as `ubuntu-latest`, `windows-latest`, or `macos-latest`. For the full list of runner types, see [AUTOTITLE](/actions/reference/runners/github-hosted-runners#supported-runners-and-hardware-resources).{% ifversion repository-actions-runners %} If you have `repo: write` access to a repository, you can view a list of the runners available to use in workflows in the repository. For more information, see [Viewing available runners for a repository](#viewing-available-runners-for-a-repository).{% endif %} When the job begins, {% data variables.product.prodname_dotcom %} automatically provisions a new VM for that job. All steps in the job execute on the VM, allowing the steps in that job to share information using the runner's filesystem. You can run workflows directly on the VM or in a Docker container. When the job has finished, the VM is automatically decommissioned. diff --git a/content/actions/how-tos/manage-runners/github-hosted-runners/view-current-jobs.md b/content/actions/how-tos/manage-runners/github-hosted-runners/view-current-jobs.md index 38eb09a41f94..e51682d4e3bc 100644 --- a/content/actions/how-tos/manage-runners/github-hosted-runners/view-current-jobs.md +++ b/content/actions/how-tos/manage-runners/github-hosted-runners/view-current-jobs.md @@ -29,7 +29,7 @@ You can get a list of all jobs currently running on {% data variables.product.pr ## Viewing queued jobs in your organization or enterprise -{% data variables.product.prodname_dotcom %}-hosted runners allow you to run jobs concurrently, and the maximum number of concurrent jobs will vary depending on your plan. If you reach the maximum number of concurrent jobs, any new jobs will start to enter a queue. To find out more about the number of concurrent jobs available to your plan, see [AUTOTITLE](/actions/learn-github-actions/usage-limits-billing-and-administration). +{% data variables.product.prodname_dotcom %}-hosted runners allow you to run jobs concurrently, and the maximum number of concurrent jobs will vary depending on your plan. If you reach the maximum number of concurrent jobs, any new jobs will start to enter a queue. To find out more about the number of concurrent jobs available to your plan, see [AUTOTITLE](/actions/concepts/billing-and-usage). The following procedure demonstrates how to check the maximum number of concurrent jobs you can run. diff --git a/content/actions/how-tos/manage-runners/larger-runners/control-access.md b/content/actions/how-tos/manage-runners/larger-runners/control-access.md index 2f62c63cd3f8..ec52ed1453be 100644 --- a/content/actions/how-tos/manage-runners/larger-runners/control-access.md +++ b/content/actions/how-tos/manage-runners/larger-runners/control-access.md @@ -97,7 +97,7 @@ For runner groups in an organization, you can change what repositories in the or {% data reusables.actions.azure-vnet-network-configuration-intro %} -If you have configured your {% ifversion ghec %}enterprise or {% endif %}organization to connect to an Azure VNET, you can give runner groups access to the virtual network. For more information, see [AUTOTITLE](/actions/using-github-hosted-runners/connecting-to-a-private-network/about-private-networking-with-github-hosted-runners#using-an-azure-virtual-network-vnet). +If you have configured your {% ifversion ghec %}enterprise or {% endif %}organization to connect to an Azure VNET, you can give runner groups access to the virtual network. For more information, see [AUTOTITLE](/actions/concepts/runners/private-networking#using-an-azure-virtual-network-vnet). {% data reusables.actions.macos-networking-limitation %} diff --git a/content/actions/how-tos/manage-runners/larger-runners/manage-larger-runners.md b/content/actions/how-tos/manage-runners/larger-runners/manage-larger-runners.md index 596a0c3fa2bb..d0a849cb1d53 100644 --- a/content/actions/how-tos/manage-runners/larger-runners/manage-larger-runners.md +++ b/content/actions/how-tos/manage-runners/larger-runners/manage-larger-runners.md @@ -50,12 +50,12 @@ Organization owners{% ifversion custom-org-roles %} and users with the "Manage o Repositories are granted access to {% data variables.actions.hosted_runner %}s through runner groups. Enterprise administrators can choose which organizations are granted access to enterprise-level runner groups, and organization owners{% ifversion custom-org-roles %} and users with the "Manage organization runners and runner groups" permission{% endif %} control repository-level access to all {% data variables.actions.hosted_runner %}s. -Organization owners can use and configure enterprise-level runner groups for the repositories in their organization, or they can create organization-level runner groups to control access.{% ifversion custom-org-roles %} Users with the "Manage organization runners and runner groups" can only manage organization-level runner groups. For more information, see [AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/about-custom-organization-roles).{% endif %} +Organization owners can use and configure enterprise-level runner groups for the repositories in their organization, or they can create organization-level runner groups to control access.{% ifversion custom-org-roles %} Users with the "Manage organization runners and runner groups" can only manage organization-level runner groups. For more information, see [AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/permissions-of-custom-organization-roles).{% endif %} * **For enterprise-level runner groups:** {% data reusables.actions.about-enterprise-level-runner-groups %} * **For organization-level runner groups:** {% data reusables.actions.about-organization-level-runner-groups %} -Once a repository has access to {% data variables.actions.hosted_runner %}s, the {% data variables.actions.hosted_runner %}s can be added to workflow files. For more information, see [AUTOTITLE](/actions/using-github-hosted-runners/running-jobs-on-larger-runners). +Once a repository has access to {% data variables.actions.hosted_runner %}s, the {% data variables.actions.hosted_runner %}s can be added to workflow files. For more information, see [AUTOTITLE](/actions/how-tos/manage-runners/larger-runners/use-larger-runners). {% data reusables.actions.runner-groups-org-navigation %} 1. Select a runner group from either list on the page. Organization-level runner groups are listed at the top of the page, and enterprise-level runner groups are listed under "Shared by the Enterprise." @@ -63,7 +63,7 @@ Once a repository has access to {% data variables.actions.hosted_runner %}s, the > [!WARNING] > {% data reusables.actions.hosted-runner-security %} -> For more information, see [AUTOTITLE](/actions/using-github-hosted-runners/controlling-access-to-larger-runners). +> For more information, see [AUTOTITLE](/actions/how-tos/manage-runners/larger-runners/control-access). If you want to require workflows to target runners only through runner groups, you can disable standard {% data variables.product.github %}-hosted runners at the organization or enterprise level. See [AUTOTITLE](/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization) and [AUTOTITLE](/admin/enforcing-policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise). diff --git a/content/actions/how-tos/manage-runners/larger-runners/use-custom-images.md b/content/actions/how-tos/manage-runners/larger-runners/use-custom-images.md index 7e3cedea0c32..c1cd63cef9cc 100644 --- a/content/actions/how-tos/manage-runners/larger-runners/use-custom-images.md +++ b/content/actions/how-tos/manage-runners/larger-runners/use-custom-images.md @@ -31,7 +31,7 @@ Before you can create custom images, make sure the following requirements are me * Manage organization hosted runner custom images * Manage organization runners and runner groups - For more information, see [AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/about-custom-organization-roles). + For more information, see [AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/permissions-of-custom-organization-roles). ## Setting up an image-generation runner @@ -59,7 +59,7 @@ To configure a workflow for image generation: * Each successful run of a job that includes the `snapshot` keyword creates a new version of that image. > [!NOTE] - > {% data variables.product.company_short %} recommends configuring image generation as a scheduled workflow on a weekly basis. This approach ensures dependencies remain up-to-date and have the latest security patches. For more information, see [AUTOTITLE](/actions/using-workflows/events-that-trigger-workflows#schedule). + > {% data variables.product.company_short %} recommends configuring image generation as a scheduled workflow on a weekly basis. This approach ensures dependencies remain up-to-date and have the latest security patches. For more information, see [AUTOTITLE](/actions/reference/workflows-and-actions/events-that-trigger-workflows#schedule). It can take some time for your image to be fully generated and ready to use after the workflow completes. Provisioning time varies based on runner size and configuration, and may take several hours for larger runners. @@ -195,4 +195,4 @@ To prevent unauthorized changes to your images, follow these best practices. * **Use dedicated runner groups for image generation.** Runners that generate production images must remain in a dedicated runner group. Do not share runner groups between production and development or test repositories, as anyone with access to a development or test repository could inject malicious code into a production image. * **Do not allow public repositories to access image-generation runners.** Limit the repositories that can use image-generation runners to only those that require it, and review access regularly. -* **Apply least privilege to repositories.** Avoid granting organization-wide `write` access for repositories that have access to image-generation runners. Because images can be generated from any branch, anyone with write access could create a branch with arbitrary code and trigger image generation. \ No newline at end of file +* **Apply least privilege to repositories.** Avoid granting organization-wide `write` access for repositories that have access to image-generation runners. Because images can be generated from any branch, anyone with write access could create a branch with arbitrary code and trigger image generation. diff --git a/content/actions/how-tos/manage-runners/self-hosted-runners/add-runners.md b/content/actions/how-tos/manage-runners/self-hosted-runners/add-runners.md index 1948dee80f21..1c3d39303cc7 100644 --- a/content/actions/how-tos/manage-runners/self-hosted-runners/add-runners.md +++ b/content/actions/how-tos/manage-runners/self-hosted-runners/add-runners.md @@ -21,13 +21,13 @@ contentType: how-tos > [!WARNING] > {% data reusables.actions.self-hosted-runner-security %} > -> For more information, see [AUTOTITLE](/actions/security-for-github-actions/security-guides/security-hardening-for-github-actions). +> For more information, see [AUTOTITLE](/actions/reference/security/secure-use). {% data reusables.actions.enterprise-github-hosted-runners %} ## Prerequisites -Before you add a self-hosted runner, you should understand what they are and how they work. See [AUTOTITLE](/actions/concepts/runners/about-self-hosted-runners). +Before you add a self-hosted runner, you should understand what they are and how they work. See [AUTOTITLE](/actions/concepts/runners/self-hosted-runners). Additionally, you must meet the following requirements: {% data reusables.actions.self-hosted-runners-prerequisites %} @@ -36,7 +36,7 @@ Additionally, you must meet the following requirements: You can add self-hosted runners to a single repository. To add a self-hosted runner to a user repository, you must be the repository owner. For an organization repository, {% ifversion custom-org-roles %}you must be an organization owner, have admin access to the repository, or have the “Manage organization runners and runner groups” permission.{% else %}you must be an organization owner or have admin access to the repository.{% endif %} -{% ifversion custom-org-roles %}For more information about custom organization roles, see [AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/about-custom-organization-roles).{% endif %} +{% ifversion custom-org-roles %}For more information about custom organization roles, see [AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/permissions-of-custom-organization-roles).{% endif %} For information about how to add a self-hosted runner with the REST API, see [AUTOTITLE](/rest/actions/self-hosted-runners). @@ -50,13 +50,13 @@ For information about how to add a self-hosted runner with the REST API, see [AU {% data reusables.actions.self-hosted-runner-configure %} {% data reusables.actions.self-hosted-runner-check-installation-success %} -For more information, see [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners/monitoring-and-troubleshooting-self-hosted-runners). +For more information, see [AUTOTITLE](/actions/how-tos/manage-runners/self-hosted-runners/monitor-and-troubleshoot). ## Adding a self-hosted runner to an organization You can add self-hosted runners at the organization level, where they can be used to process jobs for multiple repositories in an organization. To add a self-hosted runner to an organization, you must be an organization owner{% ifversion custom-org-roles %} or have the "Manage organization runners and runner groups" permission{% endif %}. For information about how to add a self-hosted runner with the REST API, see [AUTOTITLE](/rest/actions/self-hosted-runners). -{% ifversion custom-org-roles %}For more information about custom organization roles, see [AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/about-custom-organization-roles).{% endif %} +{% ifversion custom-org-roles %}For more information about custom organization roles, see [AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/permissions-of-custom-organization-roles).{% endif %} {% data reusables.organizations.navigate-to-org %} {% data reusables.organizations.org_settings %} @@ -65,16 +65,16 @@ You can add self-hosted runners at the organization level, where they can be use {% data reusables.actions.self-hosted-runner-configure %} {% data reusables.actions.self-hosted-runner-check-installation-success %} -For more information, see [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners/monitoring-and-troubleshooting-self-hosted-runners). +For more information, see [AUTOTITLE](/actions/how-tos/manage-runners/self-hosted-runners/monitor-and-troubleshoot). {% data reusables.actions.self-hosted-runner-public-repo-access %} ## Adding a self-hosted runner to an enterprise -{% ifversion fpt %}If you use {% data variables.product.prodname_ghe_cloud %}, you{% elsif ghec or ghes %}You{% endif %} can add self-hosted runners to an enterprise, where they can be assigned to multiple organizations. The organization owner can control which repositories can use it. {% ifversion fpt %}For more information, see the [{% data variables.product.prodname_ghe_cloud %} documentation](/enterprise-cloud@latest/actions/hosting-your-own-runners/managing-self-hosted-runners/adding-self-hosted-runners#adding-a-self-hosted-runner-to-an-enterprise).{% endif %} +{% ifversion fpt %}If you use {% data variables.product.prodname_ghe_cloud %}, you{% elsif ghec or ghes %}You{% endif %} can add self-hosted runners to an enterprise, where they can be assigned to multiple organizations. The organization owner can control which repositories can use it. {% ifversion fpt %}For more information, see the [{% data variables.product.prodname_ghe_cloud %} documentation](/enterprise-cloud@latest/actions/how-tos/manage-runners/self-hosted-runners/add-runners#adding-a-self-hosted-runner-to-an-enterprise).{% endif %} {% ifversion ghec or ghes %} -New runners are assigned to the default group. You can modify the runner's group after you've registered the runner. For more information, see [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners/managing-access-to-self-hosted-runners-using-groups#moving-a-self-hosted-runner-to-a-group). +New runners are assigned to the default group. You can modify the runner's group after you've registered the runner. For more information, see [AUTOTITLE](/actions/how-tos/manage-runners/self-hosted-runners/manage-access#moving-a-self-hosted-runner-to-a-group). To add a self-hosted runner to an enterprise, you must be an enterprise owner. For information about how to add a self-hosted runner with the REST API, see the enterprise endpoints in the [{% data variables.product.prodname_actions %} REST API](/rest/actions/self-hosted-runners). @@ -82,7 +82,7 @@ To add a self-hosted runner to an enterprise, you must be an enterprise owner. F {% data reusables.actions.self-hosted-runner-check-installation-success %} -For more information, see [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners/monitoring-and-troubleshooting-self-hosted-runners). +For more information, see [AUTOTITLE](/actions/how-tos/manage-runners/self-hosted-runners/monitor-and-troubleshoot). {% data reusables.actions.self-hosted-runner-public-repo-access %} @@ -92,9 +92,9 @@ By default, runners in an enterprise's "Default" self-hosted runner group are av To make an enterprise-level self-hosted runner group available to an organization repository, you might need to change the organization's inherited settings for the runner group to make the runner available to repositories in the organization. -For more information on changing runner group access settings, see [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners/managing-access-to-self-hosted-runners-using-groups#changing-the-access-policy-of-a-self-hosted-runner-group). +For more information on changing runner group access settings, see [AUTOTITLE](/actions/how-tos/manage-runners/self-hosted-runners/manage-access#changing-the-access-policy-of-a-self-hosted-runner-group). {% endif %} ## Next steps -You can set up automation to scale the number of self-hosted runners. For more information, see [AUTOTITLE](/actions/reference/self-hosted-runners-reference#autoscaling). +You can set up automation to scale the number of self-hosted runners. For more information, see [AUTOTITLE](/actions/reference/runners/self-hosted-runners#autoscaling). diff --git a/content/actions/how-tos/manage-runners/self-hosted-runners/apply-labels.md b/content/actions/how-tos/manage-runners/self-hosted-runners/apply-labels.md index 0502c1954c6b..79ef584bb4df 100644 --- a/content/actions/how-tos/manage-runners/self-hosted-runners/apply-labels.md +++ b/content/actions/how-tos/manage-runners/self-hosted-runners/apply-labels.md @@ -18,7 +18,7 @@ contentType: how-tos {% data reusables.actions.enterprise-github-hosted-runners %} -For information on how to use labels to route jobs to specific types of self-hosted runners, see [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners/using-self-hosted-runners-in-a-workflow). You can also route jobs to runners in a specific group. For more information, see [AUTOTITLE](/actions/using-jobs/choosing-the-runner-for-a-job#targeting-runners-in-a-group). +For information on how to use labels to route jobs to specific types of self-hosted runners, see [AUTOTITLE](/actions/how-tos/manage-runners/self-hosted-runners/use-in-a-workflow). You can also route jobs to runners in a specific group. For more information, see [AUTOTITLE](/actions/how-tos/write-workflows/choose-where-workflows-run/choose-the-runner-for-a-job#targeting-runners-in-a-group). {% data reusables.actions.self-hosted-runner-management-permissions-required %} diff --git a/content/actions/how-tos/manage-runners/self-hosted-runners/configure-the-application.md b/content/actions/how-tos/manage-runners/self-hosted-runners/configure-the-application.md index 9b1ee70381fe..004a5524b5e0 100644 --- a/content/actions/how-tos/manage-runners/self-hosted-runners/configure-the-application.md +++ b/content/actions/how-tos/manage-runners/self-hosted-runners/configure-the-application.md @@ -27,7 +27,7 @@ contentType: how-tos > [!NOTE] > You must add a runner to {% data variables.product.github %} before you can configure the self-hosted runner application as a service. -For more information, see [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners/adding-self-hosted-runners). +For more information, see [AUTOTITLE](/actions/how-tos/manage-runners/self-hosted-runners/add-runners). {% endcapture %} @@ -48,7 +48,7 @@ For Linux systems that use `systemd`, you can use the `svc.sh` script that is cr > [!NOTE] > Configuring the self-hosted runner application as a service on Windows is part of the application configuration process. If you have already configured the self-hosted runner application but did not choose to configure it as a service, you must remove the runner from {% data variables.product.prodname_dotcom %} and re-configure the application. When you re-configure the application, choose the option to configure the application as a service. > -> For more information, see [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners/removing-self-hosted-runners) and [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners/adding-self-hosted-runners). +> For more information, see [AUTOTITLE](/actions/how-tos/manage-runners/self-hosted-runners/remove-runners) and [AUTOTITLE](/actions/how-tos/manage-runners/self-hosted-runners/add-runners). You can manage the runner service in the Windows **Services** application, or you can use PowerShell to run the commands below. @@ -153,7 +153,7 @@ Get-Service "{{ service_win_name }}" {% endmac %} - For more information on viewing the status of your self-hosted runner, see [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners/monitoring-and-troubleshooting-self-hosted-runners). + For more information on viewing the status of your self-hosted runner, see [AUTOTITLE](/actions/how-tos/manage-runners/self-hosted-runners/monitor-and-troubleshoot). ## Stopping the service diff --git a/content/actions/how-tos/manage-runners/self-hosted-runners/customize-containers.md b/content/actions/how-tos/manage-runners/self-hosted-runners/customize-containers.md index 80039df90b46..eb5f41dc6be0 100644 --- a/content/actions/how-tos/manage-runners/self-hosted-runners/customize-containers.md +++ b/content/actions/how-tos/manage-runners/self-hosted-runners/customize-containers.md @@ -21,7 +21,7 @@ contentType: how-tos ## About container customization -{% data variables.product.prodname_actions %} allows you to run a job within a container, using the `container:` statement in your workflow file. For more information, see [AUTOTITLE](/actions/using-jobs/running-jobs-in-a-container). To process container-based jobs, the self-hosted runner creates a container for each job. +{% data variables.product.prodname_actions %} allows you to run a job within a container, using the `container:` statement in your workflow file. For more information, see [AUTOTITLE](/actions/how-tos/write-workflows/choose-where-workflows-run/run-jobs-in-a-container). To process container-based jobs, the self-hosted runner creates a container for each job. {% data variables.product.prodname_actions %} supports commands that let you customize the way your containers are created by the self-hosted runner. For example, you can use these commands to manage the containers through Kubernetes or Podman, and you can also customize the `docker run` or `docker create` commands used to invoke the container. The customization commands are run by a script, which is automatically triggered when a specific environment variable is set on the runner. For more information, see [Triggering the customization script](#triggering-the-customization-script) below. @@ -31,10 +31,10 @@ This customization is only available for Linux-based self-hosted runners, and ro {% data variables.product.prodname_actions %} includes the following commands for container customization: -* [`prepare_job`](/actions/hosting-your-own-runners/managing-self-hosted-runners/customizing-the-containers-used-by-jobs#prepare_job): Called when a job is started. -* [`cleanup_job`](/actions/hosting-your-own-runners/managing-self-hosted-runners/customizing-the-containers-used-by-jobs#cleanup_job): Called at the end of a job. -* [`run_container_step`](/actions/hosting-your-own-runners/managing-self-hosted-runners/customizing-the-containers-used-by-jobs#run_container_step): Called once for each container action in the job. -* [`run_script_step`](/actions/hosting-your-own-runners/managing-self-hosted-runners/customizing-the-containers-used-by-jobs#run_script_step): Runs any step that is not a container action. +* [`prepare_job`](/actions/how-tos/manage-runners/self-hosted-runners/customize-containers#prepare_job): Called when a job is started. +* [`cleanup_job`](/actions/how-tos/manage-runners/self-hosted-runners/customize-containers#cleanup_job): Called at the end of a job. +* [`run_container_step`](/actions/how-tos/manage-runners/self-hosted-runners/customize-containers#run_container_step): Called once for each container action in the job. +* [`run_script_step`](/actions/how-tos/manage-runners/self-hosted-runners/customize-containers#run_script_step): Runs any step that is not a container action. Each of these customization commands must be defined in its own JSON file. The file name must match the command name, with the extension `.json`. For example, the `prepare_job` command is defined in `prepare_job.json`. These JSON files will then be run together on the self-hosted runner, as part of the main `index.js` script. This process is described in more detail in [Generating the customization script](#generating-the-customization-script). @@ -53,7 +53,7 @@ The `prepare_job` command is called when a job is started. {% data variables.pro * Start the service containers. * Write to the response file any information that {% data variables.product.prodname_actions %} will need: * Required: State whether the container is an `alpine` linux container (using the `isAlpine` boolean). - * Optional: Any context fields you want to set on the job context, otherwise they will be unavailable for users to use. For more information, see [AUTOTITLE](/actions/learn-github-actions/contexts#job-context). + * Optional: Any context fields you want to set on the job context, otherwise they will be unavailable for users to use. For more information, see [AUTOTITLE](/actions/reference/workflows-and-actions/contexts#job-context). * Return `0` when the health checks have succeeded and the job/service containers are started. #### Arguments for `prepare_job` @@ -61,9 +61,9 @@ The `prepare_job` command is called when a job is started. {% data variables.pro * `jobContainer`: **Optional**. An object containing information about the specified job container. * `image`: **Required**. A string containing the Docker image. * `workingDirectory`: **Required**. A string containing the absolute path of the working directory. - * `createOptions`: **Optional**. The optional _create_ options specified in the YAML. For more information, see [AUTOTITLE](/actions/using-jobs/running-jobs-in-a-container#example-running-a-job-within-a-container). + * `createOptions`: **Optional**. The optional _create_ options specified in the YAML. For more information, see [AUTOTITLE](/actions/how-tos/write-workflows/choose-where-workflows-run/run-jobs-in-a-container#example-running-a-job-within-a-container). * `environmentVariables`: **Optional**. Sets a map of key environment variables. - * `userMountVolumes`: **Optional**. An array of user mount volumes set in the YAML. For more information, see [AUTOTITLE](/actions/using-jobs/running-jobs-in-a-container#example-running-a-job-within-a-container). + * `userMountVolumes`: **Optional**. An array of user mount volumes set in the YAML. For more information, see [AUTOTITLE](/actions/how-tos/write-workflows/choose-where-workflows-run/run-jobs-in-a-container#example-running-a-job-within-a-container). * `sourceVolumePath`: **Required**. The source path to the volume that will be mounted into the Docker container. * `targetVolumePath`: **Required**. The target path to the volume that will be mounted into the Docker container. * `readOnly`: **Required**. Determines whether or not the mount should be read-only. @@ -79,7 +79,7 @@ The `prepare_job` command is called when a job is started. {% data variables.pro * `services`: **Optional**. An array of service containers to spin up. * `contextName`: **Required**. The name of the service in the Job context. * `image`: **Required**. A string containing the Docker image. - * `createOptions`: **Optional**. The optional _create_ options specified in the YAML. For more information, see [AUTOTITLE](/actions/using-jobs/running-jobs-in-a-container#example-running-a-job-within-a-container). + * `createOptions`: **Optional**. The optional _create_ options specified in the YAML. For more information, see [AUTOTITLE](/actions/how-tos/write-workflows/choose-where-workflows-run/run-jobs-in-a-container#example-running-a-job-within-a-container). * `environmentVariables`: **Optional**. Sets a map of key environment variables. * `userMountVolumes`: **Optional**. An array of mounts to mount into the container, same fields as above. * `sourceVolumePath`: **Required**. The source path to the volume that will be mounted into the Docker container. @@ -259,10 +259,10 @@ The `run_container_step` command is called once for each container action in you * `entryPointArgs`: **Optional**. A list containing the entry point args. * `entryPoint`: **Optional**. The container entry point to use if the default image entrypoint should be overwritten. * `workingDirectory`: **Required**. A string containing the absolute path of the working directory. -* `createOptions`: **Optional**. The optional _create_ options specified in the YAML. For more information, see [AUTOTITLE](/actions/using-jobs/running-jobs-in-a-container#example-running-a-job-within-a-container). +* `createOptions`: **Optional**. The optional _create_ options specified in the YAML. For more information, see [AUTOTITLE](/actions/how-tos/write-workflows/choose-where-workflows-run/run-jobs-in-a-container#example-running-a-job-within-a-container). * `environmentVariables`: **Optional**. Sets a map of key environment variables. * `prependPath`: **Optional**. An array of additional paths to prepend to the `$PATH` variable. -* `userMountVolumes`: **Optional**. an array of user mount volumes set in the YAML. For more information, see [AUTOTITLE](/actions/using-jobs/running-jobs-in-a-container#example-running-a-job-within-a-container). +* `userMountVolumes`: **Optional**. an array of user mount volumes set in the YAML. For more information, see [AUTOTITLE](/actions/how-tos/write-workflows/choose-where-workflows-run/run-jobs-in-a-container#example-running-a-job-within-a-container). * `sourceVolumePath`: **Required**. The source path to the volume that will be mounted into the Docker container. * `targetVolumePath`: **Required**. The target path to the volume that will be mounted into the Docker container. * `readOnly`: **Required**. Determines whether or not the mount should be read-only. @@ -526,4 +526,4 @@ There is currently no timeout setting available for the script executed by `ACTI ### Reviewing the workflow run log -To confirm whether your scripts are executing, you can review the logs for that job. For more information on checking the logs, see [AUTOTITLE](/actions/monitoring-and-troubleshooting-workflows/using-workflow-run-logs#viewing-logs-to-diagnose-failures). +To confirm whether your scripts are executing, you can review the logs for that job. For more information on checking the logs, see [AUTOTITLE](/actions/how-tos/monitor-workflows/use-workflow-run-logs#viewing-logs-to-diagnose-failures). diff --git a/content/actions/how-tos/manage-runners/self-hosted-runners/monitor-and-troubleshoot.md b/content/actions/how-tos/manage-runners/self-hosted-runners/monitor-and-troubleshoot.md index ebb80d22a37f..bf29908468bd 100644 --- a/content/actions/how-tos/manage-runners/self-hosted-runners/monitor-and-troubleshoot.md +++ b/content/actions/how-tos/manage-runners/self-hosted-runners/monitor-and-troubleshoot.md @@ -52,7 +52,7 @@ You can use the self-hosted runner application's `config` script with the `--che In addition to `--check`, you must provide two arguments to the script: * `--url` with the URL to your {% data variables.product.company_short %} repository, organization, or enterprise. For example, `--url https://github.com/octo-org/octo-repo`. -* `--pat` with the value of a {% data variables.product.pat_v1 %}, which must have the `workflow` scope, or a {% data variables.product.pat_v2 %} with workflows read and write access. For example, `--pat ghp_abcd1234`. For more information, see [AUTOTITLE](/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token). +* `--pat` with the value of a {% data variables.product.pat_v1 %}, which must have the `workflow` scope, or a {% data variables.product.pat_v2 %} with workflows read and write access. For example, `--pat ghp_abcd1234`. For more information, see [AUTOTITLE](/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens). For example: @@ -76,7 +76,7 @@ config.cmd --check --url https://github.com/YOUR-ORG/YOUR-REPO --pat GHP_ABCD123 The script tests each service, and outputs either a `PASS` or `FAIL` for each one. If you have any failing checks, you can see more details on the problem in the log file for the check. The log files are located in the `_diag` directory where you installed the runner application, and the path of the log file for each check is shown in the console output of the script. -If you have any failing checks, you should also verify that your self-hosted runner machine meets all the communication requirements. For more information, see [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners/communicating-with-self-hosted-runners). +If you have any failing checks, you should also verify that your self-hosted runner machine meets all the communication requirements. For more information, see [AUTOTITLE](/actions/reference/runners/self-hosted-runners). ### Disabling TLS certificate verification @@ -129,7 +129,7 @@ export GITHUB_ACTIONS_RUNNER_TLS_NO_VERIFY=1 You can monitor the status of the self-hosted runner application and its activities. Log files are kept in the `_diag` directory where you installed the runner application, and a new log is generated each time the application is started. The filename begins with `Runner_`, and is followed by a UTC timestamp of when the application was started. > [!WARNING] -> Runner application log files for ephemeral runners must be forwarded and preserved externally for troubleshooting and diagnostic purposes. For more information about ephemeral runners and autoscaling self-hosted runners, see [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners/autoscaling-with-self-hosted-runners#using-ephemeral-runners-for-autoscaling). +> Runner application log files for ephemeral runners must be forwarded and preserved externally for troubleshooting and diagnostic purposes. For more information about ephemeral runners and autoscaling self-hosted runners, see [AUTOTITLE](/actions/reference/runners/self-hosted-runners#ephemeral-runners-for-autoscaling). For detailed logs on workflow job executions, see the next section describing the `Worker_` files. @@ -174,7 +174,7 @@ Feb 11 16:07:10 runner01 runsvc.sh[962]: 2020-02-11 16:07:10Z: Job testAction co ``` To view the `systemd` configuration, you can locate the service file here: `/etc/systemd/system/actions.runner.-..service`. -If you want to customize the self-hosted runner application service, do not directly modify this file. Follow the instructions described in [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners/configuring-the-self-hosted-runner-application-as-a-service#customizing-the-self-hosted-runner-service). +If you want to customize the self-hosted runner application service, do not directly modify this file. Follow the instructions described in [AUTOTITLE](/actions/how-tos/manage-runners/self-hosted-runners/configure-the-application#customizing-the-self-hosted-runner-service). {% endlinux %} @@ -202,7 +202,7 @@ Started: The resulting output includes the process ID and the name of the application’s `launchd` service. To view the `launchd` configuration, you can locate the service file here: `/Users/exampleUsername/Library/LaunchAgents/actions.runner...service`. -If you want to customize the self-hosted runner application service, do not directly modify this file. Follow the instructions described in [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners/configuring-the-self-hosted-runner-application-as-a-service#customizing-the-self-hosted-runner-service-1). +If you want to customize the self-hosted runner application service, do not directly modify this file. Follow the instructions described in [AUTOTITLE](/actions/how-tos/manage-runners/self-hosted-runners/configure-the-application#customizing-the-self-hosted-runner-service). {% endmac %} diff --git a/content/actions/how-tos/manage-runners/self-hosted-runners/remove-runners.md b/content/actions/how-tos/manage-runners/self-hosted-runners/remove-runners.md index 7874bc592eca..1d17d4c8344c 100644 --- a/content/actions/how-tos/manage-runners/self-hosted-runners/remove-runners.md +++ b/content/actions/how-tos/manage-runners/self-hosted-runners/remove-runners.md @@ -27,7 +27,7 @@ contentType: how-tos > * {% data reusables.actions.self-hosted-runner-auto-removal %} > * {% data reusables.actions.jit-runner-removal %} -To remove a self-hosted runner from a user repository you must be the repository owner. Organization owners{% ifversion custom-org-roles %} and users with the "Manage organization runners and runner groups" permission{% endif %} can remove a runner from a repository in the organization. {% ifversion custom-org-roles %}For more information about custom organization roles, see [AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/about-custom-organization-roles).{% endif %} +To remove a self-hosted runner from a user repository you must be the repository owner. Organization owners{% ifversion custom-org-roles %} and users with the "Manage organization runners and runner groups" permission{% endif %} can remove a runner from a repository in the organization. {% ifversion custom-org-roles %}For more information about custom organization roles, see [AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/permissions-of-custom-organization-roles).{% endif %} We recommend that you also have access to the self-hosted runner machine. @@ -49,7 +49,7 @@ For information about how to remove a self-hosted runner with the REST API, see To remove a self-hosted runner from an organization, you must be an organization owner{% ifversion custom-org-roles %} or have the "Manage organization runners and runner groups" permission{% endif %}. We recommend that you also have access to the self-hosted runner machine. For information about how to remove a self-hosted runner with the REST API, see [AUTOTITLE](/rest/actions/self-hosted-runners). -{% ifversion custom-org-roles %}For more information about custom organization roles, see [AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/about-custom-organization-roles).{% endif %} +{% ifversion custom-org-roles %}For more information about custom organization roles, see [AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/permissions-of-custom-organization-roles).{% endif %} {% data reusables.actions.self-hosted-runner-reusing %} {% data reusables.organizations.navigate-to-org %} @@ -61,7 +61,7 @@ To remove a self-hosted runner from an organization, you must be an organization ## Removing a runner from an enterprise {% ifversion fpt %} -If you use {% data variables.product.prodname_ghe_cloud %}, you can also remove runners from an enterprise. For more information, see the [{% data variables.product.prodname_ghe_cloud %} documentation](/enterprise-cloud@latest/actions/hosting-your-own-runners/managing-self-hosted-runners/removing-self-hosted-runners#removing-a-runner-from-an-enterprise). +If you use {% data variables.product.prodname_ghe_cloud %}, you can also remove runners from an enterprise. For more information, see the [{% data variables.product.prodname_ghe_cloud %} documentation](/enterprise-cloud@latest/actions/how-tos/manage-runners/self-hosted-runners/remove-runners#removing-a-runner-from-an-enterprise). {% endif %} {% ifversion ghec or ghes %} diff --git a/content/actions/how-tos/manage-runners/self-hosted-runners/run-scripts.md b/content/actions/how-tos/manage-runners/self-hosted-runners/run-scripts.md index 2e9f8dc917be..b2f0f8c67d97 100644 --- a/content/actions/how-tos/manage-runners/self-hosted-runners/run-scripts.md +++ b/content/actions/how-tos/manage-runners/self-hosted-runners/run-scripts.md @@ -33,8 +33,8 @@ The following scripting languages are supported: Your custom scripts can use the following features: -* **Variables:** Scripts have access to the default variables. The full webhook event payload can be found in `GITHUB_EVENT_PATH`. For more information, see [AUTOTITLE](/actions/reference/variables-reference#default-environment-variables). -* **Workflow commands:** Scripts can use workflow commands. For more information, see [AUTOTITLE](/actions/using-workflows/workflow-commands-for-github-actions). Scripts can also use environment files. For more information, see [Environment files](/actions/using-workflows/workflow-commands-for-github-actions#environment-files). +* **Variables:** Scripts have access to the default variables. The full webhook event payload can be found in `GITHUB_EVENT_PATH`. For more information, see [AUTOTITLE](/actions/reference/workflows-and-actions/variables#default-environment-variables). +* **Workflow commands:** Scripts can use workflow commands. For more information, see [AUTOTITLE](/actions/reference/workflows-and-actions/workflow-commands). Scripts can also use environment files. For more information, see [Environment files](/actions/reference/workflows-and-actions/workflow-commands#environment-files). Your script files must use a file extension for the relevant language, such as `.sh` or `.ps1`, in order to run successfully. @@ -43,9 +43,9 @@ Your script files must use a file extension for the relevant language, such as ` ### Handling exit codes -For pre-job scripts, exit code `0` indicates that the script completed successfully, and the job will then proceed to run. If there is any other exit code, the job will not run and will be marked as failed. To see the results of your pre-job scripts, check the logs for `Set up runner` entries. For more information on checking the logs, see [AUTOTITLE](/actions/monitoring-and-troubleshooting-workflows/using-workflow-run-logs#viewing-logs-to-diagnose-failures). +For pre-job scripts, exit code `0` indicates that the script completed successfully, and the job will then proceed to run. If there is any other exit code, the job will not run and will be marked as failed. To see the results of your pre-job scripts, check the logs for `Set up runner` entries. For more information on checking the logs, see [AUTOTITLE](/actions/how-tos/monitor-workflows/use-workflow-run-logs#viewing-logs-to-diagnose-failures). -The [`continue-on-error`](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idcontinue-on-error) setting is not supported for use by these scripts. +The [`continue-on-error`](/actions/reference/workflows-and-actions/workflow-syntax#jobsjob_idcontinue-on-error) setting is not supported for use by these scripts. ## Triggering the scripts @@ -78,7 +78,7 @@ If you get a "permission denied" error when you attempt to run a script, make su chmod +x PATH/TO/FILE ``` -For information about using workflows to run scripts, see [AUTOTITLE](/actions/writing-workflows/choosing-what-your-workflow-does/adding-scripts-to-your-workflow). +For information about using workflows to run scripts, see [AUTOTITLE](/actions/how-tos/write-workflows/choose-what-workflows-do/add-scripts). ### No timeout setting @@ -86,4 +86,4 @@ There is currently no timeout setting available for scripts executed by `ACTIONS ### Reviewing the workflow run log -To confirm whether your scripts are executing, you can review the logs for that job. The scripts will be listed within separate steps for either `Set up runner` or `Complete runner`, depending on which environment variable is triggering the script. For more information on checking the logs, see [AUTOTITLE](/actions/monitoring-and-troubleshooting-workflows/using-workflow-run-logs#viewing-logs-to-diagnose-failures). +To confirm whether your scripts are executing, you can review the logs for that job. The scripts will be listed within separate steps for either `Set up runner` or `Complete runner`, depending on which environment variable is triggering the script. For more information on checking the logs, see [AUTOTITLE](/actions/how-tos/monitor-workflows/use-workflow-run-logs#viewing-logs-to-diagnose-failures). diff --git a/content/actions/how-tos/manage-runners/self-hosted-runners/use-in-a-workflow.md b/content/actions/how-tos/manage-runners/self-hosted-runners/use-in-a-workflow.md index 33a18b265f25..3d5f76211104 100644 --- a/content/actions/how-tos/manage-runners/self-hosted-runners/use-in-a-workflow.md +++ b/content/actions/how-tos/manage-runners/self-hosted-runners/use-in-a-workflow.md @@ -30,7 +30,7 @@ contentType: how-tos {% data reusables.repositories.actions-tab %} {% data reusables.repositories.repository-runners %} 1. Click the **Self hosted** tab at the top of the list of runners. -1. Review the list of available self-hosted runners for the repository. This list includes both self-hosted runners and runner scale sets created with {% data variables.product.prodname_actions_runner_controller %}. For more information, see [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners-with-actions-runner-controller/about-actions-runner-controller). +1. Review the list of available self-hosted runners for the repository. This list includes both self-hosted runners and runner scale sets created with {% data variables.product.prodname_actions_runner_controller %}. For more information, see [AUTOTITLE](/actions/concepts/runners/actions-runner-controller). {% data reusables.actions.copy-runner-label %} {% data reusables.actions.actions-tab-new-runners-note %} diff --git a/content/actions/how-tos/manage-runners/use-actions-runner-controller/authenticate-to-the-api.md b/content/actions/how-tos/manage-runners/use-actions-runner-controller/authenticate-to-the-api.md index 344ab72bcf1d..da06f482a8f2 100644 --- a/content/actions/how-tos/manage-runners/use-actions-runner-controller/authenticate-to-the-api.md +++ b/content/actions/how-tos/manage-runners/use-actions-runner-controller/authenticate-to-the-api.md @@ -18,11 +18,11 @@ contentType: how-tos You can authenticate {% data variables.product.prodname_actions_runner_controller %} (ARC) to the {% data variables.product.prodname_dotcom %} API by using a {% data variables.product.prodname_github_app %} or by using a {% data variables.product.pat_v1 %}. > [!NOTE] -> You cannot authenticate using a {% data variables.product.prodname_github_app %} for runners at the enterprise level. For more information, see [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners/managing-access-to-self-hosted-runners-using-groups#about-runner-groups). +> You cannot authenticate using a {% data variables.product.prodname_github_app %} for runners at the enterprise level. For more information, see [AUTOTITLE](/actions/how-tos/manage-runners/self-hosted-runners/manage-access#about-runner-groups). ## Authenticating ARC with a {% data variables.product.prodname_github_app %} -1. Create a {% data variables.product.prodname_github_app %} that is owned by an organization. For more information, see [AUTOTITLE](/apps/creating-github-apps/creating-github-apps/creating-a-github-app). Configure the {% data variables.product.prodname_github_app %} as follows. +1. Create a {% data variables.product.prodname_github_app %} that is owned by an organization. For more information, see [AUTOTITLE](/apps/creating-github-apps/registering-a-github-app/registering-a-github-app). Configure the {% data variables.product.prodname_github_app %} as follows. 1. For "Homepage URL," enter `https://github.com/actions/actions-runner-controller`. @@ -58,7 +58,7 @@ ARC can use {% data variables.product.pat_v1_plural %} to register self-hosted r {% endif %} -1. Create a {% data variables.product.pat_v1 %} with the required scopes. The required scopes are different depending on whether you are registering runners at the repository{% ifversion ghec or ghes %}, organization, or enterprise{% else %} or organization{% endif %} level. For more information on how to create a {% data variables.product.pat_v1 %}, see [AUTOTITLE](/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token#creating-a-personal-access-token-classic). +1. Create a {% data variables.product.pat_v1 %} with the required scopes. The required scopes are different depending on whether you are registering runners at the repository{% ifversion ghec or ghes %}, organization, or enterprise{% else %} or organization{% endif %} level. For more information on how to create a {% data variables.product.pat_v1 %}, see [AUTOTITLE](/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens#creating-a-personal-access-token-classic). The following is the list of required {% data variables.product.pat_generic %} scopes for ARC runners. * Repository runners: `repo` @@ -95,7 +95,7 @@ ARC can use {% data variables.product.pat_v2_plural %} to register self-hosted r {% endif %} -1. Create a {% data variables.product.pat_v2 %} with the required scopes. The required scopes are different depending on whether you are registering runners at the repository or organization level. For more information on how to create a {% data variables.product.pat_v2 %}, see [AUTOTITLE](/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token#creating-a-fine-grained-personal-access-token). +1. Create a {% data variables.product.pat_v2 %} with the required scopes. The required scopes are different depending on whether you are registering runners at the repository or organization level. For more information on how to create a {% data variables.product.pat_v2 %}, see [AUTOTITLE](/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens#creating-a-fine-grained-personal-access-token). The following is the list of required {% data variables.product.pat_generic %} scopes for ARC runners. diff --git a/content/actions/how-tos/manage-runners/use-actions-runner-controller/deploy-runner-scale-sets.md b/content/actions/how-tos/manage-runners/use-actions-runner-controller/deploy-runner-scale-sets.md index 6ac597715cb7..24e022097448 100644 --- a/content/actions/how-tos/manage-runners/use-actions-runner-controller/deploy-runner-scale-sets.md +++ b/content/actions/how-tos/manage-runners/use-actions-runner-controller/deploy-runner-scale-sets.md @@ -17,7 +17,7 @@ contentType: how-tos ## Deploying a runner scale set -To deploy a runner scale set, you must have ARC up and running. For more information, see [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners-with-actions-runner-controller/quickstart-for-actions-runner-controller). +To deploy a runner scale set, you must have ARC up and running. For more information, see [AUTOTITLE](/actions/tutorials/use-actions-runner-controller/get-started). You can deploy runner scale sets with ARC's Helm charts or by deploying the necessary manifests. Using ARC's Helm charts is the preferred method, especially if you do not have prior experience using ARC. @@ -31,13 +31,13 @@ You can deploy runner scale sets with ARC's Helm charts or by deploying the nece When you run the command, keep the following in mind. - * Update the `INSTALLATION_NAME` value carefully. You can use the installation name as the value of [`runs-on`](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idruns-on) in your workflows. + * Update the `INSTALLATION_NAME` value carefully. You can use the installation name as the value of [`runs-on`](/actions/reference/workflows-and-actions/workflow-syntax#jobsjob_idruns-on) in your workflows. * Update the `NAMESPACE` value to the location you want the runner pods to be created. * Set the `GITHUB_CONFIG_URL` value to the URL of your repository, organization, or enterprise. This is the entity that the runners will belong to. * This example command installs the latest version of the Helm chart. To install a specific version, you can pass the `--version` argument with the version of the chart you want to install. You can find the list of releases in the [`actions-runner-controller`](https://github.com/actions/actions-runner-controller/pkgs/container/actions-runner-controller-charts%2Fgha-runner-scale-set) repository. > [!NOTE] - > This example uses a {% data variables.product.pat_generic %} to keep the initial setup short. If you are registering runners at the repository or organization level, we recommend authenticating with a {% data variables.product.prodname_github_app %} instead. For more information, see [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners-with-actions-runner-controller/authenticating-to-the-github-api). Enterprise-level runners require {% data variables.product.pat_v1 %} authentication. + > This example uses a {% data variables.product.pat_generic %} to keep the initial setup short. If you are registering runners at the repository or organization level, we recommend authenticating with a {% data variables.product.prodname_github_app %} instead. For more information, see [AUTOTITLE](/actions/how-tos/manage-runners/use-actions-runner-controller/authenticate-to-the-api). Enterprise-level runners require {% data variables.product.pat_v1 %} authentication. {% ifversion not ghes %} ```bash copy @@ -101,7 +101,7 @@ You can deploy runner scale sets with ARC's Helm charts or by deploying the nece arc-runner-set-754b578d-listener 1/1 Running 0 12s ``` -If your installation was not successful, see [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners-with-actions-runner-controller/troubleshooting-actions-runner-controller-errors) for troubleshooting information. +If your installation was not successful, see [AUTOTITLE](/actions/tutorials/use-actions-runner-controller/troubleshoot) for troubleshooting information. ## Using advanced configuration options @@ -155,7 +155,7 @@ githubConfigUrl: "http(s):///<'enterprises/your_enterprise'/'org'/'org ### Using a {% data variables.product.prodname_github_app %} for authentication -If you are not using enterprise-level runners, you can use {% data variables.product.prodname_github_apps %} to authenticate with the {% data variables.product.company_short %} API. For more information, see [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners-with-actions-runner-controller/authenticating-to-the-github-api). +If you are not using enterprise-level runners, you can use {% data variables.product.prodname_github_apps %} to authenticate with the {% data variables.product.company_short %} API. For more information, see [AUTOTITLE](/actions/how-tos/manage-runners/use-actions-runner-controller/authenticate-to-the-api). > [!NOTE] > Given the security risk associated with exposing your private key in plain text in a file on disk, we recommend creating a Kubernetes secret and passing the reference instead. @@ -206,7 +206,7 @@ githubConfigSecret: ### Managing access with runner groups -You can use runner groups to control which organizations or repositories have access to your runner scale sets. For more information on runner groups, see [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners/managing-access-to-self-hosted-runners-using-groups). +You can use runner groups to control which organizations or repositories have access to your runner scale sets. For more information on runner groups, see [AUTOTITLE](/actions/how-tos/manage-runners/self-hosted-runners/manage-access). To add a runner scale set to a runner group, you must already have a runner group created. Then set the `runnerGroup` property in your copy of the `values.yaml` file. The following example adds a runner scale set to the Octo-Group runner group. @@ -443,17 +443,17 @@ listenerTemplate: {% data reusables.actions.actions-runner-controller-unsupported-customization %} -If you are using container jobs and services or container actions, you must set the `containerMode` value to `dind` or `kubernetes`. To use a custom container mode, comment out or remove `containerMode`, and add your desired configuration to the `template` section. See [Customizing container modes](/actions/hosting-your-own-runners/managing-self-hosted-runners-with-actions-runner-controller/deploying-runner-scale-sets-with-actions-runner-controller#customizing-container-modes). +If you are using container jobs and services or container actions, you must set the `containerMode` value to `dind` or `kubernetes`. To use a custom container mode, comment out or remove `containerMode`, and add your desired configuration to the `template` section. See [Customizing container modes](/actions/how-tos/manage-runners/use-actions-runner-controller/deploy-runner-scale-sets#customizing-container-modes). -* For more information on container jobs and services, see [AUTOTITLE](/actions/using-jobs/running-jobs-in-a-container). -* For more information on container actions, see [AUTOTITLE](/actions/creating-actions/creating-a-docker-container-action). +* For more information on container jobs and services, see [AUTOTITLE](/actions/how-tos/write-workflows/choose-where-workflows-run/run-jobs-in-a-container). +* For more information on container actions, see [AUTOTITLE](/actions/tutorials/use-containerized-services/create-a-docker-container-action). ### Using Docker-in-Docker mode > [!NOTE] > The Docker-in-Docker container requires privileged mode. For more information, see [Configure a Security Context for a Pod or Container](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/) in the Kubernetes documentation. > -> By default, the `dind` container uses the `docker:dind` image, which runs the Docker daemon as root. You can replace this image with `docker:dind-rootless` as long as you are aware of the [known limitations](https://docs.docker.com/engine/security/rootless/#known-limitations) and run the pods with `--privileged` mode. To learn how to customize the Docker-in-Docker configuration, see [Customizing container modes](/actions/hosting-your-own-runners/managing-self-hosted-runners-with-actions-runner-controller/deploying-runner-scale-sets-with-actions-runner-controller#customizing-container-modes). +> By default, the `dind` container uses the `docker:dind` image, which runs the Docker daemon as root. You can replace this image with `docker:dind-rootless` as long as you are aware of the [known limitations](https://docs.docker.com/engine/security/rootless/#known-limitations) and run the pods with `--privileged` mode. To learn how to customize the Docker-in-Docker configuration, see [Customizing container modes](/actions/how-tos/manage-runners/use-actions-runner-controller/deploy-runner-scale-sets#customizing-container-modes). Docker-in-Docker mode is a configuration that allows you to run Docker inside a Docker container. In this configuration, for each runner pod created, ARC creates the following containers. @@ -1122,7 +1122,7 @@ As of ARC version 0.4.0, runner-container-hooks support hook extensions. You can There are two options to configure hook extensions. -* Store in your **custom runner image**. You can store the PodSpec in a YAML file anywhere in your custom runner image. For more information, see [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners-with-actions-runner-controller/about-actions-runner-controller#creating-your-own-runner-image). +* Store in your **custom runner image**. You can store the PodSpec in a YAML file anywhere in your custom runner image. For more information, see [AUTOTITLE](/actions/concepts/runners/actions-runner-controller#creating-your-own-runner-image). * Store in a **ConfigMap**. You can create a config map with the PodSpec and mount that config map in the runner container. For more information, see [ConfigMaps](https://kubernetes.io/docs/concepts/configuration/configmap/) in the Kubernetes documentation. > [!NOTE] @@ -1217,16 +1217,16 @@ The following table shows the metrics emitted by the controller-manager and list ## Using ARC with {% data variables.product.prodname_dependabot %} and {% data variables.product.prodname_code_scanning %} -You can use {% data variables.product.prodname_actions_runner_controller %} to create dedicated runners for your {% data variables.product.prodname_ghe_server %} instance that {% data variables.product.prodname_dependabot %} can use to help secure and maintain the dependencies used in repositories on your enterprise. For more information, see [AUTOTITLE](/admin/github-actions/enabling-github-actions-for-github-enterprise-server/managing-self-hosted-runners-for-dependabot-updates#system-requirements-for-dependabot-runners). +You can use {% data variables.product.prodname_actions_runner_controller %} to create dedicated runners for your {% data variables.product.prodname_ghe_server %} instance that {% data variables.product.prodname_dependabot %} can use to help secure and maintain the dependencies used in repositories on your enterprise. For more information, see [AUTOTITLE](/admin/managing-github-actions-for-your-enterprise/enabling-github-actions-for-github-enterprise-server/managing-self-hosted-runners-for-dependabot-updates#system-requirements-for-dependabot-runners). -You can also use ARC with {% data variables.product.prodname_codeql %} to identify vulnerabilities and errors in your code. For more information, see [AUTOTITLE](/code-security/code-scanning/introduction-to-code-scanning/about-code-scanning-with-codeql). If you're already using {% data variables.product.prodname_code_scanning %} and want to configure a runner scale set to use default setup, set `INSTALLATION_NAME=code-scanning`. For more information about {% data variables.product.prodname_code_scanning %} default setup, see [AUTOTITLE](/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning). +You can also use ARC with {% data variables.product.prodname_codeql %} to identify vulnerabilities and errors in your code. For more information, see [AUTOTITLE](/code-security/concepts/code-scanning/codeql/codeql-code-scanning). If you're already using {% data variables.product.prodname_code_scanning %} and want to configure a runner scale set to use default setup, set `INSTALLATION_NAME=code-scanning`. For more information about {% data variables.product.prodname_code_scanning %} default setup, see [AUTOTITLE](/code-security/how-tos/find-and-fix-code-vulnerabilities/configure-code-scanning/configure-code-scanning). To designate a runner scale set for {% data variables.product.prodname_dependabot %} updates or {% data variables.product.prodname_code_scanning %} with {% data variables.product.prodname_codeql %}, use a descriptive installation name in your Helm chart, such as `dependabot` or `code-scanning`. You can then set the `runs-on` value in your workflows to the installation name, and use the designated runner scale set for {% data variables.product.prodname_dependabot %} updates or {% data variables.product.prodname_code_scanning %} jobs. -If you're using default setup for {% data variables.product.prodname_code_scanning %}, the analysis will automatically look for a runner scale set with the installation name `code-scanning` but you can specify a custom name in the configuration, so that individual repositories can use different runner scale sets. See [AUTOTITLE](/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning#assigning-labels-to-runners). +If you're using default setup for {% data variables.product.prodname_code_scanning %}, the analysis will automatically look for a runner scale set with the installation name `code-scanning` but you can specify a custom name in the configuration, so that individual repositories can use different runner scale sets. See [AUTOTITLE](/code-security/how-tos/find-and-fix-code-vulnerabilities/configure-code-scanning/configure-code-scanning#assigning-labels-to-runners). > [!NOTE] -> The [Dependabot Action](https://github.com/github/dependabot-action) is used to run {% data variables.product.prodname_dependabot %} updates via {% data variables.product.prodname_actions %}. This action requires Docker as a dependency. For this reason, you can only use {% data variables.product.prodname_actions_runner_controller %} with {% data variables.product.prodname_dependabot %} when Docker-in-Docker (DinD) mode is enabled. For more information, see [AUTOTITLE](/admin/github-actions/enabling-github-actions-for-github-enterprise-server/managing-self-hosted-runners-for-dependabot-updates#system-requirements-for-dependabot-runners) and [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners-with-actions-runner-controller/deploying-runner-scale-sets-with-actions-runner-controller#using-docker-in-docker-or-kubernetes-mode-for-containers). +> The [Dependabot Action](https://github.com/github/dependabot-action) is used to run {% data variables.product.prodname_dependabot %} updates via {% data variables.product.prodname_actions %}. This action requires Docker as a dependency. For this reason, you can only use {% data variables.product.prodname_actions_runner_controller %} with {% data variables.product.prodname_dependabot %} when Docker-in-Docker (DinD) mode is enabled. For more information, see [AUTOTITLE](/admin/managing-github-actions-for-your-enterprise/enabling-github-actions-for-github-enterprise-server/managing-self-hosted-runners-for-dependabot-updates#system-requirements-for-dependabot-runners) and [AUTOTITLE](/actions/how-tos/manage-runners/use-actions-runner-controller/deploy-runner-scale-sets#using-docker-in-docker-or-kubernetes-mode-for-containers). {% endif %} @@ -1240,9 +1240,9 @@ Because there is no support for upgrading or deleting CRDs with Helm, it is not 1. If there is a change in CRDs from the version you currently have installed, to the upgraded version, remove all CRDs associated with `actions.github.com` API group. 1. Reinstall ARC again. -For more information, see [Deploying a runner scale set](/actions/hosting-your-own-runners/managing-self-hosted-runners-with-actions-runner-controller/deploying-runner-scale-sets-with-actions-runner-controller#deploying-a-runner-scale-set). +For more information, see [Deploying a runner scale set](/actions/how-tos/manage-runners/use-actions-runner-controller/deploy-runner-scale-sets#deploying-a-runner-scale-set). -If you would like to upgrade ARC but are concerned about downtime, you can deploy ARC in a high availability configuration to ensure runners are always available. For more information, see [High availability and automatic failover](/actions/hosting-your-own-runners/managing-self-hosted-runners-with-actions-runner-controller/deploying-runner-scale-sets-with-actions-runner-controller#high-availability-and-automatic-failover). +If you would like to upgrade ARC but are concerned about downtime, you can deploy ARC in a high availability configuration to ensure runners are always available. For more information, see [High availability and automatic failover](/actions/how-tos/manage-runners/use-actions-runner-controller/deploy-runner-scale-sets#high-availability-and-automatic-failover). > [!NOTE] > Transitioning from the [community supported version of ARC](https://github.com/actions/actions-runner-controller/discussions/2775) to the GitHub supported version is a substantial architectural change. The GitHub supported version involves a redesign of many components of ARC. It is not a minor software upgrade. For these reasons, we recommend testing the new versions in a staging environment that matches your production environment first. This will ensure stability and reliability of the setup before deploying in production. @@ -1261,7 +1261,7 @@ You can test features before they are released by using canary releases of the c ## High availability and automatic failover -ARC can be deployed in a high availability (active-active) configuration. If you have two distinct Kubernetes clusters deployed in separate regions, you can deploy ARC in both clusters and configure runner scale sets to use the same `runnerScaleSetName`. In order to do this, each runner scale set must be assigned to a distinct runner group. For example, you can have two runner scale sets each named `arc-runner-set`, as long as one runner scale set belongs to `runner-group-A` and the other runner scale set belongs to `runner-group-B`. For information on assigning runner scale sets to runner groups, see [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners/managing-access-to-self-hosted-runners-using-groups). +ARC can be deployed in a high availability (active-active) configuration. If you have two distinct Kubernetes clusters deployed in separate regions, you can deploy ARC in both clusters and configure runner scale sets to use the same `runnerScaleSetName`. In order to do this, each runner scale set must be assigned to a distinct runner group. For example, you can have two runner scale sets each named `arc-runner-set`, as long as one runner scale set belongs to `runner-group-A` and the other runner scale set belongs to `runner-group-B`. For information on assigning runner scale sets to runner groups, see [AUTOTITLE](/actions/how-tos/manage-runners/self-hosted-runners/manage-access). If both runner scale sets are online, jobs assigned to them will be distributed arbitrarily (assignment race). You cannot configure the job assignment algorithm. If one of the clusters goes down, the runner scale set in the other cluster will continue to acquire jobs normally without any intervention or configuration change. diff --git a/content/actions/how-tos/manage-runners/use-actions-runner-controller/use-arc-in-a-workflow.md b/content/actions/how-tos/manage-runners/use-actions-runner-controller/use-arc-in-a-workflow.md index 8f36db0fea7d..78b296c89a0c 100644 --- a/content/actions/how-tos/manage-runners/use-actions-runner-controller/use-arc-in-a-workflow.md +++ b/content/actions/how-tos/manage-runners/use-actions-runner-controller/use-arc-in-a-workflow.md @@ -45,9 +45,9 @@ jobs: ## Using runner scale set names -Runner scale set names are unique within the runner group they belong to. To deploy multiple runner scale sets with the same name, they must belong to different runner groups. For more information about specifying runner scale set names, see [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners-with-actions-runner-controller/deploying-runner-scale-sets-with-actions-runner-controller). +Runner scale set names are unique within the runner group they belong to. To deploy multiple runner scale sets with the same name, they must belong to different runner groups. For more information about specifying runner scale set names, see [AUTOTITLE](/actions/how-tos/manage-runners/use-actions-runner-controller/deploy-runner-scale-sets). -{% data reusables.actions.actions-runner-controller-labels %} For more information, see [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners-with-actions-runner-controller/deploying-runner-scale-sets-with-actions-runner-controller#scaling-runners). +{% data reusables.actions.actions-runner-controller-labels %} For more information, see [AUTOTITLE](/actions/how-tos/manage-runners/use-actions-runner-controller/deploy-runner-scale-sets#scaling-runners). ## Using labels to target runner scale sets diff --git a/content/actions/how-tos/manage-workflow-runs/approve-runs-from-forks.md b/content/actions/how-tos/manage-workflow-runs/approve-runs-from-forks.md index 61901fb6ee1d..cb1acb0d9167 100644 --- a/content/actions/how-tos/manage-workflow-runs/approve-runs-from-forks.md +++ b/content/actions/how-tos/manage-workflow-runs/approve-runs-from-forks.md @@ -19,7 +19,7 @@ category: contentType: how-tos --- -Workflow runs triggered by a contributor's pull request from a fork may require manual approval from a maintainer with write access. You can configure workflow approval requirements for a [repository](/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#configuring-required-approval-for-workflows-from-public-forks), [organization](/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization#configuring-required-approval-for-workflows-from-public-forks), or [enterprise](/enterprise-cloud@latest/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise#enforcing-a-policy-for-fork-pull-requests-in-your-enterprise). +Workflow runs triggered by a contributor's pull request from a fork may require manual approval from a maintainer with write access. You can configure workflow approval requirements for a [repository](/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#configuring-required-approval-for-workflows-from-public-forks), [organization](/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization#configuring-required-approval-for-workflows-from-public-forks), or [enterprise](/enterprise-cloud@latest/admin/enforcing-policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise#enforcing-a-policy-for-fork-pull-requests-in-your-enterprise). Workflow runs that have been awaiting approval for more than 30 days are automatically deleted. diff --git a/content/actions/how-tos/manage-workflow-runs/cancel-a-workflow-run.md b/content/actions/how-tos/manage-workflow-runs/cancel-a-workflow-run.md index b26a3036c282..cb534116b981 100644 --- a/content/actions/how-tos/manage-workflow-runs/cancel-a-workflow-run.md +++ b/content/actions/how-tos/manage-workflow-runs/cancel-a-workflow-run.md @@ -27,4 +27,4 @@ contentType: how-tos ## Next steps -To learn about the process {% data variables.product.prodname_dotcom %} uses to cancel a workflow run, as well as the ways you can free up related resources, see [AUTOTITLE](/actions/reference/workflow-cancellation-reference). +To learn about the process {% data variables.product.prodname_dotcom %} uses to cancel a workflow run, as well as the ways you can free up related resources, see [AUTOTITLE](/actions/reference/workflows-and-actions/workflow-cancellation). diff --git a/content/actions/how-tos/manage-workflow-runs/manage-caches.md b/content/actions/how-tos/manage-workflow-runs/manage-caches.md index 6a90985aaa85..09287223d0aa 100644 --- a/content/actions/how-tos/manage-workflow-runs/manage-caches.md +++ b/content/actions/how-tos/manage-workflow-runs/manage-caches.md @@ -46,13 +46,13 @@ Users with `write` access to a repository can use the {% data variables.product. ## Force deleting cache entries -Caches have branch scope restrictions in place, which means some caches have limited usage options. For more information on cache scope restrictions, see [AUTOTITLE](/actions/reference/dependency-caching-reference#restrictions-for-accessing-a-cache). If caches limited to a specific branch are using a lot of storage quota, it may cause caches from the `default` branch to be created and deleted at a high frequency. +Caches have branch scope restrictions in place, which means some caches have limited usage options. For more information on cache scope restrictions, see [AUTOTITLE](/actions/reference/workflows-and-actions/dependency-caching). If caches limited to a specific branch are using a lot of storage quota, it may cause caches from the `default` branch to be created and deleted at a high frequency. For example, a repository could have many new pull requests opened, each with their own caches that are restricted to that branch. These caches could take up the majority of the cache storage for that repository. {% data reusables.actions.cache-eviction-policy %} In order to prevent cache thrashing when this happens, you can set up workflows to delete caches on a faster cadence than the cache eviction policy will. You can use the {% data variables.product.prodname_cli %} to delete caches for specific branches. The following example workflow uses `gh cache` to delete up to 100 caches created by a branch once a pull request is closed. -To run the following example on cross-repository pull requests or pull requests from forks, you can trigger the workflow with the `pull_request_target` event. If you do use `pull_request_target` to trigger the workflow, there are security considerations to keep in mind. For more information, see [AUTOTITLE](/actions/using-workflows/events-that-trigger-workflows#pull_request_target). +To run the following example on cross-repository pull requests or pull requests from forks, you can trigger the workflow with the `pull_request_target` event. If you do use `pull_request_target` to trigger the workflow, there are security considerations to keep in mind. For more information, see [AUTOTITLE](/actions/reference/workflows-and-actions/events-that-trigger-workflows#pull_request_target). ```yaml name: Cleanup github runner caches on closed pull requests diff --git a/content/actions/how-tos/manage-workflow-runs/manually-run-a-workflow.md b/content/actions/how-tos/manage-workflow-runs/manually-run-a-workflow.md index f277b331375c..5ff1665a49c5 100644 --- a/content/actions/how-tos/manage-workflow-runs/manually-run-a-workflow.md +++ b/content/actions/how-tos/manage-workflow-runs/manually-run-a-workflow.md @@ -23,7 +23,7 @@ contentType: how-tos To run a workflow manually, the workflow must be configured to run on the `workflow_dispatch` event. -To trigger the `workflow_dispatch` event, your workflow must be in the default branch. For more information about configuring the `workflow_dispatch` event, see [AUTOTITLE](/actions/using-workflows/events-that-trigger-workflows#workflow_dispatch). +To trigger the `workflow_dispatch` event, your workflow must be in the default branch. For more information about configuring the `workflow_dispatch` event, see [AUTOTITLE](/actions/reference/workflows-and-actions/events-that-trigger-workflows#workflow_dispatch). {% data reusables.repositories.permissions-statement-write %} @@ -40,7 +40,7 @@ To trigger the `workflow_dispatch` event, your workflow must be in the default b 1. Above the list of workflow runs, click the **Run workflow** button. > [!NOTE] - > To see the **Run workflow** button, your workflow file must use the `workflow_dispatch` event trigger. Only workflow files that use the `workflow_dispatch` event trigger will have the option to run the workflow manually using the **Run workflow** button. For more information about configuring the `workflow_dispatch` event, see [AUTOTITLE](/actions/using-workflows/events-that-trigger-workflows#workflow_dispatch). + > To see the **Run workflow** button, your workflow file must use the `workflow_dispatch` event trigger. Only workflow files that use the `workflow_dispatch` event trigger will have the option to run the workflow manually using the **Run workflow** button. For more information about configuring the `workflow_dispatch` event, see [AUTOTITLE](/actions/reference/workflows-and-actions/events-that-trigger-workflows#workflow_dispatch). ![Screenshot of a workflow page. Above the list of workflow runs, a button, labeled "Run workflow", is outlined in dark orange.](/assets/images/help/actions/actions-workflow-dispatch.png) 1. Select the **Branch** dropdown menu and click a branch to run the workflow on. diff --git a/content/actions/how-tos/manage-workflow-runs/remove-workflow-artifacts.md b/content/actions/how-tos/manage-workflow-runs/remove-workflow-artifacts.md index d0a17be1e23b..cdba415a29c8 100644 --- a/content/actions/how-tos/manage-workflow-runs/remove-workflow-artifacts.md +++ b/content/actions/how-tos/manage-workflow-runs/remove-workflow-artifacts.md @@ -36,9 +36,9 @@ contentType: how-tos ## Setting the retention period for an artifact -Retention periods for artifacts and logs can be configured at the repository, organization, and enterprise level. For more information, see [AUTOTITLE](/actions/learn-github-actions/usage-limits-billing-and-administration#artifact-and-log-retention-policy). +Retention periods for artifacts and logs can be configured at the repository, organization, and enterprise level. For more information, see [AUTOTITLE](/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#setting-the-artifact-and-log-retention-period-for-a-repository) and [AUTOTITLE](/organizations/managing-organization-settings/configuring-the-retention-period-for-github-actions-artifacts-and-logs-in-your-organization). -You can also define a custom retention period for individual artifacts using the `actions/upload-artifact` action in a workflow. For more information, see [AUTOTITLE](/actions/using-workflows/storing-workflow-data-as-artifacts#configuring-a-custom-artifact-retention-period). +You can also define a custom retention period for individual artifacts using the `actions/upload-artifact` action in a workflow. For more information, see [AUTOTITLE](/actions/tutorials/store-and-share-data#configuring-a-custom-artifact-retention-period). ## Finding the expiration date of an artifact diff --git a/content/actions/how-tos/manage-workflow-runs/skip-workflow-runs.md b/content/actions/how-tos/manage-workflow-runs/skip-workflow-runs.md index fdb11f620ccb..01de05afdbe8 100644 --- a/content/actions/how-tos/manage-workflow-runs/skip-workflow-runs.md +++ b/content/actions/how-tos/manage-workflow-runs/skip-workflow-runs.md @@ -18,7 +18,7 @@ contentType: how-tos {% data reusables.actions.enterprise-github-hosted-runners %} > [!NOTE] -> If a workflow is skipped due to [path filtering](/actions/using-workflows/workflow-syntax-for-github-actions#onpushpull_requestpull_request_targetpathspaths-ignore), [branch filtering](/actions/using-workflows/workflow-syntax-for-github-actions#onpull_requestpull_request_targetbranchesbranches-ignore) or a commit message (see below), then checks associated with that workflow will remain in a "Pending" state. A pull request that requires those checks to be successful will be blocked from merging. +> If a workflow is skipped due to [path filtering](/actions/reference/workflows-and-actions/workflow-syntax#onpushpull_requestpull_request_targetpathspaths-ignore), [branch filtering](/actions/reference/workflows-and-actions/workflow-syntax#onpull_requestpull_request_targetbranchesbranches-ignore) or a commit message (see below), then checks associated with that workflow will remain in a "Pending" state. A pull request that requires those checks to be successful will be blocked from merging. Workflows that would otherwise be triggered using `on: push` or `on: pull_request` won't be triggered if you add any of the following strings to the commit message in a push, or the HEAD commit of a pull request: @@ -39,4 +39,4 @@ You won't be able to merge the pull request if your repository is configured to > [!NOTE] > Skip instructions only apply to the `push` and `pull_request` events. For example, adding `[skip ci]` to a commit message won't stop a workflow that's triggered `on: pull_request_target` from running. -Skip instructions only apply to the workflow run(s) that would be triggered by the commit that contains the skip instructions. You can also disable a workflow from running. For more information, see [AUTOTITLE](/actions/managing-workflow-runs/disabling-and-enabling-a-workflow). +Skip instructions only apply to the workflow run(s) that would be triggered by the commit that contains the skip instructions. You can also disable a workflow from running. For more information, see [AUTOTITLE](/actions/how-tos/manage-workflow-runs/disable-and-enable-workflows). diff --git a/content/actions/how-tos/monitor-workflows/enable-debug-logging.md b/content/actions/how-tos/monitor-workflows/enable-debug-logging.md index bfde82cb51ba..6380520f5c6b 100644 --- a/content/actions/how-tos/monitor-workflows/enable-debug-logging.md +++ b/content/actions/how-tos/monitor-workflows/enable-debug-logging.md @@ -25,9 +25,9 @@ These extra logs are enabled by setting secrets or variables in the repository c * {% data reusables.actions.permissions-statement-secrets-environment %} * {% data reusables.actions.permissions-statement-secrets-and-variables-organization %} -For more information on setting secrets and variables, see [AUTOTITLE](/actions/security-guides/using-secrets-in-github-actions) and [AUTOTITLE](/actions/learn-github-actions/variables). +For more information on setting secrets and variables, see [AUTOTITLE](/actions/how-tos/write-workflows/choose-what-workflows-do/use-secrets) and [AUTOTITLE](/actions/how-tos/write-workflows/choose-what-workflows-do/use-variables). -Additionally, anyone who has access to run a workflow can enable runner diagnostic logging and step debug logging for a workflow re-run. For more information, see [AUTOTITLE](/actions/managing-workflow-runs/re-running-workflows-and-jobs). +Additionally, anyone who has access to run a workflow can enable runner diagnostic logging and step debug logging for a workflow re-run. For more information, see [AUTOTITLE](/actions/how-tos/manage-workflow-runs/re-run-workflows-and-jobs). ## Enabling runner diagnostic logging @@ -37,13 +37,13 @@ Runner diagnostic logging provides additional log files that contain information * The worker process log, which logs the execution of a job. 1. To enable runner diagnostic logging, set the following secret or variable in the repository that contains the workflow: `ACTIONS_RUNNER_DEBUG` to `true`. If both the secret and variable are set, the value of the secret takes precedence over the variable. -1. To download runner diagnostic logs, download the log archive of the workflow run. The runner diagnostic logs are contained in the `runner-diagnostic-logs` folder. For more information on downloading logs, see [AUTOTITLE](/actions/monitoring-and-troubleshooting-workflows/using-workflow-run-logs#downloading-logs). +1. To download runner diagnostic logs, download the log archive of the workflow run. The runner diagnostic logs are contained in the `runner-diagnostic-logs` folder. For more information on downloading logs, see [AUTOTITLE](/actions/how-tos/monitor-workflows/use-workflow-run-logs#downloading-logs). ## Enabling step debug logging Step debug logging increases the verbosity of a job's logs during and after a job's execution. 1. To enable step debug logging, set the following secret or variable in the repository that contains the workflow: `ACTIONS_STEP_DEBUG` to `true`. If both the secret and variable are set, the value of the secret takes precedence over the variable. -1. After setting the secret or variable, more debug events are shown in the step logs. For more information, see [AUTOTITLE](/actions/monitoring-and-troubleshooting-workflows/using-workflow-run-logs#viewing-logs-to-diagnose-failures). +1. After setting the secret or variable, more debug events are shown in the step logs. For more information, see [AUTOTITLE](/actions/how-tos/monitor-workflows/use-workflow-run-logs#viewing-logs-to-diagnose-failures). You can also use the `runner.debug` context to conditionally run steps only when debug logging is enabled. For more information, see [AUTOTITLE](/actions/reference/workflows-and-actions/contexts#runner-context). diff --git a/content/actions/how-tos/monitor-workflows/use-workflow-run-logs.md b/content/actions/how-tos/monitor-workflows/use-workflow-run-logs.md index fdcb4e2a2003..d107243b7e20 100644 --- a/content/actions/how-tos/monitor-workflows/use-workflow-run-logs.md +++ b/content/actions/how-tos/monitor-workflows/use-workflow-run-logs.md @@ -56,7 +56,7 @@ You can search the build logs for a particular step. When you search logs, only ## Downloading logs -You can download the log files from your workflow run. You can also download a workflow's artifacts. For more information, see [AUTOTITLE](/actions/using-workflows/storing-workflow-data-as-artifacts). {% data reusables.repositories.permissions-statement-read %} +You can download the log files from your workflow run. You can also download a workflow's artifacts. For more information, see [AUTOTITLE](/actions/tutorials/store-and-share-data). {% data reusables.repositories.permissions-statement-read %} {% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.actions-tab %} diff --git a/content/actions/how-tos/monitor-workflows/view-job-execution-time.md b/content/actions/how-tos/monitor-workflows/view-job-execution-time.md index fc7477d4a282..ffede6f00d79 100644 --- a/content/actions/how-tos/monitor-workflows/view-job-execution-time.md +++ b/content/actions/how-tos/monitor-workflows/view-job-execution-time.md @@ -28,4 +28,4 @@ Billable job execution minutes are only shown for jobs run on private repositori 1. To view details about the billable job execution time, in the left sidebar under "Run details", click **{% octicon "stopwatch" aria-hidden="true" aria-label="stopwatch" %} Usage**. > [!NOTE] - > The billable time shown does not include any minute multipliers. To view your total {% data variables.product.prodname_actions %} usage, including minute multipliers, see [AUTOTITLE](/billing/managing-billing-for-github-actions/viewing-your-github-actions-usage). + > The billable time shown does not include any minute multipliers. To view your total {% data variables.product.prodname_actions %} usage, including minute multipliers, see [AUTOTITLE](/billing/how-tos/products/view-productlicense-use). diff --git a/content/actions/how-tos/reuse-automations/reuse-workflows.md b/content/actions/how-tos/reuse-automations/reuse-workflows.md index 553b7d934b74..ccbc786abac5 100644 --- a/content/actions/how-tos/reuse-automations/reuse-workflows.md +++ b/content/actions/how-tos/reuse-automations/reuse-workflows.md @@ -20,7 +20,7 @@ contentType: how-tos Reusable workflows are YAML-formatted files, very similar to any other workflow file. As with other workflow files, you locate reusable workflows in the `.github/workflows` directory of a repository. Subdirectories of the `workflows` directory are not supported. -{% ifversion ghec or ghes %}You can standardize deployments by creating a self-hosted runner group that can only execute a specific reusable workflow. For more information, see [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners/managing-access-to-self-hosted-runners-using-groups).{% endif %} +{% ifversion ghec or ghes %}You can standardize deployments by creating a self-hosted runner group that can only execute a specific reusable workflow. For more information, see [AUTOTITLE](/actions/how-tos/manage-runners/self-hosted-runners/manage-access).{% endif %} For a workflow to be reusable, the values for `on` must include `workflow_call`: @@ -49,11 +49,11 @@ You can define inputs and secrets, which can be passed from the caller workflow ``` {% endraw %} - For details of the syntax for defining inputs and secrets, see [`on.workflow_call.inputs`](/actions/using-workflows/workflow-syntax-for-github-actions#onworkflow_callinputs) and [`on.workflow_call.secrets`](/actions/using-workflows/workflow-syntax-for-github-actions#onworkflow_callsecrets). + For details of the syntax for defining inputs and secrets, see [`on.workflow_call.inputs`](/actions/reference/workflows-and-actions/workflow-syntax#onworkflow_callinputs) and [`on.workflow_call.secrets`](/actions/reference/workflows-and-actions/workflow-syntax#onworkflow_callsecrets). 1. In the reusable workflow, reference the input or secret that you defined in the `on` key in the previous step. > [!NOTE] - > If the secrets are inherited by using `secrets: inherit` in the calling workflow, you can reference them even if they are not explicitly defined in the `on` key. For more information, see [AUTOTITLE](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idsecretsinherit). + > If the secrets are inherited by using `secrets: inherit` in the calling workflow, you can reference them even if they are not explicitly defined in the `on` key. For more information, see [AUTOTITLE](/actions/reference/workflows-and-actions/workflow-syntax#jobsjob_idsecretsinherit). {% raw %} @@ -73,7 +73,7 @@ You can define inputs and secrets, which can be passed from the caller workflow In the example above, `personal_access_token` is a secret that's defined at the repository or organization level. > [!WARNING] - > Environment secrets cannot be passed from the caller workflow as `on.workflow_call` does not support the `environment` keyword. If you include `environment` in the reusable workflow at the job level, the environment secret will be used, and not the secret passed from the caller workflow. For more information, see [AUTOTITLE](/actions/deployment/targeting-different-environments/managing-environments-for-deployment#environment-secrets) and [AUTOTITLE](/actions/writing-workflows/workflow-syntax-for-github-actions#onworkflow_call). + > Environment secrets cannot be passed from the caller workflow as `on.workflow_call` does not support the `environment` keyword. If you include `environment` in the reusable workflow at the job level, the environment secret will be used, and not the secret passed from the caller workflow. For more information, see [AUTOTITLE](/actions/how-tos/deploy/configure-and-manage-deployments/manage-environments) and [AUTOTITLE](/actions/reference/workflows-and-actions/workflow-syntax#onworkflow_call). 1. Pass the input or secret from the caller workflow. @@ -114,7 +114,7 @@ jobs: You call a reusable workflow by using the `uses` keyword. Unlike when you are using actions within a workflow, you call reusable workflows directly within a job, and not from within job steps. -[`jobs..uses`](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_iduses) +[`jobs..uses`](/actions/reference/workflows-and-actions/workflow-syntax#jobsjob_iduses) You reference reusable workflow files using one of the following syntaxes: @@ -163,7 +163,7 @@ jobs: Jobs using the matrix strategy can call a reusable workflow. -A matrix strategy lets you use variables in a single job definition to automatically create multiple job runs that are based on the combinations of the variables. For example, you can use a matrix strategy to pass different inputs to a reusable workflow. For more information about matrices, see [AUTOTITLE](/actions/using-jobs/using-a-matrix-for-your-jobs). +A matrix strategy lets you use variables in a single job definition to automatically create multiple job runs that are based on the combinations of the variables. For example, you can use a matrix strategy to pass different inputs to a reusable workflow. For more information about matrices, see [AUTOTITLE](/actions/how-tos/write-workflows/choose-what-workflows-do/run-job-variations). This example job below calls a reusable workflow and references the matrix context by defining the variable `target` with the values `[dev, stage, prod]`. It will run three jobs, one for each value in the variable. @@ -188,7 +188,7 @@ You can connect a maximum of {% ifversion fpt or ghec %}ten levels of workflows Loops in the workflow tree are not permitted. -> [!NOTE] Nested reusable workflows require all workflows in the chain to be accessible to the caller, and permissions can only be maintained or reduced—not elevated—throughout the chain. For more information, see [AUTOTITLE](/actions/reference/reusable-workflows-reference#access-and-permissions-for-nested-workflows). +> [!NOTE] Nested reusable workflows require all workflows in the chain to be accessible to the caller, and permissions can only be maintained or reduced—not elevated—throughout the chain. For more information, see [AUTOTITLE](/actions/reference/workflows-and-actions/reusing-workflow-configurations). From within a reusable workflow you can call another reusable workflow. @@ -209,7 +209,7 @@ jobs: ## Passing secrets to nested workflows -You can use `jobs..secrets` in a calling workflow to pass named secrets to a directly called workflow. Alternatively, you can use `jobs..secrets.inherit` to pass all of the calling workflow's secrets to a directly called workflow. For more information, see the section [AUTOTITLE](/actions/using-workflows/reusing-workflows#passing-inputs-and-secrets-to-a-reusable-workflow) above, and the reference article [AUTOTITLE](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idsecretsinherit). Secrets are only passed to directly called workflow, so in the workflow chain A > B > C, workflow C will only receive secrets from A if they have been passed from A to B, and then from B to C. +You can use `jobs..secrets` in a calling workflow to pass named secrets to a directly called workflow. Alternatively, you can use `jobs..secrets.inherit` to pass all of the calling workflow's secrets to a directly called workflow. For more information, see the section [AUTOTITLE](/actions/how-tos/reuse-automations/reuse-workflows#passing-inputs-and-secrets-to-a-reusable-workflow) above, and the reference article [AUTOTITLE](/actions/reference/workflows-and-actions/workflow-syntax#jobsjob_idsecretsinherit). Secrets are only passed to directly called workflow, so in the workflow chain A > B > C, workflow C will only receive secrets from A if they have been passed from A to B, and then from B to C. In the following example, workflow A passes all of its secrets to workflow B, by using the `inherit` keyword, but workflow B only passes one secret to workflow C. Any of the other secrets passed to workflow B are not available to workflow C. @@ -243,7 +243,7 @@ The following reusable workflow has a single job containing two steps. In each o The `value` must be set to the value of a job-level output within the called workflow. Step-level outputs must first be mapped to job-level outputs as shown below. -For more information, see [AUTOTITLE](/actions/using-jobs/defining-outputs-for-jobs#overview) and [AUTOTITLE](/actions/using-workflows/workflow-syntax-for-github-actions#onworkflow_calloutputs). +For more information, see [AUTOTITLE](/actions/how-tos/write-workflows/choose-what-workflows-do/pass-job-outputs#overview) and [AUTOTITLE](/actions/reference/workflows-and-actions/workflow-syntax#onworkflow_calloutputs). {% raw %} @@ -301,7 +301,7 @@ jobs: {% endraw %} -For more information on using job outputs, see [AUTOTITLE](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idoutputs). If you want to share something other than a variable (e.g. a build artifact) between workflows, see [AUTOTITLE](/actions/using-workflows/storing-workflow-data-as-artifacts). +For more information on using job outputs, see [AUTOTITLE](/actions/reference/workflows-and-actions/workflow-syntax#jobsjob_idoutputs). If you want to share something other than a variable (e.g. a build artifact) between workflows, see [AUTOTITLE](/actions/tutorials/store-and-share-data). ## Monitoring which workflows are being used @@ -328,4 +328,4 @@ For more information, see [AUTOTITLE](/organizations/keeping-your-organization-s ## Next steps -To find information on the intricacies of reusing workflows, see [AUTOTITLE](/actions/reference/reusable-workflows-reference). +To find information on the intricacies of reusing workflows, see [AUTOTITLE](/actions/reference/workflows-and-actions/reusing-workflow-configurations). diff --git a/content/actions/how-tos/reuse-automations/share-across-private-repositories.md b/content/actions/how-tos/reuse-automations/share-across-private-repositories.md index 965bf965a9ee..00b53e3c8945 100644 --- a/content/actions/how-tos/reuse-automations/share-across-private-repositories.md +++ b/content/actions/how-tos/reuse-automations/share-across-private-repositories.md @@ -28,4 +28,4 @@ contentType: how-tos ## Next steps -To reuse your shared workflows, see [AUTOTITLE](/actions/using-workflows/reusing-workflows). +To reuse your shared workflows, see [AUTOTITLE](/actions/how-tos/reuse-automations/reuse-workflows). diff --git a/content/actions/how-tos/reuse-automations/share-with-your-enterprise.md b/content/actions/how-tos/reuse-automations/share-with-your-enterprise.md index fca68e170fe7..c6d847a1f807 100644 --- a/content/actions/how-tos/reuse-automations/share-with-your-enterprise.md +++ b/content/actions/how-tos/reuse-automations/share-with-your-enterprise.md @@ -31,5 +31,5 @@ Any actions or reusable workflows stored in the internal or private repository c ## Further reading -* [AUTOTITLE](/admin/overview/about-enterprise-accounts) -* [AUTOTITLE](/actions/using-workflows/reusing-workflows) +* [AUTOTITLE](/admin/concepts/enterprise-fundamentals/enterprise-accounts) +* [AUTOTITLE](/actions/how-tos/reuse-automations/reuse-workflows) diff --git a/content/actions/how-tos/reuse-automations/share-with-your-organization.md b/content/actions/how-tos/reuse-automations/share-with-your-organization.md index 5ab244ecbd22..cf7cd101f23d 100644 --- a/content/actions/how-tos/reuse-automations/share-with-your-organization.md +++ b/content/actions/how-tos/reuse-automations/share-with-your-organization.md @@ -29,4 +29,4 @@ contentType: how-tos ## Next steps -To learn how to reuse your shared workflows, see [AUTOTITLE](/actions/using-workflows/reusing-workflows). +To learn how to reuse your shared workflows, see [AUTOTITLE](/actions/how-tos/reuse-automations/reuse-workflows). diff --git a/content/actions/how-tos/secure-your-work/security-harden-deployments/oidc-in-aws.md b/content/actions/how-tos/secure-your-work/security-harden-deployments/oidc-in-aws.md index 4099d3209647..b9cdbd8e9011 100644 --- a/content/actions/how-tos/secure-your-work/security-harden-deployments/oidc-in-aws.md +++ b/content/actions/how-tos/secure-your-work/security-harden-deployments/oidc-in-aws.md @@ -70,7 +70,7 @@ Edit the trust policy, adding the `sub` field to the validation conditions. For } ``` -For repositories created after July 15, 2026, or that have opted in to immutable subject claims, the `sub` claim includes immutable owner and repository IDs (not available on {% data variables.product.prodname_ghe_server %}). Make sure your trust policy matches the format your repository uses. For more information, see [AUTOTITLE](/actions/reference/openid-connect-reference#immutable-subject-claims). +For repositories created after July 15, 2026, or that have opted in to immutable subject claims, the `sub` claim includes immutable owner and repository IDs (not available on {% data variables.product.prodname_ghe_server %}). Make sure your trust policy matches the format your repository uses. For more information, see [AUTOTITLE](/actions/reference/security/oidc#immutable-subject-claims). ```json copy "Condition": { @@ -81,7 +81,7 @@ For repositories created after July 15, 2026, or that have opted in to immutable } ``` -If you use a workflow with an environment, the `sub` field must reference the environment name: `repo:ORG-NAME/REPO-NAME:environment:ENVIRONMENT-NAME`. For more information, see [AUTOTITLE](/actions/reference/openid-connect-reference#filtering-for-a-specific-environment). +If you use a workflow with an environment, the `sub` field must reference the environment name: `repo:ORG-NAME/REPO-NAME:environment:ENVIRONMENT-NAME`. For more information, see [AUTOTITLE](/actions/reference/security/oidc#filtering-for-a-specific-environment). {% data reusables.actions.oidc-deployment-protection-rules %} diff --git a/content/actions/how-tos/secure-your-work/security-harden-deployments/oidc-in-azure.md b/content/actions/how-tos/secure-your-work/security-harden-deployments/oidc-in-azure.md index 5708cfe7f55d..f72cc89138fc 100644 --- a/content/actions/how-tos/secure-your-work/security-harden-deployments/oidc-in-azure.md +++ b/content/actions/how-tos/secure-your-work/security-harden-deployments/oidc-in-azure.md @@ -32,7 +32,7 @@ This guide gives an overview of how to configure Azure to trust {% data variable {% data reusables.actions.oidc-on-ghecom %} -For repositories created after July 15, 2026, and repository renames or transfers after that date, use an immutable default OIDC `sub` claim that includes owner and repository IDs (not available on {% data variables.product.prodname_ghe_server %}). Existing repositories keep the previous format unless they opt in. For more information, see [AUTOTITLE](/actions/reference/openid-connect-reference#immutable-subject-claims). +For repositories created after July 15, 2026, and repository renames or transfers after that date, use an immutable default OIDC `sub` claim that includes owner and repository IDs (not available on {% data variables.product.prodname_ghe_server %}). Existing repositories keep the previous format unless they opt in. For more information, see [AUTOTITLE](/actions/reference/security/oidc#immutable-subject-claims). {% ifversion ghes %} {% data reusables.actions.oidc-endpoints %} @@ -41,7 +41,7 @@ For repositories created after July 15, 2026, and repository renames or transfer > [!NOTE] > Microsoft Entra ID (previously known as Azure AD) does not have fixed IP ranges defined for these endpoints. -* Make sure that the value of the issuer claim that's included with the JSON Web Token (JWT) is set to a publicly routable URL. For more information, see [AUTOTITLE](/enterprise-server@latest/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect). +* Make sure that the value of the issuer claim that's included with the JSON Web Token (JWT) is set to a publicly routable URL. For more information, see [AUTOTITLE](/enterprise-server@latest/actions/concepts/security/openid-connect). {% endif %} ## Adding the federated credentials to Azure @@ -58,7 +58,7 @@ To configure the OIDC identity provider in Azure, you will need to perform the f Additional guidance for configuring the identity provider: -* For security hardening, make sure you've reviewed [AUTOTITLE](/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect#configuring-the-oidc-trust-with-the-cloud). For an example, see [AUTOTITLE](/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect#configuring-the-subject-in-your-cloud-provider). +* For security hardening, make sure you've reviewed [AUTOTITLE](/actions/concepts/security/openid-connect#configuring-the-oidc-trust-with-the-cloud). For an example, see [AUTOTITLE](/actions/concepts/security/openid-connect#configuring-the-subject-in-your-cloud-provider). * For the `audience` setting, `api://AzureADTokenExchange` is the recommended value, but you can also specify other values here. ## Updating your {% data variables.product.prodname_actions %} workflow diff --git a/content/actions/how-tos/secure-your-work/security-harden-deployments/oidc-in-cloud-providers.md b/content/actions/how-tos/secure-your-work/security-harden-deployments/oidc-in-cloud-providers.md index d0759bdaa00f..c65a70232c67 100644 --- a/content/actions/how-tos/secure-your-work/security-harden-deployments/oidc-in-cloud-providers.md +++ b/content/actions/how-tos/secure-your-work/security-harden-deployments/oidc-in-cloud-providers.md @@ -65,7 +65,7 @@ To update your workflows using this approach, you will need to make three change ### Requesting the JWT using the Actions core toolkit -The following example demonstrates how to use `actions/github-script` with the `core` toolkit to request the JWT from {% data variables.product.prodname_dotcom %}'s OIDC provider. For more information, see [AUTOTITLE](/actions/creating-actions/creating-a-javascript-action#adding-actions-toolkit-packages). +The following example demonstrates how to use `actions/github-script` with the `core` toolkit to request the JWT from {% data variables.product.prodname_dotcom %}'s OIDC provider. For more information, see [AUTOTITLE](/actions/tutorials/create-actions/create-a-javascript-action#adding-actions-toolkit-packages). ```yaml jobs: @@ -89,7 +89,7 @@ jobs: The following example demonstrates how to use environment variables to request a JSON Web Token. -For your deployment job, you will need to define the token settings, using `actions/github-script` with the `core` toolkit. For more information, see [AUTOTITLE](/actions/creating-actions/creating-a-javascript-action#adding-actions-toolkit-packages). +For your deployment job, you will need to define the token settings, using `actions/github-script` with the `core` toolkit. For more information, see [AUTOTITLE](/actions/tutorials/create-actions/create-a-javascript-action#adding-actions-toolkit-packages). For example: diff --git a/content/actions/how-tos/secure-your-work/security-harden-deployments/oidc-in-google-cloud-platform.md b/content/actions/how-tos/secure-your-work/security-harden-deployments/oidc-in-google-cloud-platform.md index 5366b5acb3ee..7935d2854e5f 100644 --- a/content/actions/how-tos/secure-your-work/security-harden-deployments/oidc-in-google-cloud-platform.md +++ b/content/actions/how-tos/secure-your-work/security-harden-deployments/oidc-in-google-cloud-platform.md @@ -31,7 +31,7 @@ This guide gives an overview of how to configure GCP to trust {% data variables. {% data reusables.actions.oidc-on-ghecom %} -For repositories created after July 15, 2026, and repository renames or transfers after that date, use an immutable default OIDC `sub` claim that includes owner and repository IDs (not available on {% data variables.product.prodname_ghe_server %}). Existing repositories keep the previous format unless they opt in. For more information, see [AUTOTITLE](/actions/reference/openid-connect-reference#immutable-subject-claims). +For repositories created after July 15, 2026, and repository renames or transfers after that date, use an immutable default OIDC `sub` claim that includes owner and repository IDs (not available on {% data variables.product.prodname_ghe_server %}). Existing repositories keep the previous format unless they opt in. For more information, see [AUTOTITLE](/actions/reference/security/oidc#immutable-subject-claims). {% ifversion ghes %} {% data reusables.actions.oidc-endpoints %} @@ -40,7 +40,7 @@ For repositories created after July 15, 2026, and repository renames or transfer > [!NOTE] > Google Cloud Platform does not have fixed IP ranges defined for these endpoints. -* Make sure that the value of the issuer claim that's included with the JSON Web Token (JWT) is set to a publicly routable URL. For more information, see [AUTOTITLE](/enterprise-server@latest/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect). +* Make sure that the value of the issuer claim that's included with the JSON Web Token (JWT) is set to a publicly routable URL. For more information, see [AUTOTITLE](/enterprise-server@latest/actions/concepts/security/openid-connect). {% endif %} ## Adding a Google Cloud Workload Identity Provider @@ -53,7 +53,7 @@ To configure the OIDC identity provider in GCP, you will need to perform the fol Additional guidance for configuring the identity provider: -* For security hardening, make sure you've reviewed [Configuring the OIDC trust with the cloud](/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect#configuring-the-oidc-trust-with-the-cloud). For an example, see [Configuring the subject in your cloud provider](/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect#configuring-the-subject-in-your-cloud-provider). +* For security hardening, make sure you've reviewed [Configuring the OIDC trust with the cloud](/actions/concepts/security/openid-connect#configuring-the-oidc-trust-with-the-cloud). For an example, see [Configuring the subject in your cloud provider](/actions/concepts/security/openid-connect#configuring-the-subject-in-your-cloud-provider). * For the service account to be available for configuration, it needs to be assigned to the `roles/iam.workloadIdentityUser` role. For more information, see [the GCP documentation](https://cloud.google.com/iam/docs/workload-identity-federation?_ga=2.114275588.-285296507.1634918453#conditions). * The Issuer URL to use: {% ifversion ghes %}`https://HOSTNAME/_services/token`{% else %}`https://token.actions.githubusercontent.com`{% endif %} diff --git a/content/actions/how-tos/secure-your-work/security-harden-deployments/oidc-in-hashicorp-vault.md b/content/actions/how-tos/secure-your-work/security-harden-deployments/oidc-in-hashicorp-vault.md index b2a016ef6461..81bc0e044bd4 100644 --- a/content/actions/how-tos/secure-your-work/security-harden-deployments/oidc-in-hashicorp-vault.md +++ b/content/actions/how-tos/secure-your-work/security-harden-deployments/oidc-in-hashicorp-vault.md @@ -53,7 +53,7 @@ To configure your Vault server to accept JSON Web Tokens (JWT) for authenticatio {% ifversion ghec %} > [!NOTE] - > If a unique issuer URL for an enterprise was set using the REST API (as described in [AUTOTITLE](/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect#switching-to-a-unique-token-url)), the values for `bound_issuer` and `oidc_discover_url` must match that unique URL. For example, for an enterprise named `octocat` that uses the unique issuer URL, `bound_issuer` and `oidc_discovery_url` must be set to `https://token.actions.githubusercontent.com/octocat`. + > If a unique issuer URL for an enterprise was set using the REST API (as described in [AUTOTITLE](/actions/concepts/security/openid-connect#switching-to-a-unique-token-url)), the values for `bound_issuer` and `oidc_discover_url` must match that unique URL. For example, for an enterprise named `octocat` that uses the unique issuer URL, `bound_issuer` and `oidc_discovery_url` must be set to `https://token.actions.githubusercontent.com/octocat`. {% endif %} @@ -88,7 +88,7 @@ To configure your Vault server to accept JSON Web Tokens (JWT) for authenticatio * `ttl` defines the validity of the resulting access token. * Ensure that the `bound_claims` parameter is defined for your security requirements, and has at least one condition. Optionally, you can also set the `bound_subject` as well as the `bound_audiences` parameter. * To check arbitrary claims in the received JWT payload, the `bound_claims` parameter contains a set of claims and their required values. In the above example, the role will accept any incoming authentication requests from the `repo-name` repository owned by the `user-or-org-name` account. -* To see all the available claims supported by {% data variables.product.prodname_dotcom %}'s OIDC provider, see [AUTOTITLE](/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect#configuring-the-oidc-trust-with-the-cloud). +* To see all the available claims supported by {% data variables.product.prodname_dotcom %}'s OIDC provider, see [AUTOTITLE](/actions/concepts/security/openid-connect#configuring-the-oidc-trust-with-the-cloud). For more information, see the HashiCorp Vault [documentation](https://www.vaultproject.io/docs/auth/jwt). @@ -114,7 +114,7 @@ This example demonstrates how to use OIDC with the official action to request a {% data reusables.actions.oidc-permissions-token %} > [!NOTE] -> When the `permissions` key is used, all unspecified permissions are set to _no access_, with the exception of the metadata scope, which always gets _read_ access. As a result, you may need to add other permissions, such as `contents: read`. See [Automatic token authentication](/actions/security-guides/automatic-token-authentication) for more information. +> When the `permissions` key is used, all unspecified permissions are set to _no access_, with the exception of the metadata scope, which always gets _read_ access. As a result, you may need to add other permissions, such as `contents: read`. See [Automatic token authentication](/actions/tutorials/authenticate-with-github_token) for more information. ### Requesting the access token @@ -151,7 +151,7 @@ jobs: ``` > [!NOTE] -> * If your Vault server is not accessible from the public network, consider using a self-hosted runner with other available Vault [auth methods](https://www.vaultproject.io/docs/auth). For more information, see [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners/about-self-hosted-runners). +> * If your Vault server is not accessible from the public network, consider using a self-hosted runner with other available Vault [auth methods](https://www.vaultproject.io/docs/auth). For more information, see [AUTOTITLE](/actions/concepts/runners/self-hosted-runners). > * `VAULT-NAMESPACE` must be set for a Vault Enterprise (including HCP Vault) deployment. For more information, see [Vault namespace](https://www.vaultproject.io/docs/enterprise/namespaces). ### Revoking the access token diff --git a/content/actions/how-tos/secure-your-work/security-harden-deployments/oidc-in-jfrog.md b/content/actions/how-tos/secure-your-work/security-harden-deployments/oidc-in-jfrog.md index e63deb4f08f6..1a0af40016d7 100644 --- a/content/actions/how-tos/secure-your-work/security-harden-deployments/oidc-in-jfrog.md +++ b/content/actions/how-tos/secure-your-work/security-harden-deployments/oidc-in-jfrog.md @@ -32,7 +32,7 @@ For an example {% data variables.product.prodname_actions %} workflow using the {% data reusables.actions.oidc-on-ghecom %} -* To be secure, you need to set a Claims JSON in JFrog when configuring identity mappings. For more information, see [AUTOTITLE](https://jfrog.com/help/r/jfrog-platform-administration-documentation/configure-identity-mappings) and [AUTOTITLE](/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect#customizing-the-token-claims). +* To be secure, you need to set a Claims JSON in JFrog when configuring identity mappings. For more information, see [AUTOTITLE](https://jfrog.com/help/r/jfrog-platform-administration-documentation/configure-identity-mappings) and [AUTOTITLE](/actions/concepts/security/openid-connect#customizing-the-token-claims). For example, you can set `iss` to `https://token.actions.githubusercontent.com`, and the `repository` to something like "octo-org/octo-repo"`. This will ensure only Actions workflows from the specified repository will have access to your JFrog platform. The following is an example Claims JSON when configuring identity mappings. @@ -98,4 +98,4 @@ jobs: * [OpenID Connect Integration](https://docs.jfrog.com/administration/docs/openid-connect-integration) in the JFrog documentation * [Identity Mappings](https://jfrog.com/help/r/jfrog-platform-administration-documentation/identity-mappings) in the JFrog documentation -* [AUTOTITLE](/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect) +* [AUTOTITLE](/actions/concepts/security/openid-connect) diff --git a/content/actions/how-tos/secure-your-work/security-harden-deployments/oidc-with-reusable-workflows.md b/content/actions/how-tos/secure-your-work/security-harden-deployments/oidc-with-reusable-workflows.md index 15c485aeb011..face55bc32eb 100644 --- a/content/actions/how-tos/secure-your-work/security-harden-deployments/oidc-with-reusable-workflows.md +++ b/content/actions/how-tos/secure-your-work/security-harden-deployments/oidc-with-reusable-workflows.md @@ -20,9 +20,9 @@ category: ## About reusable workflows -Rather than copying and pasting deployment jobs from one workflow to another, you can create a reusable workflow that performs the deployment steps. A reusable workflow can be used by another workflow if it meets one of the access requirements described in [AUTOTITLE](/actions/using-workflows/reusing-workflows#access-to-reusable-workflows). +Rather than copying and pasting deployment jobs from one workflow to another, you can create a reusable workflow that performs the deployment steps. A reusable workflow can be used by another workflow if it meets one of the access requirements described in [AUTOTITLE](/actions/how-tos/reuse-automations/reuse-workflows#access-to-reusable-workflows). -You should be familiar with the concepts described in [AUTOTITLE](/actions/using-workflows/reusing-workflows) and [AUTOTITLE](/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect). +You should be familiar with the concepts described in [AUTOTITLE](/actions/how-tos/reuse-automations/reuse-workflows) and [AUTOTITLE](/actions/concepts/security/openid-connect). ## Defining the trust conditions @@ -30,10 +30,10 @@ When combined with OpenID Connect (OIDC), reusable workflows let you enforce con * **Using `job_workflow_ref`:** * To create trust conditions based on reusable workflows, your cloud provider must support custom claims for `job_workflow_ref`. This allows your cloud provider to identify which repository the job originally came from. - * For clouds that only support the standard claims (audience (`aud`) and subject (`sub`)), you can use the API to customize the `sub` claim to include `job_workflow_ref`. For more information, see [AUTOTITLE](/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect#customizing-the-token-claims). Support for custom claims is currently available for Google Cloud Platform and HashiCorp Vault. + * For clouds that only support the standard claims (audience (`aud`) and subject (`sub`)), you can use the API to customize the `sub` claim to include `job_workflow_ref`. For more information, see [AUTOTITLE](/actions/concepts/security/openid-connect#customizing-the-token-claims). Support for custom claims is currently available for Google Cloud Platform and HashiCorp Vault. * **Customizing the token claims:** - * You can configure more granular trust conditions by customizing the {% ifversion ghec %}issuer (`iss`) and {% endif %}subject (`sub`) claim{% ifversion ghec %}s that are{% else %} that's{% endif %} included with the JWT. For more information, see [AUTOTITLE](/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect#customizing-the-token-claims). + * You can configure more granular trust conditions by customizing the {% ifversion ghec %}issuer (`iss`) and {% endif %}subject (`sub`) claim{% ifversion ghec %}s that are{% else %} that's{% endif %} included with the JWT. For more information, see [AUTOTITLE](/actions/concepts/security/openid-connect#customizing-the-token-claims). ## How the token works with reusable workflows diff --git a/content/actions/how-tos/secure-your-work/use-artifact-attestations/enforce-artifact-attestations.md b/content/actions/how-tos/secure-your-work/use-artifact-attestations/enforce-artifact-attestations.md index 240583baf521..19fef29762b9 100644 --- a/content/actions/how-tos/secure-your-work/use-artifact-attestations/enforce-artifact-attestations.md +++ b/content/actions/how-tos/secure-your-work/use-artifact-attestations/enforce-artifact-attestations.md @@ -14,7 +14,7 @@ category: contentType: how-tos --- -> [!NOTE] Before proceeding, ensure you have enabled build provenance for container images, including setting the `push-to-registry` attribute in the [`attest` action](https://github.com/actions/attest) as documented in [Generating build provenance for container images](/actions/security-guides/using-artifact-attestations-to-establish-provenance-for-builds#generating-build-provenance-for-container-images). This is required for the Policy Controller to verify the attestation. +> [!NOTE] Before proceeding, ensure you have enabled build provenance for container images, including setting the `push-to-registry` attribute in the [`attest` action](https://github.com/actions/attest) as documented in [Generating build provenance for container images](/actions/how-tos/secure-your-work/use-artifact-attestations/use-artifact-attestations#generating-build-provenance-for-container-images). This is required for the Policy Controller to verify the attestation. ## Getting started with Kubernetes admission controller diff --git a/content/actions/how-tos/secure-your-work/use-artifact-attestations/increase-security-rating.md b/content/actions/how-tos/secure-your-work/use-artifact-attestations/increase-security-rating.md index 4252a00c6f4e..80b4e3f9dc06 100644 --- a/content/actions/how-tos/secure-your-work/use-artifact-attestations/increase-security-rating.md +++ b/content/actions/how-tos/secure-your-work/use-artifact-attestations/increase-security-rating.md @@ -18,8 +18,8 @@ contentType: how-tos Before starting this guide, you should be familiar with: * The usage and security benefits of artifact attestations. See [AUTOTITLE](/actions/concepts/security/artifact-attestations). -* Generating artifact attestations. See [AUTOTITLE](/actions/security-guides/using-artifact-attestations-to-establish-provenance-for-builds). -* Writing and using reusable workflows. See [AUTOTITLE](/actions/using-workflows/reusing-workflows). +* Generating artifact attestations. See [AUTOTITLE](/actions/how-tos/secure-your-work/use-artifact-attestations/use-artifact-attestations). +* Writing and using reusable workflows. See [AUTOTITLE](/actions/how-tos/reuse-automations/reuse-workflows). ## Step 1: Configuring your builds diff --git a/content/actions/how-tos/secure-your-work/use-artifact-attestations/use-artifact-attestations.md b/content/actions/how-tos/secure-your-work/use-artifact-attestations/use-artifact-attestations.md index f385f9ab3643..17163c0586ba 100644 --- a/content/actions/how-tos/secure-your-work/use-artifact-attestations/use-artifact-attestations.md +++ b/content/actions/how-tos/secure-your-work/use-artifact-attestations/use-artifact-attestations.md @@ -77,7 +77,7 @@ When you run your updated workflows, they will build your artifacts and generate The value of the `subject-name` parameter should specify the fully-qualified image name. For example, `ghcr.io/user/app` or `acme.azurecr.io/user/app`. Do not include a tag as part of the image name. - The value of the `subject-digest` parameter should be set to the SHA256 digest of the subject for the attestation, in the form `sha256:HEX_DIGEST`. If your workflow uses `docker/build-push-action`, you can use the [`digest`](https://github.com/docker/build-push-action?tab=readme-ov-file#outputs) output from that step to supply the value. For more information on using outputs, see [AUTOTITLE](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idoutputs). + The value of the `subject-digest` parameter should be set to the SHA256 digest of the subject for the attestation, in the form `sha256:HEX_DIGEST`. If your workflow uses `docker/build-push-action`, you can use the [`digest`](https://github.com/docker/build-push-action?tab=readme-ov-file#outputs) output from that step to supply the value. For more information on using outputs, see [AUTOTITLE](/actions/reference/workflows-and-actions/workflow-syntax#jobsjob_idoutputs). ## Generating an attestation for a software bill of materials (SBOM) @@ -140,7 +140,7 @@ When you run your updated workflows, they will build your artifacts and generate The value of the `subject-name` parameter should specify the fully-qualified image name. For example, `ghcr.io/user/app` or `acme.azurecr.io/user/app`. Do not include a tag as part of the image name. - The value of the `subject-digest` parameter should be set to the SHA256 digest of the subject for the attestation, in the form `sha256:HEX_DIGEST`. If your workflow uses `docker/build-push-action`, you can use the [`digest`](https://github.com/docker/build-push-action?tab=readme-ov-file#outputs) output from that step to supply the value. For more information on using outputs, see [AUTOTITLE](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idoutputs). + The value of the `subject-digest` parameter should be set to the SHA256 digest of the subject for the attestation, in the form `sha256:HEX_DIGEST`. If your workflow uses `docker/build-push-action`, you can use the [`digest`](https://github.com/docker/build-push-action?tab=readme-ov-file#outputs) output from that step to supply the value. For more information on using outputs, see [AUTOTITLE](/actions/reference/workflows-and-actions/workflow-syntax#jobsjob_idoutputs). The value of the `sbom-path` parameter should be set to the path to the JSON-formatted SBOM file you want to attest. @@ -156,7 +156,7 @@ For an example workflow, see [AUTOTITLE](/code-security/how-tos/secure-your-supp You can validate artifact attestations for binaries and container images and validate SBOM attestations using the {% data variables.product.prodname_cli %}. For more information, see the [`attestation`](https://cli.github.com/manual/gh_attestation) section of the {% data variables.product.prodname_cli %} manual. ->[!NOTE]These commands assume you are in an online environment. If you are in an offline or air-gapped environment, see [AUTOTITLE](/actions/security-guides/verifying-attestations-offline). +> [!NOTE] These commands assume you are in an online environment. If you are in an offline or air-gapped environment, see [AUTOTITLE](/actions/how-tos/secure-your-work/use-artifact-attestations/verify-attestations-offline). ### Verifying an artifact attestation for binaries @@ -200,6 +200,6 @@ gh attestation verify PATH/TO/YOUR/BUILD/ARTIFACT-BINARY \ ## Next steps -To keep your attestations relevant and manageable, you should delete attestations that are no longer needed. See [AUTOTITLE](/actions/how-tos/security-for-github-actions/using-artifact-attestations/managing-the-lifecycle-of-artifact-attestations). +To keep your attestations relevant and manageable, you should delete attestations that are no longer needed. See [AUTOTITLE](/actions/how-tos/secure-your-work/use-artifact-attestations/manage-attestations). -You can also generate release attestations to help consumers verify the integrity and origin of your releases. For more information, see [AUTOTITLE](/code-security/supply-chain-security/understanding-your-software-supply-chain/immutable-releases). +You can also generate release attestations to help consumers verify the integrity and origin of your releases. For more information, see [AUTOTITLE](/code-security/concepts/supply-chain-security/immutable-releases). diff --git a/content/actions/how-tos/secure-your-work/use-artifact-attestations/verify-attestations-offline.md b/content/actions/how-tos/secure-your-work/use-artifact-attestations/verify-attestations-offline.md index d7b218b10713..d590b5f78038 100644 --- a/content/actions/how-tos/secure-your-work/use-artifact-attestations/verify-attestations-offline.md +++ b/content/actions/how-tos/secure-your-work/use-artifact-attestations/verify-attestations-offline.md @@ -16,7 +16,7 @@ contentType: how-tos ## Prerequisites -Before starting this guide, you should be generating artifact attestations for your builds. See [AUTOTITLE](/actions/security-guides/using-artifact-attestations-to-establish-provenance-for-builds). +Before starting this guide, you should be generating artifact attestations for your builds. See [AUTOTITLE](/actions/how-tos/secure-your-work/use-artifact-attestations/use-artifact-attestations). ## Step 1: Download attestation bundle diff --git a/content/actions/how-tos/troubleshoot-workflows.md b/content/actions/how-tos/troubleshoot-workflows.md index 45727d11433b..e0db3ae8b778 100644 --- a/content/actions/how-tos/troubleshoot-workflows.md +++ b/content/actions/how-tos/troubleshoot-workflows.md @@ -41,11 +41,11 @@ This opens a chat window with {% data variables.product.prodname_copilot %}, whe ### Using workflow run logs -Each workflow run generates activity logs that you can view, search, and download. For more information, see [AUTOTITLE](/actions/monitoring-and-troubleshooting-workflows/using-workflow-run-logs). +Each workflow run generates activity logs that you can view, search, and download. For more information, see [AUTOTITLE](/actions/how-tos/monitor-workflows/use-workflow-run-logs). ### Enabling debug logging -If the workflow logs do not provide enough detail to diagnose why a workflow, job, or step is not working as expected, you can enable additional debug logging. For more information, see [AUTOTITLE](/actions/monitoring-and-troubleshooting-workflows/enabling-debug-logging). +If the workflow logs do not provide enough detail to diagnose why a workflow, job, or step is not working as expected, you can enable additional debug logging. For more information, see [AUTOTITLE](/actions/how-tos/monitor-workflows/enable-debug-logging). If your workflow uses specific tools or actions, enabling their debug or verbose logging options can help generate more detailed output for troubleshooting. For example, you can use `npm install --verbose` for npm or `GIT_TRACE=1 GIT_CURL_VERBOSE=1 git ...` for git. @@ -54,11 +54,11 @@ For example, you can use `npm install --verbose` for npm or `GIT_TRACE=1 GIT_CUR ## Reviewing billing errors -Actions usage includes runner minutes and storage for [workflow artifacts](/actions/writing-workflows/choosing-what-your-workflow-does/storing-and-sharing-data-from-a-workflow). For more information, see [AUTOTITLE](/billing/managing-billing-for-your-products/managing-billing-for-github-actions/about-billing-for-github-actions). +Actions usage includes runner minutes and storage for [workflow artifacts](/actions/tutorials/store-and-share-data). For more information, see [AUTOTITLE](/billing/concepts/product-billing/github-actions). ### Setting a budget -Setting an Actions budget may help immediately unblock workflows failing due to billing or storage errors. It will allow further minutes and storage usage to be billed up to the set budget amount. To learn more, see [AUTOTITLE](/billing/managing-your-billing/preventing-overspending). +Setting an Actions budget may help immediately unblock workflows failing due to billing or storage errors. It will allow further minutes and storage usage to be billed up to the set budget amount. To learn more, see [AUTOTITLE](/billing/how-tos/set-up-budgets). {% endif %} @@ -66,16 +66,16 @@ Setting an Actions budget may help immediately unblock workflows failing due to ## Reviewing {% data variables.product.prodname_actions %} activity with metrics -To analyze the efficiency and reliability of your workflows using metrics, see [AUTOTITLE](/actions/administering-github-actions/viewing-github-actions-metrics). +To analyze the efficiency and reliability of your workflows using metrics, see [AUTOTITLE](/actions/how-tos/administer/view-metrics). {% endif %} ## Troubleshooting workflow triggers First, make sure that your workflow wasn't disabled manually, see [AUTOTITLE](/actions/how-tos/manage-workflow-runs/disable-and-enable-workflows). A disabled workflow does not respond to its triggers. -You can review your workflow's `on:` field to understand what is expected to trigger the workflow. For more information, see [AUTOTITLE](/actions/writing-workflows/choosing-when-your-workflow-runs/triggering-a-workflow). +You can review your workflow's `on:` field to understand what is expected to trigger the workflow. For more information, see [AUTOTITLE](/actions/how-tos/write-workflows/choose-when-workflows-run/trigger-a-workflow). -For a full list of available events, see [AUTOTITLE](/actions/writing-workflows/choosing-when-your-workflow-runs/events-that-trigger-workflows). +For a full list of available events, see [AUTOTITLE](/actions/reference/workflows-and-actions/events-that-trigger-workflows). ### Triggering event conditions @@ -83,21 +83,21 @@ Some triggering events only run from the default branch (i.e. `issues`, `schedul Workflows will not run on `pull_request` activity if the pull request has a merge conflict. -Workflows that would otherwise be triggered on `push` or `pull_request` activity will be skipped if the commit message contains a skip annotation. For more information, see [AUTOTITLE](/actions/managing-workflow-runs-and-deployments/managing-workflow-runs/skipping-workflow-runs). +Workflows that would otherwise be triggered on `push` or `pull_request` activity will be skipped if the commit message contains a skip annotation. For more information, see [AUTOTITLE](/actions/how-tos/manage-workflow-runs/skip-workflow-runs). ### Scheduled workflows running at unexpected times Scheduled events can be delayed during periods of high loads of {% data variables.product.prodname_actions %} workflow runs. -High load times include the start of every hour. If the load is sufficiently high enough, some queued jobs may be dropped. To decrease the chance of delay, schedule your workflow to run at a different time of the hour. For more information, see [AUTOTITLE](/actions/writing-workflows/choosing-when-your-workflow-runs/events-that-trigger-workflows#schedule). +High load times include the start of every hour. If the load is sufficiently high enough, some queued jobs may be dropped. To decrease the chance of delay, schedule your workflow to run at a different time of the hour. For more information, see [AUTOTITLE](/actions/reference/workflows-and-actions/events-that-trigger-workflows#schedule). ### Filtering and diff limits Specific events allow for filtering by branch, tag, and/or paths you can customize. Workflow run creation will be skipped if the filter conditions apply to filter out the workflow. -You can use special characters with filters. For more information, see [AUTOTITLE](/actions/writing-workflows/workflow-syntax-for-github-actions#filter-pattern-cheat-sheet). +You can use special characters with filters. For more information, see [AUTOTITLE](/actions/reference/workflows-and-actions/workflow-syntax#filter-pattern-cheat-sheet). -For path filtering, evaluating diffs is limited to the first 300 files. If there are files changed that are not matched in the first 300 files returned by the filter, the workflow will not be run. For more information, see [AUTOTITLE](/actions/writing-workflows/workflow-syntax-for-github-actions#git-diff-comparisons). +For path filtering, evaluating diffs is limited to the first 300 files. If there are files changed that are not matched in the first 300 files returned by the filter, the workflow will not be run. For more information, see [AUTOTITLE](/actions/reference/workflows-and-actions/workflow-syntax#git-diff-comparisons). ## Troubleshoot workflow execution @@ -122,19 +122,19 @@ For more information, see [AUTOTITLE](/actions/how-tos/monitor-workflows/view-jo ### Canceling Workflows -If standard cancellation through the [UI](/actions/managing-workflow-runs-and-deployments/managing-workflow-runs/canceling-a-workflow) or [API](/rest/actions/workflow-runs?apiVersion=2022-11-28#cancel-a-workflow-run) does not process as expected, there may be a conditional statement configured for your running workflow job(s) that causes it to not cancel. +If standard cancellation through the [UI](/actions/how-tos/manage-workflow-runs/cancel-a-workflow-run) or [API](/rest/actions/workflow-runs?apiVersion=2022-11-28#cancel-a-workflow-run) does not process as expected, there may be a conditional statement configured for your running workflow job(s) that causes it to not cancel. In these cases, you can leverage the API to force cancel the run. For more information, see [AUTOTITLE](/rest/actions/workflow-runs?apiVersion=2022-11-28#force-cancel-a-workflow-run). -A common cause can be using the `always()` [status check function](/actions/writing-workflows/choosing-what-your-workflow-does/evaluate-expressions-in-workflows-and-actions#status-check-functions) which returns `true`, even on cancellation. An alternative is to use the inverse of the `cancelled()` function, `{% raw %}${{ !cancelled() }}{% endraw %}`. +A common cause can be using the `always()` [status check function](/actions/reference/workflows-and-actions/expressions#status-check-functions) which returns `true`, even on cancellation. An alternative is to use the inverse of the `cancelled()` function, `{% raw %}${{ !cancelled() }}{% endraw %}`. -For more information, see [AUTOTITLE](/actions/writing-workflows/choosing-when-your-workflow-runs/using-conditions-to-control-job-execution) and [AUTOTITLE](/actions/managing-workflow-runs-and-deployments/managing-workflow-runs/canceling-a-workflow#steps-github-takes-to-cancel-a-workflow-run). +For more information, see [AUTOTITLE](/actions/how-tos/write-workflows/choose-when-workflows-run/control-jobs-with-conditions) and [AUTOTITLE](/actions/how-tos/manage-workflow-runs/cancel-a-workflow-run#steps-github-takes-to-cancel-a-workflow-run). ## Troubleshooting runners ### Defining runner labels -{% data variables.product.github %}-hosted runners leverage [preset labels](/actions/using-github-hosted-runners/using-github-hosted-runners/about-github-hosted-runners#standard-github-hosted-runners-for-public-repositories) maintained through the [`actions/runner-images`](https://github.com/actions/runner-images?tab=readme-ov-file#available-images) repository. +{% data variables.product.github %}-hosted runners leverage [preset labels](/actions/concepts/runners/github-hosted-runners#standard-github-hosted-runners-for-public-repositories) maintained through the [`actions/runner-images`](https://github.com/actions/runner-images?tab=readme-ov-file#available-images) repository. We recommend using unique label names for larger and self-hosted runners. If a label matches to any of the existing preset labels, there can be runner assignment issues where there is no guarantee on which matching runner option the job will run on. @@ -179,7 +179,7 @@ Activities may become blocked by firewalls. If this occurs, you may want to revi Activities could fail when using a proxy for communications. It's good practice to review available logs, vendor documentation, or consult with your administrators for additional assistance. -Refer to [AUTOTITLE](/actions/how-tos/manage-runners/self-hosted-runners/use-proxy-servers) for information about configuring the runner application to utilize a proxy. +Refer to [AUTOTITLE](/actions/how-tos/manage-runners/use-proxy-servers) for information about configuring the runner application to utilize a proxy. ### Subnets diff --git a/content/actions/how-tos/write-workflows/choose-what-workflows-do/add-scripts.md b/content/actions/how-tos/write-workflows/choose-what-workflows-do/add-scripts.md index fd477e870a6b..6dcc82dd1e46 100644 --- a/content/actions/how-tos/write-workflows/choose-what-workflows-do/add-scripts.md +++ b/content/actions/how-tos/write-workflows/choose-what-workflows-do/add-scripts.md @@ -24,7 +24,7 @@ jobs: - run: npm install -g bats ``` -To use a workflow to run a script stored in your repository you must first check out the repository to the runner. Having done this, you can use the `run` keyword to run the script on the runner. The following example runs two scripts, each in a separate job step. The location of the scripts on the runner is specified by setting a default working directory for run commands. For more information, see [AUTOTITLE](/actions/using-jobs/setting-default-values-for-jobs). +To use a workflow to run a script stored in your repository you must first check out the repository to the runner. Having done this, you can use the `run` keyword to run the script on the runner. The following example runs two scripts, each in a separate job step. The location of the scripts on the runner is specified by setting a default working directory for run commands. For more information, see [AUTOTITLE](/actions/how-tos/write-workflows/choose-what-workflows-do/set-default-values-for-jobs). ```yaml jobs: @@ -62,4 +62,4 @@ jobs: ./my-other-script.sh ``` -For more information about the `run` keyword, see [AUTOTITLE](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun). +For more information about the `run` keyword, see [AUTOTITLE](/actions/reference/workflows-and-actions/workflow-syntax#jobsjob_idstepsrun). diff --git a/content/actions/how-tos/write-workflows/choose-what-workflows-do/deploy-to-environment.md b/content/actions/how-tos/write-workflows/choose-what-workflows-do/deploy-to-environment.md index f1a09ff7a0d6..98e6a1058d28 100644 --- a/content/actions/how-tos/write-workflows/choose-what-workflows-do/deploy-to-environment.md +++ b/content/actions/how-tos/write-workflows/choose-what-workflows-do/deploy-to-environment.md @@ -19,12 +19,12 @@ contentType: how-tos ## Prerequisites -You need to create an environment before you can use it in a workflow. See [AUTOTITLE](/actions/how-tos/managing-workflow-runs-and-deployments/managing-deployments/managing-environments-for-deployment#creating-an-environment). +You need to create an environment before you can use it in a workflow. See [AUTOTITLE](/actions/how-tos/deploy/configure-and-manage-deployments/manage-environments#creating-an-environment). ## Using an environment in a workflow 1. Open the workflow file you want to edit. -1. Use the following syntax to add a [`jobs..environment`](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idenvironment) key to your workflow: +1. Use the following syntax to add a [`jobs..environment`](/actions/reference/workflows-and-actions/workflow-syntax#jobsjob_idenvironment) key to your workflow: ```yaml copy jobs: diff --git a/content/actions/how-tos/write-workflows/choose-what-workflows-do/find-and-customize-actions.md b/content/actions/how-tos/write-workflows/choose-what-workflows-do/find-and-customize-actions.md index 5761eb9bbfc9..d47e9f2a6154 100644 --- a/content/actions/how-tos/write-workflows/choose-what-workflows-do/find-and-customize-actions.md +++ b/content/actions/how-tos/write-workflows/choose-what-workflows-do/find-and-customize-actions.md @@ -45,7 +45,7 @@ You can add an action to your workflow by referencing the action in your workflo * Any public repository * A published Docker container image on Docker Hub -You can view the actions referenced in your {% data variables.product.prodname_actions %} workflows as dependencies in the dependency graph of the repository containing your workflows. For more information, see “[About the dependency graph](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph).” +You can view the actions referenced in your {% data variables.product.prodname_actions %} workflows as dependencies in the dependency graph of the repository containing your workflows. For more information, see “[AUTOTITLE](/code-security/concepts/supply-chain-security/dependency-graph).” {% data reusables.actions.actions-redirects-workflows %} @@ -57,8 +57,8 @@ An action's listing page includes the action's version and the workflow syntax r 1. Click to view the full marketplace listing for the action. 1. Under "Installation", click {% octicon "copy" aria-label="Copy to clipboard" %} to copy the workflow syntax. ![Screenshot of the marketplace listing for an action. The "Copy to clipboard" icon for the action is highlighted with a dark orange outline.](/assets/images/help/repository/actions-sidebar-detailed-view.png) -1. Paste the syntax as a new step in your workflow. For more information, see [AUTOTITLE](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idsteps). -1. If the action requires you to provide inputs, set them in your workflow. For information on inputs an action might require, see [AUTOTITLE](/actions/learn-github-actions/finding-and-customizing-actions#using-inputs-and-outputs-with-an-action). +1. Paste the syntax as a new step in your workflow. For more information, see [AUTOTITLE](/actions/reference/workflows-and-actions/workflow-syntax#jobsjob_idsteps). +1. If the action requires you to provide inputs, set them in your workflow. For information on inputs an action might require, see [AUTOTITLE](/actions/how-tos/write-workflows/choose-what-workflows-do/find-and-customize-actions#using-inputs-and-outputs-with-an-action). {% data reusables.dependabot.version-updates-for-actions %} @@ -70,13 +70,13 @@ If an action is defined in the same repository where your workflow file uses the {% data reusables.actions.workflows.section-referencing-an-action-from-the-same-repository %} -The `action.yml` file is used to provide metadata for the action. Learn about the content of this file in [AUTOTITLE](/actions/creating-actions/metadata-syntax-for-github-actions). +The `action.yml` file is used to provide metadata for the action. Learn about the content of this file in [AUTOTITLE](/actions/reference/workflows-and-actions/metadata-syntax). ### Adding an action from a different repository If an action is defined in a different repository than your workflow file, you can reference the action with the `{owner}/{repo}@{ref}` syntax in your workflow file. -The action must be stored in a public repository{% ifversion ghec or ghes %} or an internal repository that is configured to allow access to workflows. For more information, see [AUTOTITLE](/actions/creating-actions/sharing-actions-and-workflows-with-your-enterprise).{% else %}.{% endif %} +The action must be stored in a public repository{% ifversion ghec or ghes %} or an internal repository that is configured to allow access to workflows. For more information, see [AUTOTITLE](/actions/how-tos/reuse-automations/share-with-your-enterprise).{% else %}.{% endif %} ```yaml jobs: @@ -102,7 +102,7 @@ jobs: uses: docker://alpine:3.8 ``` -For some examples of Docker actions, see the [Docker-image.yml workflow](https://github.com/actions/starter-workflows/blob/main/ci/docker-image.yml) and [AUTOTITLE](/actions/creating-actions/creating-a-docker-container-action). +For some examples of Docker actions, see the [Docker-image.yml workflow](https://github.com/actions/starter-workflows/blob/main/ci/docker-image.yml) and [AUTOTITLE](/actions/tutorials/use-containerized-services/create-a-docker-container-action). ### Security hardening for using actions in your workflows @@ -115,7 +115,7 @@ The creators of a community action have the option to use tags, branches, or SHA You will designate the version of the action in your workflow file. Check the action's documentation for information on their approach to release management, and to see which tag, branch, or SHA value to use. > [!NOTE] -> We recommend that you use a SHA value when using third-party actions. However, it's important to note {% data variables.product.prodname_dependabot %} will only create {% data variables.product.prodname_dependabot_alerts %} for vulnerable {% data variables.product.prodname_actions %} that use semantic versioning. For more information, see [AUTOTITLE](/actions/security-guides/security-hardening-for-github-actions#using-third-party-actions) and [AUTOTITLE](/code-security/dependabot/dependabot-alerts/about-dependabot-alerts). +> We recommend that you use a SHA value when using third-party actions. However, it's important to note {% data variables.product.prodname_dependabot %} will only create {% data variables.product.prodname_dependabot_alerts %} for vulnerable {% data variables.product.prodname_actions %} that use semantic versioning. For more information, see [AUTOTITLE](/actions/reference/security/secure-use#using-third-party-actions) and [AUTOTITLE](/code-security/concepts/supply-chain-security/dependabot-alerts). ### Using tags @@ -144,7 +144,7 @@ steps: - uses: actions/javascript-action@main ``` -For more information, see [AUTOTITLE](/actions/creating-actions/about-custom-actions#using-release-management-for-actions). +For more information, see [AUTOTITLE](/actions/concepts/workflows-and-actions/custom-actions#using-release-management-for-actions). ## Using inputs and outputs with an action diff --git a/content/actions/how-tos/write-workflows/choose-what-workflows-do/pass-job-outputs.md b/content/actions/how-tos/write-workflows/choose-what-workflows-do/pass-job-outputs.md index f75a7ac45a0c..e64ca289de6a 100644 --- a/content/actions/how-tos/write-workflows/choose-what-workflows-do/pass-job-outputs.md +++ b/content/actions/how-tos/write-workflows/choose-what-workflows-do/pass-job-outputs.md @@ -62,9 +62,9 @@ contentType: how-tos ## Next steps -To learn more about job outputs and the `needs` context, see the following sections of [AUTOTITLE](/actions/reference/workflow-syntax-for-github-actions#jobsjob_idoutputs): -* [`jobs..outputs`](/actions/reference/workflow-syntax-for-github-actions#jobsjob_idoutputs) -* [`jobs..needs`](/actions/reference/workflow-syntax-for-github-actions#jobsjob_idneeds) +To learn more about job outputs and the `needs` context, see the following sections of [AUTOTITLE](/actions/reference/workflows-and-actions/workflow-syntax#jobsjob_idoutputs): +* [`jobs..outputs`](/actions/reference/workflows-and-actions/workflow-syntax#jobsjob_idoutputs) +* [`jobs..needs`](/actions/reference/workflows-and-actions/workflow-syntax#jobsjob_idneeds) To learn more about passing job outputs from one workflow to another, see the following section of [AUTOTITLE](/actions/how-tos/reuse-automations/reuse-workflows): * [Using outputs from a reusable workflow](/actions/how-tos/reuse-automations/reuse-workflows#using-outputs-from-a-reusable-workflow) diff --git a/content/actions/how-tos/write-workflows/choose-what-workflows-do/run-job-variations.md b/content/actions/how-tos/write-workflows/choose-what-workflows-do/run-job-variations.md index ec1537676dfe..d1c9ff1c9e73 100644 --- a/content/actions/how-tos/write-workflows/choose-what-workflows-do/run-job-variations.md +++ b/content/actions/how-tos/write-workflows/choose-what-workflows-do/run-job-variations.md @@ -46,13 +46,13 @@ The above matrix will create the jobs in the following order. * `{version: 14, os: ubuntu-latest}` * `{version: 14, os: windows-latest}` -For reference information and examples, see [AUTOTITLE](/actions/reference/workflow-syntax-for-github-actions#jobsjob_idstrategymatrix). +For reference information and examples, see [AUTOTITLE](/actions/reference/workflows-and-actions/workflow-syntax#jobsjob_idstrategymatrix). ## Using contexts to create matrices -To create matrices with information about workflow runs, variables, runner environments, jobs, and steps, access contexts using the {% raw %}`${{ }}`{% endraw %} expression syntax. For more information about contexts, see [AUTOTITLE](/actions/learn-github-actions/contexts). +To create matrices with information about workflow runs, variables, runner environments, jobs, and steps, access contexts using the {% raw %}`${{ }}`{% endraw %} expression syntax. For more information about contexts, see [AUTOTITLE](/actions/reference/workflows-and-actions/contexts). -For example, the following workflow triggers on the `repository_dispatch` event and uses information from the event payload to build the matrix. When a repository dispatch event is created with a payload like the one below, the matrix `version` variable will have a value of `[12, 14, 16]`. For more information about the `repository_dispatch` trigger, see [AUTOTITLE](/actions/using-workflows/events-that-trigger-workflows#repository_dispatch). +For example, the following workflow triggers on the `repository_dispatch` event and uses information from the event payload to build the matrix. When a repository dispatch event is created with a payload like the one below, the matrix `version` variable will have a value of `[12, 14, 16]`. For more information about the `repository_dispatch` trigger, see [AUTOTITLE](/actions/reference/workflows-and-actions/events-that-trigger-workflows#repository_dispatch). ```json { @@ -120,7 +120,7 @@ Each `include` entry was applied in the following ways. * `{fruit: banana}` cannot be added to any original matrix combination without overwriting a value, so it is added as an additional matrix combination. * `{fruit: banana, animal: cat}` cannot be added to any original matrix combination without overwriting a value, so it is added as an additional matrix combination. It does not add to the `{fruit: banana}` matrix combination because that combination was not one of the original matrix combinations. -For reference and example configurations, see [AUTOTITLE](/actions/reference/workflow-syntax-for-github-actions#jobsjob_idstrategymatrixinclude). +For reference and example configurations, see [AUTOTITLE](/actions/reference/workflows-and-actions/workflow-syntax#jobsjob_idstrategymatrixinclude). ## Excluding matrix configurations @@ -143,7 +143,7 @@ strategy: runs-on: {% raw %}${{ matrix.os }}{% endraw %} ``` -For reference information, see [AUTOTITLE](/actions/reference/workflow-syntax-for-github-actions#jobsjob_idstrategymatrixexclude) +For reference information, see [AUTOTITLE](/actions/reference/workflows-and-actions/workflow-syntax#jobsjob_idstrategymatrixexclude) ## Using an output to define two matrices @@ -230,7 +230,7 @@ jobs: experimental: true ``` -For reference information see [`jobs..strategy.fail-fast`](/actions/reference/workflow-syntax-for-github-actions#jobsjob_idstrategyfail-fast) and [`jobs..continue-on-error`](/actions/reference/workflow-syntax-for-github-actions#jobsjob_idcontinue-on-error). +For reference information see [`jobs..strategy.fail-fast`](/actions/reference/workflows-and-actions/workflow-syntax#jobsjob_idstrategyfail-fast) and [`jobs..continue-on-error`](/actions/reference/workflows-and-actions/workflow-syntax#jobsjob_idcontinue-on-error). ## Defining the maximum number of concurrent jobs @@ -248,4 +248,4 @@ jobs: os: [ubuntu-latest, windows-latest] ``` -For reference information, see [AUTOTITLE](/actions/reference/workflow-syntax-for-github-actions#jobsjob_idstrategymax-parallel). +For reference information, see [AUTOTITLE](/actions/reference/workflows-and-actions/workflow-syntax#jobsjob_idstrategymax-parallel). diff --git a/content/actions/how-tos/write-workflows/choose-what-workflows-do/use-jobs.md b/content/actions/how-tos/write-workflows/choose-what-workflows-do/use-jobs.md index 95c1db90af4d..24171f273b07 100644 --- a/content/actions/how-tos/write-workflows/choose-what-workflows-do/use-jobs.md +++ b/content/actions/how-tos/write-workflows/choose-what-workflows-do/use-jobs.md @@ -17,7 +17,7 @@ contentType: how-tos ## Prerequisites -To implement jobs in your workflows, you need to understand what jobs are. See [AUTOTITLE](/actions/get-started/understanding-github-actions#jobs). +To implement jobs in your workflows, you need to understand what jobs are. See [AUTOTITLE](/actions/get-started/understand-github-actions#jobs). ## Setting an ID for a job @@ -35,4 +35,4 @@ To implement jobs in your workflows, you need to understand what jobs are. See [ To automatically run a job with different combinations of variables, such as operating systems or language versions, define a `matrix` strategy in your workflow. -For more information, see [AUTOTITLE](/actions/how-tos/writing-workflows/choosing-what-your-workflow-does/running-variations-of-jobs-in-a-workflow). +For more information, see [AUTOTITLE](/actions/how-tos/write-workflows/choose-what-workflows-do/run-job-variations). diff --git a/content/actions/how-tos/write-workflows/choose-what-workflows-do/use-secrets.md b/content/actions/how-tos/write-workflows/choose-what-workflows-do/use-secrets.md index cac993502734..e73606fa0e63 100644 --- a/content/actions/how-tos/write-workflows/choose-what-workflows-do/use-secrets.md +++ b/content/actions/how-tos/write-workflows/choose-what-workflows-do/use-secrets.md @@ -169,13 +169,13 @@ You can check which access policies are being applied to a secret in your organi > [!NOTE] > * {% data reusables.actions.forked-secrets %} -> * Secrets are not automatically passed to reusable workflows. For more information, see [AUTOTITLE](/actions/using-workflows/reusing-workflows#passing-inputs-and-secrets-to-a-reusable-workflow). -> * Secrets are not available to workflows triggered by {% data variables.product.prodname_dependabot %} events. For more information, see [AUTOTITLE](/code-security/dependabot/troubleshooting-dependabot/troubleshooting-dependabot-on-github-actions#accessing-secrets). +> * Secrets are not automatically passed to reusable workflows. For more information, see [AUTOTITLE](/actions/how-tos/reuse-automations/reuse-workflows#passing-inputs-and-secrets-to-a-reusable-workflow). +> * Secrets are not available to workflows triggered by {% data variables.product.prodname_dependabot %} events. For more information, see [AUTOTITLE](/code-security/reference/supply-chain-security/troubleshoot-dependabot/dependabot-on-actions#accessing-secrets). > * {% data reusables.actions.about-oidc-short-overview %} > [!WARNING] Mask all sensitive information that is not a {% data variables.product.prodname_dotcom %} secret by using `::add-mask::VALUE`. This causes the value to be treated as a secret and redacted from logs. -To provide an action with a secret as an input or environment variable, you can use the `secrets` context to access secrets you've created in your repository. For more information, see [AUTOTITLE](/actions/learn-github-actions/contexts) and [AUTOTITLE](/actions/using-workflows/workflow-syntax-for-github-actions). +To provide an action with a secret as an input or environment variable, you can use the `secrets` context to access secrets you've created in your repository. For more information, see [AUTOTITLE](/actions/reference/workflows-and-actions/contexts) and [AUTOTITLE](/actions/reference/workflows-and-actions/workflow-syntax). {% raw %} @@ -190,7 +190,7 @@ steps: {% endraw %} -Secrets cannot be directly referenced in `if:` conditionals. Instead, consider setting secrets as job-level environment variables, then referencing the environment variables to conditionally run steps in the job. For more information, see [AUTOTITLE](/actions/learn-github-actions/contexts#context-availability) and [`jobs..steps[*].if`](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsif). +Secrets cannot be directly referenced in `if:` conditionals. Instead, consider setting secrets as job-level environment variables, then referencing the environment variables to conditionally run steps in the job. For more information, see [AUTOTITLE](/actions/reference/workflows-and-actions/contexts#context-availability) and [`jobs..steps[*].if`](/actions/reference/workflows-and-actions/workflow-syntax#jobsjob_idstepsif). If a secret has not been set, the return value of an expression referencing the secret (such as {% raw %}`${{ secrets.SuperSecret }}`{% endraw %} in the example) will be an empty string. @@ -318,11 +318,11 @@ To use secrets that are larger than 48 KB, you can use a workaround to store sec ## Storing Base64 binary blobs as secrets -You can use Base64 encoding to store small binary blobs as secrets. You can then reference the secret in your workflow and decode it for use on the runner. For the size limits, see [AUTOTITLE](/actions/security-guides/using-secrets-in-github-actions#limits-for-secrets). +You can use Base64 encoding to store small binary blobs as secrets. You can then reference the secret in your workflow and decode it for use on the runner. For the size limits, see [AUTOTITLE](/actions/how-tos/write-workflows/choose-what-workflows-do/use-secrets#limits-for-secrets). > [!NOTE] > * Note that Base64 only converts binary to text, and is not a substitute for actual encryption. -> * Using another shell might require different commands for decoding the secret to a file. On Windows runners, we recommend [using a bash shell](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsshell) with `shell: bash` to use the commands in the `run` step above. +> * Using another shell might require different commands for decoding the secret to a file. On Windows runners, we recommend [using a bash shell](/actions/reference/workflows-and-actions/workflow-syntax#jobsjob_idstepsshell) with `shell: bash` to use the commands in the `run` step above. 1. Use `base64` to encode your file into a Base64 string. For example: @@ -369,4 +369,4 @@ You can use Base64 encoding to store small binary blobs as secrets. You can then ## Next steps -For reference information, see [AUTOTITLE](/actions/reference/secrets-reference). +For reference information, see [AUTOTITLE](/actions/reference/security/secrets). diff --git a/content/actions/how-tos/write-workflows/choose-what-workflows-do/use-variables.md b/content/actions/how-tos/write-workflows/choose-what-workflows-do/use-variables.md index fb1ab12d64e9..f3227fe2550b 100644 --- a/content/actions/how-tos/write-workflows/choose-what-workflows-do/use-variables.md +++ b/content/actions/how-tos/write-workflows/choose-what-workflows-do/use-variables.md @@ -26,9 +26,9 @@ contentType: how-tos To set a custom environment variable for a single workflow, you can define it using the `env` key in the workflow file. The scope of a custom variable set by this method is limited to the element in which it is defined. You can define variables that are scoped for: -* The entire workflow, by using [`env`](/actions/using-workflows/workflow-syntax-for-github-actions#env) at the top level of the workflow file. -* The contents of a job within a workflow, by using [`jobs..env`](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idenv). -* A specific step within a job, by using [`jobs..steps[*].env`](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsenv). +* The entire workflow, by using [`env`](/actions/reference/workflows-and-actions/workflow-syntax#env) at the top level of the workflow file. +* The contents of a job within a workflow, by using [`jobs..env`](/actions/reference/workflows-and-actions/workflow-syntax#jobsjob_idenv). +* A specific step within a job, by using [`jobs..steps[*].env`](/actions/reference/workflows-and-actions/workflow-syntax#jobsjob_idstepsenv). {% raw %} @@ -59,7 +59,7 @@ You can access `env` variable values using runner environment variables or using The commands in the `run` steps of a workflow, or a referenced action, are processed by the shell you are using on the runner. The instructions in the other parts of a workflow are processed by {% data variables.product.prodname_actions %} and are not sent to the runner. You can use either runner environment variables or contexts in `run` steps, but in the parts of a workflow that are not sent to the runner you must use contexts to access variable values. For more information, see [Using contexts to access variable values](#using-contexts-to-access-variable-values). -Because runner environment variable interpolation is done after a workflow job is sent to a runner machine, you must use the appropriate syntax for the shell that's used on the runner. In this example, the workflow specifies `ubuntu-latest`. By default, Linux runners use the bash shell, so you must use the syntax `$NAME`. By default, Windows runners use PowerShell, so you would use the syntax `$env:NAME`. For more information about shells, see [AUTOTITLE](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsshell). +Because runner environment variable interpolation is done after a workflow job is sent to a runner machine, you must use the appropriate syntax for the shell that's used on the runner. In this example, the workflow specifies `ubuntu-latest`. By default, Linux runners use the bash shell, so you must use the syntax `$NAME`. By default, Windows runners use PowerShell, so you would use the syntax `$env:NAME`. For more information about shells, see [AUTOTITLE](/actions/reference/workflows-and-actions/workflow-syntax#jobsjob_idstepsshell). ## Defining configuration variables for multiple workflows @@ -115,7 +115,7 @@ When you define configuration variables, they are automatically available in the ## Using contexts to access variable values -{% data reusables.actions.actions-contexts-about-description %} For more information, see [AUTOTITLE](/actions/learn-github-actions/contexts). There are many other contexts that you can use for a variety of purposes in your workflows. For details of where you can use specific contexts within a workflow, see [AUTOTITLE](/actions/learn-github-actions/contexts#context-availability). +{% data reusables.actions.actions-contexts-about-description %} For more information, see [AUTOTITLE](/actions/reference/workflows-and-actions/contexts). There are many other contexts that you can use for a variety of purposes in your workflows. For details of where you can use specific contexts within a workflow, see [AUTOTITLE](/actions/reference/workflows-and-actions/contexts#context-availability). You can access environment variable values using the `env` context and configuration variable values using the `vars` context. @@ -152,7 +152,7 @@ jobs: {% endraw %} -In this modification of the earlier example, we've introduced an `if` conditional. The workflow step is now only run if `DAY_OF_WEEK` is set to "Monday". We access this value from the `if` conditional statement by using the [`env` context](/actions/learn-github-actions/contexts#env-context). The `env` context is not required for the variables referenced within the `run` command. They are referenced as runner environment variables and are interpolated after the job is received by the runner. We could, however, have chosen to interpolate those variables before sending the job to the runner, by using contexts. The resulting output would be the same. +In this modification of the earlier example, we've introduced an `if` conditional. The workflow step is now only run if `DAY_OF_WEEK` is set to "Monday". We access this value from the `if` conditional statement by using the [`env` context](/actions/reference/workflows-and-actions/contexts#env-context). The `env` context is not required for the variables referenced within the `run` command. They are referenced as runner environment variables and are interpolated after the job is received by the runner. We could, however, have chosen to interpolate those variables before sending the job to the runner, by using contexts. The resulting output would be the same. {% raw %} @@ -169,7 +169,7 @@ run: echo "${{ env.Greeting }} ${{ env.First_Name }}. Today is ${{ env.DAY_OF_WE ### Using the `vars` context to access configuration variable values -Configuration variables can be accessed across the workflow using `vars` context. For more information, see [AUTOTITLE](/actions/learn-github-actions/contexts#vars-context). +Configuration variables can be accessed across the workflow using `vars` context. For more information, see [AUTOTITLE](/actions/reference/workflows-and-actions/contexts#vars-context). {% data reusables.actions.actions-vars-context-example-usage %} @@ -200,10 +200,10 @@ In this example, the two `if` statements check the `os` property of the `runner` ## Passing values between steps and jobs in a workflow - If you generate a value in one step of a job, you can use the value in subsequent steps of the same job by assigning the value to an existing or new environment variable and then writing this to the `GITHUB_ENV` environment file. The environment file can be used directly by an action, or from a shell command in the workflow file by using the `run` keyword. For more information, see [AUTOTITLE](/actions/using-workflows/workflow-commands-for-github-actions#setting-an-environment-variable). + If you generate a value in one step of a job, you can use the value in subsequent steps of the same job by assigning the value to an existing or new environment variable and then writing this to the `GITHUB_ENV` environment file. The environment file can be used directly by an action, or from a shell command in the workflow file by using the `run` keyword. For more information, see [AUTOTITLE](/actions/reference/workflows-and-actions/workflow-commands#setting-an-environment-variable). - If you want to pass a value from a step in one job in a workflow to a step in another job in the workflow, you can define the value as a job output. You can then reference this job output from a step in another job. For more information, see [AUTOTITLE](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idoutputs). + If you want to pass a value from a step in one job in a workflow to a step in another job in the workflow, you can define the value as a job output. You can then reference this job output from a step in another job. For more information, see [AUTOTITLE](/actions/reference/workflows-and-actions/workflow-syntax#jobsjob_idoutputs). ## Next steps -For reference information, see [AUTOTITLE](/actions/reference/variables-reference). +For reference information, see [AUTOTITLE](/actions/reference/workflows-and-actions/variables). diff --git a/content/actions/how-tos/write-workflows/choose-when-workflows-run/trigger-a-workflow.md b/content/actions/how-tos/write-workflows/choose-when-workflows-run/trigger-a-workflow.md index 3915f0c0786d..76831f793cf4 100644 --- a/content/actions/how-tos/write-workflows/choose-when-workflows-run/trigger-a-workflow.md +++ b/content/actions/how-tos/write-workflows/choose-when-workflows-run/trigger-a-workflow.md @@ -23,11 +23,11 @@ To learn more about workflows and triggering workflows, see [AUTOTITLE](/actions ## Triggering a workflow from a workflow -{% data reusables.actions.actions-do-not-trigger-workflows %} For more information, see [AUTOTITLE](/actions/security-guides/automatic-token-authentication). +{% data reusables.actions.actions-do-not-trigger-workflows %} For more information, see [AUTOTITLE](/actions/tutorials/authenticate-with-github_token). If you do want to trigger a workflow from within a workflow run, you can use a {% data variables.product.prodname_github_app %} installation access token or a {% data variables.product.pat_generic %} instead of `GITHUB_TOKEN` to trigger events that require a token.{% ifversion actions-github-token-pull-request-approval %} Using one of these alternatives also lets `pull_request` workflows run automatically (without the approval prompt described above) when the pull request is created or updated by automation.{% endif %} -If you use a {% data variables.product.prodname_github_app %}, you'll need to create a {% data variables.product.prodname_github_app %} and store the app ID and private key as secrets. For more information, see [AUTOTITLE](/apps/creating-github-apps/guides/making-authenticated-api-requests-with-a-github-app-in-a-github-actions-workflow). If you use a {% data variables.product.pat_generic %}, you'll need to create a {% data variables.product.pat_generic %} and store it as a secret. For more information about creating a {% data variables.product.pat_generic %}, see [AUTOTITLE](/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token). For more information about storing secrets, see [AUTOTITLE](/actions/security-guides/using-secrets-in-github-actions). +If you use a {% data variables.product.prodname_github_app %}, you'll need to create a {% data variables.product.prodname_github_app %} and store the app ID and private key as secrets. For more information, see [AUTOTITLE](/apps/creating-github-apps/authenticating-with-a-github-app/making-authenticated-api-requests-with-a-github-app-in-a-github-actions-workflow). If you use a {% data variables.product.pat_generic %}, you'll need to create a {% data variables.product.pat_generic %} and store it as a secret. For more information about creating a {% data variables.product.pat_generic %}, see [AUTOTITLE](/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens). For more information about storing secrets, see [AUTOTITLE](/actions/how-tos/write-workflows/choose-what-workflows-do/use-secrets). To minimize your {% data variables.product.prodname_actions %} usage costs, ensure that you don't create recursive or unintended workflow runs. @@ -71,7 +71,7 @@ jobs: ## Using events to trigger workflows -Use the `on` key to specify what events trigger your workflow. For more information about events you can use, see [AUTOTITLE](/actions/using-workflows/events-that-trigger-workflows). +Use the `on` key to specify what events trigger your workflow. For more information about events you can use, see [AUTOTITLE](/actions/reference/workflows-and-actions/events-that-trigger-workflows). ### Using a single event @@ -157,7 +157,7 @@ You can use activity types and filters to further control when your workflow wil ## Defining inputs, outputs, and secrets for reusable workflows -You can define inputs and secrets that a reusable workflow should receive from a calling workflow. You can also specify outputs that a reusable workflow will make available to a calling workflow. For more information, see [AUTOTITLE](/actions/using-workflows/reusing-workflows). +You can define inputs and secrets that a reusable workflow should receive from a calling workflow. You can also specify outputs that a reusable workflow will make available to a calling workflow. For more information, see [AUTOTITLE](/actions/how-tos/reuse-automations/reuse-workflows). ## Using event information @@ -165,7 +165,7 @@ Information about the event that triggered a workflow run is available in the `g ### Viewing all properties of an event -Reference the webhook event documentation for common properties and example payloads. For more information, see [AUTOTITLE](/webhooks-and-events/webhooks/webhook-events-and-payloads). +Reference the webhook event documentation for common properties and example payloads. For more information, see [AUTOTITLE](/webhooks/webhook-events-and-payloads). You can also print the entire `github.event` context to see what properties are available for the event that triggered your workflow: @@ -210,7 +210,7 @@ jobs: gh pr comment $PR --body 'It looks like you edited `package*.json`, `.github/CODEOWNERS`, or `.github/workflows/**`. We do not allow contributions to these files. Please review our [contributing guidelines](https://github.com/octo-org/octo-repo/blob/main/CONTRIBUTING.md) for what contributions are accepted.' ``` -For more information about contexts, see [AUTOTITLE](/actions/learn-github-actions/contexts). For more information about event payloads, see [AUTOTITLE](/webhooks-and-events/webhooks/webhook-events-and-payloads). +For more information about contexts, see [AUTOTITLE](/actions/reference/workflows-and-actions/contexts). For more information about event payloads, see [AUTOTITLE](/webhooks/webhook-events-and-payloads). ## Further controlling how your workflow will run @@ -265,11 +265,11 @@ jobs: echo A pull request was closed ``` -For more information about what information is available in the event context, see [Using event information](#using-event-information). For more information about how to use conditionals, see [AUTOTITLE](/actions/learn-github-actions/expressions). +For more information about what information is available in the event context, see [Using event information](#using-event-information). For more information about how to use conditionals, see [AUTOTITLE](/actions/reference/workflows-and-actions/expressions). ### Using environments to manually trigger workflow jobs -If you want to manually trigger a specific job in a workflow, you can use an environment that requires approval from a specific team or user. First, configure an environment with required reviewers. For more information, see [AUTOTITLE](/actions/deployment/targeting-different-environments/managing-environments-for-deployment). Then, reference the environment name in a job in your workflow using the `environment:` key. Any job referencing the environment will not run until at least one reviewer approves the job. +If you want to manually trigger a specific job in a workflow, you can use an environment that requires approval from a specific team or user. First, configure an environment with required reviewers. For more information, see [AUTOTITLE](/actions/how-tos/deploy/configure-and-manage-deployments/manage-environments). Then, reference the environment name in a job in your workflow using the `environment:` key. Any job referencing the environment will not run until at least one reviewer approves the job. For example, the following workflow will run whenever there is a push to main. The `build` job will always run. The `publish` job will only run after the `build` job successfully completes (due to `needs: [build]`) and after all of the rules (including required reviewers) for the environment called `production` pass (due to `environment: production`). @@ -302,4 +302,4 @@ jobs: ## Available events -For a full list of available events, see [AUTOTITLE](/actions/using-workflows/events-that-trigger-workflows). +For a full list of available events, see [AUTOTITLE](/actions/reference/workflows-and-actions/events-that-trigger-workflows). diff --git a/content/actions/how-tos/write-workflows/choose-where-workflows-run/run-jobs-in-a-container.md b/content/actions/how-tos/write-workflows/choose-where-workflows-run/run-jobs-in-a-container.md index 1fdb871fc978..b0cdbb562d7b 100644 --- a/content/actions/how-tos/write-workflows/choose-where-workflows-run/run-jobs-in-a-container.md +++ b/content/actions/how-tos/write-workflows/choose-where-workflows-run/run-jobs-in-a-container.md @@ -27,7 +27,7 @@ A Dockerfile contains instructions and arguments that define the contents and st Some Docker instructions interact with {% data variables.product.prodname_actions %}, and an action's metadata file can override some Docker instructions. Ensure that you are familiar with how your Dockerfile interacts with {% data variables.product.prodname_actions %} to prevent any unexpected behavior. -For reference information, see [AUTOTITLE](/actions/reference/dockerfile-support-for-github-actions). +For reference information, see [AUTOTITLE](/actions/reference/workflows-and-actions/dockerfile-support). ## Defining the container image diff --git a/content/actions/how-tos/write-workflows/use-workflow-templates.md b/content/actions/how-tos/write-workflows/use-workflow-templates.md index 948f7a3dd409..55a2bf10939c 100644 --- a/content/actions/how-tos/write-workflows/use-workflow-templates.md +++ b/content/actions/how-tos/write-workflows/use-workflow-templates.md @@ -33,18 +33,18 @@ category: 1. The "Choose a workflow" page shows a selection of recommended workflow templates. Find the workflow template that you want to use, then click **Configure**. To help you find the workflow template that you want, you can search for keywords or filter by category. 1. If the workflow template contains comments detailing additional setup steps, follow these steps. - There are guides to accompany many of the workflow templates for building and testing projects. For more information, see [AUTOTITLE](/actions/automating-builds-and-tests). + There are guides to accompany many of the workflow templates for building and testing projects. For more information, see [AUTOTITLE](/actions/tutorials/build-and-test-code). -1. Some workflow templates use secrets. For example, {% raw %}`${{ secrets.npm_token }}`{% endraw %}. If the workflow template uses a secret, store the value described in the secret name as a secret in your repository. For more information, see [AUTOTITLE](/actions/security-guides/using-secrets-in-github-actions). +1. Some workflow templates use secrets. For example, {% raw %}`${{ secrets.npm_token }}`{% endraw %}. If the workflow template uses a secret, store the value described in the secret name as a secret in your repository. For more information, see [AUTOTITLE](/actions/how-tos/write-workflows/choose-what-workflows-do/use-secrets). 1. Optionally, make additional changes. For example, you might want to change the value of `on` when the workflow runs. 1. Click **Start commit**. 1. Write a commit message and decide whether to commit directly to the default branch or to open a pull request. ## Further reading -* [AUTOTITLE](/actions/automating-builds-and-tests/about-continuous-integration) -* [AUTOTITLE](/actions/managing-workflow-runs) -* [AUTOTITLE](/actions/monitoring-and-troubleshooting-workflows/about-monitoring-and-troubleshooting) +* [AUTOTITLE](/actions/get-started/continuous-integration) +* [AUTOTITLE](/actions/how-tos/manage-workflow-runs) +* [AUTOTITLE](/actions/how-tos/monitor-workflows) {% ifversion fpt or ghec %} -* [AUTOTITLE](/billing/managing-billing-for-github-actions) +* [AUTOTITLE](/billing/concepts/product-billing/github-actions) {% endif %} diff --git a/content/actions/reference/github-actions-importer/custom-transformers.md b/content/actions/reference/github-actions-importer/custom-transformers.md index dcf9c494d76d..d5745f8f32a9 100644 --- a/content/actions/reference/github-actions-importer/custom-transformers.md +++ b/content/actions/reference/github-actions-importer/custom-transformers.md @@ -56,7 +56,7 @@ You can create custom transformers that {% data variables.product.prodname_actio {% data variables.product.prodname_actions_importer %} uses custom transformers that are defined using a DSL built on top of Ruby. In order to create custom transformers for build steps and triggers: * Each custom transformer file must contain at least one `transform` method. -* Each `transform` method must return a `Hash`, an array of `Hash`'s, or `nil`. This returned value will correspond to an action defined in YAML. For more information about actions, see [AUTOTITLE](/actions/learn-github-actions/understanding-github-actions). +* Each `transform` method must return a `Hash`, an array of `Hash`'s, or `nil`. This returned value will correspond to an action defined in YAML. For more information about actions, see [AUTOTITLE](/actions/get-started/understand-github-actions). ### Example custom transformer for a build step @@ -97,7 +97,7 @@ You can customize the mapping between runners in your source CI/CD instance and {% data variables.product.prodname_actions_importer %} uses custom transformers that are defined using a DSL built on top of Ruby. To create custom transformers for runners: * The custom transformer file must have at least one `runner` method. -* The `runner` method accepts two parameters. The first parameter is the source CI/CD instance's runner label, and the second parameter is the corresponding {% data variables.product.prodname_actions %} runner label. For more information on {% data variables.product.prodname_actions %} runners, see [AUTOTITLE](/actions/using-github-hosted-runners/about-github-hosted-runners#supported-runners-and-hardware-resources). +* The `runner` method accepts two parameters. The first parameter is the source CI/CD instance's runner label, and the second parameter is the corresponding {% data variables.product.prodname_actions %} runner label. For more information on {% data variables.product.prodname_actions %} runners, see [AUTOTITLE](/actions/concepts/runners/github-hosted-runners#supported-runners-and-hardware-resources). ### Example custom transformers for runners @@ -126,7 +126,7 @@ You can customize the mapping between environment variables in your source CI/CD {% data variables.product.prodname_actions_importer %} uses custom transformers that are defined using a DSL built on top of Ruby. To create custom transformers for environment variables: * The custom transformer file must have at least one `env` method. -* The `env` method accepts two parameters. The first parameter is the name of the environment variable in the original pipeline, and the second parameter is the updated value for the environment variable for {% data variables.product.prodname_actions %}. For more information about {% data variables.product.prodname_actions %} environment variables, see [AUTOTITLE](/actions/learn-github-actions/variables). +* The `env` method accepts two parameters. The first parameter is the name of the environment variable in the original pipeline, and the second parameter is the updated value for the environment variable for {% data variables.product.prodname_actions %}. For more information about {% data variables.product.prodname_actions %} environment variables, see [AUTOTITLE](/actions/how-tos/write-workflows/choose-what-workflows-do/use-variables). ### Example custom transformers for environment variables @@ -150,7 +150,7 @@ There are several ways you can set up custom transformers to map your environmen env "MONALISA", secret("OCTOCAT") ``` - This will set up a reference to a secret named `OCTOCAT` in the transformed workflow. For the secret to work, you will need to create the secret in your GitHub repository. For more information, see [AUTOTITLE](/actions/security-guides/using-secrets-in-github-actions#creating-secrets-for-a-repository). + This will set up a reference to a secret named `OCTOCAT` in the transformed workflow. For the secret to work, you will need to create the secret in your GitHub repository. For more information, see [AUTOTITLE](/actions/how-tos/write-workflows/choose-what-workflows-do/use-secrets#creating-secrets-for-a-repository). * You can also use regular expressions to update the values of multiple environment variables at once. For example, the following custom transformer removes all environment variables from the converted workflow: diff --git a/content/actions/reference/limits.md b/content/actions/reference/limits.md index 986278ba17fd..3d34377b6456 100644 --- a/content/actions/reference/limits.md +++ b/content/actions/reference/limits.md @@ -27,7 +27,7 @@ These limits are subject to change. | Limit category | Limit | Threshold | Description | Can {% data variables.product.github %} Support increase? | | :---- | :---- | :---- | :---- | :---- | | Workflow execution limit | Workflow run time | 35 days / workflow run | If a workflow run reaches this limit, the workflow run is cancelled. This period includes execution duration, and time spent on waiting and approval. | {% octicon "x" aria-label="No" %} | -| Workflow execution limit | Gate approval time | 30 days | A workflow may wait for up to [30 days on environment approvals](/actions/managing-workflow-runs-and-deployments/managing-deployments/managing-environments-for-deployment#wait-timer). | {% octicon "x" aria-label="No" %} | +| Workflow execution limit | Gate approval time | 30 days | A workflow may wait for up to [30 days on environment approvals](/actions/how-tos/deploy/configure-and-manage-deployments/manage-environments#wait-timer). | {% octicon "x" aria-label="No" %} | | Workflow execution limit | Job Matrix | 256 jobs / workflow run | A job matrix can generate a maximum of 256 jobs per workflow run. This limit applies to both {% data variables.product.github %}-hosted and self-hosted runners. | {% octicon "x" aria-label="No" %} | | Workflow execution limit | Re-run | 50 re-runs | A workflow run can be re-run a maximum of 50 times. This limit includes both full re-runs and re-runs of a subset of jobs. | {% octicon "check" aria-label="Yes" %} Support ticket | | Checks | Check runs per check suite | 50,000 check runs / check suite | A check suite can have a maximum of 50,000 check runs. This limit applies to check runs created through the Checks API and by {% data variables.product.prodname_actions %} workflow runs. When a check suite reaches this limit, additional check runs cannot be created for that check suite. | {% octicon "check" aria-label="Yes" %} Support ticket | diff --git a/content/actions/reference/runners/github-hosted-runners.md b/content/actions/reference/runners/github-hosted-runners.md index 32b717904d5d..a406ea25667d 100644 --- a/content/actions/reference/runners/github-hosted-runners.md +++ b/content/actions/reference/runners/github-hosted-runners.md @@ -41,7 +41,7 @@ For lists of available runners, see: {% data reusables.actions.supported-github-runners %} -Workflow logs list the runner used to run a job. For more information, see [AUTOTITLE](/actions/monitoring-and-troubleshooting-workflows/viewing-workflow-run-history). +Workflow logs list the runner used to run a job. For more information, see [AUTOTITLE](/actions/how-tos/monitor-workflows/view-workflow-run-history). ### Limitations for arm64 macOS runners @@ -70,7 +70,7 @@ The job timeout for single-CPU runners is 15 minutes. If a job reaches this limi {% data reusables.actions.about-larger-runners %} -For more information, see [AUTOTITLE](/actions/using-github-hosted-runners/about-larger-runners). +For more information, see [AUTOTITLE](/actions/how-tos/manage-runners/larger-runners). ## Administrative privileges @@ -84,7 +84,7 @@ To get a list of IP address ranges that {% data variables.product.prodname_actio Windows and Ubuntu runners are hosted in Azure and subsequently have the same IP address ranges as the Azure datacenters. macOS runners are hosted in {% data variables.product.prodname_dotcom %}'s own macOS cloud. -Since there are so many IP address ranges for {% data variables.product.prodname_dotcom %}-hosted runners, we do not recommend that you use these as allowlists for your internal resources. Instead, we recommend you use {% data variables.actions.hosted_runner %}s with a static IP address range, or self-hosted runners. For more information, see [AUTOTITLE](/actions/using-github-hosted-runners/about-larger-runners) or [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners/about-self-hosted-runners). +Since there are so many IP address ranges for {% data variables.product.prodname_dotcom %}-hosted runners, we do not recommend that you use these as allowlists for your internal resources. Instead, we recommend you use {% data variables.actions.hosted_runner %}s with a static IP address range, or self-hosted runners. For more information, see [AUTOTITLE](/actions/how-tos/manage-runners/larger-runners) or [AUTOTITLE](/actions/concepts/runners/self-hosted-runners). The list of {% data variables.product.prodname_actions %} IP addresses returned by the API is updated once a week. @@ -108,7 +108,7 @@ To ensure proper communications for {% data variables.product.github %}-hosted r | `workspace` | `GITHUB_WORKSPACE` | Actions and shell commands execute in this directory. An action can modify the contents of this directory, which subsequent actions can access. | | `workflow/event.json` | `GITHUB_EVENT_PATH` | The `POST` payload of the webhook event that triggered the workflow. {% data variables.product.prodname_dotcom %} rewrites this each time an action executes to isolate file content between actions. -For a list of the environment variables {% data variables.product.prodname_dotcom %} creates for each workflow, see [AUTOTITLE](/actions/learn-github-actions/variables#default-environment-variables). +For a list of the environment variables {% data variables.product.prodname_dotcom %} creates for each workflow, see [AUTOTITLE](/actions/how-tos/write-workflows/choose-what-workflows-do/use-variables). ### Docker container filesystem diff --git a/content/actions/reference/runners/larger-runners.md b/content/actions/reference/runners/larger-runners.md index 5bde351feed0..089d09beed28 100644 --- a/content/actions/reference/runners/larger-runners.md +++ b/content/actions/reference/runners/larger-runners.md @@ -17,7 +17,7 @@ contentType: reference {% data reusables.actions.enterprise-github-hosted-runners %} -For reference information about larger runners, see [the {% data variables.product.prodname_ghe_cloud %} documentation](/enterprise-cloud@latest/actions/reference/larger-runners-reference). +For reference information about larger runners, see [the {% data variables.product.prodname_ghe_cloud %} documentation](/enterprise-cloud@latest/actions/reference/runners/larger-runners). {% else %} @@ -73,10 +73,10 @@ The following machines are available for macOS {% data variables.actions.hosted_ If you notice the jobs that target your {% data variables.actions.hosted_runner %}s are delayed or not running, there are several factors that may be causing this. -* **Concurrency settings:** You may have reached your maximum concurrency limit. If you would like to enable more jobs to run in parallel, you can update your autoscaling settings to a larger number. See [AUTOTITLE](/actions/using-github-hosted-runners/managing-larger-runners#configuring-autoscaling-for-larger-runners). -* **Repository permissions:** Ensure you have the appropriate repository permissions enabled for your {% data variables.actions.hosted_runner %}s. By default, enterprise runners are not available at the repository level and must be manually enabled by an organization administrator. See [AUTOTITLE](/actions/using-github-hosted-runners/managing-larger-runners#allowing-repositories-to-access-larger-runners). -* **Billing information:** You must have a valid credit card on file in order to use {% data variables.actions.hosted_runner %}s. After adding a credit card to your account, it can take up to 10 minutes to enable the use of your {% data variables.actions.hosted_runner %}s. See [AUTOTITLE](/billing/managing-your-billing/managing-your-payment-and-billing-information). -* **Spending limit:** Your {% data variables.product.prodname_actions %} spending limit must be set to a value greater than zero. See [AUTOTITLE](/billing/managing-billing-for-github-actions/managing-your-spending-limit-for-github-actions). +* **Concurrency settings:** You may have reached your maximum concurrency limit. If you would like to enable more jobs to run in parallel, you can update your autoscaling settings to a larger number. See [AUTOTITLE](/actions/how-tos/manage-runners/larger-runners/manage-larger-runners#configuring-autoscaling-for-larger-runners). +* **Repository permissions:** Ensure you have the appropriate repository permissions enabled for your {% data variables.actions.hosted_runner %}s. By default, enterprise runners are not available at the repository level and must be manually enabled by an organization administrator. See [AUTOTITLE](/actions/how-tos/manage-runners/larger-runners/manage-larger-runners#allowing-repositories-to-access-larger-runners). +* **Billing information:** You must have a valid credit card on file in order to use {% data variables.actions.hosted_runner %}s. After adding a credit card to your account, it can take up to 10 minutes to enable the use of your {% data variables.actions.hosted_runner %}s. See [AUTOTITLE](/billing/how-tos/set-up-payment/manage-payment-info). +* **Spending limit:** Your {% data variables.product.prodname_actions %} spending limit must be set to a value greater than zero. See [AUTOTITLE](/billing/how-tos/set-up-budgets). * **Fair use policy:** {% data variables.product.company_short %} has a fair use policy that begins to throttle jobs based on several factors, such as how many jobs you are running or how many jobs are running across the entirety of {% data variables.product.prodname_actions %}. * **Job queue to assign time:** Job queue to assign time refers to the time between a job request and {% data variables.product.company_short %} assigning a VM to execute the job. Standard {% data variables.product.company_short %}-hosted runners utilizing prescribed YAML workflow labels (such as `ubuntu-latest`) are always in a "warm" state. With larger runners, a warm VM may not be ready to pick up a job on first request as the pools for these machines are smaller. As a result, {% data variables.product.company_short %} may need to create a new VM, which increases the queue to assign time. Once a runner is in use, VMs are ready for subsequent workflow runs within 5 minutes. If not used again within that time, a subset of those machines remains warm, reducing the queue to assign time for future workflow runs over the next 24 hours. The higher the volume of jobs you run, the more VMs will remain in the warm pool. @@ -84,7 +84,7 @@ If you notice the jobs that target your {% data variables.actions.hosted_runner By default, {% data variables.actions.hosted_runners %} receive a dynamic IP address that changes for each job run. Optionally, {% data variables.product.prodname_ghe_cloud %} customers can configure their {% data variables.actions.hosted_runners %} to receive static IP addresses from {% data variables.product.prodname_dotcom %}'s IP address pool. For more information, see [AUTOTITLE](/authentication/keeping-your-account-and-data-secure/about-githubs-ip-addresses). -When enabled, instances of the {% data variables.actions.hosted_runner %} will receive IP addresses from specific ranges that are unique to the runner, allowing you to use the ranges to configure a firewall allowlist. Each {% data variables.actions.hosted_runner %} is a pool that automatically scales out to its configured maximum concurrency, and all jobs in that pool share the same static IP address range. This means you do not need to create additional runners to run more concurrent jobs. {% ifversion fpt %}You can use up to 10 {% data variables.actions.hosted_runner %} pools with static IP address ranges in total across all your {% data variables.actions.hosted_runners %}{% endif %}{% ifversion ghec %}You can use up to 10 {% data variables.actions.hosted_runner %} pools with static IP address ranges at the enterprise level. In addition, you can use up to 10 {% data variables.actions.hosted_runner %} pools with static IP address ranges at the organization level, for each organization in your enterprise{% endif %}. For more information, see [AUTOTITLE](/actions/using-github-hosted-runners/managing-larger-runners#networking-for-larger-runners). +When enabled, instances of the {% data variables.actions.hosted_runner %} will receive IP addresses from specific ranges that are unique to the runner, allowing you to use the ranges to configure a firewall allowlist. Each {% data variables.actions.hosted_runner %} is a pool that automatically scales out to its configured maximum concurrency, and all jobs in that pool share the same static IP address range. This means you do not need to create additional runners to run more concurrent jobs. {% ifversion fpt %}You can use up to 10 {% data variables.actions.hosted_runner %} pools with static IP address ranges in total across all your {% data variables.actions.hosted_runners %}{% endif %}{% ifversion ghec %}You can use up to 10 {% data variables.actions.hosted_runner %} pools with static IP address ranges at the enterprise level. In addition, you can use up to 10 {% data variables.actions.hosted_runner %} pools with static IP address ranges at the organization level, for each organization in your enterprise{% endif %}. For more information, see [AUTOTITLE](/actions/how-tos/manage-runners/larger-runners/manage-larger-runners). {% data reusables.actions.larger-runner-static-ip-contact-support %} diff --git a/content/actions/reference/runners/self-hosted-runners.md b/content/actions/reference/runners/self-hosted-runners.md index 4a46f0c179d8..66f804626618 100644 --- a/content/actions/reference/runners/self-hosted-runners.md +++ b/content/actions/reference/runners/self-hosted-runners.md @@ -78,7 +78,7 @@ Autoscaling allows you to dynamically adjust the number of self-hosted runners b {% ifversion fpt or ghec %} -{% data variables.product.github %}-hosted runners inherently autoscale based on your needs. {% data variables.product.github %}-hosted runners can be a low-maintenance and cost-effective alternative to developing or implementing autoscaling solutions. For more information, see [AUTOTITLE](/actions/using-github-hosted-runners/about-github-hosted-runners/about-github-hosted-runners). +{% data variables.product.github %}-hosted runners inherently autoscale based on your needs. {% data variables.product.github %}-hosted runners can be a low-maintenance and cost-effective alternative to developing or implementing autoscaling solutions. For more information, see [AUTOTITLE](/actions/concepts/runners/github-hosted-runners). {% endif %} @@ -86,7 +86,7 @@ Autoscaling allows you to dynamically adjust the number of self-hosted runners b {% data variables.product.github %} recommends ARC for organizations with Kubernetes infrastructure and teams that have Kubernetes expertise. ARC handles the full lifecycle of runners within your cluster, from provisioning to job execution to cleanup. -For more information, see [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners-with-actions-runner-controller/about-actions-runner-controller) and [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners-with-actions-runner-controller/about-support-for-actions-runner-controller). +For more information, see [AUTOTITLE](/actions/concepts/runners/actions-runner-controller) and [AUTOTITLE](/actions/concepts/runners/support-for-arc). ### {% data variables.product.prodname_actions %} Runner Scale Set Client @@ -106,7 +106,7 @@ The {% data variables.product.prodname_actions %} Runner Scale Set Client is an This approach allows you to manage your runners as ephemeral systems, since you can use automation to provide a clean environment for each job. This helps limit the exposure of any sensitive resources from previous jobs, and also helps mitigate the risk of a compromised runner receiving new jobs. ->[!WARNING]The runner application log files for ephemeral runners must be forwarded to an external log storage solution for troubleshooting and diagnostic purposes. While it is not required for ephemeral runners to be deployed, {% data variables.product.prodname_dotcom %} recommends ensuring runner logs are forwarded and preserved externally before deploying an ephemeral runner autoscaling solution in a production environment. For more information, see [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners/monitoring-and-troubleshooting-self-hosted-runners#reviewing-the-self-hosted-runner-application-log-files). +> [!WARNING]The runner application log files for ephemeral runners must be forwarded to an external log storage solution for troubleshooting and diagnostic purposes. While it is not required for ephemeral runners to be deployed, {% data variables.product.prodname_dotcom %} recommends ensuring runner logs are forwarded and preserved externally before deploying an ephemeral runner autoscaling solution in a production environment. For more information, see [AUTOTITLE](/actions/how-tos/manage-runners/self-hosted-runners/monitor-and-troubleshoot#reviewing-the-self-hosted-runner-application-log-files). To add an ephemeral runner to your environment, include the `--ephemeral` parameter when registering your runner using `config.sh`. For example: @@ -133,7 +133,7 @@ To turn off automatic software updates and install software updates yourself, sp If you disable automatic updates, you must still update your runner version regularly. New functionality in {% data variables.product.prodname_actions %} requires changes in both the {% data variables.product.prodname_actions %} service _and_ the runner software. The runner may not be able to correctly process jobs that take advantage of new features in {% data variables.product.prodname_actions %} without a software update. -If you disable automatic updates, you will be required to update your runner version within 30 days of a new version being made available. You may want to subscribe to notifications for releases in the [`actions/runner` repository](https://github.com/actions/runner/releases). For more information, see [AUTOTITLE](/account-and-profile/managing-subscriptions-and-notifications-on-github/setting-up-notifications/configuring-notifications#about-custom-notifications). +If you disable automatic updates, you will be required to update your runner version within 30 days of a new version being made available. You may want to subscribe to notifications for releases in the [`actions/runner` repository](https://github.com/actions/runner/releases). For more information, see [AUTOTITLE](/subscriptions-and-notifications/get-started/configuring-notifications#about-custom-notifications). For instructions on how to install the latest runner version, see the installation instructions for [the latest release](https://github.com/actions/runner/releases). @@ -141,9 +141,9 @@ For instructions on how to install the latest runner version, see the installati ### Webhooks for autoscaling -You can create your own autoscaling environment by using payloads received from the [`workflow_job`](/webhooks-and-events/webhooks/webhook-events-and-payloads#workflow_job) webhook. This webhook is available at the repository, organization, and enterprise levels, and the payload for this event contains an `action` key that corresponds to the stages of a workflow job's life-cycle; for example when jobs are `queued`, `in_progress`, and `completed`. You must then create your own scaling automation in response to these webhook payloads. +You can create your own autoscaling environment by using payloads received from the [`workflow_job`](/webhooks/webhook-events-and-payloads#workflow_job) webhook. This webhook is available at the repository, organization, and enterprise levels, and the payload for this event contains an `action` key that corresponds to the stages of a workflow job's life-cycle; for example when jobs are `queued`, `in_progress`, and `completed`. You must then create your own scaling automation in response to these webhook payloads. -* For more information about the `workflow_job` webhook, see [AUTOTITLE](/webhooks-and-events/webhooks/webhook-events-and-payloads#workflow_job). +* For more information about the `workflow_job` webhook, see [AUTOTITLE](/webhooks/webhook-events-and-payloads#workflow_job). * To learn how to work with webhooks, see [AUTOTITLE](/webhooks). > **Note:** This approach relies on the timeliness of webhook delivery for making scaling decisions, which can introduce delays and reliability concerns. Consider using Actions Controller or the Scale Set Client for larger volume autoscaling scenarios. @@ -201,9 +201,9 @@ If you use an IP address allow list for your {% data variables.product.prodname_ ### Communication with {% data variables.product.prodname_dotcom_the_website %} -Self-hosted runners do not need to connect to {% data variables.product.prodname_dotcom_the_website %} unless you have enabled automatic access to {% data variables.product.prodname_dotcom_the_website %} actions for {% data variables.product.prodname_ghe_server %}. For more information, see [AUTOTITLE](/admin/github-actions/managing-access-to-actions-from-githubcom/about-using-actions-in-your-enterprise). +Self-hosted runners do not need to connect to {% data variables.product.prodname_dotcom_the_website %} unless you have enabled automatic access to {% data variables.product.prodname_dotcom_the_website %} actions for {% data variables.product.prodname_ghe_server %}. For more information, see [AUTOTITLE](/admin/managing-github-actions-for-your-enterprise/managing-access-to-actions-from-githubcom/about-using-actions-in-your-enterprise). -If you want your runner to connect to {% data variables.product.prodname_dotcom_the_website %}, the host machine must be able to make outbound HTTP connections over port 80, or HTTPS connections over port 443. To ensure connectivity over HTTPS, configure TLS for {% data variables.product.prodname_ghe_server %}. See [AUTOTITLE](/enterprise-server@latest/admin/configuration/hardening-security-for-your-enterprise/configuring-tls). +If you want your runner to connect to {% data variables.product.prodname_dotcom_the_website %}, the host machine must be able to make outbound HTTP connections over port 80, or HTTPS connections over port 443. To ensure connectivity over HTTPS, configure TLS for {% data variables.product.prodname_ghe_server %}. See [AUTOTITLE](/enterprise-server@latest/admin/configuring-settings/hardening-security-for-your-enterprise/configuring-tls). If you have enabled automatic access to {% data variables.product.prodname_dotcom_the_website %} actions, then the self-hosted runner will connect directly to {% data variables.product.prodname_dotcom_the_website %} to download actions. You must ensure that the machine has the appropriate network access to communicate with the {% data variables.product.prodname_dotcom %} URLs listed below. diff --git a/content/actions/reference/security/oidc.md b/content/actions/reference/security/oidc.md index 39f67e35f5c1..cba1290aeffc 100644 --- a/content/actions/reference/security/oidc.md +++ b/content/actions/reference/security/oidc.md @@ -62,7 +62,7 @@ The OIDC token includes the following claims. | `environment`| The name of the environment used by the job. If the `environment` claim is included (also via `include_claim_keys`), an environment is required and must be provided. | | `event_name`| The name of the event that triggered the workflow run. | | `head_ref`| The source branch of the pull request in a workflow run. | -| `job_workflow_ref`| For jobs using a reusable workflow, the ref path to the reusable workflow. For more information, see [AUTOTITLE](/actions/deployment/security-hardening-your-deployments/using-openid-connect-with-reusable-workflows). | +| `job_workflow_ref`| For jobs using a reusable workflow, the ref path to the reusable workflow. For more information, see [AUTOTITLE](/actions/how-tos/secure-your-work/security-harden-deployments/oidc-with-reusable-workflows). | | `job_workflow_sha`| For jobs using a reusable workflow, the commit SHA for the reusable workflow file. | | `ref`| _(Reference)_ The git ref that triggered the workflow run. | | `ref_type`| The type of `ref`, for example: "branch". | @@ -101,7 +101,7 @@ For example, if your subdomain is `octocorp`, the following substitutions apply: Audience and subject claims are typically used in combination while setting conditions on the cloud role/resources to scope its access to the {% data variables.product.github %} workflows. * **Audience:** By default, this value uses the URL of the organization or repository owner. This can be used to set a condition that only the workflows in the specific organization can access the cloud role. -* **Subject:** By default, has a predefined format and is a concatenation of some of the key metadata about the workflow, such as the {% data variables.product.prodname_dotcom %} organization, repository, branch, or associated [`job`](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idenvironment) environment. See [Example subject claims](#example-subject-claims) to see how the subject claim is assembled from concatenated metadata. +* **Subject:** By default, has a predefined format and is a concatenation of some of the key metadata about the workflow, such as the {% data variables.product.prodname_dotcom %} organization, repository, branch, or associated [`job`](/actions/reference/workflows-and-actions/workflow-syntax#jobsjob_idenvironment) environment. See [Example subject claims](#example-subject-claims) to see how the subject claim is assembled from concatenated metadata. If you need more granular trust conditions, you can customize the {% ifversion ghec %}issuer (`iss`) and {% endif %}subject (`sub`) claim{% ifversion ghec %}s that are{% else %} that's{% endif %} included with the JWT. For more information, see [Customizing the token claims](#customizing-the-token-claims). @@ -112,13 +112,13 @@ There are also many additional claims supported in the OIDC token that can be us ## Example subject claims -The following examples demonstrate how to use "Subject" as a condition, and explain how the "Subject" is assembled from concatenated metadata. The [subject](https://openid.net/specs/openid-connect-core-1_0.html#StandardClaims) uses information from the [`job` context](/actions/learn-github-actions/contexts#job-context), and instructs your cloud provider that access token requests may only be granted for requests from workflows running in specific branches, environments. The following sections describe some common subjects you can use. +The following examples demonstrate how to use "Subject" as a condition, and explain how the "Subject" is assembled from concatenated metadata. The [subject](https://openid.net/specs/openid-connect-core-1_0.html#StandardClaims) uses information from the [`job` context](/actions/reference/workflows-and-actions/contexts#job-context), and instructs your cloud provider that access token requests may only be granted for requests from workflows running in specific branches, environments. The following sections describe some common subjects you can use. ### Filtering for a specific environment The subject claim includes the environment name when the job references an environment. -You can configure a subject that filters for a specific [environment](/actions/deployment/targeting-different-environments/managing-environments-for-deployment) name. In this example, the workflow run must have originated from a job that has an environment named `Production`, in a repository named `octo-repo` that is owned by the `octo-org` organization: +You can configure a subject that filters for a specific [environment](/actions/how-tos/deploy/configure-and-manage-deployments/manage-environments) name. In this example, the workflow run must have originated from a job that has an environment named `Production`, in a repository named `octo-repo` that is owned by the `octo-org` organization: * Syntax: `repo:ORG-NAME/REPO-NAME:environment:ENVIRONMENT-NAME` * Example: `repo:octo-org/octo-repo:environment:Production` @@ -127,7 +127,7 @@ You can configure a subject that filters for a specific [environment](/actions/d The subject claim includes the `pull_request` string when the workflow is triggered by a pull request event, but only if the job doesn't reference an environment. -You can configure a subject that filters for the [`pull_request`](/actions/using-workflows/events-that-trigger-workflows#pull_request) event. In this example, the workflow run must have been triggered by a `pull_request` event in a repository named `octo-repo` that is owned by the `octo-org` organization: +You can configure a subject that filters for the [`pull_request`](/actions/reference/workflows-and-actions/events-that-trigger-workflows#pull_request) event. In this example, the workflow run must have been triggered by a `pull_request` event in a repository named `octo-repo` that is owned by the `octo-org` organization: * Syntax: `repo:ORG-NAME/REPO-NAME:pull_request` * Example: `repo:octo-org/octo-repo:pull_request` @@ -199,7 +199,7 @@ For repositories created after July 15, 2026, or that have opted in to immutable | Google Cloud Platform| `(assertion.sub=='repo:octo-org@123456/octo-repo@456789:ref:refs/heads/demo-branch')` | | HashiCorp Vault| `bound_subject="repo:octo-org@123456/octo-repo@456789:ref:refs/heads/demo-branch"` | -For more information about configuring specific cloud providers, see the guides listed in [AUTOTITLE](/actions/how-tos/security-for-github-actions/security-hardening-your-deployments). +For more information about configuring specific cloud providers, see the guides listed in [AUTOTITLE](/actions/how-tos/secure-your-work/security-harden-deployments). ## Customizing the token claims @@ -216,7 +216,7 @@ You can security harden your OIDC configuration by customizing the claims that a When you use custom actions in your workflows, those actions may use the {% data variables.product.prodname_actions %} Toolkit to enable you to supply a custom value for the `audience` claim. Some cloud providers also use this in their official login actions to enforce a default value for the `audience` claim. For example, the [GitHub Action for Azure Login](https://github.com/Azure/login/blob/master/action.yml) provides a default `aud` value of `api://AzureADTokenExchange`, or it allows you to set a custom `aud` value in your workflows. For more information on the {% data variables.product.prodname_actions %} Toolkit, see the [OIDC token](https://github.com/actions/toolkit/tree/main/packages/core#oidc-token) section in the documentation. -If you do not want to use the default `aud` value offered by an action, you can provide a custom value for the `audience` claim. This allows you to set a condition that only workflows in a specific repository or organization can access the cloud role. If the action you are using supports this, you can use the `with` keyword in your workflow to pass a custom `aud` value to the action. For more information, see [AUTOTITLE](/actions/creating-actions/metadata-syntax-for-github-actions#inputs). +If you do not want to use the default `aud` value offered by an action, you can provide a custom value for the `audience` claim. This allows you to set a condition that only workflows in a specific repository or organization can access the cloud role. If the action you are using supports this, you can use the `with` keyword in your workflow to pass a custom `aud` value to the action. For more information, see [AUTOTITLE](/actions/reference/workflows-and-actions/metadata-syntax#inputs). {% ifversion ghec %} @@ -551,7 +551,7 @@ You can use the [`github/actions-oidc-debugger`](https://github.com/github/actio ### Required permission -* The job or workflow must grant the [`id-token: write`](/actions/reference/workflow-syntax-for-github-actions#permissions) permission to allow {% data variables.product.github %}'s OIDC provider to create a JSON Web Token (JWT): +* The job or workflow must grant the [`id-token: write`](/actions/reference/workflows-and-actions/workflow-syntax#permissions) permission to allow {% data variables.product.github %}'s OIDC provider to create a JSON Web Token (JWT): ```yaml permissions: diff --git a/content/actions/reference/security/secrets.md b/content/actions/reference/security/secrets.md index a317b192b2a9..7259895cd19a 100644 --- a/content/actions/reference/security/secrets.md +++ b/content/actions/reference/security/secrets.md @@ -34,7 +34,7 @@ A workflow created in a repository can access the following number of secrets: * If the repository is assigned access to more than 100 organization secrets, the workflow can only use the first 100 organization secrets (sorted alphabetically by secret name). * All 100 environment secrets. -Secrets are limited to 48 KB in size. To store larger secrets, see [AUTOTITLE](/actions/how-tos/security-for-github-actions/security-guides/using-secrets-in-github-actions#storing-large-secrets). +Secrets are limited to 48 KB in size. To store larger secrets, see [AUTOTITLE](/actions/how-tos/write-workflows/choose-what-workflows-do/use-secrets#storing-large-secrets). ## When {% data variables.product.prodname_actions %} reads secrets @@ -63,4 +63,4 @@ Organization and repository secrets are read when a workflow run is queued, and ## Security -For security best practices using secrets, see [AUTOTITLE](/actions/reference/secure-use-reference#use-secrets-for-sensitive-information). +For security best practices using secrets, see [AUTOTITLE](/actions/reference/security/secure-use#use-secrets-for-sensitive-information). diff --git a/content/actions/reference/security/secure-use.md b/content/actions/reference/security/secure-use.md index 55f8b467c299..4520418989ac 100644 --- a/content/actions/reference/security/secure-use.md +++ b/content/actions/reference/security/secure-use.md @@ -31,11 +31,11 @@ Because there are multiple ways a secret value can be transformed, automatic red * **Principle of least privilege** * Any user with write access to your repository has read access to all secrets configured in your repository. Therefore, you should ensure that the credentials being used within workflows have the least privileges required. - * Actions can use the `GITHUB_TOKEN` by accessing it from the `github.token` context. For more information, see [AUTOTITLE](/actions/learn-github-actions/contexts#github-context). You should therefore make sure that the `GITHUB_TOKEN` is granted the minimum required permissions. It's good security practice to set the default permission for the `GITHUB_TOKEN` to read access only for repository contents. The permissions can then be increased, as required, for individual jobs within the workflow file. For more information, see [AUTOTITLE](/actions/security-guides/automatic-token-authentication#modifying-the-permissions-for-the-github_token). + * Actions can use the `GITHUB_TOKEN` by accessing it from the `github.token` context. For more information, see [AUTOTITLE](/actions/reference/workflows-and-actions/contexts#github-context). You should therefore make sure that the `GITHUB_TOKEN` is granted the minimum required permissions. It's good security practice to set the default permission for the `GITHUB_TOKEN` to read access only for repository contents. The permissions can then be increased, as required, for individual jobs within the workflow file. For more information, see [AUTOTITLE](/actions/tutorials/authenticate-with-github_token#modifying-the-permissions-for-the-github_token). * **Mask sensitive data** - * Sensitive data should **never** be stored as plaintext in workflow files. Mask all sensitive information that is not a {% data variables.product.prodname_dotcom %} secret by using `::add-mask::VALUE`. This causes the value to be treated as a secret and redacted from logs. For more information about masking data, see [AUTOTITLE](/actions/using-workflows/workflow-commands-for-github-actions#masking-a-value-in-a-log). + * Sensitive data should **never** be stored as plaintext in workflow files. Mask all sensitive information that is not a {% data variables.product.prodname_dotcom %} secret by using `::add-mask::VALUE`. This causes the value to be treated as a secret and redacted from logs. For more information about masking data, see [AUTOTITLE](/actions/reference/workflows-and-actions/workflow-commands#masking-a-value-in-a-log). * **Delete and rotate exposed secrets** - * Redacting of secrets is performed by your workflow runners. This means a secret will only be redacted if it was used within a job and is accessible by the runner. If an unredacted secret is sent to a workflow run log, you should delete the log and rotate the secret. For information on deleting logs, see [AUTOTITLE](/actions/monitoring-and-troubleshooting-workflows/using-workflow-run-logs#deleting-logs). + * Redacting of secrets is performed by your workflow runners. This means a secret will only be redacted if it was used within a job and is accessible by the runner. If an unredacted secret is sent to a workflow run log, you should delete the log and rotate the secret. For information on deleting logs, see [AUTOTITLE](/actions/how-tos/monitor-workflows/use-workflow-run-logs#deleting-logs). * **Never use structured data as a secret** * Structured data can cause secret redaction within logs to fail, because redaction largely relies on finding an exact match for the specific secret value. For example, do not use a blob of JSON, XML, or YAML (or similar) to encapsulate a secret value, as this significantly reduces the probability the secrets will be properly redacted. Instead, create individual secrets for each sensitive value. * **Register all secrets used within workflows** @@ -43,12 +43,12 @@ Because there are multiple ways a secret value can be transformed, automatic red * Registering secrets applies to any sort of transformation/encoding as well. If your secret is transformed in some way (such as Base64 or URL-encoded), be sure to register the new value as a secret too. * **Audit how secrets are handled** * Audit how secrets are used, to help ensure they’re being handled as expected. You can do this by reviewing the source code of the repository executing the workflow, and checking any actions used in the workflow. For example, check that they’re not sent to unintended hosts, or explicitly being printed to log output. - * View the run logs for your workflow after testing valid/invalid inputs, and check that secrets are properly redacted, or not shown. It's not always obvious how a command or tool you’re invoking will send errors to `STDOUT` and `STDERR`, and secrets might subsequently end up in error logs. As a result, it is good practice to manually review the workflow logs after testing valid and invalid inputs. For information on how to clean up workflow logs that may unintentionally contain sensitive data, see [AUTOTITLE](/actions/monitoring-and-troubleshooting-workflows/using-workflow-run-logs#deleting-logs). + * View the run logs for your workflow after testing valid/invalid inputs, and check that secrets are properly redacted, or not shown. It's not always obvious how a command or tool you’re invoking will send errors to `STDOUT` and `STDERR`, and secrets might subsequently end up in error logs. As a result, it is good practice to manually review the workflow logs after testing valid and invalid inputs. For information on how to clean up workflow logs that may unintentionally contain sensitive data, see [AUTOTITLE](/actions/how-tos/monitor-workflows/use-workflow-run-logs#deleting-logs). * **Audit and rotate registered secrets** * Periodically review the registered secrets to confirm they are still required. Remove those that are no longer needed. * Rotate secrets periodically to reduce the window of time during which a compromised secret is valid. * **Consider requiring review for access to secrets** - * You can use required reviewers to protect environment secrets. A workflow job cannot access environment secrets until approval is granted by a reviewer. For more information about storing secrets in environments or requiring reviews for environments, see [AUTOTITLE](/actions/security-guides/using-secrets-in-github-actions) and [AUTOTITLE](/actions/deployment/targeting-different-environments/managing-environments-for-deployment). + * You can use required reviewers to protect environment secrets. A workflow job cannot access environment secrets until approval is granted by a reviewer. For more information about storing secrets in environments or requiring reviews for environments, see [AUTOTITLE](/actions/how-tos/write-workflows/choose-what-workflows-do/use-secrets) and [AUTOTITLE](/actions/how-tos/deploy/configure-and-manage-deployments/manage-environments). ### Good practices for mitigating script injection attacks @@ -98,19 +98,19 @@ With this approach, the value of the {% raw %}`${{ github.event.pull_request.tit {% data variables.product.prodname_code_scanning_caps %} allows you to find security vulnerabilities before they reach production. {% data variables.product.github %} provides workflow templates for {% data variables.product.prodname_code_scanning %}. You can use these suggested workflows to construct your {% data variables.product.prodname_code_scanning %} workflows, instead of starting from scratch. {% data variables.product.company_short %}'s workflow, the {% data variables.code-scanning.codeql_workflow %}, is powered by {% data variables.product.prodname_codeql %}. There are also third-party workflow templates available. -For more information, see [AUTOTITLE](/code-security/code-scanning/introduction-to-code-scanning/about-code-scanning) and [AUTOTITLE](/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/configuring-advanced-setup-for-code-scanning#configuring-code-scanning-using-third-party-actions). +For more information, see [AUTOTITLE](/code-security/concepts/code-scanning/code-scanning) and [AUTOTITLE](/code-security/how-tos/find-and-fix-code-vulnerabilities/configure-code-scanning/configuring-advanced-setup-for-code-scanning#configuring-code-scanning-using-third-party-actions). {% endif %} #### Restricting permissions for tokens -To help mitigate the risk of an exposed token, consider restricting the assigned permissions. For more information, see [AUTOTITLE](/actions/security-guides/automatic-token-authentication#modifying-the-permissions-for-the-github_token). +To help mitigate the risk of an exposed token, consider restricting the assigned permissions. For more information, see [AUTOTITLE](/actions/tutorials/authenticate-with-github_token#modifying-the-permissions-for-the-github_token). ## Mitigating the risks of untrusted code checkout Similar to script injection attacks, untrusted pull request content that automatically triggers actions processing can also pose a security risk. The `pull_request_target` and `workflow_run` workflow triggers, when used with the checkout of an untrusted pull request, expose the repository to security compromises. These workflows are privileged, which means they share the same cache of the main branch with other privileged workflow triggers, and may have repository write access and access to referenced secrets. These vulnerabilities can be exploited to take over a repository. -For more information on these triggers, how to use them, and the associated risks, see [AUTOTITLE](/actions/writing-workflows/choosing-when-your-workflow-runs/events-that-trigger-workflows#pull_request_target) and [AUTOTITLE](/actions/writing-workflows/choosing-when-your-workflow-runs/events-that-trigger-workflows#workflow_run). +For more information on these triggers, how to use them, and the associated risks, see [AUTOTITLE](/actions/reference/workflows-and-actions/events-that-trigger-workflows#pull_request_target) and [AUTOTITLE](/actions/reference/workflows-and-actions/events-that-trigger-workflows#workflow_run). For additional examples and guidance on the risks of untrusted code checkout, see [Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/) from {% data variables.product.prodname_security %} and the [Dangerous-Workflow](https://github.com/ossf/scorecard/blob/main/docs/checks.md#dangerous-workflow) documentation from OpenSSF Scorecard. @@ -122,7 +122,7 @@ For detailed guidance on deciding whether to use `pull_request_target`, hardenin * Avoid using the `pull_request_target` and `workflow_run` workflow triggers with untrusted pull requests or code content. Workflows that use these triggers must not explicitly check out untrusted code, including from pull request forks or from repositories that are not under your control. Workflows triggered on `workflow_run` should treat artifacts uploaded from other workflows with caution. -* {% data variables.product.prodname_codeql %} can scan and detect potentially vulnerable {% data variables.product.prodname_actions %} workflows. You can configure default setup for the repository, and ensure that {% data variables.product.prodname_actions %} scanning is enabled. For more information, see [AUTOTITLE](/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning). +* {% data variables.product.prodname_codeql %} can scan and detect potentially vulnerable {% data variables.product.prodname_actions %} workflows. You can configure default setup for the repository, and ensure that {% data variables.product.prodname_actions %} scanning is enabled. For more information, see [AUTOTITLE](/code-security/how-tos/find-and-fix-code-vulnerabilities/configure-code-scanning/configure-code-scanning). * OpenSSF Scorecards can help you identify potentially vulnerable workflows, along with other security risks when using {% data variables.product.prodname_actions %}. See [Using OpenSSF Scorecards to secure workflow dependencies](#using-openssf-scorecards-to-secure-workflow-dependencies) later in this article. @@ -130,7 +130,7 @@ For detailed guidance on deciding whether to use `pull_request_target`, hardenin The individual jobs in a workflow can interact with (and compromise) other jobs. For example, a job querying the environment variables used by a later job, writing files to a shared directory that a later job processes, or even more directly by interacting with the Docker socket and inspecting other running containers and executing commands in them. -This means that a compromise of a single action within a workflow can be very significant, as that compromised action would have access to all secrets configured on your repository, and may be able to use the `GITHUB_TOKEN` to write to the repository. Consequently, there is significant risk in sourcing actions from third-party repositories on {% data variables.product.prodname_dotcom %}. For information on some of the steps an attacker could take, see [AUTOTITLE](/actions/security-guides/security-hardening-for-github-actions#potential-impact-of-a-compromised-runner). +This means that a compromise of a single action within a workflow can be very significant, as that compromised action would have access to all secrets configured on your repository, and may be able to use the `GITHUB_TOKEN` to write to the repository. Consequently, there is significant risk in sourcing actions from third-party repositories on {% data variables.product.prodname_dotcom %}. For information on some of the steps an attacker could take, see [AUTOTITLE](/actions/reference/security/secure-use). You can help mitigate this risk by following these good practices: @@ -160,7 +160,7 @@ You can help mitigate this risk by following these good practices: ### Reusing third-party workflows -The same principles described above for using third-party actions also apply to using third-party workflows. You can help mitigate the risks associated with reusing workflows by following the same good practices outlined above. For more information, see [AUTOTITLE](/actions/using-workflows/reusing-workflows). +The same principles described above for using third-party actions also apply to using third-party workflows. You can help mitigate the risks associated with reusing workflows by following the same good practices outlined above. For more information, see [AUTOTITLE](/actions/how-tos/reuse-automations/reuse-workflows). ## {% data variables.product.github %}'s security features @@ -180,7 +180,7 @@ You can practice the principle of least privilege for your organization's CI/CD {% data reusables.actions.org-roles-for-gh-actions %} -For more information, see [AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/about-custom-organization-roles). +For more information, see [AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/permissions-of-custom-organization-roles). {% endif %} @@ -198,7 +198,7 @@ For more information, see [AUTOTITLE](/organizations/managing-peoples-access-to- ### Allowing workflows to access internal and private repositories -{% data reusables.actions.outside-collaborators-actions %} For more information, see [AUTOTITLE](/actions/creating-actions/sharing-actions-and-workflows-with-your-enterprise). +{% data reusables.actions.outside-collaborators-actions %} For more information, see [AUTOTITLE](/actions/how-tos/reuse-automations/share-with-your-enterprise). {% data reusables.actions.scoped-token-note %} @@ -208,14 +208,14 @@ For more information, see [AUTOTITLE](/organizations/managing-peoples-access-to- {% data reusables.actions.workflow-pr-approval-permissions-intro %} Allowing workflows, or any other automation, to create or approve pull requests could be a security risk if the pull request is merged without proper oversight. -For more information on how to configure this setting, see {% ifversion ghes or ghec %}[AUTOTITLE](/enterprise-cloud@latest/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise#preventing-github-actions-from-creating-or-approving-pull-requests),{% endif %} [Disabling or limiting {% data variables.product.prodname_actions %} for your organization](/github/setting-up-and-managing-organizations-and-teams/disabling-or-limiting-github-actions-for-your-organization#preventing-github-actions-from-creating-or-approving-pull-requests), and [AUTOTITLE](/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#preventing-github-actions-from-creating-or-approving-pull-requests). +For more information on how to configure this setting, see {% ifversion ghes or ghec %}[AUTOTITLE](/enterprise-cloud@latest/admin/enforcing-policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise#preventing-github-actions-from-creating-or-approving-pull-requests),{% endif %} [Disabling or limiting {% data variables.product.prodname_actions %} for your organization](/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization#preventing-github-actions-from-creating-or-approving-pull-requests), and [AUTOTITLE](/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#preventing-github-actions-from-creating-or-approving-pull-requests). {% ifversion code-scanning-actions-language %} ### Using {% data variables.product.prodname_code_scanning %} to secure workflows {% data variables.product.prodname_code_scanning_caps %} can automatically detect and suggest improvements for common vulnerable patterns used in {% data variables.product.prodname_actions %} workflows. -For more information on how to enable {% data variables.product.prodname_code_scanning %}, see [AUTOTITLE](/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning). +For more information on how to enable {% data variables.product.prodname_code_scanning %}, see [AUTOTITLE](/code-security/how-tos/find-and-fix-code-vulnerabilities/configure-code-scanning/configure-code-scanning). {% endif %} @@ -243,7 +243,7 @@ SBOMs are available for Ubuntu, Windows, and macOS runner images maintained by { #### Denying access to hosts -{% data reusables.actions.runners-etc-hosts-file %} For more information, see [AUTOTITLE](/actions/using-github-hosted-runners/about-github-hosted-runners). +{% data reusables.actions.runners-etc-hosts-file %} For more information, see [AUTOTITLE](/actions/concepts/runners/github-hosted-runners). {% endif %} @@ -255,11 +255,11 @@ SBOMs are available for Ubuntu, Windows, and macOS runner images maintained by { {% ifversion fpt or ghec %}**Self-hosted**{% elsif ghes %}Self-hosted{% endif %} runners for {% data variables.product.github %} do not have guarantees around running in ephemeral clean virtual machines, and can be persistently compromised by untrusted code in a workflow. -{% ifversion fpt or ghec %}As a result, self-hosted runners should almost [never be used for public repositories](/actions/security-for-github-actions/security-guides/security-hardening-for-github-actions) on {% data variables.product.github %}, because any user can open pull requests against the repository and compromise the environment. Similarly, be{% elsif ghes %}Be{% endif %} cautious when using self-hosted runners on private or internal repositories, as anyone who can fork the repository and open a pull request (generally those with read access to the repository) are able to compromise the self-hosted runner environment, including gaining access to secrets and the `GITHUB_TOKEN` which, depending on its settings, can grant write access to the repository. Although workflows can control access to environment secrets by using environments and required reviews, these workflows are not run in an isolated environment and are still susceptible to the same risks when run on a self-hosted runner. +{% ifversion fpt or ghec %}As a result, self-hosted runners should almost [never be used for public repositories](/actions/reference/security/secure-use) on {% data variables.product.github %}, because any user can open pull requests against the repository and compromise the environment. Similarly, be{% elsif ghes %}Be{% endif %} cautious when using self-hosted runners on private or internal repositories, as anyone who can fork the repository and open a pull request (generally those with read access to the repository) are able to compromise the self-hosted runner environment, including gaining access to secrets and the `GITHUB_TOKEN` which, depending on its settings, can grant write access to the repository. Although workflows can control access to environment secrets by using environments and required reviews, these workflows are not run in an isolated environment and are still susceptible to the same risks when run on a self-hosted runner. {% data reusables.actions.disable-selfhosted-runners-crossrefs %} -When a self-hosted runner is defined at the organization or enterprise level, {% data variables.product.github %} can schedule workflows from multiple repositories onto the same runner. Consequently, a security compromise of these environments can result in a wide impact. To help reduce the scope of a compromise, you can create boundaries by organizing your self-hosted runners into separate groups. You can restrict what {% ifversion ghec or ghes %}workflows, {% endif %}organizations and repositories can access runner groups. For more information, see [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners/managing-access-to-self-hosted-runners-using-groups). +When a self-hosted runner is defined at the organization or enterprise level, {% data variables.product.github %} can schedule workflows from multiple repositories onto the same runner. Consequently, a security compromise of these environments can result in a wide impact. To help reduce the scope of a compromise, you can create boundaries by organizing your self-hosted runners into separate groups. You can restrict what {% ifversion ghec or ghes %}workflows, {% endif %}organizations and repositories can access runner groups. For more information, see [AUTOTITLE](/actions/how-tos/manage-runners/self-hosted-runners/manage-access). You should also consider the environment of the self-hosted runner machines: @@ -273,7 +273,7 @@ Some customers might attempt to partially mitigate these risks by implementing s To improve runner registration security, you can use the REST API to create ephemeral, just-in-time (JIT) runners. These self-hosted runners perform at most one job before being automatically removed from the repository, organization, or enterprise. For more information about configuring JIT runners, see [AUTOTITLE](/rest/actions/self-hosted-runners#create-configuration-for-a-just-in-time-runner-for-an-organization). > [!NOTE] -> Re-using hardware to host JIT runners can risk exposing information from the environment. Use automation to ensure the JIT runner uses a clean environment. For more information, see [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners/autoscaling-with-self-hosted-runners#using-ephemeral-runners-for-autoscaling). +> Re-using hardware to host JIT runners can risk exposing information from the environment. Use automation to ensure the JIT runner uses a clean environment. For more information, see [AUTOTITLE](/actions/reference/runners/self-hosted-runners#using-ephemeral-runners-for-autoscaling). Once you have the config file from the REST API response, you can pass it to the runner at startup. @@ -297,7 +297,7 @@ A self-hosted runner can be added to various levels in your {% data variables.pr #### Authenticating to your cloud provider -If you are using {% data variables.product.prodname_actions %} to deploy to a cloud provider, or intend to use HashiCorp Vault for secret management, then it's recommended that you consider using OpenID Connect to create short-lived, well-scoped access tokens for your workflow runs. For more information, see [AUTOTITLE](/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect). +If you are using {% data variables.product.prodname_actions %} to deploy to a cloud provider, or intend to use HashiCorp Vault for secret management, then it's recommended that you consider using OpenID Connect to create short-lived, well-scoped access tokens for your workflow runs. For more information, see [AUTOTITLE](/actions/concepts/security/openid-connect). ### Auditing {% data variables.product.prodname_actions %} events @@ -327,7 +327,7 @@ The dependency graph shows the following information about actions used in workf In the dependency graph, dependencies are automatically sorted by vulnerability severity. If any of the actions you use have security advisories, they will display at the top of the list. You can navigate to the advisory from the dependency graph and access instructions for resolving the vulnerability. -{% ifversion fpt or ghec %}The dependency graph is enabled for public repositories, and you can choose to enable it on private repositories. For more information about using the dependency graph, see [AUTOTITLE](/code-security/supply-chain-security/understanding-your-software-supply-chain/exploring-the-dependencies-of-a-repository).{% else %}Enterprise owners can configure the dependency graph and {% data variables.product.prodname_dependabot_alerts %} for an enterprise. For more information, see [AUTOTITLE](/admin/code-security/managing-supply-chain-security-for-your-enterprise/enabling-the-dependency-graph-for-your-enterprise).{% endif %} +{% ifversion fpt or ghec %}The dependency graph is enabled for public repositories, and you can choose to enable it on private repositories. For more information about using the dependency graph, see [AUTOTITLE](/code-security/how-tos/secure-your-supply-chain/secure-your-dependencies/explore-dependencies).{% else %}Enterprise owners can configure the dependency graph and {% data variables.product.prodname_dependabot_alerts %} for an enterprise. For more information, see [AUTOTITLE](/code-security/how-tos/secure-at-scale/configure-enterprise-security/configure-specific-tools/enable-dependency-graph).{% endif %} ### Being aware of security vulnerabilities in actions you use @@ -345,9 +345,9 @@ You can use {% data variables.product.prodname_dependabot %} to monitor the acti > [!NOTE] > {% data variables.product.prodname_dependabot %} only creates alerts for vulnerable actions that use semantic versioning and will not create alerts for actions pinned to SHA values. -{% ifversion fpt or ghec %}You can enable {% data variables.product.prodname_dependabot_alerts %} for your personal account, for a repository, or for an organization. For more information, see [AUTOTITLE](/code-security/dependabot/dependabot-alerts/configuring-dependabot-alerts).{% else %}An enterprise owner must first set up {% data variables.product.prodname_dependabot %} for your enterprise before you can manage {% data variables.product.prodname_dependabot_alerts %} for your repository. For more information, see [AUTOTITLE](/admin/configuration/configuring-github-connect/enabling-dependabot-for-your-enterprise).{% endif %} +{% ifversion fpt or ghec %}You can enable {% data variables.product.prodname_dependabot_alerts %} for your personal account, for a repository, or for an organization. For more information, see [AUTOTITLE](/code-security/how-tos/secure-your-supply-chain/secure-your-dependencies/configure-dependabot-alerts).{% else %}An enterprise owner must first set up {% data variables.product.prodname_dependabot %} for your enterprise before you can manage {% data variables.product.prodname_dependabot_alerts %} for your repository. For more information, see [AUTOTITLE](/admin/configuring-settings/configuring-github-connect/enabling-dependabot-for-your-enterprise).{% endif %} -{% data reusables.dependabot.where-to-view-dependabot-alerts %} For more information, see [AUTOTITLE](/code-security/dependabot/dependabot-alerts/viewing-and-updating-dependabot-alerts). +{% data reusables.dependabot.where-to-view-dependabot-alerts %} For more information, see [AUTOTITLE](/code-security/how-tos/manage-security-alerts/manage-dependabot-alerts/view-dependabot-alerts). #### Screening actions for vulnerabilities in new or updated workflows @@ -355,9 +355,9 @@ When you open pull requests to update your workflows, it is good practice to use If any of the changes you made to your workflows are flagged as vulnerable, you can avoid adding them to your project or update them to a secure version. -For more information about dependency review, see [AUTOTITLE](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review). +For more information about dependency review, see [AUTOTITLE](/code-security/concepts/supply-chain-security/dependency-review). -{% data reusables.dependency-review.about-dependency-review-action %} For more information, see [AUTOTITLE](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review#about-the-dependency-review-action). +{% data reusables.dependency-review.about-dependency-review-action %} For more information, see [AUTOTITLE](/code-security/concepts/supply-chain-security/dependency-review#about-the-dependency-review-action). ### Keeping the actions in your workflows secure and up to date @@ -371,9 +371,9 @@ The following features can automatically update the actions in your workflows. > [!NOTE] > {% data reusables.actions.dependabot-version-updates-actions-caveats %} -For information on how to configure {% data variables.product.prodname_dependabot_version_updates %}, see [AUTOTITLE](/code-security/dependabot/dependabot-version-updates/configuring-dependabot-version-updates). +For information on how to configure {% data variables.product.prodname_dependabot_version_updates %}, see [AUTOTITLE](/code-security/how-tos/secure-your-supply-chain/secure-your-dependencies/configure-version-updates). -For information on how to configure {% data variables.product.prodname_dependabot_security_updates %}, see [AUTOTITLE](/code-security/dependabot/dependabot-security-updates/configuring-dependabot-security-updates). +For information on how to configure {% data variables.product.prodname_dependabot_security_updates %}, see [AUTOTITLE](/code-security/how-tos/secure-your-supply-chain/secure-your-dependencies/configure-security-updates). {% ifversion fpt or ghec %} @@ -383,7 +383,7 @@ For information on how to configure {% data variables.product.prodname_dependabo If you are someone who maintains an action that is used in other projects, you can use the following {% data variables.product.prodname_dotcom %} features to enhance the security of the actions you've published. -* Use the dependants view in the Dependency graph to see which projects depend on your code. If you receive a vulnerability report, this will give you an idea of who you need to communicate with about the vulnerability and how to fix it. For more information, see [AUTOTITLE](/code-security/supply-chain-security/understanding-your-software-supply-chain/exploring-the-dependencies-of-a-repository#dependents-view). -* Use repository security advisories to create a security advisory, privately collaborate to fix the vulnerability in a temporary private fork, and publish a security advisory to alert your community of the vulnerability once a patch is released. For more information, see [AUTOTITLE](/code-security/security-advisories/working-with-repository-security-advisories/configuring-private-vulnerability-reporting-for-a-repository) and [AUTOTITLE](/code-security/security-advisories/working-with-repository-security-advisories/creating-a-repository-security-advisory). +* Use the dependants view in the Dependency graph to see which projects depend on your code. If you receive a vulnerability report, this will give you an idea of who you need to communicate with about the vulnerability and how to fix it. For more information, see [AUTOTITLE](/code-security/how-tos/secure-your-supply-chain/secure-your-dependencies/explore-dependencies#dependents-view). +* Use repository security advisories to create a security advisory, privately collaborate to fix the vulnerability in a temporary private fork, and publish a security advisory to alert your community of the vulnerability once a patch is released. For more information, see [AUTOTITLE](/code-security/how-tos/report-and-fix-vulnerabilities/configure-vulnerability-reporting/configure-for-a-repository) and [AUTOTITLE](/code-security/how-tos/report-and-fix-vulnerabilities/fix-reported-vulnerabilities/create-repository-advisory). {% endif %} diff --git a/content/actions/reference/workflows-and-actions/contexts.md b/content/actions/reference/workflows-and-actions/contexts.md index 7b9ddb2315cd..0d7df274d44a 100644 --- a/content/actions/reference/workflows-and-actions/contexts.md +++ b/content/actions/reference/workflows-and-actions/contexts.md @@ -52,7 +52,7 @@ If you attempt to dereference a nonexistent property, it will evaluate to an emp {% data variables.product.prodname_actions %} includes a collection of variables called _contexts_ and a similar collection of variables called _default variables_. These variables are intended for use at different points in the workflow: -* **Default environment variables:** These environment variables exist only on the runner that is executing your job. For more information, see [AUTOTITLE](/actions/reference/variables-reference#default-environment-variables). +* **Default environment variables:** These environment variables exist only on the runner that is executing your job. For more information, see [AUTOTITLE](/actions/reference/workflows-and-actions/variables). * **Contexts:** You can use most contexts at any point in your workflow, including when _default variables_ would be unavailable. For example, you can use contexts with expressions to perform initial processing before the job is routed to a runner for execution; this allows you to use a context with the conditional `if` keyword to determine whether a step should run. Once the job is running, you can also retrieve context variables from the runner that is executing the job, such as `runner.os`. For details of where you can use various contexts within a workflow, see [Context availability](#context-availability). The following example demonstrates how these different types of variables can be used together in a job: @@ -72,7 +72,7 @@ jobs: {% endraw %} -In this example, the `if` statement checks the [`github.ref`](/actions/learn-github-actions/contexts#github-context) context to determine the current branch name; if the name is `refs/heads/main`, then the subsequent steps are executed. The `if` check is processed by {% data variables.product.prodname_actions %}, and the job is only sent to the runner if the result is `true`. Once the job is sent to the runner, the step is executed and refers to the [`$GITHUB_REF`](/actions/reference/variables-reference#default-environment-variables) variable from the runner. +In this example, the `if` statement checks the [`github.ref`](/actions/reference/workflows-and-actions/contexts#github-context) context to determine the current branch name; if the name is `refs/heads/main`, then the subsequent steps are executed. The `if` check is processed by {% data variables.product.prodname_actions %}, and the job is only sent to the runner if the result is `true`. Once the job is sent to the runner, the step is executed and refers to the [`$GITHUB_REF`](/actions/reference/workflows-and-actions/variables) variable from the runner. ### Context availability @@ -121,7 +121,7 @@ The following table lists the restrictions on where each context and special fun ### Example: printing context information to the log -You can print the contents of contexts to the log for debugging. The [`toJSON` function](/actions/learn-github-actions/expressions#tojson) is required to pretty-print JSON objects to the log. +You can print the contents of contexts to the log for debugging. The [`toJSON` function](/actions/reference/workflows-and-actions/expressions#tojson) is required to pretty-print JSON objects to the log. {% data reusables.actions.github-context-warning %} @@ -165,7 +165,7 @@ jobs: ## `github` context -The `github` context contains information about the workflow run and the event that triggered the run. You can read most of the `github` context data in environment variables. For more information about environment variables, see [AUTOTITLE](/actions/learn-github-actions/variables). +The `github` context contains information about the workflow run and the event that triggered the run. You can read most of the `github` context data in environment variables. For more information about environment variables, see [AUTOTITLE](/actions/how-tos/write-workflows/choose-what-workflows-do/use-variables). {% data reusables.actions.github-context-warning %} {% data reusables.actions.context-injection-warning %} @@ -173,7 +173,7 @@ The `github` context contains information about the workflow run and the event t | Property name | Type | Description | |---------------|------|-------------| | `github` | `object` | The top-level context available during any job or step in a workflow. This object contains all the properties listed below. | -| `github.action` | `string` | The name of the action currently running, or the [`id`](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsid) of a step. {% data variables.product.prodname_dotcom %} removes special characters, and uses the name `__run` when the current step runs a script without an `id`. If you use the same action more than once in the same job, the name will include a suffix with the sequence number with underscore before it. For example, the first script you run will have the name `__run`, and the second script will be named `__run_2`. Similarly, the second invocation of `actions/checkout` will be `actionscheckout2`. | +| `github.action` | `string` | The name of the action currently running, or the [`id`](/actions/reference/workflows-and-actions/workflow-syntax#jobsjob_idstepsid) of a step. {% data variables.product.prodname_dotcom %} removes special characters, and uses the name `__run` when the current step runs a script without an `id`. If you use the same action more than once in the same job, the name will include a suffix with the sequence number with underscore before it. For example, the first script you run will have the name `__run`, and the second script will be named `__run_2`. Similarly, the second invocation of `actions/checkout` will be `actionscheckout2`. | | `github.action_path` | `string` | The path where an action is located. This property is only supported in composite actions. You can use this path to access files located in the same repository as the action, for example by changing directories to the path (using the corresponding environment variable): {% raw %} `cd "$GITHUB_ACTION_PATH"` {% endraw %}. For more information on environment variables, see [AUTOTITLE](/actions/reference/security/secure-use#use-an-intermediate-environment-variable). | | `github.action_ref` | `string` | For a step executing an action, this is the ref of the action being executed. For example, `v2`.

{% data reusables.actions.composite-actions-unsupported-refs %} | | `github.action_repository` | `string` | For a step executing an action, this is the owner and repository name of the action. For example, `actions/checkout`.

{% data reusables.actions.composite-actions-unsupported-refs %} | @@ -182,14 +182,14 @@ The `github` context contains information about the workflow run and the event t | `github.actor_id` | `string` | {% data reusables.actions.actor_id-description %} | | `github.api_url` | `string` | The URL of the {% data variables.product.prodname_dotcom %} REST API. | | `github.base_ref` | `string` | The `base_ref` or target branch of the pull request in a workflow run. This property is only available when the event that triggers a workflow run is either `pull_request` or `pull_request_target`. | -| `github.env` | `string` | Path on the runner to the file that sets environment variables from workflow commands. This file is unique to the current step and is a different file for each step in a job. For more information, see [AUTOTITLE](/actions/using-workflows/workflow-commands-for-github-actions#setting-an-environment-variable). | -| `github.event` | `object` | The full event webhook payload. You can access individual properties of the event using this context. This object is identical to the webhook payload of the event that triggered the workflow run, and is different for each event. The webhooks for each {% data variables.product.prodname_actions %} event is linked in [AUTOTITLE](/actions/using-workflows/events-that-trigger-workflows). For example, for a workflow run triggered by the [`push` event](/actions/using-workflows/events-that-trigger-workflows#push), this object contains the contents of the [push webhook payload](/webhooks-and-events/webhooks/webhook-events-and-payloads#push). | +| `github.env` | `string` | Path on the runner to the file that sets environment variables from workflow commands. This file is unique to the current step and is a different file for each step in a job. For more information, see [AUTOTITLE](/actions/reference/workflows-and-actions/workflow-commands#setting-an-environment-variable). | +| `github.event` | `object` | The full event webhook payload. You can access individual properties of the event using this context. This object is identical to the webhook payload of the event that triggered the workflow run, and is different for each event. The webhooks for each {% data variables.product.prodname_actions %} event is linked in [AUTOTITLE](/actions/reference/workflows-and-actions/events-that-trigger-workflows). For example, for a workflow run triggered by the [`push` event](/actions/reference/workflows-and-actions/events-that-trigger-workflows#push), this object contains the contents of the [push webhook payload](/webhooks/webhook-events-and-payloads#push). | | `github.event_name` | `string` | The name of the event that triggered the workflow run. | | `github.event_path` | `string` | The path to the file on the runner that contains the full event webhook payload. | | `github.graphql_url` | `string` | The URL of the {% data variables.product.prodname_dotcom %} GraphQL API. | | `github.head_ref` | `string` | The `head_ref` or source branch of the pull request in a workflow run. This property is only available when the event that triggers a workflow run is either `pull_request` or `pull_request_target`. | -| `github.job` | `string` | The [`job_id`](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_id) of the current job.
Note: This context property is set by the Actions runner, and is only available within the execution `steps` of a job. Otherwise, the value of this property will be `null`. | -| `github.path` | `string` | Path on the runner to the file that sets system `PATH` variables from workflow commands. This file is unique to the current step and is a different file for each step in a job. For more information, see [AUTOTITLE](/actions/using-workflows/workflow-commands-for-github-actions#adding-a-system-path). | +| `github.job` | `string` | The [`job_id`](/actions/reference/workflows-and-actions/workflow-syntax#jobsjob_id) of the current job.
Note: This context property is set by the Actions runner, and is only available within the execution `steps` of a job. Otherwise, the value of this property will be `null`. | +| `github.path` | `string` | Path on the runner to the file that sets system `PATH` variables from workflow commands. This file is unique to the current step and is a different file for each step in a job. For more information, see [AUTOTITLE](/actions/reference/workflows-and-actions/workflow-commands#adding-a-system-path). | | `github.ref` | `string` | {% data reusables.actions.ref-description %} | | `github.ref_name` | `string` | {% data reusables.actions.ref_name-description %} | | `github.ref_protected` | `boolean` | {% data reusables.actions.ref_protected-description %} | @@ -206,7 +206,7 @@ The `github` context contains information about the workflow run and the event t | `github.secret_source` | `string` | The source of a secret used in a workflow. Possible values are `None`, `Actions`{% ifversion fpt or ghec %}, `Codespaces`{% endif %}, or `Dependabot`. | | `github.server_url` | `string` | The URL of the GitHub server. For example: `https://github.com`. | | `github.sha` | `string` | {% data reusables.actions.github_sha_description %} | -| `github.token` | `string` | A token to authenticate on behalf of the GitHub App installed on your repository. This is functionally equivalent to the `GITHUB_TOKEN` secret. For more information, see [AUTOTITLE](/actions/security-guides/automatic-token-authentication).
Note: This context property is set by the Actions runner, and is only available within the execution `steps` of a job. Otherwise, the value of this property will be `null`. | +| `github.token` | `string` | A token to authenticate on behalf of the GitHub App installed on your repository. This is functionally equivalent to the `GITHUB_TOKEN` secret. For more information, see [AUTOTITLE](/actions/tutorials/authenticate-with-github_token).
Note: This context property is set by the Actions runner, and is only available within the execution `steps` of a job. Otherwise, the value of this property will be `null`. | | `github.triggering_actor` | `string` | {% data reusables.actions.github-triggering-actor-description %} | | `github.workflow` | `string` | The name of the workflow. If the workflow file doesn't specify a `name`, the value of this property is the full path of the workflow file in the repository. | | `github.workflow_ref` | `string` | {% data reusables.actions.workflow-ref-description %} | @@ -215,7 +215,7 @@ The `github` context contains information about the workflow run and the event t ### Example contents of the `github` context -The following example context is from a workflow run triggered by the `push` event. The `event` object in this example has been truncated because it is identical to the contents of the [`push` webhook payload](/webhooks-and-events/webhooks/webhook-events-and-payloads#push). +The following example context is from a workflow run triggered by the `push` event. The `event` object in this example has been truncated because it is identical to the contents of the [`push` webhook payload](/webhooks/webhook-events-and-payloads#push). {% data reusables.actions.context-example-note %} @@ -282,9 +282,9 @@ jobs: ## `env` context -The `env` context contains variables that have been set in a workflow, job, or step. It does not contain variables inherited by the runner process. For more information about setting variables in your workflow, see [AUTOTITLE](/actions/using-workflows/workflow-syntax-for-github-actions#env). +The `env` context contains variables that have been set in a workflow, job, or step. It does not contain variables inherited by the runner process. For more information about setting variables in your workflow, see [AUTOTITLE](/actions/reference/workflows-and-actions/workflow-syntax#env). -You can retrieve the values of variables stored in `env` context and use these values in your workflow file. You can use the `env` context in any key in a workflow step except for the `id` and `uses` keys. For more information on the step syntax, see [AUTOTITLE](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idsteps). +You can retrieve the values of variables stored in `env` context and use these values in your workflow file. You can use the `env` context in any key in a workflow step except for the `id` and `uses` keys. For more information on the step syntax, see [AUTOTITLE](/actions/reference/workflows-and-actions/workflow-syntax#jobsjob_idsteps). If you want to use the value of a variable inside a runner, use the runner operating system's normal method for reading environment variables. @@ -339,7 +339,7 @@ jobs: ## `vars` context -The `vars` context contains custom configuration variables set at the organization, repository, and environment levels. For more information about defining configuration variables for use in multiple workflows, see [AUTOTITLE](/actions/learn-github-actions/variables#defining-variables-for-multiple-workflows). +The `vars` context contains custom configuration variables set at the organization, repository, and environment levels. For more information about defining configuration variables for use in multiple workflows, see [AUTOTITLE](/actions/how-tos/write-workflows/choose-what-workflows-do/use-variables#defining-variables-for-multiple-workflows). ### Example contents of the `vars` context @@ -370,15 +370,15 @@ The `job` context contains information about the currently running job. | {% ifversion fpt or ghec %} | | `job.check_run_id` | `number` | The check run ID of the current job. | | {% endif %} | -| `job.container` | `object` | Information about the job's container. For more information about containers, see [AUTOTITLE](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idcontainer). | +| `job.container` | `object` | Information about the job's container. For more information about containers, see [AUTOTITLE](/actions/reference/workflows-and-actions/workflow-syntax#jobsjob_idcontainer). | | `job.container.id` | `string` | The ID of the container. | | `job.container.network` | `string` | The ID of the container network. The runner creates the network used by all containers in a job. | -| `job.services` | `object` | The service containers created for a job. For more information about service containers, see [AUTOTITLE](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idservices). | +| `job.services` | `object` | The service containers created for a job. For more information about service containers, see [AUTOTITLE](/actions/reference/workflows-and-actions/workflow-syntax#jobsjob_idservices). | | `job.services..id` | `string` | The ID of the service container. | | `job.services..network` | `string` | The ID of the service container network. The runner creates the network used by all containers in a job. | | `job.services..ports` | `object` | The exposed ports of the service container. | | `job.status` | `string` | The current status of the job. Possible values are `success`, `failure`, or `cancelled`. | -| `job.workflow_ref` | `string` | The full ref of the workflow file that defines the current job. For example, `octo-org/octo-repo/.github/workflows/deploy.yml@refs/heads/main`. For jobs defined directly in a workflow file, this is the same as `github.workflow_ref`. For jobs defined in a [AUTOTITLE](/actions/using-workflows/reusing-workflows), this refers to the reusable workflow file. (not available on {% data variables.product.prodname_ghe_server %}) | +| `job.workflow_ref` | `string` | The full ref of the workflow file that defines the current job. For example, `octo-org/octo-repo/.github/workflows/deploy.yml@refs/heads/main`. For jobs defined directly in a workflow file, this is the same as `github.workflow_ref`. For jobs defined in a [AUTOTITLE](/actions/how-tos/reuse-automations/reuse-workflows), this refers to the reusable workflow file. (not available on {% data variables.product.prodname_ghe_server %}) | | `job.workflow_sha` | `string` | The commit SHA of the workflow file that defines the current job. (not available on {% data variables.product.prodname_ghe_server %}) | | `job.workflow_repository` | `string` | The `owner/repo` of the repository containing the workflow file that defines the current job. For example, `octo-org/octo-repo`. (not available on {% data variables.product.prodname_ghe_server %}) | | `job.workflow_file_path` | `string` | The file path of the workflow file that defines the current job, relative to the repository root. For example, `.github/workflows/deploy.yml`. (not available on {% data variables.product.prodname_ghe_server %}) | @@ -463,7 +463,7 @@ jobs: ## `jobs` context -The `jobs` context is only available in reusable workflows, and can only be used to set outputs for a reusable workflow. For more information, see [AUTOTITLE](/actions/using-workflows/reusing-workflows#using-outputs-from-a-reusable-workflow). +The `jobs` context is only available in reusable workflows, and can only be used to set outputs for a reusable workflow. For more information, see [AUTOTITLE](/actions/how-tos/reuse-automations/reuse-workflows#using-outputs-from-a-reusable-workflow). | Property name | Type | Description | |---------------|------|-------------| @@ -490,7 +490,7 @@ This example `jobs` context contains the result and outputs of a job from a reus ### Example usage of the `jobs` context -This example reusable workflow uses the `jobs` context to set outputs for the reusable workflow. Note how the outputs flow up from the steps, to the job, then to the `workflow_call` trigger. For more information, see [AUTOTITLE](/actions/using-workflows/reusing-workflows#using-outputs-from-a-reusable-workflow). +This example reusable workflow uses the `jobs` context to set outputs for the reusable workflow. Note how the outputs flow up from the steps, to the job, then to the `workflow_call` trigger. For more information, see [AUTOTITLE](/actions/how-tos/reuse-automations/reuse-workflows#using-outputs-from-a-reusable-workflow). {% raw %} @@ -527,19 +527,19 @@ jobs: ## `steps` context -The `steps` context contains information about the steps in the current job that have an [`id`](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsid) specified and have already run. +The `steps` context contains information about the steps in the current job that have an [`id`](/actions/reference/workflows-and-actions/workflow-syntax#jobsjob_idstepsid) specified and have already run. | Property name | Type | Description | |---------------|------|-------------| | `steps` | `object` | This context changes for each step in a job. You can access this context from any step in a job. This object contains all the properties listed below. | -| `steps..outputs` | `object` | The set of outputs defined for the step. For more information, see [AUTOTITLE](/actions/creating-actions/metadata-syntax-for-github-actions#outputs-for-docker-container-and-javascript-actions). | -| `steps..conclusion` | `string` | The result of a completed step after [`continue-on-error`](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepscontinue-on-error) is applied. Possible values are `success`, `failure`, `cancelled`, or `skipped`. When a `continue-on-error` step fails, the `outcome` is `failure`, but the final `conclusion` is `success`. | -| `steps..outcome` | `string` | The result of a completed step before [`continue-on-error`](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepscontinue-on-error) is applied. Possible values are `success`, `failure`, `cancelled`, or `skipped`. When a `continue-on-error` step fails, the `outcome` is `failure`, but the final `conclusion` is `success`. | +| `steps..outputs` | `object` | The set of outputs defined for the step. For more information, see [AUTOTITLE](/actions/reference/workflows-and-actions/metadata-syntax#outputs-for-docker-container-and-javascript-actions). | +| `steps..conclusion` | `string` | The result of a completed step after [`continue-on-error`](/actions/reference/workflows-and-actions/workflow-syntax#jobsjob_idstepscontinue-on-error) is applied. Possible values are `success`, `failure`, `cancelled`, or `skipped`. When a `continue-on-error` step fails, the `outcome` is `failure`, but the final `conclusion` is `success`. | +| `steps..outcome` | `string` | The result of a completed step before [`continue-on-error`](/actions/reference/workflows-and-actions/workflow-syntax#jobsjob_idstepscontinue-on-error) is applied. Possible values are `success`, `failure`, `cancelled`, or `skipped`. When a `continue-on-error` step fails, the `outcome` is `failure`, but the final `conclusion` is `success`. | | `steps..outputs.` | `string` | The value of a specific output. | ### Example contents of the `steps` context -This example `steps` context shows two previous steps that had an [`id`](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsid) specified. The first step had the `id` named `checkout`, the second `generate_number`. The `generate_number` step had an output named `random_number`. +This example `steps` context shows two previous steps that had an [`id`](/actions/reference/workflows-and-actions/workflow-syntax#jobsjob_idstepsid) specified. The first step had the `id` named `checkout`, the second `generate_number`. The `generate_number` step had an output named `random_number`. ```json { @@ -638,16 +638,16 @@ jobs: ## `secrets` context -The `secrets` context contains the names and values of secrets that are available to a workflow run. The `secrets` context is not available for composite actions due to security reasons. If you want to pass a secret to a composite action, you need to do it explicitly as an input. For more information about secrets, see [AUTOTITLE](/actions/security-guides/using-secrets-in-github-actions). +The `secrets` context contains the names and values of secrets that are available to a workflow run. The `secrets` context is not available for composite actions due to security reasons. If you want to pass a secret to a composite action, you need to do it explicitly as an input. For more information about secrets, see [AUTOTITLE](/actions/how-tos/write-workflows/choose-what-workflows-do/use-secrets). -`GITHUB_TOKEN` is a secret that is automatically created for every workflow run, and is always included in the `secrets` context. For more information, see [AUTOTITLE](/actions/security-guides/automatic-token-authentication). +`GITHUB_TOKEN` is a secret that is automatically created for every workflow run, and is always included in the `secrets` context. For more information, see [AUTOTITLE](/actions/tutorials/authenticate-with-github_token). {% data reusables.actions.secrets-redaction-warning %} | Property name | Type | Description | |---------------|------|-------------| | `secrets` | `object` | This context is the same for each job in a workflow run. You can access this context from any step in a job. This object contains all the properties listed below. | -| `secrets.GITHUB_TOKEN` | `string` | Automatically created token for each workflow run. For more information, see [AUTOTITLE](/actions/security-guides/automatic-token-authentication). | +| `secrets.GITHUB_TOKEN` | `string` | Automatically created token for each workflow run. For more information, see [AUTOTITLE](/actions/tutorials/authenticate-with-github_token). | | `secrets.` | `string` | The value of a specific secret. | ### Example contents of the `secrets` context @@ -673,10 +673,10 @@ For workflows with a matrix, the `strategy` context contains information about t | Property name | Type | Description | |---------------|------|-------------| | `strategy` | `object` | This context changes for each job in a workflow run. You can access this context from any job or step in a workflow. This object contains all the properties listed below. | -| `strategy.fail-fast` | `boolean` | When this evaluates to `true`, all in-progress jobs are canceled if any job in a matrix fails. For more information, see [AUTOTITLE](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstrategyfail-fast). | +| `strategy.fail-fast` | `boolean` | When this evaluates to `true`, all in-progress jobs are canceled if any job in a matrix fails. For more information, see [AUTOTITLE](/actions/reference/workflows-and-actions/workflow-syntax#jobsjob_idstrategyfail-fast). | | `strategy.job-index` | `number` | The index of the current job in the matrix. **Note:** This number is a zero-based number. The first job's index in the matrix is `0`. | | `strategy.job-total` | `number` | The total number of jobs in the matrix. **Note:** This number **is not** a zero-based number. For example, for a matrix with four jobs, the value of `job-total` is `4`. | -| `strategy.max-parallel` | `number` | The maximum number of jobs that can run simultaneously when using a `matrix` job strategy. For more information, see [AUTOTITLE](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstrategymax-parallel). | +| `strategy.max-parallel` | `number` | The maximum number of jobs that can run simultaneously when using a `matrix` job strategy. For more information, see [AUTOTITLE](/actions/reference/workflows-and-actions/workflow-syntax#jobsjob_idstrategymax-parallel). | ### Example contents of the `strategy` context @@ -762,7 +762,7 @@ jobs: ## `needs` context -The `needs` context contains outputs from all jobs that are defined as a direct dependency of the current job. Note that this doesn't include implicitly dependent jobs (for example, dependent jobs of a dependent job). For more information on defining job dependencies, see [AUTOTITLE](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idneeds). +The `needs` context contains outputs from all jobs that are defined as a direct dependency of the current job. Note that this doesn't include implicitly dependent jobs (for example, dependent jobs of a dependent job). For more information on defining job dependencies, see [AUTOTITLE](/actions/reference/workflows-and-actions/workflow-syntax#jobsjob_idneeds). | Property name | Type | Description | |---------------|------|-------------| @@ -823,13 +823,13 @@ jobs: ## `inputs` context -The `inputs` context contains input properties passed to an action, to a reusable workflow, or to a manually triggered workflow. For reusable workflows, the input names and types are defined in the [`workflow_call` event configuration](/actions/using-workflows/events-that-trigger-workflows#workflow-reuse-events) of a reusable workflow, and the input values are passed from [`jobs..with`](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idwith) in an external workflow that calls the reusable workflow. For manually triggered workflows, the inputs are defined in the [`workflow_dispatch` event configuration](/actions/using-workflows/events-that-trigger-workflows#workflow_dispatch) of a workflow. +The `inputs` context contains input properties passed to an action, to a reusable workflow, or to a manually triggered workflow. For reusable workflows, the input names and types are defined in the [`workflow_call` event configuration](/actions/reference/workflows-and-actions/events-that-trigger-workflows#workflow-reuse-events) of a reusable workflow, and the input values are passed from [`jobs..with`](/actions/reference/workflows-and-actions/workflow-syntax#jobsjob_idwith) in an external workflow that calls the reusable workflow. For manually triggered workflows, the inputs are defined in the [`workflow_dispatch` event configuration](/actions/reference/workflows-and-actions/events-that-trigger-workflows#workflow_dispatch) of a workflow. -The properties in the `inputs` context are defined in the workflow file. They are only available in a [reusable workflow](/actions/using-workflows/reusing-workflows) or in a workflow triggered by the [`workflow_dispatch` event](/actions/using-workflows/events-that-trigger-workflows#workflow_dispatch) +The properties in the `inputs` context are defined in the workflow file. They are only available in a [reusable workflow](/actions/how-tos/reuse-automations/reuse-workflows) or in a workflow triggered by the [`workflow_dispatch` event](/actions/reference/workflows-and-actions/events-that-trigger-workflows#workflow_dispatch) | Property name | Type | Description | |---------------|------|-------------| -| `inputs` | `object` | This context is only available in a [reusable workflow](/actions/using-workflows/reusing-workflows) or in a workflow triggered by the [`workflow_dispatch` event](/actions/using-workflows/events-that-trigger-workflows#workflow_dispatch). You can access this context from any job or step in a workflow. This object contains the properties listed below. | +| `inputs` | `object` | This context is only available in a [reusable workflow](/actions/how-tos/reuse-automations/reuse-workflows) or in a workflow triggered by the [`workflow_dispatch` event](/actions/reference/workflows-and-actions/events-that-trigger-workflows#workflow_dispatch). You can access this context from any job or step in a workflow. This object contains the properties listed below. | | `inputs.` | `string` or `number` or `boolean` or `choice` | Each input value passed from an external workflow. | ### Example contents of the `inputs` context diff --git a/content/actions/reference/workflows-and-actions/dependency-caching.md b/content/actions/reference/workflows-and-actions/dependency-caching.md index a0b37fd0c32f..fd89ca7b05e6 100644 --- a/content/actions/reference/workflows-and-actions/dependency-caching.md +++ b/content/actions/reference/workflows-and-actions/dependency-caching.md @@ -132,7 +132,7 @@ jobs: ### Using contexts to create cache keys -A cache key can include any of the contexts, functions, literals, and operators supported by {% data variables.product.prodname_actions %}. For more information, see [AUTOTITLE](/actions/learn-github-actions/contexts) and [AUTOTITLE](/actions/learn-github-actions/expressions). +A cache key can include any of the contexts, functions, literals, and operators supported by {% data variables.product.prodname_actions %}. For more information, see [AUTOTITLE](/actions/reference/workflows-and-actions/contexts) and [AUTOTITLE](/actions/reference/workflows-and-actions/expressions). Using expressions to create a `key` allows you to automatically create a new cache when dependencies change. @@ -257,7 +257,7 @@ Multiple workflow runs in a repository can share caches. A cache created for a b > > All the metadata are managed by the artifact cache service, which is a microservice within {% data variables.product.prodname_actions %}. > -> For more information on cache storage, see [External storage requirements](/admin/github-actions/getting-started-with-github-actions-for-your-enterprise/getting-started-with-github-actions-for-github-enterprise-server#external-storage-requirements). +> For more information on cache storage, see [External storage requirements](/admin/managing-github-actions-for-your-enterprise/getting-started-with-github-actions-for-your-enterprise/getting-started-with-github-actions-for-github-enterprise-server#external-storage-requirements). {% endif %} @@ -300,7 +300,7 @@ For broader guidance on securing your workflows, see [AUTOTITLE](/actions/refere {% data variables.product.github %} will remove any cache entries that have not been accessed in over 7 days. There is no limit on the number of caches you can store, but the total size of all caches in a repository is limited. By default, the limit is 10 GB per repository, but this limit can be increased by enterprise owners, organization owners, or repository administrators. {% ifversion fpt or ghec %}Any usage beyond 10 GB is billed to your account.{% endif %} {% data reusables.actions.cache-eviction-policy %} -{% data reusables.actions.cache-eviction-process %} The cache eviction process may cause cache thrashing, where caches are created and deleted at a high frequency. To reduce this, you can review the caches for a repository and take corrective steps, such as removing caching from specific workflows{% ifversion fpt or ghec %} or increasing your cache size. This functionality is only available to users with a payment method on file who opt in by configuring cache settings{% endif %}. See [AUTOTITLE](/actions/how-tos/managing-workflow-runs-and-deployments/managing-workflow-runs/manage-caches).{% ifversion ghes %} You can also increase the cache size limit for a repository. For more information, see [AUTOTITLE](/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#configuring-cache-storage-for-a-repository). +{% data reusables.actions.cache-eviction-process %} The cache eviction process may cause cache thrashing, where caches are created and deleted at a high frequency. To reduce this, you can review the caches for a repository and take corrective steps, such as removing caching from specific workflows{% ifversion fpt or ghec %} or increasing your cache size. This functionality is only available to users with a payment method on file who opt in by configuring cache settings{% endif %}. See [AUTOTITLE](/actions/how-tos/manage-workflow-runs/manage-caches).{% ifversion ghes %} You can also increase the cache size limit for a repository. For more information, see [AUTOTITLE](/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#configuring-cache-storage-for-a-repository). {% endif %} {% ifversion fpt or ghec %} @@ -332,4 +332,4 @@ Below are some illustrative monthly costs to inform budgets you may wish to set ## Next steps -To manage your dependency caches, see [AUTOTITLE](/actions/how-tos/managing-workflow-runs-and-deployments/managing-workflow-runs/manage-caches). +To manage your dependency caches, see [AUTOTITLE](/actions/how-tos/manage-workflow-runs/manage-caches). diff --git a/content/actions/reference/workflows-and-actions/deployments-and-environments.md b/content/actions/reference/workflows-and-actions/deployments-and-environments.md index 91564ea31b5f..8776aab40cfb 100644 --- a/content/actions/reference/workflows-and-actions/deployments-and-environments.md +++ b/content/actions/reference/workflows-and-actions/deployments-and-environments.md @@ -27,7 +27,7 @@ Use required reviewers to require a specific person or team to approve workflow You also have the option to prevent self-reviews for deployments to protected environments. If you enable this setting, users who initiate a deployment cannot approve the deployment job, even if they are a required reviewer. This ensures that deployments to protected environments are always reviewed by more than one person. -For more information on reviewing jobs that reference an environment with required reviewers, see [AUTOTITLE](/actions/managing-workflow-runs/reviewing-deployments). +For more information on reviewing jobs that reference an environment with required reviewers, see [AUTOTITLE](/actions/how-tos/deploy/configure-and-manage-deployments/review-deployments). {% ifversion fpt %} @@ -59,7 +59,7 @@ Use deployment branches and tags to restrict which branches and tags can deploy * **Selected branches and tags:** Only branches and tags that match your specified name patterns can deploy to the environment. - The deployment branch or tag rule is matched against the `GITHUB_REF` of the workflow run. For values of `GITHUB_REF` for each workflow trigger, see [AUTOTITLE](/actions/using-workflows/events-that-trigger-workflows). If you specify `releases/*` as a deployment branch or tag rule, only a `GITHUB_REF` whose name begins with `releases/` can deploy to the environment. Adding another branch rule for `refs/pull/*/merge` would also allow workflows triggered by `pull_request` events to deploy to the environment. Wildcard characters will not match `/`, to match branches or tags that begin with `release/` and contain an additional single slash, use `release/*/*`. For more information about syntax options for deployment branches, see the [Ruby `File.fnmatch` documentation](https://ruby-doc.org/core-2.5.1/File.html#method-c-fnmatch). + The deployment branch or tag rule is matched against the `GITHUB_REF` of the workflow run. For values of `GITHUB_REF` for each workflow trigger, see [AUTOTITLE](/actions/reference/workflows-and-actions/events-that-trigger-workflows). If you specify `releases/*` as a deployment branch or tag rule, only a `GITHUB_REF` whose name begins with `releases/` can deploy to the environment. Adding another branch rule for `refs/pull/*/merge` would also allow workflows triggered by `pull_request` events to deploy to the environment. Wildcard characters will not match `/`, to match branches or tags that begin with `release/` and contain an additional single slash, use `release/*/*`. For more information about syntax options for deployment branches, see the [Ruby `File.fnmatch` documentation](https://ruby-doc.org/core-2.5.1/File.html#method-c-fnmatch). {% data reusables.actions.branch-and-tag-deployment-rules-configuration %} @@ -72,7 +72,7 @@ Use deployment branches and tags to restrict which branches and tags can deploy ### Allow administrators to bypass configured protection rules -By default, administrators can bypass the protection rules and force deployments to specific environments. For more information, see [AUTOTITLE](/actions/managing-workflow-runs/reviewing-deployments#bypassing-environment-protection-rules). +By default, administrators can bypass the protection rules and force deployments to specific environments. For more information, see [AUTOTITLE](/actions/how-tos/deploy/configure-and-manage-deployments/review-deployments#bypassing-deployment-protection-rules). Alternatively, you can configure environments to disallow bypassing the protection rules for all deployments to the environment. @@ -87,9 +87,9 @@ Alternatively, you can configure environments to disallow bypassing the protecti {% data reusables.actions.custom-deployment-protection-rules-beta-note %} -{% data reusables.actions.about-custom-deployment-protection-rules %} For more information, see [AUTOTITLE](/actions/deployment/protecting-deployments/creating-custom-deployment-protection-rules). +{% data reusables.actions.about-custom-deployment-protection-rules %} For more information, see [AUTOTITLE](/actions/how-tos/deploy/configure-and-manage-deployments/create-custom-protection-rules). -Once custom deployment protection rules have been created and installed on a repository, you can enable the custom deployment protection rule for any environment in the repository. For more information about configuring and enabling custom deployment protection rules, see [AUTOTITLE](/actions/deployment/protecting-deployments/configuring-custom-deployment-protection-rules). +Once custom deployment protection rules have been created and installed on a repository, you can enable the custom deployment protection rule for any environment in the repository. For more information about configuring and enabling custom deployment protection rules, see [AUTOTITLE](/actions/how-tos/deploy/configure-and-manage-deployments/configure-custom-protection-rules). {% ifversion fpt %} @@ -100,23 +100,23 @@ Once custom deployment protection rules have been created and installed on a rep ## Environment secrets -Secrets stored in an environment are only available to workflow jobs that reference the environment. If the environment requires approval, a job cannot access environment secrets until one of the required reviewers approves it. For more information about secrets, see [AUTOTITLE](/actions/security-for-github-actions/security-guides/about-secrets). +Secrets stored in an environment are only available to workflow jobs that reference the environment. If the environment requires approval, a job cannot access environment secrets until one of the required reviewers approves it. For more information about secrets, see [AUTOTITLE](/actions/concepts/security/secrets). {% ifversion fpt %} > [!NOTE] -> * Workflows that run on self-hosted runners are not run in an isolated container, even if they use environments. Environment secrets should be treated with the same level of security as repository and organization secrets. For more information, see [AUTOTITLE](/actions/security-guides/security-hardening-for-github-actions#hardening-for-self-hosted-runners). -> * If you are using {% data variables.product.prodname_free_user %}, environment secrets are only available in public repositories. For access to environment secrets in private or internal repositories, you must use {% data variables.product.prodname_pro %}, {% data variables.product.prodname_team %}, or {% data variables.product.prodname_enterprise %}. For more information on switching your plan, see [AUTOTITLE](/billing/managing-the-plan-for-your-github-account/upgrading-your-accounts-plan). +> * Workflows that run on self-hosted runners are not run in an isolated container, even if they use environments. Environment secrets should be treated with the same level of security as repository and organization secrets. For more information, see [AUTOTITLE](/actions/reference/security/secure-use#hardening-for-self-hosted-runners). +> * If you are using {% data variables.product.prodname_free_user %}, environment secrets are only available in public repositories. For access to environment secrets in private or internal repositories, you must use {% data variables.product.prodname_pro %}, {% data variables.product.prodname_team %}, or {% data variables.product.prodname_enterprise %}. For more information on switching your plan, see [AUTOTITLE](/billing/how-tos/manage-plan-and-licenses/upgrade-plan). {% else %} > [!NOTE] -> Workflows that run on self-hosted runners are not run in an isolated container, even if they use environments. Environment secrets should be treated with the same level of security as repository and organization secrets. For more information, see [AUTOTITLE](/actions/security-guides/security-hardening-for-github-actions#hardening-for-self-hosted-runners). +> Workflows that run on self-hosted runners are not run in an isolated container, even if they use environments. Environment secrets should be treated with the same level of security as repository and organization secrets. For more information, see [AUTOTITLE](/actions/reference/security/secure-use#hardening-for-self-hosted-runners). {% endif %} ## Environment variables -Variables stored in an environment are only available to workflow jobs that reference the environment. These variables are only accessible using the [`vars`](/actions/learn-github-actions/contexts#vars-context) context. For more information, see [AUTOTITLE](/actions/learn-github-actions/variables). +Variables stored in an environment are only available to workflow jobs that reference the environment. These variables are only accessible using the [`vars`](/actions/reference/workflows-and-actions/contexts#vars-context) context. For more information, see [AUTOTITLE](/actions/how-tos/write-workflows/choose-what-workflows-do/use-variables). {% ifversion fpt %} diff --git a/content/actions/reference/workflows-and-actions/dockerfile-support.md b/content/actions/reference/workflows-and-actions/dockerfile-support.md index 512004a77464..a1e4de79c05c 100644 --- a/content/actions/reference/workflows-and-actions/dockerfile-support.md +++ b/content/actions/reference/workflows-and-actions/dockerfile-support.md @@ -20,7 +20,7 @@ category: ### USER -Docker actions must be run by the default Docker user (root). Do not use the `USER` instruction in your `Dockerfile`, because you won't be able to access the `GITHUB_WORKSPACE` directory. For more information, see [AUTOTITLE](/actions/reference/variables-reference#default-environment-variables) and [USER reference](https://docs.docker.com/engine/reference/builder/#user) in the Docker documentation. +Docker actions must be run by the default Docker user (root). Do not use the `USER` instruction in your `Dockerfile`, because you won't be able to access the `GITHUB_WORKSPACE` directory. For more information, see [AUTOTITLE](/actions/reference/workflows-and-actions/variables#default-environment-variables) and [USER reference](https://docs.docker.com/engine/reference/builder/#user) in the Docker documentation. ### FROM @@ -34,11 +34,11 @@ These are some best practices when setting the `FROM` argument: ### WORKDIR -{% data variables.product.github %} sets the working directory path in the `GITHUB_WORKSPACE` environment variable. It's recommended to not use the `WORKDIR` instruction in your `Dockerfile`. Before the action executes, {% data variables.product.github %} will mount the `GITHUB_WORKSPACE` directory on top of anything that was at that location in the Docker image and set `GITHUB_WORKSPACE` as the working directory. For more information, see [AUTOTITLE](/actions/reference/variables-reference#default-environment-variables) and the [WORKDIR reference](https://docs.docker.com/engine/reference/builder/#workdir) in the Docker documentation. +{% data variables.product.github %} sets the working directory path in the `GITHUB_WORKSPACE` environment variable. It's recommended to not use the `WORKDIR` instruction in your `Dockerfile`. Before the action executes, {% data variables.product.github %} will mount the `GITHUB_WORKSPACE` directory on top of anything that was at that location in the Docker image and set `GITHUB_WORKSPACE` as the working directory. For more information, see [AUTOTITLE](/actions/reference/workflows-and-actions/variables#default-environment-variables) and the [WORKDIR reference](https://docs.docker.com/engine/reference/builder/#workdir) in the Docker documentation. ### ENTRYPOINT -If you define `entrypoint` in an action's metadata file, it will override the `ENTRYPOINT` defined in the `Dockerfile`. For more information, see [AUTOTITLE](/actions/creating-actions/metadata-syntax-for-github-actions#runsentrypoint). +If you define `entrypoint` in an action's metadata file, it will override the `ENTRYPOINT` defined in the `Dockerfile`. For more information, see [AUTOTITLE](/actions/reference/workflows-and-actions/metadata-syntax#runsentrypoint). The Docker `ENTRYPOINT` instruction has a _shell_ form and _exec_ form. The Docker `ENTRYPOINT` documentation recommends using the _exec_ form of the `ENTRYPOINT` instruction. For more information about _exec_ and _shell_ form, see the [ENTRYPOINT reference](https://docs.docker.com/engine/reference/builder/#entrypoint) in the Docker documentation. @@ -98,7 +98,7 @@ Error response from daemon: OCI runtime create failed: container_linux.go:348: s ### CMD -If you define `args` in the action's metadata file, `args` will override the `CMD` instruction specified in the `Dockerfile`. For more information, see [AUTOTITLE](/actions/creating-actions/metadata-syntax-for-github-actions#runsargs). +If you define `args` in the action's metadata file, `args` will override the `CMD` instruction specified in the `Dockerfile`. For more information, see [AUTOTITLE](/actions/reference/workflows-and-actions/metadata-syntax#runsargs). If you use `CMD` in your `Dockerfile`, follow these guidelines: diff --git a/content/actions/reference/workflows-and-actions/events-that-trigger-workflows.md b/content/actions/reference/workflows-and-actions/events-that-trigger-workflows.md index 9a5b7130fc8a..ec2cf92f9231 100644 --- a/content/actions/reference/workflows-and-actions/events-that-trigger-workflows.md +++ b/content/actions/reference/workflows-and-actions/events-that-trigger-workflows.md @@ -20,9 +20,9 @@ contentType: reference ## About events that trigger workflows -Workflow triggers are events that cause a workflow to run. For more information about how to use workflow triggers, see [AUTOTITLE](/actions/using-workflows/triggering-a-workflow). +Workflow triggers are events that cause a workflow to run. For more information about how to use workflow triggers, see [AUTOTITLE](/actions/how-tos/write-workflows/choose-when-workflows-run/trigger-a-workflow). -Some events have multiple activity types. For these events, you can specify which activity types will trigger a workflow run. For more information about what each activity type means, see [AUTOTITLE](/webhooks-and-events/webhooks/webhook-events-and-payloads). +Some events have multiple activity types. For these events, you can specify which activity types will trigger a workflow run. For more information about what each activity type means, see [AUTOTITLE](/webhooks/webhook-events-and-payloads). > [!NOTE] > Not all webhook events trigger workflows. @@ -31,10 +31,10 @@ Some events have multiple activity types. For these events, you can specify whic | Webhook event payload | Activity types | `GITHUB_SHA` | `GITHUB_REF` | | --------------------- | -------------- | ------------ | -------------| -| [`branch_protection_rule`](/webhooks-and-events/webhooks/webhook-events-and-payloads#branch_protection_rule) | - `created`
- `edited`
- `deleted` | Last commit on default branch | Default branch | +| [`branch_protection_rule`](/webhooks/webhook-events-and-payloads#branch_protection_rule) | - `created`
- `edited`
- `deleted` | Last commit on default branch | Default branch | > [!NOTE] -> * {% data reusables.developer-site.multiple_activity_types %} For information about each activity type, see [AUTOTITLE](/webhooks-and-events/webhooks/webhook-events-and-payloads#branch_protection_rule). {% data reusables.developer-site.limit_workflow_to_activity_types %} +> * {% data reusables.developer-site.multiple_activity_types %} For information about each activity type, see [AUTOTITLE](/webhooks/webhook-events-and-payloads#branch_protection_rule). {% data reusables.developer-site.limit_workflow_to_activity_types %} > * {% data reusables.actions.branch-requirement %} Runs your workflow when branch protection rules in the workflow repository are changed. For more information about branch protection rules, see [AUTOTITLE](/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches). For information about the branch protection rule APIs, see [AUTOTITLE](/graphql/reference/branches#object-branchprotectionrule) in the GraphQL API documentation or [AUTOTITLE](/rest/branches). @@ -51,10 +51,10 @@ on: | Webhook event payload | Activity types | `GITHUB_SHA` | `GITHUB_REF` | | --------------------- | -------------- | ------------ | -------------| -| [`check_run`](/webhooks-and-events/webhooks/webhook-events-and-payloads#check_run) | - `created`
- `rerequested`
- `completed`
- `requested_action` | Last commit on default branch | Default branch | +| [`check_run`](/webhooks/webhook-events-and-payloads#check_run) | - `created`
- `rerequested`
- `completed`
- `requested_action` | Last commit on default branch | Default branch | > [!NOTE] -> * {% data reusables.developer-site.multiple_activity_types %} For information about each activity type, see [AUTOTITLE](/webhooks-and-events/webhooks/webhook-events-and-payloads#check_run). {% data reusables.developer-site.limit_workflow_to_activity_types %} +> * {% data reusables.developer-site.multiple_activity_types %} For information about each activity type, see [AUTOTITLE](/webhooks/webhook-events-and-payloads#check_run). {% data reusables.developer-site.limit_workflow_to_activity_types %} > * {% data reusables.actions.branch-requirement %} > * To prevent recursive workflows, this event does not trigger workflows if the check run's check suite was created by {% data variables.product.prodname_actions %} or if the check suite's head SHA is associated with {% data variables.product.prodname_actions %}. @@ -72,10 +72,10 @@ on: | Webhook event payload | Activity types | `GITHUB_SHA` | `GITHUB_REF` | | --------------------- | -------------- | ------------ | -------------| -| [`check_suite`](/webhooks-and-events/webhooks/webhook-events-and-payloads#check_suite) | - `completed` | Last commit on default branch | Default branch | +| [`check_suite`](/webhooks/webhook-events-and-payloads#check_suite) | - `completed` | Last commit on default branch | Default branch | > [!NOTE] -> * {% data reusables.developer-site.multiple_activity_types %} For information about each activity type, see [AUTOTITLE](/webhooks-and-events/webhooks/webhook-events-and-payloads#check_suite). Although only the `completed` activity type is supported, specifying the activity type will keep your workflow specific if more activity types are added in the future. {% data reusables.developer-site.limit_workflow_to_activity_types %} +> * {% data reusables.developer-site.multiple_activity_types %} For information about each activity type, see [AUTOTITLE](/webhooks/webhook-events-and-payloads#check_suite). Although only the `completed` activity type is supported, specifying the activity type will keep your workflow specific if more activity types are added in the future. {% data reusables.developer-site.limit_workflow_to_activity_types %} > * {% data reusables.actions.branch-requirement %} > * To prevent recursive workflows, this event does not trigger workflows if the check suite was created by {% data variables.product.prodname_actions %} or if the check suite's head SHA is associated with {% data variables.product.prodname_actions %}. @@ -93,7 +93,7 @@ on: | Webhook event payload | Activity types | `GITHUB_SHA` | `GITHUB_REF` | | --------------------- | -------------- | ------------ | -------------| -| [`create`](/webhooks-and-events/webhooks/webhook-events-and-payloads#create) | Not applicable | Last commit on the created branch or tag | Branch or tag created | +| [`create`](/webhooks/webhook-events-and-payloads#create) | Not applicable | Last commit on the created branch or tag | Branch or tag created | > [!NOTE] > An event will not be created when you create more than three tags at once. @@ -111,7 +111,7 @@ on: | Webhook event payload | Activity types | `GITHUB_SHA` | `GITHUB_REF` | | --------------------- | -------------- | ------------ | -------------| -| [`delete`](/webhooks-and-events/webhooks/webhook-events-and-payloads#delete) | Not applicable | Last commit on default branch | Default branch | +| [`delete`](/webhooks/webhook-events-and-payloads#delete) | Not applicable | Last commit on default branch | Default branch | > [!NOTE] > * {% data reusables.actions.branch-requirement %} @@ -130,7 +130,7 @@ on: | Webhook event payload | Activity types | `GITHUB_SHA` | `GITHUB_REF` | | --------------------- | -------------- | ------------ | -------------| -| [`deployment`](/webhooks-and-events/webhooks/webhook-events-and-payloads#deployment) | Not applicable | Commit to be deployed | Branch or tag to be deployed (empty if created with a commit SHA)| +| [`deployment`](/webhooks/webhook-events-and-payloads#deployment) | Not applicable | Commit to be deployed | Branch or tag to be deployed (empty if created with a commit SHA)| Runs your workflow when someone creates a deployment in the workflow's repository. Deployments created with a commit SHA may not have a Git ref. For information about the APIs to create a deployment, see [AUTOTITLE](/graphql/reference/deployments#mutation-createdeployment) in the GraphQL API documentation or [AUTOTITLE](/rest/repos#deployments). @@ -145,7 +145,7 @@ on: | Webhook event payload | Activity types | `GITHUB_SHA` | `GITHUB_REF` | | --------------------- | -------------- | ------------ | -------------| -| [`deployment_status`](/webhooks-and-events/webhooks/webhook-events-and-payloads#deployment_status) | Not applicable | Commit to be deployed | Branch or tag to be deployed (empty if commit)| +| [`deployment_status`](/webhooks/webhook-events-and-payloads#deployment_status) | Not applicable | Commit to be deployed | Branch or tag to be deployed (empty if commit)| > [!NOTE] > When a deployment status's state is set to `inactive`, a workflow run will not be triggered. @@ -163,10 +163,10 @@ on: | Webhook event payload | Activity types | `GITHUB_SHA` | `GITHUB_REF` | | --------------------- | -------------- | ------------ | -------------| -| [`discussion`](/webhooks-and-events/webhooks/webhook-events-and-payloads#discussion) | - `created`
- `edited`
- `deleted`
- `transferred`
- `pinned`
- `unpinned`
- `labeled`
- `unlabeled`
- `locked`
- `unlocked`
- `category_changed`
- `answered`
- `unanswered` | Last commit on default branch | Default branch | +| [`discussion`](/webhooks/webhook-events-and-payloads#discussion) | - `created`
- `edited`
- `deleted`
- `transferred`
- `pinned`
- `unpinned`
- `labeled`
- `unlabeled`
- `locked`
- `unlocked`
- `category_changed`
- `answered`
- `unanswered` | Last commit on default branch | Default branch | > [!NOTE] -> * {% data reusables.developer-site.multiple_activity_types %} For information about each activity type, see [AUTOTITLE](/webhooks-and-events/webhooks/webhook-events-and-payloads#discussion). {% data reusables.developer-site.limit_workflow_to_activity_types %} +> * {% data reusables.developer-site.multiple_activity_types %} For information about each activity type, see [AUTOTITLE](/webhooks/webhook-events-and-payloads#discussion). {% data reusables.developer-site.limit_workflow_to_activity_types %} > * {% data reusables.actions.branch-requirement %} > * {% data reusables.webhooks.discussions-webhooks-beta %} @@ -184,10 +184,10 @@ on: | Webhook event payload | Activity types | `GITHUB_SHA` | `GITHUB_REF` | | --------------------- | -------------- | ------------ | -------------| -| [`discussion_comment`](/webhooks-and-events/webhooks/webhook-events-and-payloads#discussion_comment) | - `created`
- `edited`
- `deleted`
| Last commit on default branch | Default branch | +| [`discussion_comment`](/webhooks/webhook-events-and-payloads#discussion_comment) | - `created`
- `edited`
- `deleted`
| Last commit on default branch | Default branch | > [!NOTE] -> * {% data reusables.developer-site.multiple_activity_types %} For information about each activity type, see [AUTOTITLE](/webhooks-and-events/webhooks/webhook-events-and-payloads#discussion_comment). {% data reusables.developer-site.limit_workflow_to_activity_types %} +> * {% data reusables.developer-site.multiple_activity_types %} For information about each activity type, see [AUTOTITLE](/webhooks/webhook-events-and-payloads#discussion_comment). {% data reusables.developer-site.limit_workflow_to_activity_types %} > * {% data reusables.actions.branch-requirement %} > * {% data reusables.webhooks.discussions-webhooks-beta %} @@ -205,7 +205,7 @@ on: | Webhook event payload | Activity types | `GITHUB_SHA` | `GITHUB_REF` | | --------------------- | -------------- | ------------ | -------------| -| [`fork`](/webhooks-and-events/webhooks/webhook-events-and-payloads#fork) | Not applicable | Last commit on default branch | Default branch | +| [`fork`](/webhooks/webhook-events-and-payloads#fork) | Not applicable | Last commit on default branch | Default branch | > [!NOTE] > {% data reusables.actions.branch-requirement %} @@ -223,7 +223,7 @@ on: | Webhook event payload | Activity types | `GITHUB_SHA` | `GITHUB_REF` | | --------------------- | -------------- | ------------ | -------------| -| [`gollum`](/webhooks-and-events/webhooks/webhook-events-and-payloads#gollum) | Not applicable | Last commit on default branch | Default branch | +| [`gollum`](/webhooks/webhook-events-and-payloads#gollum) | Not applicable | Last commit on default branch | Default branch | > [!NOTE] > {% data reusables.actions.branch-requirement %} @@ -262,13 +262,13 @@ on: | Webhook event payload | Activity types | `GITHUB_SHA` | `GITHUB_REF` | | --------------------- | -------------- | ------------ | -------------| -| [`issue_comment`](/webhooks-and-events/webhooks/webhook-events-and-payloads#issue_comment) | - `created`
- `edited`
- `deleted`
| Last commit on default branch | Default branch | +| [`issue_comment`](/webhooks/webhook-events-and-payloads#issue_comment) | - `created`
- `edited`
- `deleted`
| Last commit on default branch | Default branch | > [!NOTE] -> * {% data reusables.developer-site.multiple_activity_types %} For information about each activity type, see [AUTOTITLE](/webhooks-and-events/webhooks/webhook-events-and-payloads#issue_comment). {% data reusables.developer-site.limit_workflow_to_activity_types %} +> * {% data reusables.developer-site.multiple_activity_types %} For information about each activity type, see [AUTOTITLE](/webhooks/webhook-events-and-payloads#issue_comment). {% data reusables.developer-site.limit_workflow_to_activity_types %} > * {% data reusables.actions.branch-requirement %} -Runs your workflow when an issue or pull request comment is created, edited, or deleted. For information about the issue comment APIs, see [AUTOTITLE](/graphql/reference/issues#object-issuecomment) in the GraphQL API documentation or [AUTOTITLE](/webhooks-and-events/webhooks/webhook-events-and-payloads#issue_comment) in the REST API documentation. +Runs your workflow when an issue or pull request comment is created, edited, or deleted. For information about the issue comment APIs, see [AUTOTITLE](/graphql/reference/issues#object-issuecomment) in the GraphQL API documentation or [AUTOTITLE](/webhooks/webhook-events-and-payloads#issue_comment) in the REST API documentation. For example, you can run a workflow when an issue or pull request comment has been `created` or `deleted`. @@ -315,13 +315,13 @@ jobs: | Webhook event payload | Activity types | `GITHUB_SHA` | `GITHUB_REF` | | --------------------- | -------------- | ------------ | -------------| -| [`issues`](/webhooks-and-events/webhooks/webhook-events-and-payloads#issues) | - `opened`
- `edited`
- `deleted`
- `transferred`
- `pinned`
- `unpinned`
- `closed`
- `reopened`
- `assigned`
- `unassigned`
- `labeled`
- `unlabeled`
- `locked`
- `unlocked`
- `milestoned`
- `demilestoned`
- `typed`
- `untyped`{% ifversion issue-fields %}
- `field_added`
- `field_removed`{% endif %} | Last commit on default branch | Default branch | +| [`issues`](/webhooks/webhook-events-and-payloads#issues) | - `opened`
- `edited`
- `deleted`
- `transferred`
- `pinned`
- `unpinned`
- `closed`
- `reopened`
- `assigned`
- `unassigned`
- `labeled`
- `unlabeled`
- `locked`
- `unlocked`
- `milestoned`
- `demilestoned`
- `typed`
- `untyped`{% ifversion issue-fields %}
- `field_added`
- `field_removed`{% endif %} | Last commit on default branch | Default branch | > [!NOTE] -> * {% data reusables.developer-site.multiple_activity_types %} For information about each activity type, see [AUTOTITLE](/webhooks-and-events/webhooks/webhook-events-and-payloads#issues). {% data reusables.developer-site.limit_workflow_to_activity_types %} +> * {% data reusables.developer-site.multiple_activity_types %} For information about each activity type, see [AUTOTITLE](/webhooks/webhook-events-and-payloads#issues). {% data reusables.developer-site.limit_workflow_to_activity_types %} > * {% data reusables.actions.branch-requirement %} -Runs your workflow when an issue in the workflow's repository is created or modified. For activity related to comments in an issue, use the [`issue_comment`](#issue_comment) event. For more information about issues, see [AUTOTITLE](/issues/tracking-your-work-with-issues/about-issues). For information about the issue APIs, see [AUTOTITLE](/graphql/reference/issues#object-issue) in the GraphQL API documentation or [AUTOTITLE](/rest/issues). +Runs your workflow when an issue in the workflow's repository is created or modified. For activity related to comments in an issue, use the [`issue_comment`](#issue_comment) event. For more information about issues, see [AUTOTITLE](/issues/tracking-your-work-with-issues/learning-about-issues/about-issues). For information about the issue APIs, see [AUTOTITLE](/graphql/reference/issues#object-issue) in the GraphQL API documentation or [AUTOTITLE](/rest/issues). For example, you can run a workflow when an issue has been `opened`, `edited`, or `milestoned`. @@ -347,10 +347,10 @@ on: | Webhook event payload | Activity types | `GITHUB_SHA` | `GITHUB_REF` | | --------------------- | -------------- | ------------ | -------------| -| [`label`](/webhooks-and-events/webhooks/webhook-events-and-payloads#label) | - `created`
- `edited`
- `deleted`
| Last commit on default branch | Default branch | +| [`label`](/webhooks/webhook-events-and-payloads#label) | - `created`
- `edited`
- `deleted`
| Last commit on default branch | Default branch | > [!NOTE] -> * {% data reusables.developer-site.multiple_activity_types %} For information about each activity type, see [AUTOTITLE](/webhooks-and-events/webhooks/webhook-events-and-payloads#label). {% data reusables.developer-site.limit_workflow_to_activity_types %} +> * {% data reusables.developer-site.multiple_activity_types %} For information about each activity type, see [AUTOTITLE](/webhooks/webhook-events-and-payloads#label). {% data reusables.developer-site.limit_workflow_to_activity_types %} > * {% data reusables.actions.branch-requirement %} Runs your workflow when a label in your workflow's repository is created or modified. For more information about labels, see [AUTOTITLE](/issues/using-labels-and-milestones-to-track-work/managing-labels). For information about the label APIs, see [AUTOTITLE](/graphql/reference/issues#object-label) in the GraphQL API documentation or [AUTOTITLE](/rest/issues/labels). @@ -369,11 +369,11 @@ on: | Webhook event payload | Activity types | `GITHUB_SHA` | `GITHUB_REF` | | --------------------- | -------------- | ------------ | -------------| -| [`merge_group`](/webhooks-and-events/webhooks/webhook-events-and-payloads#merge_group) | `checks_requested` | SHA of the merge group | Ref of the merge group | +| [`merge_group`](/webhooks/webhook-events-and-payloads#merge_group) | `checks_requested` | SHA of the merge group | Ref of the merge group | > [!NOTE] > -> * {% data reusables.developer-site.multiple_activity_types %} Although only the `checks_requested` activity type is supported, specifying the activity type will keep your workflow specific if more activity types are added in the future. For information about each activity type, see [AUTOTITLE](/webhooks-and-events/webhooks/webhook-events-and-payloads#merge_group). {% data reusables.developer-site.limit_workflow_to_activity_types %} +> * {% data reusables.developer-site.multiple_activity_types %} Although only the `checks_requested` activity type is supported, specifying the activity type will keep your workflow specific if more activity types are added in the future. For information about each activity type, see [AUTOTITLE](/webhooks/webhook-events-and-payloads#merge_group). {% data reusables.developer-site.limit_workflow_to_activity_types %} > * {% data reusables.actions.merge-group-event-with-required-checks %} Runs your workflow when a pull request is added to a merge queue, which adds the pull request to a merge group. For more information see [AUTOTITLE](/pull-requests/collaborating-with-pull-requests/incorporating-changes-from-a-pull-request/merging-a-pull-request-with-a-merge-queue). @@ -392,10 +392,10 @@ on: | Webhook event payload | Activity types | `GITHUB_SHA` | `GITHUB_REF` | | --------------------- | -------------- | ------------ | -------------| -| [`milestone`](/webhooks-and-events/webhooks/webhook-events-and-payloads#milestone) | - `created`
- `closed`
- `opened`
- `edited`
- `deleted`
| Last commit on default branch | Default branch | +| [`milestone`](/webhooks/webhook-events-and-payloads#milestone) | - `created`
- `closed`
- `opened`
- `edited`
- `deleted`
| Last commit on default branch | Default branch | > [!NOTE] -> * {% data reusables.developer-site.multiple_activity_types %} For information about each activity type, see [AUTOTITLE](/webhooks-and-events/webhooks/webhook-events-and-payloads#milestone). {% data reusables.developer-site.limit_workflow_to_activity_types %} +> * {% data reusables.developer-site.multiple_activity_types %} For information about each activity type, see [AUTOTITLE](/webhooks/webhook-events-and-payloads#milestone). {% data reusables.developer-site.limit_workflow_to_activity_types %} > * {% data reusables.actions.branch-requirement %} Runs your workflow when a milestone in the workflow's repository is created or modified. For more information about milestones, see [AUTOTITLE](/issues/using-labels-and-milestones-to-track-work/about-milestones). For information about the milestone APIs, see [AUTOTITLE](/graphql/reference/issues#object-milestone) in the GraphQL API documentation or [AUTOTITLE](/rest/issues/milestones). @@ -414,7 +414,7 @@ on: | Webhook event payload | Activity types | `GITHUB_SHA` | `GITHUB_REF` | | --------------------- | -------------- | ------------ | -------------| -| [`page_build`](/webhooks-and-events/webhooks/webhook-events-and-payloads#page_build) | Not applicable | Last commit on default branch | Default branch | +| [`page_build`](/webhooks/webhook-events-and-payloads#page_build) | Not applicable | Last commit on default branch | Default branch | > [!NOTE] > {% data reusables.actions.branch-requirement %} @@ -432,7 +432,7 @@ on: | Webhook event payload | Activity types | `GITHUB_SHA` | `GITHUB_REF` | | --------------------- | -------------- | ------------ | -------------| -| [`public`](/webhooks-and-events/webhooks/webhook-events-and-payloads#public) | Not applicable | Last commit on default branch | Default branch | +| [`public`](/webhooks/webhook-events-and-payloads#public) | Not applicable | Last commit on default branch | Default branch | > [!NOTE] > {% data reusables.actions.branch-requirement %} @@ -450,10 +450,10 @@ on: | Webhook event payload | Activity types | `GITHUB_SHA` | `GITHUB_REF` | | --------------------- | -------------- | ------------ | -------------| -| [`pull_request`](/webhooks-and-events/webhooks/webhook-events-and-payloads#pull_request) | {% data reusables.actions.workflow-triggers-pull-request-activity-types %} | Last merge commit on the `GITHUB_REF` branch | PR merge branch `refs/pull/PULL_REQUEST_NUMBER/merge` | +| [`pull_request`](/webhooks/webhook-events-and-payloads#pull_request) | {% data reusables.actions.workflow-triggers-pull-request-activity-types %} | Last merge commit on the `GITHUB_REF` branch | PR merge branch `refs/pull/PULL_REQUEST_NUMBER/merge` | > [!NOTE] -> * {% data reusables.developer-site.multiple_activity_types %} For information about each activity type, see [AUTOTITLE](/webhooks-and-events/webhooks/webhook-events-and-payloads#pull_request). By default, a workflow only runs when a `pull_request` event's activity type is `opened`, `synchronize`, or `reopened`. To trigger workflows by different activity types, use the `types` keyword. For more information, see [AUTOTITLE](/actions/using-workflows/workflow-syntax-for-github-actions#onevent_nametypes). +> * {% data reusables.developer-site.multiple_activity_types %} For information about each activity type, see [AUTOTITLE](/webhooks/webhook-events-and-payloads#pull_request). By default, a workflow only runs when a `pull_request` event's activity type is `opened`, `synchronize`, or `reopened`. To trigger workflows by different activity types, use the `types` keyword. For more information, see [AUTOTITLE](/actions/reference/workflows-and-actions/workflow-syntax#onevent_nametypes). > * Workflows will not run on `pull_request` activity if the pull request has a merge conflict. The merge conflict must be resolved first. Conversely, workflows with the `pull_request_target` event will run even if the pull request has a merge conflict. Before using the `pull_request_target` trigger, you should be aware of the security risks. For more information, see [`pull_request_target`](#pull_request_target). > * The `pull_request` webhook event payload is empty for merged pull requests and pull requests that come from forked repositories.{% ifversion actions-github-token-pull-request-approval %} > * When a pull request is created or updated by a workflow using `GITHUB_TOKEN`, `pull_request` events with the `opened`, `synchronize`, or `reopened` activity types create workflow runs that require approval. A user with write access to the repository can approve these runs from the pull request page. With the exception of `workflow_dispatch` and `repository_dispatch`, other `GITHUB_TOKEN`-triggered events do not create workflow runs at all.{% endif %} @@ -496,7 +496,7 @@ jobs: ### Running your `pull_request` workflow based on the head or base branch of a pull request -You can use the `branches` or `branches-ignore` filter to configure your workflow to only run on pull requests that target specific branches. For more information, see [AUTOTITLE](/actions/using-workflows/workflow-syntax-for-github-actions#onpull_requestpull_request_targetbranchesbranches-ignore). +You can use the `branches` or `branches-ignore` filter to configure your workflow to only run on pull requests that target specific branches. For more information, see [AUTOTITLE](/actions/reference/workflows-and-actions/workflow-syntax#onpull_requestpull_request_targetbranchesbranches-ignore). For example, this workflow will run when someone opens a pull request that targets a branch whose name starts with `releases/`: @@ -540,7 +540,7 @@ jobs: ### Running your `pull_request` workflow based on files changed in a pull request -You can also configure your workflow to run when a pull request changes specific files. For more information, see [AUTOTITLE](/actions/using-workflows/workflow-syntax-for-github-actions#onpushpull_requestpull_request_targetpathspaths-ignore). +You can also configure your workflow to run when a pull request changes specific files. For more information, see [AUTOTITLE](/actions/reference/workflows-and-actions/workflow-syntax#onpushpull_requestpull_request_targetpathspaths-ignore). For example, this workflow will run when a pull request includes a change to a JavaScript file (`.js`): @@ -594,10 +594,10 @@ To run your workflow when a comment on a pull request (not on a pull request's d | Webhook event payload | Activity types | `GITHUB_SHA` | `GITHUB_REF` | | --------------------- | -------------- | ------------ | -------------| -| [`pull_request_review`](/webhooks-and-events/webhooks/webhook-events-and-payloads#pull_request_review) | - `submitted`
- `edited`
- `dismissed` | Last merge commit on the `GITHUB_REF` branch | PR merge branch `refs/pull/PULL_REQUEST_NUMBER/merge` | +| [`pull_request_review`](/webhooks/webhook-events-and-payloads#pull_request_review) | - `submitted`
- `edited`
- `dismissed` | Last merge commit on the `GITHUB_REF` branch | PR merge branch `refs/pull/PULL_REQUEST_NUMBER/merge` | > [!NOTE] -> {% data reusables.developer-site.multiple_activity_types %} For information about each activity type, see [AUTOTITLE](/webhooks-and-events/webhooks/webhook-events-and-payloads#pull_request_review). {% data reusables.developer-site.limit_workflow_to_activity_types %} +> {% data reusables.developer-site.multiple_activity_types %} For information about each activity type, see [AUTOTITLE](/webhooks/webhook-events-and-payloads#pull_request_review). {% data reusables.developer-site.limit_workflow_to_activity_types %} Runs your workflow when a pull request review is submitted, edited, or dismissed. A pull request review is a group of pull request review comments in addition to a body comment and a state. For activity related to pull request review comments or pull request comments, use the [`pull_request_review_comment`](#pull_request_review_comment) or [`issue_comment`](#issue_comment) events instead. For information about the pull request review APIs, see [AUTOTITLE](/graphql/reference/pulls#object-pullrequest) in the GraphQL API documentation or [AUTOTITLE](/rest/pulls#reviews). @@ -632,10 +632,10 @@ jobs: | Webhook event payload | Activity types | `GITHUB_SHA` | `GITHUB_REF` | | --------------------- | -------------- | ------------ | -------------| -| [`pull_request_review_comment`](/webhooks-and-events/webhooks/webhook-events-and-payloads#pull_request_review_comment) | - `created`
- `edited`
- `deleted`| Last merge commit on the `GITHUB_REF` branch | PR merge branch `refs/pull/PULL_REQUEST_NUMBER/merge` | +| [`pull_request_review_comment`](/webhooks/webhook-events-and-payloads#pull_request_review_comment) | - `created`
- `edited`
- `deleted`| Last merge commit on the `GITHUB_REF` branch | PR merge branch `refs/pull/PULL_REQUEST_NUMBER/merge` | > [!NOTE] -> {% data reusables.developer-site.multiple_activity_types %} For information about each activity type, see [AUTOTITLE](/webhooks-and-events/webhooks/webhook-events-and-payloads#pull_request_review_comment). {% data reusables.developer-site.limit_workflow_to_activity_types %} +> {% data reusables.developer-site.multiple_activity_types %} For information about each activity type, see [AUTOTITLE](/webhooks/webhook-events-and-payloads#pull_request_review_comment). {% data reusables.developer-site.limit_workflow_to_activity_types %} Runs your workflow when a pull request review comment is modified. A pull request review comment is a comment on a pull request's diff. For activity related to pull request reviews or pull request comments, use the [`pull_request_review`](#pull_request_review) or [`issue_comment`](#issue_comment) events instead. For information about the pull request review comment APIs, see [AUTOTITLE](/graphql/reference/pulls#object-pullrequestreviewcomment) in the GraphQL API documentation or [AUTOTITLE](/rest/pulls#comments). @@ -654,13 +654,13 @@ on: | Webhook event payload | Activity types | `GITHUB_SHA` | `GITHUB_REF` | | --------------------- | -------------- | ------------ | -------------| | {% ifversion ghes < 3.20 %} | -| [`pull_request`](/webhooks-and-events/webhooks/webhook-events-and-payloads#pull_request) | - `assigned`
- `unassigned`
- `labeled`
- `unlabeled`
- `opened`
- `edited`
- `closed`
- `reopened`
- `synchronize`
- `converted_to_draft`
- `ready_for_review`
- `locked`
- `unlocked`
{% ifversion fpt or ghec %}- `enqueued`
- `dequeued`
{% endif %}- `review_requested`
- `review_request_removed`
- `auto_merge_enabled`
- `auto_merge_disabled` | Last commit on the PR base branch | PR base branch | +| [`pull_request`](/webhooks/webhook-events-and-payloads#pull_request) | - `assigned`
- `unassigned`
- `labeled`
- `unlabeled`
- `opened`
- `edited`
- `closed`
- `reopened`
- `synchronize`
- `converted_to_draft`
- `ready_for_review`
- `locked`
- `unlocked`
{% ifversion fpt or ghec %}- `enqueued`
- `dequeued`
{% endif %}- `review_requested`
- `review_request_removed`
- `auto_merge_enabled`
- `auto_merge_disabled` | Last commit on the PR base branch | PR base branch | | {% else %} | -| [`pull_request`](/webhooks-and-events/webhooks/webhook-events-and-payloads#pull_request) | {% data reusables.actions.workflow-triggers-pull-request-activity-types %} | Last commit on default branch | Default branch | +| [`pull_request`](/webhooks/webhook-events-and-payloads#pull_request) | {% data reusables.actions.workflow-triggers-pull-request-activity-types %} | Last commit on default branch | Default branch | | {% endif %} | > [!NOTE] -> {% data reusables.developer-site.multiple_activity_types %} For information about each activity type, see [AUTOTITLE](/webhooks-and-events/webhooks/webhook-events-and-payloads#pull_request). By default, a workflow only runs when a `pull_request_target` event's activity type is `opened`, `synchronize`, or `reopened`. To trigger workflows by different activity types, use the `types` keyword. For more information, see [AUTOTITLE](/actions/using-workflows/workflow-syntax-for-github-actions#onevent_nametypes). +> {% data reusables.developer-site.multiple_activity_types %} For information about each activity type, see [AUTOTITLE](/webhooks/webhook-events-and-payloads#pull_request). By default, a workflow only runs when a `pull_request_target` event's activity type is `opened`, `synchronize`, or `reopened`. To trigger workflows by different activity types, use the `types` keyword. For more information, see [AUTOTITLE](/actions/reference/workflows-and-actions/workflow-syntax#onevent_nametypes). Runs your workflow when activity on a pull request in the workflow's repository occurs. For example, if no activity types are specified, the workflow runs when a pull request is opened or reopened or when the head branch of the pull request is updated. @@ -680,7 +680,7 @@ on: ### Running your `pull_request_target` workflow based on the head or base branch of a pull request -You can use the `branches` or `branches-ignore` filter to configure your workflow to only run on pull requests that target specific branches. For more information, see [AUTOTITLE](/actions/using-workflows/workflow-syntax-for-github-actions#onpull_requestpull_request_targetbranchesbranches-ignore). +You can use the `branches` or `branches-ignore` filter to configure your workflow to only run on pull requests that target specific branches. For more information, see [AUTOTITLE](/actions/reference/workflows-and-actions/workflow-syntax#onpull_requestpull_request_targetbranchesbranches-ignore). For example, this workflow will run when someone opens a pull request that targets a branch whose name starts with `releases/`: @@ -724,7 +724,7 @@ jobs: ### Running your `pull_request_target` workflow based on files changed in a pull request -You can use the `paths` or `paths-ignore` filter to configure your workflow to run when a pull request changes specific files. For more information, see [AUTOTITLE](/actions/using-workflows/workflow-syntax-for-github-actions#onpushpull_requestpull_request_targetpathspaths-ignore). +You can use the `paths` or `paths-ignore` filter to configure your workflow to run when a pull request changes specific files. For more information, see [AUTOTITLE](/actions/reference/workflows-and-actions/workflow-syntax#onpushpull_requestpull_request_targetpathspaths-ignore). For example, this workflow will run when a pull request includes a change to a JavaScript file (`.js`): @@ -772,7 +772,7 @@ jobs: | Webhook event payload | Activity types | `GITHUB_SHA` | `GITHUB_REF` | | --------------------- | -------------- | ------------ | -------------| -| [`push`](/webhooks-and-events/webhooks/webhook-events-and-payloads#push) | Not applicable | Tip commit pushed to the ref. When you delete a branch, the SHA in the workflow run (and its associated refs) reverts to the default branch of the repository. | Updated ref | +| [`push`](/webhooks/webhook-events-and-payloads#push) | Not applicable | Tip commit pushed to the ref. When you delete a branch, the SHA in the workflow run (and its associated refs) reverts to the default branch of the repository. | Updated ref | > [!NOTE] > * The webhook payload available to GitHub Actions does not include the `added`, `removed`, and `modified` attributes in the `commit` object. You can retrieve the full commit object using the API. For information, see [AUTOTITLE](/graphql/reference/commits#object-commit) in the GraphQL API documentation or [AUTOTITLE](/rest/commits#get-a-commit). @@ -792,7 +792,7 @@ on: ### Running your workflow only when a push to specific branches occurs -You can use the `branches` or `branches-ignore` filter to configure your workflow to only run when specific branches are pushed. For more information, see [AUTOTITLE](/actions/using-workflows/workflow-syntax-for-github-actions#onpushbranchestagsbranches-ignoretags-ignore). +You can use the `branches` or `branches-ignore` filter to configure your workflow to only run when specific branches are pushed. For more information, see [AUTOTITLE](/actions/reference/workflows-and-actions/workflow-syntax#onpushbranchestagsbranches-ignoretags-ignore). For example, this workflow will run when someone pushes to `main` or to a branch that starts with `releases/`. @@ -818,7 +818,7 @@ on: ### Running your workflow only when a push of specific tags occurs -You can use the `tags` or `tags-ignore` filter to configure your workflow to only run when specific tags are pushed. For more information, see [AUTOTITLE](/actions/using-workflows/workflow-syntax-for-github-actions#onpushbranchestagsbranches-ignoretags-ignore). +You can use the `tags` or `tags-ignore` filter to configure your workflow to only run when specific tags are pushed. For more information, see [AUTOTITLE](/actions/reference/workflows-and-actions/workflow-syntax#onpushbranchestagsbranches-ignoretags-ignore). For example, this workflow will run when someone pushes a tag that starts with `v1.`. @@ -831,7 +831,7 @@ on: ### Running your workflow only when a push affects specific files -You can use the `paths` or `paths-ignore` filter to configure your workflow to run when a push to specific files occurs. For more information, see [AUTOTITLE](/actions/using-workflows/workflow-syntax-for-github-actions#onpushpull_requestpull_request_targetpathspaths-ignore). +You can use the `paths` or `paths-ignore` filter to configure your workflow to run when a push to specific files occurs. For more information, see [AUTOTITLE](/actions/reference/workflows-and-actions/workflow-syntax#onpushpull_requestpull_request_targetpathspaths-ignore). For example, this workflow will run when someone pushes a change to a JavaScript file (`.js`): @@ -846,10 +846,10 @@ on: | Webhook event payload | Activity types | `GITHUB_SHA` | `GITHUB_REF` | | --------------------- | -------------- | ------------ | -------------| -| [`registry_package`](/webhooks-and-events/webhooks/webhook-events-and-payloads#package) | - `published`
- `updated` | Commit of the published package | Branch or tag of the published package | +| [`registry_package`](/webhooks/webhook-events-and-payloads#package) | - `published`
- `updated` | Commit of the published package | Branch or tag of the published package | > [!NOTE] -> * {% data reusables.developer-site.multiple_activity_types %} For information about each activity type, see [AUTOTITLE](/webhooks-and-events/webhooks/webhook-events-and-payloads#registry_package). {% data reusables.developer-site.limit_workflow_to_activity_types %} +> * {% data reusables.developer-site.multiple_activity_types %} For information about each activity type, see [AUTOTITLE](/webhooks/webhook-events-and-payloads#registry_package). {% data reusables.developer-site.limit_workflow_to_activity_types %} > * {% data reusables.actions.branch-requirement %} > * When pushing multi-architecture container images, this event occurs once per manifest, so you might observe your workflow triggering multiple times. To mitigate this, and only run your workflow job for the event that contains the actual image tag information, use a conditional: > @@ -873,10 +873,10 @@ on: | Webhook event payload | Activity types | `GITHUB_SHA` | `GITHUB_REF` | | --------------------- | -------------- | ------------ | -------------| -| [`release`](/webhooks-and-events/webhooks/webhook-events-and-payloads#release) | - `published`
- `unpublished`
- `created`
- `edited`
- `deleted`
- `prereleased`
- `released` | Last commit in the tagged release | Tag ref of release `refs/tags/` | +| [`release`](/webhooks/webhook-events-and-payloads#release) | - `published`
- `unpublished`
- `created`
- `edited`
- `deleted`
- `prereleased`
- `released` | Last commit in the tagged release | Tag ref of release `refs/tags/` | > [!NOTE] -> * {% data reusables.developer-site.multiple_activity_types %} For information about each activity type, see [AUTOTITLE](/webhooks-and-events/webhooks/webhook-events-and-payloads#release). {% data reusables.developer-site.limit_workflow_to_activity_types %} +> * {% data reusables.developer-site.multiple_activity_types %} For information about each activity type, see [AUTOTITLE](/webhooks/webhook-events-and-payloads#release). {% data reusables.developer-site.limit_workflow_to_activity_types %} > * Workflows are not triggered for the `created`, `edited`, or `deleted` activity types for draft releases. When you create your release through the {% data variables.product.github %} UI, your release may automatically be saved as a draft. > * The `prereleased` type will not trigger for pre-releases published from draft releases, but the `published` type will trigger. If you want a workflow to run when stable _and_ pre-releases publish, subscribe to `published` instead of `released` and `prereleased`. @@ -894,12 +894,12 @@ on: | Webhook event payload | Activity types | `GITHUB_SHA` | `GITHUB_REF` | | ------------------ | ------------ | ------------ | ------------------| -| [repository_dispatch](/webhooks-and-events/webhooks/webhook-events-and-payloads#repository_dispatch) | Custom | Last commit on default branch | Default branch | +| [repository_dispatch](/webhooks/webhook-events-and-payloads#repository_dispatch) | Custom | Last commit on default branch | Default branch | > [!NOTE] > {% data reusables.actions.branch-requirement %} -You can use the {% data variables.product.github %} API to trigger a webhook event called [`repository_dispatch`](/webhooks-and-events/webhooks/webhook-events-and-payloads#repository_dispatch) when you want to trigger a workflow for activity that happens outside of {% data variables.product.github %}. For more information, see [AUTOTITLE](/rest/repos/repos#create-a-repository-dispatch-event). +You can use the {% data variables.product.github %} API to trigger a webhook event called [`repository_dispatch`](/webhooks/webhook-events-and-payloads#repository_dispatch) when you want to trigger a workflow for activity that happens outside of {% data variables.product.github %}. For more information, see [AUTOTITLE](/rest/repos/repos#create-a-repository-dispatch-event). When you make a request to create a `repository_dispatch` event, you must specify an `event_type` to describe the activity type. By default, all `repository_dispatch` activity types trigger a workflow to run. You can use the `types` keyword to limit your workflow to run when a specific `event_type` value is sent in the `repository_dispatch` webhook payload. @@ -980,7 +980,7 @@ Certain repository events change the `actor` associated with the workflow. For e For a deactivated scheduled workflow, if a user with `write` permissions to the repository makes a commit that changes the `cron` schedule on the workflow, the workflow will be reactivated, and that user will become the `actor` associated with any workflow runs. -Notifications for scheduled workflows are sent to the user who last modified the cron syntax in the workflow file. For more information, see [AUTOTITLE](/actions/monitoring-and-troubleshooting-workflows/notifications-for-workflow-runs). +Notifications for scheduled workflows are sent to the user who last modified the cron syntax in the workflow file. For more information, see [AUTOTITLE](/actions/concepts/workflows-and-actions/notifications-for-workflow-runs). > [!NOTE] > For an enterprise with {% data variables.product.prodname_emus %}, triggering a scheduled workflow requires that the status of the `actor` user account associated with the workflow is currently active (i.e. not suspended or deleted). @@ -992,7 +992,7 @@ Notifications for scheduled workflows are sent to the user who last modified the | Webhook event payload | Activity types | `GITHUB_SHA` | `GITHUB_REF` | | --------------------- | -------------- | ------------ | -------------| -| [`status`](/webhooks-and-events/webhooks/webhook-events-and-payloads#status) | Not applicable | Last commit on default branch | Default branch | +| [`status`](/webhooks/webhook-events-and-payloads#status) | Not applicable | Last commit on default branch | Default branch | > [!NOTE] > {% data reusables.actions.branch-requirement %} @@ -1028,10 +1028,10 @@ jobs: | Webhook event payload | Activity types | `GITHUB_SHA` | `GITHUB_REF` | | --------------------- | -------------- | ------------ | -------------| -| [`watch`](/webhooks-and-events/webhooks/webhook-events-and-payloads#watch) | - `started` | Last commit on default branch | Default branch | +| [`watch`](/webhooks/webhook-events-and-payloads#watch) | - `started` | Last commit on default branch | Default branch | > [!NOTE] -> * {% data reusables.developer-site.multiple_activity_types %} Although only the `started` activity type is supported, specifying the activity type will keep your workflow specific if more activity types are added in the future. For information about each activity type, see [AUTOTITLE](/webhooks-and-events/webhooks/webhook-events-and-payloads#watch). {% data reusables.developer-site.limit_workflow_to_activity_types %} +> * {% data reusables.developer-site.multiple_activity_types %} Although only the `started` activity type is supported, specifying the activity type will keep your workflow specific if more activity types are added in the future. For information about each activity type, see [AUTOTITLE](/webhooks/webhook-events-and-payloads#watch). {% data reusables.developer-site.limit_workflow_to_activity_types %} > * {% data reusables.actions.branch-requirement %} Runs your workflow when the workflow's repository is starred. For information about the pull request APIs, see [AUTOTITLE](/graphql/reference/activity#mutation-addstar) in the GraphQL API documentation or [AUTOTITLE](/rest/activity/starring). @@ -1050,7 +1050,7 @@ on: | ------------------ | ------------ | ------------ | ------------------| | Same as the caller workflow | Not applicable | Same as the caller workflow | Same as the caller workflow | -`workflow_call` is used to indicate that a workflow can be called by another workflow. When a workflow is triggered with the `workflow_call` event, the event payload in the called workflow is the same event payload from the calling workflow. For more information see, [AUTOTITLE](/actions/using-workflows/reusing-workflows). +`workflow_call` is used to indicate that a workflow can be called by another workflow. When a workflow is triggered with the `workflow_call` event, the event payload in the called workflow is the same event payload from the calling workflow. For more information, see [AUTOTITLE](/actions/how-tos/reuse-automations/reuse-workflows). The example below only runs the workflow when it's called from another workflow: @@ -1062,12 +1062,12 @@ on: workflow_call | Webhook event payload | Activity types | `GITHUB_SHA` | `GITHUB_REF` | | ------------------ | ------------ | ------------ | ------------------| -| [workflow_dispatch](/webhooks-and-events/webhooks/webhook-events-and-payloads#workflow_dispatch) | Not applicable | Last commit on the `GITHUB_REF` branch or tag | Branch or tag that received dispatch | +| [workflow_dispatch](/webhooks/webhook-events-and-payloads#workflow_dispatch) | Not applicable | Last commit on the `GITHUB_REF` branch or tag | Branch or tag that received dispatch | > [!NOTE] > {% data reusables.actions.branch-requirement %} -To enable a workflow to be triggered manually, you need to configure the `workflow_dispatch` event. You can manually trigger a workflow run using the {% data variables.product.github %} API, {% data variables.product.prodname_cli %}, or the {% data variables.product.github %} UI. For more information, see [AUTOTITLE](/actions/managing-workflow-runs/manually-running-a-workflow). +To enable a workflow to be triggered manually, you need to configure the `workflow_dispatch` event. You can manually trigger a workflow run using the {% data variables.product.github %} API, {% data variables.product.prodname_cli %}, or the {% data variables.product.github %} UI. For more information, see [AUTOTITLE](/actions/how-tos/manage-workflow-runs/manually-run-a-workflow). ```yaml on: workflow_dispatch @@ -1075,7 +1075,7 @@ on: workflow_dispatch ### Providing inputs -You can configure custom-defined input properties, default input values, and required inputs for the event directly in your workflow. When you trigger the event, you can provide the `ref` and any `inputs`. When the workflow runs, you can access the input values in the `inputs` context. For more information, see [AUTOTITLE](/actions/learn-github-actions/contexts). +You can configure custom-defined input properties, default input values, and required inputs for the event directly in your workflow. When you trigger the event, you can provide the `ref` and any `inputs`. When the workflow runs, you can access the input values in the `inputs` context. For more information, see [AUTOTITLE](/actions/reference/workflows-and-actions/contexts). {% data reusables.actions.inputs-vs-github-event-inputs %} @@ -1127,16 +1127,16 @@ You can also pass inputs when you run a workflow from a script, or by using {% d gh workflow run run-tests.yml -f logLevel=warning -f tags=false -f environment=staging ``` -For more information, see the {% data variables.product.prodname_cli %} information in [AUTOTITLE](/actions/managing-workflow-runs/manually-running-a-workflow). +For more information, see the {% data variables.product.prodname_cli %} information in [AUTOTITLE](/actions/how-tos/manage-workflow-runs/manually-run-a-workflow). ## `workflow_run` | Webhook event payload | Activity types | `GITHUB_SHA` | `GITHUB_REF` | | --------------------- | -------------- | ------------ | -------------| -| [`workflow_run`](/webhooks-and-events/webhooks/webhook-events-and-payloads#workflow_run) | - `completed`
- `requested`
- `in_progress` | Last commit on default branch | Default branch | +| [`workflow_run`](/webhooks/webhook-events-and-payloads#workflow_run) | - `completed`
- `requested`
- `in_progress` | Last commit on default branch | Default branch | > [!NOTE] -> * {% data reusables.developer-site.multiple_activity_types %} The `requested` activity type does not occur when a workflow is re-run. For information about each activity type, see [AUTOTITLE](/webhooks-and-events/webhooks/webhook-events-and-payloads#workflow_run). {% data reusables.developer-site.limit_workflow_to_activity_types %} +> * {% data reusables.developer-site.multiple_activity_types %} The `requested` activity type does not occur when a workflow is re-run. For information about each activity type, see [AUTOTITLE](/webhooks/webhook-events-and-payloads#workflow_run). {% data reusables.developer-site.limit_workflow_to_activity_types %} > * {% data reusables.actions.branch-requirement %} > * You can't use `workflow_run` to chain together more than three levels of workflows. For example, if you attempt to trigger five workflows (named `B` to `F`) to run sequentially after an initial workflow `A` has run (that is: `A` → `B` → `C` → `D` → `E` → `F`), workflows `E` and `F` will not be run. @@ -1189,7 +1189,7 @@ jobs: ### Limiting your workflow to run based on branches -You can use the `branches` or `branches-ignore` filter to specify what branches the triggering workflow must run on in order to trigger your workflow. For more information, see [AUTOTITLE](/actions/using-workflows/workflow-syntax-for-github-actions#onworkflow_runbranchesbranches-ignore). For example, a workflow with the following trigger will only run when the workflow named `Build` runs on a branch named `canary`. +You can use the `branches` or `branches-ignore` filter to specify what branches the triggering workflow must run on in order to trigger your workflow. For more information, see [AUTOTITLE](/actions/reference/workflows-and-actions/workflow-syntax#onworkflow_runbranchesbranches-ignore). For example, a workflow with the following trigger will only run when the workflow named `Build` runs on a branch named `canary`. ```yaml on: @@ -1201,7 +1201,7 @@ on: ### Using data from the triggering workflow -You can access the [`workflow_run` event payload](/webhooks-and-events/webhooks/webhook-events-and-payloads#workflow_run) that corresponds to the workflow that triggered your workflow. For example, if your triggering workflow generates artifacts, a workflow triggered with the `workflow_run` event can access these artifacts. +You can access the [`workflow_run` event payload](/webhooks/webhook-events-and-payloads#workflow_run) that corresponds to the workflow that triggered your workflow. For example, if your triggering workflow generates artifacts, a workflow triggered with the `workflow_run` event can access these artifacts. The following workflow uploads data as an artifact. (In this simplified example, the data is the pull request number.) diff --git a/content/actions/reference/workflows-and-actions/expressions.md b/content/actions/reference/workflows-and-actions/expressions.md index 0064a4343857..ddbb3a5835cd 100644 --- a/content/actions/reference/workflows-and-actions/expressions.md +++ b/content/actions/reference/workflows-and-actions/expressions.md @@ -66,7 +66,7 @@ env: > [!NOTE] > * {% data variables.product.company_short %} ignores case when comparing strings. - > * `steps..outputs.` evaluates as a string. {% data reusables.actions.expressions-syntax-evaluation %} For more information, see [AUTOTITLE](/actions/learn-github-actions/contexts#steps-context). + > * `steps..outputs.` evaluates as a string. {% data reusables.actions.expressions-syntax-evaluation %} For more information, see [AUTOTITLE](/actions/reference/workflows-and-actions/contexts#steps-context). > * For numerical comparison, the `fromJSON()` function can be used to convert a string to a number. For more information on the `fromJSON()` function, see [fromJSON](#fromjson). {% data variables.product.prodname_dotcom %} performs loose equality comparisons. @@ -315,9 +315,9 @@ Sets `MY_ENV_VAR` based on the branch: `production` for `main`, `staging` for `s ## Status check functions -You can use the following status check functions as expressions in `if` conditionals. A default status check of `success()` is applied unless you include one of these functions. For more information about `if` conditionals, see [AUTOTITLE](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idif) and [AUTOTITLE](/actions/creating-actions/metadata-syntax-for-github-actions#runsstepsif). +You can use the following status check functions as expressions in `if` conditionals. A default status check of `success()` is applied unless you include one of these functions. For more information about `if` conditionals, see [AUTOTITLE](/actions/reference/workflows-and-actions/workflow-syntax#jobsjob_idif) and [AUTOTITLE](/actions/reference/workflows-and-actions/metadata-syntax#runsstepsif). -Outside `if` conditionals, you can use `job.status` to access the job status. For more information, see [AUTOTITLE](/actions/reference/contexts-reference#job-context). +Outside `if` conditionals, you can use `job.status` to access the job status. For more information, see [AUTOTITLE](/actions/reference/workflows-and-actions/contexts#job-context). ### success diff --git a/content/actions/reference/workflows-and-actions/metadata-syntax.md b/content/actions/reference/workflows-and-actions/metadata-syntax.md index 9c5aa7b478b8..03b372a8d5df 100644 --- a/content/actions/reference/workflows-and-actions/metadata-syntax.md +++ b/content/actions/reference/workflows-and-actions/metadata-syntax.md @@ -46,7 +46,7 @@ This example configures two inputs: `num-octocats` and `octocat-eye-color`. The > [!NOTE] > Actions using `required: true` will not automatically return an error if the input is not specified. -Workflow files that use this action can use the `with` keyword to set an input value for `octocat-eye-color`. For more information about the `with` syntax, see [AUTOTITLE](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepswith). +Workflow files that use this action can use the `with` keyword to set an input value for `octocat-eye-color`. For more information about the `with` syntax, see [AUTOTITLE](/actions/reference/workflows-and-actions/workflow-syntax#jobsjob_idstepswith). ```yaml inputs: @@ -61,9 +61,9 @@ inputs: When you specify an input, {% data variables.product.prodname_dotcom %} creates an environment variable for the input with the name `INPUT_`. The environment variable created converts input names to uppercase letters and replaces spaces with `_` characters. -If the action is written using a [composite](/actions/creating-actions/creating-a-composite-action), then it will not automatically get `INPUT_`. With composite actions you can use `inputs` [AUTOTITLE](/actions/learn-github-actions/contexts) to access action inputs. +If the action is written using a [composite](/actions/tutorials/create-actions/create-a-composite-action), then it will not automatically get `INPUT_`. With composite actions you can use the [`inputs` context](/actions/reference/workflows-and-actions/contexts#inputs-context) to access action inputs. -To access the environment variable in a Docker container action, you must pass the input using the `args` keyword in the action metadata file. For more information about the action metadata file for Docker container actions, see [AUTOTITLE](/actions/creating-actions/creating-a-docker-container-action#creating-an-action-metadata-file). +To access the environment variable in a Docker container action, you must pass the input using the `args` keyword in the action metadata file. For more information about the action metadata file for Docker container actions, see [AUTOTITLE](/actions/tutorials/use-containerized-services/create-a-docker-container-action#creating-an-action-metadata-file). For example, if a workflow defined the `num-octocats` and `octocat-eye-color` inputs, the action code could read the values of the inputs using the `INPUT_NUM-OCTOCATS` and `INPUT_OCTOCAT-EYE-COLOR` environment variables. @@ -93,7 +93,7 @@ For example, if a workflow defined the `num-octocats` and `octocat-eye-color` in {% data reusables.actions.output-limitations %} -If you don't declare an output in your action metadata file, you can still set outputs and use them in a workflow. For more information on setting outputs in an action, see [AUTOTITLE](/actions/using-workflows/workflow-commands-for-github-actions#setting-an-output-parameter). +If you don't declare an output in your action metadata file, you can still set outputs and use them in a workflow. For more information on setting outputs in an action, see [AUTOTITLE](/actions/reference/workflows-and-actions/workflow-commands#setting-an-output-parameter). ### Example: Declaring outputs for Docker container and JavaScript actions @@ -140,7 +140,7 @@ runs: **Required** The value that the output parameter will be mapped to. You can set this to a `string` or an expression with context. For example, you can use the `steps` context to set the `value` of an output to the output value of a step. -For more information on how to use context syntax, see [AUTOTITLE](/actions/learn-github-actions/contexts). +For more information on how to use context syntax, see [AUTOTITLE](/actions/reference/workflows-and-actions/contexts). ## `runs` @@ -263,17 +263,17 @@ runs: shell: bash ``` -For more information, see [AUTOTITLE](/actions/learn-github-actions/contexts#github-context). +For more information, see [AUTOTITLE](/actions/reference/workflows-and-actions/contexts#github-context). #### `runs.steps[*].shell` -**Optional** The shell where you want to run the command. You can use any of the shells listed in [AUTOTITLE](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsshell). Required if `run` is set. +**Optional** The shell where you want to run the command. You can use any of the shells listed in [AUTOTITLE](/actions/reference/workflows-and-actions/workflow-syntax#jobsjob_idstepsshell). Required if `run` is set. #### `runs.steps[*].if` **Optional** You can use the `if` conditional to prevent a step from running unless a condition is met. You can use any supported context and expression to create a conditional. -{% data reusables.actions.expression-syntax-if %} For more information, see [AUTOTITLE](/actions/learn-github-actions/expressions). +{% data reusables.actions.expression-syntax-if %} For more information, see [AUTOTITLE](/actions/reference/workflows-and-actions/expressions). **Example: Using contexts** @@ -287,7 +287,7 @@ steps: **Example: Using status check functions** -The `my backup step` only runs when the previous step of a composite action fails. For more information, see [AUTOTITLE](/actions/learn-github-actions/expressions#status-check-functions). +The `my backup step` only runs when the previous step of a composite action fails. For more information, see [AUTOTITLE](/actions/reference/workflows-and-actions/expressions#status-check-functions). ```yaml steps: @@ -304,7 +304,7 @@ steps: #### `runs.steps[*].id` -**Optional** A unique identifier for the step. You can use the `id` to reference the step in contexts. For more information, see [AUTOTITLE](/actions/learn-github-actions/contexts). +**Optional** A unique identifier for the step. You can use the `id` to reference the step in contexts. For more information, see [AUTOTITLE](/actions/reference/workflows-and-actions/contexts). #### `runs.steps[*].env` @@ -323,7 +323,7 @@ We strongly recommend that you include the version of the action you are using b * Using the specific major action version allows you to receive critical fixes and security patches while still maintaining compatibility. It also assures that your workflow should still work. * Using the default branch of an action may be convenient, but if someone releases a new major version with a breaking change, your workflow could break. -Some actions require inputs that you must set using the [`with`](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepswith) keyword. Review the action's README file to determine the inputs required. +Some actions require inputs that you must set using the [`with`](/actions/reference/workflows-and-actions/workflow-syntax#jobsjob_idstepswith) keyword. Review the action's README file to determine the inputs required. ```yaml runs: @@ -421,7 +421,7 @@ runs: **Optional** Overrides the Docker `ENTRYPOINT` in the `Dockerfile`, or sets it if one wasn't already specified. Use `entrypoint` when the `Dockerfile` does not specify an `ENTRYPOINT` or you want to override the `ENTRYPOINT` instruction. If you omit `entrypoint`, the commands you specify in the Docker `ENTRYPOINT` instruction will execute. The Docker `ENTRYPOINT` instruction has a _shell_ form and _exec_ form. The Docker `ENTRYPOINT` documentation recommends using the _exec_ form of the `ENTRYPOINT` instruction. -For more information about how the `entrypoint` executes, see [AUTOTITLE](/actions/creating-actions/dockerfile-support-for-github-actions#entrypoint). +For more information about how the `entrypoint` executes, see [AUTOTITLE](/actions/reference/workflows-and-actions/dockerfile-support#entrypoint). ### `runs.post-entrypoint` @@ -447,7 +447,7 @@ The `args` are used in place of the `CMD` instruction in a `Dockerfile`. If you If you need to pass environment variables into an action, make sure your action runs a command shell to perform variable substitution. For example, if your `entrypoint` attribute is set to `"sh -c"`, `args` will be run in a command shell. Alternatively, if your `Dockerfile` uses an `ENTRYPOINT` to run the same command (`"sh -c"`), `args` will execute in a command shell. -For more information about using the `CMD` instruction with {% data variables.product.prodname_actions %}, see [AUTOTITLE](/actions/creating-actions/dockerfile-support-for-github-actions#cmd). +For more information about using the `CMD` instruction with {% data variables.product.prodname_actions %}, see [AUTOTITLE](/actions/reference/workflows-and-actions/dockerfile-support#cmd). #### Example: Defining arguments for the Docker container diff --git a/content/actions/reference/workflows-and-actions/reusing-workflow-configurations.md b/content/actions/reference/workflows-and-actions/reusing-workflow-configurations.md index c1a247229fc3..915a229e4188 100644 --- a/content/actions/reference/workflows-and-actions/reusing-workflow-configurations.md +++ b/content/actions/reference/workflows-and-actions/reusing-workflow-configurations.md @@ -28,8 +28,8 @@ A reusable workflow can be used by another workflow if any of the following is t You cannot directly use reusable workflows defined on {% data variables.product.prodname_dotcom_the_website %}. Instead store a copy of the reusable workflow on {% data variables.location.product_location %}, and call the workflow from that path. {% elsif actions-workflow-policy %}, and your {% ifversion ghec %}enterprise{% else %}organization{% endif %} allows you to use public reusable workflows.{% endif %}{% ifversion ghes or ghec %} -* The called workflow is stored in an internal repository and the settings for that repository allow it to be accessed. For more information, see [AUTOTITLE](/actions/creating-actions/sharing-actions-and-workflows-with-your-enterprise).{% endif %} -* The called workflow is stored in a private repository and the settings for that repository allow it to be accessed. For more information, see {% ifversion ghes or ghec %}[AUTOTITLE](/actions/creating-actions/sharing-actions-and-workflows-with-your-enterprise).{% else %}[AUTOTITLE](/actions/creating-actions/sharing-actions-and-workflows-with-your-organization) and [AUTOTITLE](/actions/creating-actions/sharing-actions-and-workflows-from-your-private-repository).{% endif %} +* The called workflow is stored in an internal repository and the settings for that repository allow it to be accessed. For more information, see [AUTOTITLE](/actions/how-tos/reuse-automations/share-with-your-enterprise).{% endif %} +* The called workflow is stored in a private repository and the settings for that repository allow it to be accessed. For more information, see {% ifversion ghes or ghec %}[AUTOTITLE](/actions/how-tos/reuse-automations/share-with-your-enterprise).{% else %}[AUTOTITLE](/actions/how-tos/reuse-automations/share-with-your-organization) and [AUTOTITLE](/actions/how-tos/reuse-automations/share-across-private-repositories).{% endif %} The following table shows the accessibility of reusable workflows to a caller workflow, depending on the visibility of the host repository. @@ -50,36 +50,36 @@ For {% ifversion ghes or ghec %}internal or {% endif %}private repositories, the ### Limitations of reusable workflows -* You can connect up to {% ifversion fpt or ghec %}ten {% else %}four {% endif %}levels of workflows. For more information, see [Nesting reusable workflows](/actions/how-tos/sharing-automations/reuse-workflows#nesting-reusable-workflows). +* You can connect up to {% ifversion fpt or ghec %}ten {% else %}four {% endif %}levels of workflows. For more information, see [Nesting reusable workflows](/actions/how-tos/reuse-automations/reuse-workflows#nesting-reusable-workflows). * You can call a maximum of {% ifversion fpt or ghec %}50 {% else %}20 {% endif %}unique reusable workflows from a single workflow file. This limit includes any trees of nested reusable workflows that may be called starting from your top-level caller workflow file. For example, _top-level-caller-workflow.yml_ → _called-workflow-1.yml_ → _called-workflow-2.yml_ counts as 2 reusable workflows. -* Any environment variables set in an `env` context defined at the workflow level in the caller workflow are not propagated to the called workflow. For more information, see [AUTOTITLE](/actions/learn-github-actions/variables) and [AUTOTITLE](/actions/learn-github-actions/contexts#env-context). -* Similarly, environment variables set in the `env` context, defined in the called workflow, are not accessible in the `env` context of the caller workflow. Instead, you must use outputs of the reusable workflow. For more information, see [Using outputs from a reusable workflow](/actions/how-tos/sharing-automations/reuse-workflows#using-outputs-from-a-reusable-workflow). -* To reuse variables in multiple workflows, set them at the organization, repository, or environment levels and reference them using the `vars` context. For more information see [AUTOTITLE](/actions/learn-github-actions/variables) and [AUTOTITLE](/actions/learn-github-actions/contexts#vars-context). +* Any environment variables set in an `env` context defined at the workflow level in the caller workflow are not propagated to the called workflow. For more information, see [AUTOTITLE](/actions/how-tos/write-workflows/choose-what-workflows-do/use-variables) and [AUTOTITLE](/actions/reference/workflows-and-actions/contexts#env-context). +* Similarly, environment variables set in the `env` context, defined in the called workflow, are not accessible in the `env` context of the caller workflow. Instead, you must use outputs of the reusable workflow. For more information, see [Using outputs from a reusable workflow](/actions/how-tos/reuse-automations/reuse-workflows#using-outputs-from-a-reusable-workflow). +* To reuse variables in multiple workflows, set them at the organization, repository, or environment levels and reference them using the `vars` context. For more information, see [AUTOTITLE](/actions/how-tos/write-workflows/choose-what-workflows-do/use-variables) and [AUTOTITLE](/actions/reference/workflows-and-actions/contexts#vars-context). * Reusable workflows are called directly within a job, and not from within a job step. You cannot, therefore, use `GITHUB_ENV` to pass values to job steps in the caller workflow. ### Supported keywords for jobs that call a reusable workflow When you call a reusable workflow, you can only use the following keywords in the job containing the call: -* [`jobs..name`](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idname) -* [`jobs..uses`](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_iduses) -* [`jobs..with`](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idwith) -* [`jobs..with.`](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idwithinput_id) -* [`jobs..secrets`](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idsecrets) -* [`jobs..secrets.`](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idsecretssecret_id) -* [`jobs..secrets.inherit`](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idsecretsinherit) -* [`jobs..strategy`](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstrategy) -* [`jobs..needs`](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idneeds) -* [`jobs..if`](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idif) -* [`jobs..concurrency`](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idconcurrency) -* [`jobs..permissions`](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idpermissions) +* [`jobs..name`](/actions/reference/workflows-and-actions/workflow-syntax#jobsjob_idname) +* [`jobs..uses`](/actions/reference/workflows-and-actions/workflow-syntax#jobsjob_iduses) +* [`jobs..with`](/actions/reference/workflows-and-actions/workflow-syntax#jobsjob_idwith) +* [`jobs..with.`](/actions/reference/workflows-and-actions/workflow-syntax#jobsjob_idwithinput_id) +* [`jobs..secrets`](/actions/reference/workflows-and-actions/workflow-syntax#jobsjob_idsecrets) +* [`jobs..secrets.`](/actions/reference/workflows-and-actions/workflow-syntax#jobsjob_idsecretssecret_id) +* [`jobs..secrets.inherit`](/actions/reference/workflows-and-actions/workflow-syntax#jobsjob_idsecretsinherit) +* [`jobs..strategy`](/actions/reference/workflows-and-actions/workflow-syntax#jobsjob_idstrategy) +* [`jobs..needs`](/actions/reference/workflows-and-actions/workflow-syntax#jobsjob_idneeds) +* [`jobs..if`](/actions/reference/workflows-and-actions/workflow-syntax#jobsjob_idif) +* [`jobs..concurrency`](/actions/reference/workflows-and-actions/workflow-syntax#jobsjob_idconcurrency) +* [`jobs..permissions`](/actions/reference/workflows-and-actions/workflow-syntax#jobsjob_idpermissions) > [!NOTE] > - > * If `jobs..permissions` is not specified in the calling job, the called workflow will have the default permissions for the `GITHUB_TOKEN`. For more information, see [AUTOTITLE](/actions/reference/workflow-syntax-for-github-actions#permissions). + > * If `jobs..permissions` is not specified in the calling job, the called workflow will have the default permissions for the `GITHUB_TOKEN`. For more information, see [AUTOTITLE](/actions/reference/workflows-and-actions/workflow-syntax#permissions). > * The `GITHUB_TOKEN` permissions passed from the caller workflow can be only downgraded (not elevated) by the called workflow. > * If you use `jobs..concurrency.cancel-in-progress: true`, don't use the same value for `jobs..concurrency.group` in the called and caller workflows as this will cause the workflow that's already running to be cancelled. A called workflow uses the name of its caller workflow in {% raw %}${{ github.workflow }}{% endraw %}, so using this context as the value of `jobs..concurrency.group` in both caller and called workflows will cause the caller workflow to be cancelled when the called workflow runs. @@ -87,7 +87,7 @@ When you call a reusable workflow, you can only use the following keywords in th #### {% data variables.product.github %}-hosted runners -The assignment of {% data variables.product.prodname_dotcom %}-hosted runners is always evaluated using only the caller's context. Billing for {% data variables.product.prodname_dotcom %}-hosted runners is always associated with the caller. The caller workflow cannot use {% data variables.product.prodname_dotcom %}-hosted runners from the called repository. For more information, see [AUTOTITLE](/actions/using-github-hosted-runners/about-github-hosted-runners). +The assignment of {% data variables.product.prodname_dotcom %}-hosted runners is always evaluated using only the caller's context. Billing for {% data variables.product.prodname_dotcom %}-hosted runners is always associated with the caller. The caller workflow cannot use {% data variables.product.prodname_dotcom %}-hosted runners from the called repository. For more information, see [AUTOTITLE](/actions/concepts/runners/github-hosted-runners). #### Self-hosted runners @@ -99,9 +99,9 @@ Called workflows that are owned by the same user or organization{% ifversion ghe A workflow that contains nested reusable workflows will fail if any of the nested workflows is inaccessible to the initial caller workflow. For more information, see [Access to reusable workflows](#access-to-reusable-workflows). -`GITHUB_TOKEN` permissions can only be the same or more restrictive in nested workflows. For example, in the workflow chain A > B > C, if workflow A has `package: read` token permission, then B and C cannot have `package: write` permission. For more information, see [AUTOTITLE](/actions/security-guides/automatic-token-authentication). +`GITHUB_TOKEN` permissions can only be the same or more restrictive in nested workflows. For example, in the workflow chain A > B > C, if workflow A has `package: read` token permission, then B and C cannot have `package: write` permission. For more information, see [AUTOTITLE](/actions/tutorials/authenticate-with-github_token). -For information on how to use the API to determine which workflow files were involved in a particular workflow run, see [AUTOTITLE](/actions/how-tos/sharing-automations/reuse-workflows#monitoring-which-workflows-are-being-used). +For information on how to use the API to determine which workflow files were involved in a particular workflow run, see [AUTOTITLE](/actions/how-tos/reuse-automations/reuse-workflows#monitoring-which-workflows-are-being-used). ### Behavior of reusable workflows when re-running jobs @@ -109,7 +109,7 @@ For information on how to use the API to determine which workflow files were inv ### `github` context -When a reusable workflow is triggered by a caller workflow, the `github` context is always associated with the caller workflow. The called workflow is automatically granted access to `github.token` and `secrets.GITHUB_TOKEN`. For more information about the `github` context, see [AUTOTITLE](/actions/learn-github-actions/contexts#github-context). +When a reusable workflow is triggered by a caller workflow, the `github` context is always associated with the caller workflow. The called workflow is automatically granted access to `github.token` and `secrets.GITHUB_TOKEN`. For more information about the `github` context, see [AUTOTITLE](/actions/reference/workflows-and-actions/contexts#github-context). ## Workflow templates diff --git a/content/actions/reference/workflows-and-actions/variables.md b/content/actions/reference/workflows-and-actions/variables.md index b1562a85754d..49633212b7fc 100644 --- a/content/actions/reference/workflows-and-actions/variables.md +++ b/content/actions/reference/workflows-and-actions/variables.md @@ -23,14 +23,14 @@ The default environment variables that {% data variables.product.prodname_dotcom Because default environment variables are set by {% data variables.product.prodname_dotcom %} and not defined in a workflow, they are not accessible through the `env` context. However, most of the default variables have a corresponding, and similarly named, context property. For example, the value of the `GITHUB_REF` variable can be read during workflow processing using the {% raw %}`${{ github.ref }}`{% endraw %} context property. -{% data reusables.actions.environment-variables-are-fixed %} For more information about setting environment variables, see [AUTOTITLE](/actions/how-tos/writing-workflows/choosing-what-your-workflow-does/store-information-in-variables#defining-environment-variables-for-a-single-workflow) and [AUTOTITLE](/actions/using-workflows/workflow-commands-for-github-actions#setting-an-environment-variable). +{% data reusables.actions.environment-variables-are-fixed %} For more information about setting environment variables, see [AUTOTITLE](/actions/how-tos/write-workflows/choose-what-workflows-do/use-variables#defining-environment-variables-for-a-single-workflow) and [AUTOTITLE](/actions/reference/workflows-and-actions/workflow-commands#setting-an-environment-variable). We strongly recommend that actions use variables to access the filesystem rather than using hardcoded file paths. {% data variables.product.prodname_dotcom %} sets variables for actions to use in all runner environments. | Variable | Description | | ---------|------------ | | `CI` | Always set to `true`. | -| `GITHUB_ACTION` | The name of the action currently running, or the [`id`](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsid) of a step. For example, for an action, `__repo-owner_name-of-action-repo`.

{% data variables.product.prodname_dotcom %} removes special characters, and uses the name `__run` when the current step runs a script without an `id`. If you use the same script or action more than once in the same job, the name will include a suffix that consists of the sequence number preceded by an underscore. For example, the first script you run will have the name `__run`, and the second script will be named `__run_2`. Similarly, the second invocation of `actions/checkout` will be `actionscheckout2`. | +| `GITHUB_ACTION` | The name of the action currently running, or the [`id`](/actions/reference/workflows-and-actions/workflow-syntax#jobsjob_idstepsid) of a step. For example, for an action, `__repo-owner_name-of-action-repo`.

{% data variables.product.prodname_dotcom %} removes special characters, and uses the name `__run` when the current step runs a script without an `id`. If you use the same script or action more than once in the same job, the name will include a suffix that consists of the sequence number preceded by an underscore. For example, the first script you run will have the name `__run`, and the second script will be named `__run_2`. Similarly, the second invocation of `actions/checkout` will be `actionscheckout2`. | | `GITHUB_ACTION_PATH` | The path where an action is located. This property is only supported in composite actions. You can use this path to change directories to where the action is located and access other files in that same repository. For example, `/home/runner/work/_actions/repo-owner/name-of-action-repo/v1`. | | `GITHUB_ACTION_REPOSITORY` | For a step executing an action, this is the owner and repository name of the action. For example, `actions/checkout`. | | `GITHUB_ACTIONS` | Always set to `true` when {% data variables.product.prodname_actions %} is running the workflow. You can use this variable to differentiate when tests are being run locally or by {% data variables.product.prodname_actions %}. | @@ -38,14 +38,14 @@ We strongly recommend that actions use variables to access the filesystem rather | `GITHUB_ACTOR_ID` | {% data reusables.actions.actor_id-description %} | | `GITHUB_API_URL` | Returns the API URL. For example: `{% data variables.product.rest_url %}`. | | `GITHUB_BASE_REF` | The name of the base ref or target branch of the pull request in a workflow run. This is only set when the event that triggers a workflow run is either `pull_request` or `pull_request_target`. For example, `main`. | -| `GITHUB_ENV` | The path on the runner to the file that sets variables from workflow commands. The path to this file is unique to the current step and changes for each step in a job. For example, `/home/runner/work/_temp/_runner_file_commands/set_env_87406d6e-4979-4d42-98e1-3dab1f48b13a`. For more information, see [AUTOTITLE](/actions/using-workflows/workflow-commands-for-github-actions#setting-an-environment-variable). | +| `GITHUB_ENV` | The path on the runner to the file that sets variables from workflow commands. The path to this file is unique to the current step and changes for each step in a job. For example, `/home/runner/work/_temp/_runner_file_commands/set_env_87406d6e-4979-4d42-98e1-3dab1f48b13a`. For more information, see [AUTOTITLE](/actions/reference/workflows-and-actions/workflow-commands#setting-an-environment-variable). | | `GITHUB_EVENT_NAME` | The name of the event that triggered the workflow. For example, `workflow_dispatch`. | | `GITHUB_EVENT_PATH` | The path to the file on the runner that contains the full event webhook payload. For example, `/github/workflow/event.json`. | | `GITHUB_GRAPHQL_URL` | Returns the GraphQL API URL. For example: `{% data variables.product.graphql_url %}`. | | `GITHUB_HEAD_REF` | The head ref or source branch of the pull request in a workflow run. This property is only set when the event that triggers a workflow run is either `pull_request` or `pull_request_target`. For example, `feature-branch-1`. | -| `GITHUB_JOB` | The [job_id](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_id) of the current job. For example, `greeting_job`. | -| `GITHUB_OUTPUT` | The path on the runner to the file that sets the current step's outputs from workflow commands. The path to this file is unique to the current step and changes for each step in a job. For example, `/home/runner/work/_temp/_runner_file_commands/set_output_a50ef383-b063-46d9-9157-57953fc9f3f0`. For more information, see [AUTOTITLE](/actions/using-workflows/workflow-commands-for-github-actions#setting-an-output-parameter). | -| `GITHUB_PATH` | The path on the runner to the file that sets system `PATH` variables from workflow commands. The path to this file is unique to the current step and changes for each step in a job. For example, `/home/runner/work/_temp/_runner_file_commands/add_path_899b9445-ad4a-400c-aa89-249f18632cf5`. For more information, see [AUTOTITLE](/actions/using-workflows/workflow-commands-for-github-actions#adding-a-system-path). | +| `GITHUB_JOB` | The [job_id](/actions/reference/workflows-and-actions/workflow-syntax#jobsjob_id) of the current job. For example, `greeting_job`. | +| `GITHUB_OUTPUT` | The path on the runner to the file that sets the current step's outputs from workflow commands. The path to this file is unique to the current step and changes for each step in a job. For example, `/home/runner/work/_temp/_runner_file_commands/set_output_a50ef383-b063-46d9-9157-57953fc9f3f0`. For more information, see [AUTOTITLE](/actions/reference/workflows-and-actions/workflow-commands#setting-an-output-parameter). | +| `GITHUB_PATH` | The path on the runner to the file that sets system `PATH` variables from workflow commands. The path to this file is unique to the current step and changes for each step in a job. For example, `/home/runner/work/_temp/_runner_file_commands/add_path_899b9445-ad4a-400c-aa89-249f18632cf5`. For more information, see [AUTOTITLE](/actions/reference/workflows-and-actions/workflow-commands#adding-a-system-path). | | `GITHUB_REF` | {% data reusables.actions.ref-description %} | | `GITHUB_REF_NAME` | {% data reusables.actions.ref_name-description %} | | `GITHUB_REF_PROTECTED` | {% data reusables.actions.ref_protected-description %} | @@ -60,7 +60,7 @@ We strongly recommend that actions use variables to access the filesystem rather | `GITHUB_RUN_NUMBER` | {% data reusables.actions.run_number_description %} For example, `3`. | | `GITHUB_SERVER_URL`| The URL of the {% data variables.product.github %} server. For example: `https://{% data variables.product.product_url %}`. | | `GITHUB_SHA` | {% data reusables.actions.github_sha_description %} | -| `GITHUB_STEP_SUMMARY` | The path on the runner to the file that contains job summaries from workflow commands. The path to this file is unique to the current step and changes for each step in a job. For example, `/home/runner/_layout/_work/_temp/_runner_file_commands/step_summary_1cb22d7f-5663-41a8-9ffc-13472605c76c`. For more information, see [AUTOTITLE](/actions/using-workflows/workflow-commands-for-github-actions#adding-a-job-summary). | +| `GITHUB_STEP_SUMMARY` | The path on the runner to the file that contains job summaries from workflow commands. The path to this file is unique to the current step and changes for each step in a job. For example, `/home/runner/_layout/_work/_temp/_runner_file_commands/step_summary_1cb22d7f-5663-41a8-9ffc-13472605c76c`. For more information, see [AUTOTITLE](/actions/reference/workflows-and-actions/workflow-commands#adding-a-job-summary). | | `GITHUB_TRIGGERING_ACTOR` | {% data reusables.actions.github-triggering-actor-description %} | | `GITHUB_WORKFLOW` | The name of the workflow. For example, `My test workflow`. If the workflow file doesn't specify a `name`, the value of this variable is the full path of the workflow file in the repository. | | `GITHUB_WORKFLOW_REF` | {% data reusables.actions.workflow-ref-description %} | @@ -85,7 +85,7 @@ The following rules apply to configuration variable names: ## Naming conventions for environment variables -When you set an environment variable, you cannot use any of the default environment variable names. For a complete list of default environment variables, see [AUTOTITLE](/actions/reference/variables-reference#default-environment-variables) below. If you attempt to override the value of one of these default variables, the assignment is ignored. +When you set an environment variable, you cannot use any of the default environment variable names. For a complete list of default environment variables, see [AUTOTITLE](/actions/reference/workflows-and-actions/variables#default-environment-variables) below. If you attempt to override the value of one of these default variables, the assignment is ignored. > [!NOTE] > You can list the entire set of environment variables that are available to a workflow step by using `run: env` in a step and then examining the output for the step. diff --git a/content/actions/reference/workflows-and-actions/workflow-cancellation.md b/content/actions/reference/workflows-and-actions/workflow-cancellation.md index 406bff4ad963..e6e6bc2e363e 100644 --- a/content/actions/reference/workflows-and-actions/workflow-cancellation.md +++ b/content/actions/reference/workflows-and-actions/workflow-cancellation.md @@ -17,6 +17,6 @@ When canceling a workflow run, you may be running other software that uses resou 1. To cancel the workflow run, the server re-evaluates `if` conditions for all currently running jobs. If the condition evaluates to `true`, the job will not get canceled. For example, the condition `if: always()` would evaluate to true and the job continues to run. When there is no condition, that is the equivalent of the condition `if: success()`, which only runs if the previous step finished successfully. 1. For jobs that need to be canceled, the server sends a cancellation message to all the runner machines with jobs that need to be canceled. -1. For jobs that continue to run, the server re-evaluates `if` conditions for the unfinished steps. If the condition evaluates to `true`, the step continues to run. You can use the `cancelled` expression to apply a status check of `cancelled()`. For more information, see [AUTOTITLE](/actions/reference/evaluate-expressions-in-workflows-and-actions#cancelled). +1. For jobs that continue to run, the server re-evaluates `if` conditions for the unfinished steps. If the condition evaluates to `true`, the step continues to run. You can use the `cancelled` expression to apply a status check of `cancelled()`. For more information, see [AUTOTITLE](/actions/reference/workflows-and-actions/expressions#cancelled). 1. For steps that need to be canceled, the runner machine sends `SIGINT/Ctrl-C` to the step's entry process (`node` for JavaScript actions, `docker` for container actions, and `bash/cmd/pwd` when using `run` in a step). If the process doesn't exit within 7500 ms, the runner will send `SIGTERM/Ctrl-Break` to the process, then wait for 2500 ms for the process to exit. If the process is still running, the runner kills the process tree. 1. After the 5 minute cancellation timeout period, the server will forcibly terminate all jobs and steps marked for cancellation that are still running. diff --git a/content/actions/reference/workflows-and-actions/workflow-commands.md b/content/actions/reference/workflows-and-actions/workflow-commands.md index c4555bb7b54b..bcecf204a181 100644 --- a/content/actions/reference/workflows-and-actions/workflow-commands.md +++ b/content/actions/reference/workflows-and-actions/workflow-commands.md @@ -110,7 +110,7 @@ The following table shows which toolkit functions are available within a workflo ## Setting a debug message -Prints a debug message to the log. You must create a secret named `ACTIONS_STEP_DEBUG` with the value `true` to see the debug messages set by this command in the log. For more information, see [AUTOTITLE](/actions/monitoring-and-troubleshooting-workflows/enabling-debug-logging). +Prints a debug message to the log. You must create a secret named `ACTIONS_STEP_DEBUG` with the value `true` to see the debug messages set by this command in the log. For more information, see [AUTOTITLE](/actions/how-tos/monitor-workflows/enable-debug-logging). ```text copy ::debug::{message} @@ -386,7 +386,7 @@ If you want to pass a masked secret between jobs or workflows, you should store #### Setup 1. Set up a secret store to store the secret that you will generate during your workflow. For example, Vault. -1. Generate a key for reading and writing to that secret store. Store the key as a repository secret. In the following example workflow, the secret name is `SECRET_STORE_CREDENTIALS`. For more information, see [AUTOTITLE](/actions/security-guides/using-secrets-in-github-actions). +1. Generate a key for reading and writing to that secret store. Store the key as a repository secret. In the following example workflow, the secret name is `SECRET_STORE_CREDENTIALS`. For more information, see [AUTOTITLE](/actions/how-tos/write-workflows/choose-what-workflows-do/use-secrets). #### Workflow @@ -535,7 +535,7 @@ jobs: You can create environment variables for sharing with your workflow's `pre:` or `post:` actions by writing to the file located at `GITHUB_STATE`. For example, you can create a file with the `pre:` action, pass the file location to the `main:` action, and then use the `post:` action to delete the file. Alternatively, you could create a file with the `main:` action, pass the file location to the `post:` action, and also use the `post:` action to delete the file. -If you have multiple `pre:` or `post:` actions, you can only access the saved value in the action where it was written to `GITHUB_STATE`. For more information on the `post:` action, see [AUTOTITLE](/actions/creating-actions/metadata-syntax-for-github-actions#runspost). +If you have multiple `pre:` or `post:` actions, you can only access the saved value in the action where it was written to `GITHUB_STATE`. For more information on the `post:` action, see [AUTOTITLE](/actions/reference/workflows-and-actions/metadata-syntax#runspost). The `GITHUB_STATE` file is only available within an action. The saved value is stored as an environment value with the `STATE_` prefix. @@ -558,7 +558,7 @@ console.log("The running PID from the main action is: " + process.env.STATE_proc ## Environment files -During the execution of a workflow, the runner generates temporary files that can be used to perform certain actions. The path to these files can be accessed and edited using GitHub's default environment variables. See [AUTOTITLE](/actions/reference/variables-reference#default-environment-variables). You will need to use UTF-8 encoding when writing to these files to ensure proper processing of the commands. Multiple commands can be written to the same file, separated by newlines. +During the execution of a workflow, the runner generates temporary files that can be used to perform certain actions. The path to these files can be accessed and edited using GitHub's default environment variables. See [AUTOTITLE](/actions/reference/workflows-and-actions/variables#default-environment-variables). You will need to use UTF-8 encoding when writing to these files to ensure proper processing of the commands. Multiple commands can be written to the same file, separated by newlines. To use environment variables in a GitHub Action, you create or modify `.env` files using specific GitHub Actions commands. Here's how: @@ -651,7 +651,7 @@ echo "{environment_variable_name}={value}" >> "$GITHUB_ENV" You can make an environment variable available to any subsequent steps in a workflow job by defining or updating the environment variable and writing this to the `GITHUB_ENV` environment file. The step that creates or updates the environment variable does not have access to the new value, but all subsequent steps in a job will have access. -{% data reusables.actions.environment-variables-are-fixed %} For more information about the default environment variables, see [AUTOTITLE](/actions/learn-github-actions/environment-variables#default-environment-variables). +{% data reusables.actions.environment-variables-are-fixed %} For more information about the default environment variables, see [AUTOTITLE](/actions/how-tos/write-workflows/choose-what-workflows-do/use-variables#default-environment-variables). > [!NOTE] > Due to security restrictions, `GITHUB_ENV` cannot be used to set the `NODE_OPTIONS` environment variable. @@ -741,7 +741,7 @@ steps: ## Setting an output parameter -Sets a step's output parameter. Note that the step will need an `id` to be defined to later retrieve the output value. You can set multi-line output values with the same technique used in the [Multiline strings](/actions/using-workflows/workflow-commands-for-github-actions#multiline-strings) section to define multi-line environment variables. +Sets a step's output parameter. Note that the step will need an `id` to be defined to later retrieve the output value. You can set multi-line output values with the same technique used in the [Multiline strings](/actions/reference/workflows-and-actions/workflow-commands#multiline-strings) section to define multi-line environment variables. {% bash %} @@ -928,7 +928,7 @@ To completely remove a summary for the current step, the file that `GITHUB_STEP_ {% endpowershell %} -After a step has completed, job summaries are uploaded and subsequent steps cannot modify previously uploaded Markdown content. Summaries automatically mask any secrets that might have been added accidentally. If a job summary contains sensitive information that must be deleted, you can delete the entire workflow run to remove all its job summaries. For more information see [AUTOTITLE](/actions/managing-workflow-runs/deleting-a-workflow-run). +After a step has completed, job summaries are uploaded and subsequent steps cannot modify previously uploaded Markdown content. Summaries automatically mask any secrets that might have been added accidentally. If a job summary contains sensitive information that must be deleted, you can delete the entire workflow run to remove all its job summaries. For more information, see [AUTOTITLE](/actions/how-tos/manage-workflow-runs/delete-a-workflow-run). ### Step isolation and limits diff --git a/content/actions/reference/workflows-and-actions/workflow-syntax.md b/content/actions/reference/workflows-and-actions/workflow-syntax.md index dc693471414b..d6fca3f6cb13 100644 --- a/content/actions/reference/workflows-and-actions/workflow-syntax.md +++ b/content/actions/reference/workflows-and-actions/workflow-syntax.md @@ -36,7 +36,7 @@ You must store workflow files in the `.github/workflows` directory of your repos The name for workflow runs generated from the workflow. {% data variables.product.prodname_dotcom %} displays the workflow run name in the list of workflow runs on your repository's "Actions" tab. If `run-name` is omitted or is only whitespace, then the run name is set to event-specific information for the workflow run. For example, for a workflow triggered by a `push` or `pull_request` event, it is set as the commit message or the title of the pull request. -This value can include expressions and can reference the [`github`](/actions/learn-github-actions/contexts#github-context) and [`inputs`](/actions/learn-github-actions/contexts#inputs-context) contexts. +This value can include expressions and can reference the [`github`](/actions/reference/workflows-and-actions/contexts#github-context) and [`inputs`](/actions/reference/workflows-and-actions/contexts#inputs-context) contexts. ### Example of `run-name` @@ -118,17 +118,17 @@ For more information about `schedule` events, see [AUTOTITLE](/actions/reference ## `on.workflow_call` -Use `on.workflow_call` to define the inputs and outputs for a reusable workflow. You can also map the secrets that are available to the called workflow. For more information on reusable workflows, see [AUTOTITLE](/actions/using-workflows/reusing-workflows). +Use `on.workflow_call` to define the inputs and outputs for a reusable workflow. You can also map the secrets that are available to the called workflow. For more information on reusable workflows, see [AUTOTITLE](/actions/how-tos/reuse-automations/reuse-workflows). ## `on.workflow_call.inputs` -When using the `workflow_call` keyword, you can optionally specify inputs that are passed to the called workflow from the caller workflow. For more information about the `workflow_call` keyword, see [AUTOTITLE](/actions/using-workflows/events-that-trigger-workflows#workflow-reuse-events). +When using the `workflow_call` keyword, you can optionally specify inputs that are passed to the called workflow from the caller workflow. For more information about the `workflow_call` keyword, see [AUTOTITLE](/actions/reference/workflows-and-actions/events-that-trigger-workflows#workflow_call). In addition to the standard input parameters that are available, `on.workflow_call.inputs` requires a `type` parameter. For more information, see [`on.workflow_call.inputs..type`](#onworkflow_callinputsinput_idtype). If a `default` parameter is not set, the default value of the input is `false` for a boolean, `0` for a number, and `""` for a string. -Within the called workflow, you can use the `inputs` context to refer to an input. For more information, see [AUTOTITLE](/actions/learn-github-actions/contexts#inputs-context). +Within the called workflow, you can use the `inputs` context to refer to an input. For more information, see [AUTOTITLE](/actions/reference/workflows-and-actions/contexts#inputs-context). If a caller workflow passes an input that is not specified in the called workflow, this results in an error. @@ -157,7 +157,7 @@ jobs: {% endraw %} -For more information, see [AUTOTITLE](/actions/using-workflows/reusing-workflows). +For more information, see [AUTOTITLE](/actions/how-tos/reuse-automations/reuse-workflows). ## `on.workflow_call.inputs..type` @@ -188,7 +188,7 @@ on: {% endraw %} -For information on how to reference a job output, see [`jobs..outputs`](#jobsjob_idoutputs). For more information, see [AUTOTITLE](/actions/using-workflows/reusing-workflows). +For information on how to reference a job output, see [`jobs..outputs`](#jobsjob_idoutputs). For more information, see [AUTOTITLE](/actions/how-tos/reuse-automations/reuse-workflows). ## `on.workflow_call.secrets` @@ -197,7 +197,7 @@ A map of the secrets that can be used in the called workflow. Within the called workflow, you can use the `secrets` context to refer to a secret. > [!NOTE] -> If you are passing the secret to a nested reusable workflow, then you must use [`jobs..secrets`](#jobsjob_idsecrets) again to pass the secret. For more information, see [AUTOTITLE](/actions/using-workflows/reusing-workflows#passing-secrets-to-nested-workflows). +> If you are passing the secret to a nested reusable workflow, then you must use [`jobs..secrets`](#jobsjob_idsecrets) again to pass the secret. For more information, see [AUTOTITLE](/actions/how-tos/reuse-automations/reuse-workflows#passing-secrets-to-nested-workflows). If a caller workflow passes a secret that is not specified in the called workflow, this results in an error. @@ -445,7 +445,7 @@ jobs: A job contains a sequence of tasks called `steps`. Steps can run commands, run setup tasks, or run an action in your repository, a public repository, or an action published in a Docker registry. Not all steps run actions, but all actions run as a step. Each step runs in its own process in the runner environment and has access to the workspace and filesystem. Because steps run in their own process, changes to environment variables are not preserved between steps. {% data variables.product.prodname_dotcom %} provides built-in steps to set up and complete a job. -{% data variables.product.prodname_dotcom %} only displays the first 1,000 checks, however, you can run an unlimited number of steps as long as you are within the workflow usage limits. For more information, see [AUTOTITLE](/actions/learn-github-actions/usage-limits-billing-and-administration) for {% data variables.product.prodname_dotcom %}-hosted runners and [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners/usage-limits-for-self-hosted-runners) for self-hosted runner usage limits. +{% data variables.product.prodname_dotcom %} only displays the first 1,000 checks, however, you can run an unlimited number of steps as long as you are within the workflow usage limits. For more information, see [AUTOTITLE](/actions/concepts/billing-and-usage) for {% data variables.product.prodname_dotcom %}-hosted runners and [AUTOTITLE](/actions/reference/limits) for self-hosted runner usage limits. ### Example of `jobs..steps` @@ -475,13 +475,13 @@ jobs: ## `jobs..steps[*].id` -A unique identifier for the step. You can use the `id` to reference the step in contexts. For more information, see [AUTOTITLE](/actions/learn-github-actions/contexts). +A unique identifier for the step. You can use the `id` to reference the step in contexts. For more information, see [AUTOTITLE](/actions/reference/workflows-and-actions/contexts). ## `jobs..steps[*].if` You can use the `if` conditional to prevent a step from running unless a condition is met. {% data reusables.actions.if-supported-contexts %} -{% data reusables.actions.expression-syntax-if %} For more information, see [AUTOTITLE](/actions/learn-github-actions/expressions). +{% data reusables.actions.expression-syntax-if %} For more information, see [AUTOTITLE](/actions/reference/workflows-and-actions/expressions). ### Example: Using contexts @@ -496,7 +496,7 @@ steps: ### Example: Using status check functions -The `my backup step` only runs when the previous step of a job fails. For more information, see [AUTOTITLE](/actions/learn-github-actions/expressions#status-check-functions). +The `my backup step` only runs when the previous step of a job fails. For more information, see [AUTOTITLE](/actions/reference/workflows-and-actions/expressions#status-check-functions). ```yaml steps: @@ -532,7 +532,7 @@ jobs: {% endraw %} -For more information, see [AUTOTITLE](/actions/learn-github-actions/contexts#context-availability) and [AUTOTITLE](/actions/security-guides/using-secrets-in-github-actions). +For more information, see [AUTOTITLE](/actions/reference/workflows-and-actions/contexts#context-availability) and [AUTOTITLE](/actions/how-tos/write-workflows/choose-what-workflows-do/use-secrets). ## `jobs..steps[*].name` @@ -655,7 +655,7 @@ jobs: If the action is in an internal repository, or in a private repository configured to allow access from your workflow's repository, you can reference the action directly. For more information, see [AUTOTITLE](/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#allowing-access-to-components-in-an-internal-repository) and [AUTOTITLE](/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#allowing-access-to-components-in-a-private-repository). -If the action isn't in a repository configured to allow access, you need to check out the repository and reference the action locally. Generate a {% data variables.product.pat_generic %} and add the token as a secret. The following example shows this method for referencing an action. For more information, see [AUTOTITLE](/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token) and [AUTOTITLE](/actions/security-guides/using-secrets-in-github-actions). +If the action isn't in a repository configured to allow access, you need to check out the repository and reference the action locally. Generate a {% data variables.product.pat_generic %} and add the token as a secret. The following example shows this method for referencing an action. For more information, see [AUTOTITLE](/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens) and [AUTOTITLE](/actions/how-tos/write-workflows/choose-what-workflows-do/use-secrets). Replace `PERSONAL_ACCESS_TOKEN` in the example with the name of your secret. @@ -674,7 +674,7 @@ jobs: uses: ./.github/actions/my-private-repo/my-action ``` -Alternatively, use a {% data variables.product.prodname_github_app %} instead of a {% data variables.product.pat_generic %} in order to ensure your workflow continues to run even if the {% data variables.product.pat_generic %} owner leaves. For more information, see [AUTOTITLE](/apps/creating-github-apps/guides/making-authenticated-api-requests-with-a-github-app-in-a-github-actions-workflow). +Alternatively, use a {% data variables.product.prodname_github_app %} instead of a {% data variables.product.pat_generic %} in order to ensure your workflow continues to run even if the {% data variables.product.pat_generic %} owner leaves. For more information, see [AUTOTITLE](/apps/creating-github-apps/authenticating-with-a-github-app/making-authenticated-api-requests-with-a-github-app-in-a-github-actions-workflow). ## `jobs..steps[*].run` @@ -710,9 +710,9 @@ Using the `working-directory` keyword, you can specify the working directory of working-directory: ./temp ``` -Alternatively, you can specify a default working directory for all `run` steps in a job, or for all `run` steps in the entire workflow. For more information, see [`defaults.run.working-directory`](/actions/using-workflows/workflow-syntax-for-github-actions#defaultsrunworking-directory) and [`jobs..defaults.run.working-directory`](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_iddefaultsrunworking-directory). +Alternatively, you can specify a default working directory for all `run` steps in a job, or for all `run` steps in the entire workflow. For more information, see [`defaults.run.working-directory`](/actions/reference/workflows-and-actions/workflow-syntax#defaultsrunworking-directory) and [`jobs..defaults.run.working-directory`](/actions/reference/workflows-and-actions/workflow-syntax#jobsjob_iddefaultsrunworking-directory). -You can also use a `run` step to run a script. For more information, see [AUTOTITLE](/actions/writing-workflows/choosing-what-your-workflow-does/adding-scripts-to-your-workflow). +You can also use a `run` step to run a script. For more information, see [AUTOTITLE](/actions/how-tos/write-workflows/choose-what-workflows-do/add-scripts). ## `jobs..steps[*].shell` @@ -720,7 +720,7 @@ You can override the default shell settings in the runner's operating system and {% data reusables.actions.supported-shells %} -Alternatively, you can specify a default shell for all `run` steps in a job, or for all `run` steps in the entire workflow. For more information, see [`defaults.run.shell`](/actions/using-workflows/workflow-syntax-for-github-actions#defaultsrunshell) and [`jobs..defaults.run.shell`](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_iddefaultsrunshell). +Alternatively, you can specify a default shell for all `run` steps in a job, or for all `run` steps in the entire workflow. For more information, see [`defaults.run.shell`](/actions/reference/workflows-and-actions/workflow-syntax#defaultsrunshell) and [`jobs..defaults.run.shell`](/actions/reference/workflows-and-actions/workflow-syntax#jobsjob_iddefaultsrunshell). ### Example: Running a command using Bash @@ -786,7 +786,7 @@ steps: The command used, `perl` in this example, must be installed on the runner. {% ifversion fpt or ghec %} -For information about the software included on GitHub-hosted runners, see [AUTOTITLE](/actions/using-github-hosted-runners/about-github-hosted-runners#supported-software). +For information about the software included on GitHub-hosted runners, see [AUTOTITLE](/actions/concepts/runners/github-hosted-runners#preinstalled-software-for-github-owned-images). {% endif %} ### Exit codes and error action preference @@ -876,7 +876,7 @@ Sets variables for steps to use in the runner environment. You can also set vari {% data reusables.repositories.actions-env-var-note %} -Public actions may specify expected variables in the README file. If you are setting a secret or sensitive value, such as a password or token, you must set secrets using the `secrets` context. For more information, see [AUTOTITLE](/actions/learn-github-actions/contexts). +Public actions may specify expected variables in the README file. If you are setting a secret or sensitive value, such as a password or token, you must set secrets using the `secrets` context. For more information, see [AUTOTITLE](/actions/reference/workflows-and-actions/contexts). ### Example of `jobs..steps[*].env` @@ -1059,22 +1059,22 @@ The group above is equivalent to declaring each step with `background: true` fol The maximum number of minutes to let a job run before {% data variables.product.prodname_dotcom %} automatically cancels it. Default: 360 -If the timeout exceeds the job execution time limit for the runner, the job will be canceled when the execution time limit is met instead. For more information about job execution time limits, see [AUTOTITLE](/actions/learn-github-actions/usage-limits-billing-and-administration#usage-limits) for {% data variables.product.prodname_dotcom %}-hosted runners and [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners/usage-limits-for-self-hosted-runners) for self-hosted runner usage limits. +If the timeout exceeds the job execution time limit for the runner, the job will be canceled when the execution time limit is met instead. For more information about job execution time limits, see [AUTOTITLE](/actions/concepts/billing-and-usage#usage-limits) for {% data variables.product.prodname_dotcom %}-hosted runners and [AUTOTITLE](/actions/reference/limits) for self-hosted runner usage limits. > [!NOTE] -> {% data reusables.actions.github-token-expiration %} For self-hosted runners, the token may be the limiting factor if the job timeout is greater than 24 hours. For more information on the `GITHUB_TOKEN`, see [AUTOTITLE](/actions/security-guides/automatic-token-authentication#about-the-github_token-secret). +> {% data reusables.actions.github-token-expiration %} For self-hosted runners, the token may be the limiting factor if the job timeout is greater than 24 hours. For more information on the `GITHUB_TOKEN`, see [AUTOTITLE](/actions/tutorials/authenticate-with-github_token). ## `jobs..strategy` -Use `jobs..strategy` to use a matrix strategy for your jobs. {% data reusables.actions.jobs.about-matrix-strategy %} For more information, see [AUTOTITLE](/actions/using-jobs/using-a-matrix-for-your-jobs). +Use `jobs..strategy` to use a matrix strategy for your jobs. {% data reusables.actions.jobs.about-matrix-strategy %} For more information, see [AUTOTITLE](/actions/how-tos/write-workflows/choose-what-workflows-do/run-job-variations). ## `jobs..strategy.matrix` -Use `jobs..strategy.matrix` to define a matrix of different job configurations. For more information, see [AUTOTITLE](/actions/how-tos/writing-workflows/choosing-what-your-workflow-does/running-variations-of-jobs-in-a-workflow). +Use `jobs..strategy.matrix` to define a matrix of different job configurations. For more information, see [AUTOTITLE](/actions/how-tos/write-workflows/choose-what-workflows-do/run-job-variations). A matrix will generate a maximum of 256 jobs per workflow run. This limit applies to both {% data variables.product.github %}-hosted and self-hosted runners. -The variables that you define become properties in the `matrix` context, and you can reference the property in other areas of your workflow file. In this example, you can use `matrix.version` and `matrix.os` to access the current value of `version` and `os` that the job is using. For more information, see [AUTOTITLE](/actions/learn-github-actions/contexts). +The variables that you define become properties in the `matrix` context, and you can reference the property in other areas of your workflow file. In this example, you can use `matrix.version` and `matrix.os` to access the current value of `version` and `os` that the job is using. For more information, see [AUTOTITLE](/actions/reference/workflows-and-actions/contexts). By default, {% data variables.product.github %} will maximize the number of jobs run in parallel depending on runner availability. The order of the variables in the matrix determines the order in which the jobs are created. The first variable you define will be the first job that is created in your workflow run. @@ -1242,7 +1242,7 @@ If you configure your job to run in a container, or your step uses container act If you configure the job to run directly on the runner machine and your step doesn't use a container action, you must map any required Docker service container ports to the Docker host (the runner machine). You can access the service container using localhost and the mapped port. -For more information about the differences between networking service containers, see [AUTOTITLE](/actions/using-containerized-services/about-service-containers). +For more information about the differences between networking service containers, see [AUTOTITLE](/actions/tutorials/use-containerized-services/use-docker-service-containers). ### Example: Using localhost @@ -1385,7 +1385,7 @@ The location and version of a reusable workflow file to run as a job. Use one of {% data reusables.actions.uses-keyword-example %} -For more information, see [AUTOTITLE](/actions/using-workflows/reusing-workflows). +For more information, see [AUTOTITLE](/actions/how-tos/reuse-automations/reuse-workflows). ## `jobs..with` @@ -1407,7 +1407,7 @@ jobs: ## `jobs..with.` -A pair consisting of a string identifier for the input and the value of the input. The identifier must match the name of an input defined by [`on.workflow_call.inputs.`](/actions/creating-actions/metadata-syntax-for-github-actions#inputsinput_id) in the called workflow. The data type of the value must match the type defined by [`on.workflow_call.inputs..type`](#onworkflow_callinputsinput_idtype) in the called workflow. +A pair consisting of a string identifier for the input and the value of the input. The identifier must match the name of an input defined by [`on.workflow_call.inputs.`](/actions/reference/workflows-and-actions/metadata-syntax#inputsinput_id) in the called workflow. The data type of the value must match the type defined by [`on.workflow_call.inputs..type`](#onworkflow_callinputsinput_idtype) in the called workflow. Allowed expression contexts: `github`, and `needs`. diff --git a/content/admin/managing-accounts-and-repositories/managing-users-in-your-enterprise/managing-support-entitlements-for-your-enterprise.md b/content/admin/managing-accounts-and-repositories/managing-users-in-your-enterprise/managing-support-entitlements-for-your-enterprise.md index 8ef5c75ebe21..ab4d09d3289f 100644 --- a/content/admin/managing-accounts-and-repositories/managing-users-in-your-enterprise/managing-support-entitlements-for-your-enterprise.md +++ b/content/admin/managing-accounts-and-repositories/managing-users-in-your-enterprise/managing-support-entitlements-for-your-enterprise.md @@ -4,6 +4,7 @@ intro: You can grant enterprise members the ability to manage support tickets fo redirect_from: - /github/setting-up-and-managing-your-enterprise/managing-users-in-your-enterprise/managing-support-entitlements-for-your-enterprise - /admin/user-management/managing-users-in-your-enterprise/managing-support-entitlements-for-your-enterprise + - /enterprise-onboarding/support-for-your-enterprise/managing-support-entitlements versions: ghec: '*' shortTitle: Manage support entitlements diff --git a/content/admin/managing-github-actions-for-your-enterprise/advanced-configuration-and-troubleshooting/backing-up-and-restoring-github-enterprise-server-with-github-actions-enabled.md b/content/admin/managing-github-actions-for-your-enterprise/advanced-configuration-and-troubleshooting/backing-up-and-restoring-github-enterprise-server-with-github-actions-enabled.md index 332542ec0f1b..c7e4d7b9e84c 100644 --- a/content/admin/managing-github-actions-for-your-enterprise/advanced-configuration-and-troubleshooting/backing-up-and-restoring-github-enterprise-server-with-github-actions-enabled.md +++ b/content/admin/managing-github-actions-for-your-enterprise/advanced-configuration-and-troubleshooting/backing-up-and-restoring-github-enterprise-server-with-github-actions-enabled.md @@ -14,7 +14,7 @@ category: ## About backups of {% data variables.product.prodname_ghe_server %} when using {% data variables.product.prodname_actions %} -You can use {% data variables.product.prodname_enterprise_backup_utilities %} to back up and restore the data and configuration for {% data variables.location.product_location %} to a new instance. For more information, see [AUTOTITLE](/admin/configuration/configuring-your-enterprise/configuring-backups-on-your-appliance). +You can use {% data variables.product.prodname_enterprise_backup_utilities %} to back up and restore the data and configuration for {% data variables.location.product_location %} to a new instance. For more information, see [AUTOTITLE](/admin/backing-up-and-restoring-your-instance/configuring-backups-on-your-instance). However, not all the data for {% data variables.product.prodname_actions %} is included in these backups. {% data reusables.actions.enterprise-storage-ha-backups %} @@ -24,8 +24,8 @@ To restore a backup of {% data variables.location.product_location %} with {% da 1. Create a new instance with the "New Install" option. For installation instructions for the virtualization platform of your choice, see [AUTOTITLE](/admin/installing-your-enterprise-server/setting-up-a-github-enterprise-server-instance). 1. In the {% data variables.enterprise.management_console %}, configure network settings and external storage for {% data variables.product.prodname_actions %} on the destination instance. See [AUTOTITLE](/admin/configuring-settings). -1. After {% data variables.product.prodname_actions %} is configured and enabled, to restore the rest of the data from the backup, use the `ghe-restore` command. For more information, see [AUTOTITLE](/admin/configuration/configuring-your-enterprise/configuring-backups-on-your-appliance#restoring-a-backup). -1. Re-register your self-hosted runners on the destination instance. For more information, see [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners/adding-self-hosted-runners). +1. After {% data variables.product.prodname_actions %} is configured and enabled, to restore the rest of the data from the backup, use the `ghe-restore` command. For more information, see [AUTOTITLE](/admin/backing-up-and-restoring-your-instance/configuring-backups-on-your-instance#restoring-a-backup). +1. Re-register your self-hosted runners on the destination instance. For more information, see [AUTOTITLE](/actions/how-tos/manage-runners/self-hosted-runners/add-runners). 1. To ensure that the bundled actions that are pre-installed on your new instance are up to date, enter the following command. ```shell copy diff --git a/content/admin/managing-github-actions-for-your-enterprise/advanced-configuration-and-troubleshooting/high-availability-for-github-actions.md b/content/admin/managing-github-actions-for-your-enterprise/advanced-configuration-and-troubleshooting/high-availability-for-github-actions.md index b45f479b1283..5f3f5024fec9 100644 --- a/content/admin/managing-github-actions-for-your-enterprise/advanced-configuration-and-troubleshooting/high-availability-for-github-actions.md +++ b/content/admin/managing-github-actions-for-your-enterprise/advanced-configuration-and-troubleshooting/high-availability-for-github-actions.md @@ -26,7 +26,7 @@ We strongly recommend that you configure your {% data variables.product.prodname When enabling a high availability configuration, any replicas are automatically configured to use the {% data variables.product.prodname_actions %} external storage configuration. If you need to initiate a failover to promote a replica, no extra configuration changes are required for {% data variables.product.prodname_actions %}. -For more information, see [AUTOTITLE](/admin/enterprise-management/configuring-high-availability/initiating-a-failover-to-your-replica-appliance). +For more information, see [AUTOTITLE](/admin/monitoring-and-managing-your-instance/configuring-high-availability/initiating-a-failover-to-your-replica-appliance). ### Removing a high availability replica diff --git a/content/admin/managing-github-actions-for-your-enterprise/advanced-configuration-and-troubleshooting/migrating-github-actions-external-storage.md b/content/admin/managing-github-actions-for-your-enterprise/advanced-configuration-and-troubleshooting/migrating-github-actions-external-storage.md index 4e360a2bac6e..294a92659bef 100644 --- a/content/admin/managing-github-actions-for-your-enterprise/advanced-configuration-and-troubleshooting/migrating-github-actions-external-storage.md +++ b/content/admin/managing-github-actions-for-your-enterprise/advanced-configuration-and-troubleshooting/migrating-github-actions-external-storage.md @@ -41,7 +41,7 @@ Before you begin, review the following constraints. Each one shapes the migratio ## Rehearsing the migration in a staging environment -Before performing the migration against production, rehearse the full procedure on a staging instance. Provision a staging {% data variables.product.prodname_ghe_server %} instance from a recent production backup, point it at a throwaway destination that mirrors the intended production destination, and run every step of this article end to end. For more information, see [AUTOTITLE](/admin/installation/setting-up-a-github-enterprise-server-instance/setting-up-a-staging-instance) and [AUTOTITLE](/admin/managing-github-actions-for-your-enterprise/advanced-configuration-and-troubleshooting/using-a-staging-environment). +Before performing the migration against production, rehearse the full procedure on a staging instance. Provision a staging {% data variables.product.prodname_ghe_server %} instance from a recent production backup, point it at a throwaway destination that mirrors the intended production destination, and run every step of this article end to end. For more information, see [AUTOTITLE](/admin/installing-your-enterprise-server/setting-up-a-github-enterprise-server-instance/setting-up-a-staging-instance) and [AUTOTITLE](/admin/managing-github-actions-for-your-enterprise/advanced-configuration-and-troubleshooting/using-a-staging-environment). A staging rehearsal validates that: diff --git a/content/admin/managing-github-actions-for-your-enterprise/advanced-configuration-and-troubleshooting/troubleshooting-github-actions-for-your-enterprise.md b/content/admin/managing-github-actions-for-your-enterprise/advanced-configuration-and-troubleshooting/troubleshooting-github-actions-for-your-enterprise.md index 6abf796f5cef..4eef7766b604 100644 --- a/content/admin/managing-github-actions-for-your-enterprise/advanced-configuration-and-troubleshooting/troubleshooting-github-actions-for-your-enterprise.md +++ b/content/admin/managing-github-actions-for-your-enterprise/advanced-configuration-and-troubleshooting/troubleshooting-github-actions-for-your-enterprise.md @@ -15,11 +15,11 @@ category: ## Checking the health of {% data variables.product.prodname_actions %} -You can check the health of {% data variables.product.prodname_actions %} on {% data variables.location.product_location %} with the `ghe-actions-check` command-line utility. For more information, see [AUTOTITLE](/admin/configuration/configuring-your-enterprise/command-line-utilities#ghe-actions-check) and [AUTOTITLE](/admin/configuration/configuring-your-enterprise/accessing-the-administrative-shell-ssh). +You can check the health of {% data variables.product.prodname_actions %} on {% data variables.location.product_location %} with the `ghe-actions-check` command-line utility. For more information, see [AUTOTITLE](/admin/administering-your-instance/administering-your-instance-from-the-command-line/command-line-utilities#ghe-actions-check) and [AUTOTITLE](/admin/administering-your-instance/administering-your-instance-from-the-command-line/accessing-the-administrative-shell-ssh). ## Configuring self-hosted runners when using a self-signed certificate for {% data variables.product.prodname_ghe_server %} -{% data reusables.actions.enterprise-self-signed-cert %} For more information, see [AUTOTITLE](/admin/configuration/configuring-network-settings/configuring-tls). +{% data reusables.actions.enterprise-self-signed-cert %} For more information, see [AUTOTITLE](/admin/configuring-settings/hardening-security-for-your-enterprise/configuring-tls). ### Installing the certificate on the runner machine @@ -60,7 +60,7 @@ If you deploy {% data variables.product.prodname_ghe_server %} in your environme You will need to update the configuration of your self-hosted runners to use the new hostname for {% data variables.location.product_location %}. Each self-hosted runner will require one of the following procedures: * In the self-hosted runner application directory, edit the `.runner` and `.credentials` files to replace all mentions of the old hostname with the new hostname, then restart the self-hosted runner application. -* Remove the runner from {% data variables.product.prodname_ghe_server %} using the UI, and re-add it. For more information, see [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners/removing-self-hosted-runners) and [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners/adding-self-hosted-runners). +* Remove the runner from {% data variables.product.prodname_ghe_server %} using the UI, and re-add it. For more information, see [AUTOTITLE](/actions/how-tos/manage-runners/self-hosted-runners/remove-runners) and [AUTOTITLE](/actions/how-tos/manage-runners/self-hosted-runners/add-runners). ## Troubleshooting failures when {% data variables.product.prodname_dependabot %} triggers existing workflows @@ -68,7 +68,7 @@ You will need to update the configuration of your self-hosted runners to use the ### Providing workflows triggered by {% data variables.product.prodname_dependabot %} access to secrets and increased permissions -1. Log in to the administrative shell using SSH. For more information, see [AUTOTITLE](/admin/configuration/configuring-your-enterprise/accessing-the-administrative-shell-ssh). +1. Log in to the administrative shell using SSH. For more information, see [AUTOTITLE](/admin/administering-your-instance/administering-your-instance-from-the-command-line/accessing-the-administrative-shell-ssh). 1. To remove the limitations on workflows triggered by {% data variables.product.prodname_dependabot %} on {% data variables.location.product_location %}, use the following command. ``` shell @@ -97,9 +97,9 @@ To install the official bundled actions and workflow templates within a designat 1. Identify an organization that will store the official bundled actions and workflow templates. You can create a new organization or reuse an existing one. * To create a new organization, see [AUTOTITLE](/organizations/collaborating-with-groups-in-organizations/creating-a-new-organization-from-scratch). - * For assistance with choosing a name for this organization, see [AUTOTITLE](/admin/github-actions/getting-started-with-github-actions-for-your-enterprise/getting-started-with-github-actions-for-github-enterprise-server#reserved-names). + * For assistance with choosing a name for this organization, see [AUTOTITLE](/admin/managing-github-actions-for-your-enterprise/getting-started-with-github-actions-for-your-enterprise/getting-started-with-github-actions-for-github-enterprise-server#reserved-names). -1. Log in to the administrative shell using SSH. For more information, see [AUTOTITLE](/admin/configuration/configuring-your-enterprise/accessing-the-administrative-shell-ssh). +1. Log in to the administrative shell using SSH. For more information, see [AUTOTITLE](/admin/administering-your-instance/administering-your-instance-from-the-command-line/accessing-the-administrative-shell-ssh). 1. To designate your organization as the location to store the bundled actions, use the `ghe-config` command, replacing `ORGANIZATION` with the name of your organization. ```shell @@ -124,4 +124,4 @@ To install the official bundled actions and workflow templates within a designat ghe-config-apply ``` -After you've completed these steps, you can resume configuring {% data variables.product.prodname_actions %} at [AUTOTITLE](/admin/github-actions/getting-started-with-github-actions-for-your-enterprise/getting-started-with-github-actions-for-github-enterprise-server#managing-access-permissions-for-github-actions-in-your-enterprise). +After you've completed these steps, you can resume configuring {% data variables.product.prodname_actions %} at [AUTOTITLE](/admin/managing-github-actions-for-your-enterprise/getting-started-with-github-actions-for-your-enterprise/getting-started-with-github-actions-for-github-enterprise-server#managing-access-permissions-for-github-actions-in-your-enterprise). diff --git a/content/admin/managing-github-actions-for-your-enterprise/advanced-configuration-and-troubleshooting/using-a-staging-environment.md b/content/admin/managing-github-actions-for-your-enterprise/advanced-configuration-and-troubleshooting/using-a-staging-environment.md index d8f85cdb6807..7f8ee2a0d959 100644 --- a/content/admin/managing-github-actions-for-your-enterprise/advanced-configuration-and-troubleshooting/using-a-staging-environment.md +++ b/content/admin/managing-github-actions-for-your-enterprise/advanced-configuration-and-troubleshooting/using-a-staging-environment.md @@ -14,7 +14,7 @@ category: ## About staging environments for {% data variables.product.prodname_ghe_server %} -It can be useful to have a staging or testing environment for {% data variables.location.product_location %}, so that you can test updates or new features before implementing them in your production environment. For more information, see [AUTOTITLE](/admin/installation/setting-up-a-github-enterprise-server-instance/setting-up-a-staging-instance). +It can be useful to have a staging or testing environment for {% data variables.location.product_location %}, so that you can test updates or new features before implementing them in your production environment. For more information, see [AUTOTITLE](/admin/installing-your-enterprise-server/setting-up-a-github-enterprise-server-instance/setting-up-a-staging-instance). > [!TIP] > If you are migrating {% data variables.product.prodname_actions %} external storage to a new bucket, account, or region on the same provider, rehearse the migration in a staging environment first. See [AUTOTITLE](/admin/managing-github-actions-for-your-enterprise/advanced-configuration-and-troubleshooting/migrating-github-actions-external-storage). @@ -32,7 +32,7 @@ When you set up a staging environment that includes a {% data variables.product. > [!WARNING] > If you don't change the storage configuration, your staging instance may be able to write to the same external storage that you use for production, which could result in loss of data. -For more information about storage configuration for {% data variables.product.prodname_actions %}, see [AUTOTITLE](/admin/github-actions/getting-started-with-github-actions-for-your-enterprise/getting-started-with-github-actions-for-github-enterprise-server#enabling-github-actions-with-your-storage-provider). +For more information about storage configuration for {% data variables.product.prodname_actions %}, see [AUTOTITLE](/admin/managing-github-actions-for-your-enterprise/getting-started-with-github-actions-for-your-enterprise/getting-started-with-github-actions-for-github-enterprise-server#enabling-github-actions-with-your-storage-provider). ### Copying files from production to staging diff --git a/content/admin/managing-github-actions-for-your-enterprise/enabling-github-actions-for-github-enterprise-server/managing-self-hosted-runners-for-dependabot-updates.md b/content/admin/managing-github-actions-for-your-enterprise/enabling-github-actions-for-github-enterprise-server/managing-self-hosted-runners-for-dependabot-updates.md index c4b0bbdd86cf..63fdedb3f96e 100644 --- a/content/admin/managing-github-actions-for-your-enterprise/enabling-github-actions-for-github-enterprise-server/managing-self-hosted-runners-for-dependabot-updates.md +++ b/content/admin/managing-github-actions-for-your-enterprise/enabling-github-actions-for-github-enterprise-server/managing-self-hosted-runners-for-dependabot-updates.md @@ -14,13 +14,13 @@ category: ## About self-hosted runners for {% data variables.product.prodname_dependabot_updates %} -You can help users of {% data variables.location.product_location %} to create and maintain secure code by setting up {% data variables.product.prodname_dependabot %} security and version updates. With {% data variables.product.prodname_dependabot_updates %}, developers can configure repositories so that their dependencies are updated and kept secure automatically. For more information, see [AUTOTITLE](/admin/configuration/configuring-github-connect/enabling-dependabot-for-your-enterprise). +You can help users of {% data variables.location.product_location %} to create and maintain secure code by setting up {% data variables.product.prodname_dependabot %} security and version updates. With {% data variables.product.prodname_dependabot_updates %}, developers can configure repositories so that their dependencies are updated and kept secure automatically. For more information, see [AUTOTITLE](/admin/configuring-settings/configuring-github-connect/enabling-dependabot-for-your-enterprise). To use {% data variables.product.prodname_dependabot_updates %} on {% data variables.location.product_location %}, you must configure self-hosted runners to create the pull requests that will update dependencies. ## Prerequisites -Configuring self-hosted runners is only one step in the middle of the process for enabling {% data variables.product.prodname_dependabot_updates %}. There are several steps you must follow before these steps, including configuring {% data variables.location.product_location %} to use {% data variables.product.prodname_actions %} with self-hosted runners. For more information, see [AUTOTITLE](/admin/configuration/configuring-github-connect/enabling-dependabot-for-your-enterprise). +Configuring self-hosted runners is only one step in the middle of the process for enabling {% data variables.product.prodname_dependabot_updates %}. There are several steps you must follow before these steps, including configuring {% data variables.location.product_location %} to use {% data variables.product.prodname_actions %} with self-hosted runners. For more information, see [AUTOTITLE](/admin/configuring-settings/configuring-github-connect/enabling-dependabot-for-your-enterprise). ## Configuring self-hosted runners for {% data variables.product.prodname_dependabot_updates %} @@ -40,7 +40,7 @@ If your {% data variables.product.prodname_ghe_server %} instance uses a self-si ### Adding self-hosted runners for {% data variables.product.prodname_dependabot %} updates -1. Provision self-hosted runners, at the repository, organization, or enterprise account level. For more information, see [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners/about-self-hosted-runners) and [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners/adding-self-hosted-runners). +1. Provision self-hosted runners, at the repository, organization, or enterprise account level. For more information, see [AUTOTITLE](/actions/concepts/runners/self-hosted-runners) and [AUTOTITLE](/actions/how-tos/manage-runners/self-hosted-runners/add-runners). 1. Set up the self-hosted runners with the requirements described above. For example, on a VM running Ubuntu 20.04 you would: * Install Docker and ensure that the runner users have access to Docker. For more information, see the Docker documentation. @@ -49,8 +49,8 @@ If your {% data variables.product.prodname_ghe_server %} instance uses a self-si * Alternative approach: [Manage Docker as a non-root user](https://docs.docker.com/engine/install/linux-postinstall/#manage-docker-as-a-non-root-user) * Verify that the runners have access to the public internet and can only access the internal networks that {% data variables.product.prodname_dependabot %} needs. * Install any self-signed certificates for your {% data variables.product.prodname_ghe_server %} instance or for registries that {% data variables.product.prodname_dependabot %} will need to interact with. - * Configure Node.js to use the same certificate. For more information, see [AUTOTITLE](/admin/github-actions/advanced-configuration-and-troubleshooting/troubleshooting-github-actions-for-your-enterprise#configuring-nodejs-to-use-the-certificate). + * Configure Node.js to use the same certificate. For more information, see [AUTOTITLE](/admin/managing-github-actions-for-your-enterprise/advanced-configuration-and-troubleshooting/troubleshooting-github-actions-for-your-enterprise#configuring-nodejs-to-use-the-certificate). -1. Assign a `dependabot` label to each runner you want {% data variables.product.prodname_dependabot %} to use. For more information, see [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners/using-labels-with-self-hosted-runners#assigning-a-label-to-a-self-hosted-runner). +1. Assign a `dependabot` label to each runner you want {% data variables.product.prodname_dependabot %} to use. For more information, see [AUTOTITLE](/actions/how-tos/manage-runners/self-hosted-runners/apply-labels#assigning-a-label-to-a-self-hosted-runner). -1. Optionally, enable workflows triggered by {% data variables.product.prodname_dependabot %} to use more than read-only permissions and to have access to any secrets that are normally available. For more information, see [AUTOTITLE](/admin/github-actions/advanced-configuration-and-troubleshooting/troubleshooting-github-actions-for-your-enterprise#providing-workflows-triggered-by-dependabot-access-to-secrets-and-increased-permissions). +1. Optionally, enable workflows triggered by {% data variables.product.prodname_dependabot %} to use more than read-only permissions and to have access to any secrets that are normally available. For more information, see [AUTOTITLE](/admin/managing-github-actions-for-your-enterprise/advanced-configuration-and-troubleshooting/troubleshooting-github-actions-for-your-enterprise#providing-workflows-triggered-by-dependabot-access-to-secrets-and-increased-permissions). diff --git a/content/admin/managing-github-actions-for-your-enterprise/getting-started-with-github-actions-for-your-enterprise/about-github-actions-for-enterprises.md b/content/admin/managing-github-actions-for-your-enterprise/getting-started-with-github-actions-for-your-enterprise/about-github-actions-for-enterprises.md index 7668a24a6c8d..c3c19aced5db 100644 --- a/content/admin/managing-github-actions-for-your-enterprise/getting-started-with-github-actions-for-your-enterprise/about-github-actions-for-enterprises.md +++ b/content/admin/managing-github-actions-for-your-enterprise/getting-started-with-github-actions-for-your-enterprise/about-github-actions-for-enterprises.md @@ -20,21 +20,21 @@ category: | Task | More information | | ---- | ---------------- | -| Automatically test and build your application | [AUTOTITLE](/actions/automating-builds-and-tests/about-continuous-integration) | -| Deploy your application | [AUTOTITLE](/actions/deployment/about-deployments/about-continuous-deployment) | -| Automatically and securely package code into artifacts and containers | [AUTOTITLE](/actions/publishing-packages/about-packaging-with-github-actions) | +| Automatically test and build your application | [AUTOTITLE](/actions/get-started/continuous-integration) | +| Deploy your application | [AUTOTITLE](/actions/get-started/continuous-deployment) | +| Automatically and securely package code into artifacts and containers | [AUTOTITLE](/packages/managing-github-packages-using-github-actions-workflows/about-github-packages-and-github-actions) | {% data variables.product.prodname_actions %} helps your team work faster at scale. When large repositories start using {% data variables.product.prodname_actions %}, pull requests are typically merged faster, allowing teams to merge more pull requests per day. -You can create your own unique automations, or you can use and adapt workflows from our ecosystem of over 10,000 actions built by industry leaders and the open source community. {% ifversion ghec %}For more information, see [AUTOTITLE](/actions/learn-github-actions/finding-and-customizing-actions).{% else %}You can restrict your developers to using actions that exist on {% data variables.location.product_location %}, or you can allow your developers to access actions on {% data variables.product.prodname_dotcom_the_website %}. For more information, see [AUTOTITLE](/admin/github-actions/managing-access-to-actions-from-githubcom/about-using-actions-in-your-enterprise).{% endif %} +You can create your own unique automations, or you can use and adapt workflows from our ecosystem of over 10,000 actions built by industry leaders and the open source community. {% ifversion ghec %}For more information, see [AUTOTITLE](/actions/how-tos/write-workflows/choose-what-workflows-do/find-and-customize-actions).{% else %}You can restrict your developers to using actions that exist on {% data variables.location.product_location %}, or you can allow your developers to access actions on {% data variables.product.prodname_dotcom_the_website %}. For more information, see [AUTOTITLE](/admin/managing-github-actions-for-your-enterprise/managing-access-to-actions-from-githubcom/about-using-actions-in-your-enterprise).{% endif %} {% data variables.product.prodname_actions %} is developer friendly, because it's integrated directly into the familiar {% data variables.product.github %} experience. -{% ifversion ghec %}You can enjoy the convenience of {% data variables.product.company_short %}-hosted runners, which are maintained and upgraded by {% data variables.product.company_short %}, or you{% else %}You{% endif %} can control your own private CI/CD infrastructure by using self-hosted runners. Self-hosted runners allow you to determine the exact environment and resources that complete your builds, testing, and deployments, without exposing your software development cycle to the internet. For more information, see {% ifversion ghec %}[AUTOTITLE](/actions/using-github-hosted-runners/about-github-hosted-runners) and{% endif %} [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners/about-self-hosted-runners). +{% ifversion ghec %}You can enjoy the convenience of {% data variables.product.company_short %}-hosted runners, which are maintained and upgraded by {% data variables.product.company_short %}, or you{% else %}You{% endif %} can control your own private CI/CD infrastructure by using self-hosted runners. Self-hosted runners allow you to determine the exact environment and resources that complete your builds, testing, and deployments, without exposing your software development cycle to the internet. For more information, see {% ifversion ghec %}[AUTOTITLE](/actions/concepts/runners/github-hosted-runners) and{% endif %} [AUTOTITLE](/actions/concepts/runners/self-hosted-runners). -{% data variables.product.prodname_actions %} provides greater control over deployments. For example, you can use environments to require approval for a job to proceed, restrict which branches can trigger a workflow, or limit access to secrets. If your workflows need to access resources from a cloud provider that supports OpenID Connect (OIDC), you can configure your workflows to authenticate directly to the cloud provider. OIDC provides security benefits such as eliminating the need to store credentials as long-lived secrets. For more information, see [AUTOTITLE](/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect). +{% data variables.product.prodname_actions %} provides greater control over deployments. For example, you can use environments to require approval for a job to proceed, restrict which branches can trigger a workflow, or limit access to secrets. If your workflows need to access resources from a cloud provider that supports OpenID Connect (OIDC), you can configure your workflows to authenticate directly to the cloud provider. OIDC provides security benefits such as eliminating the need to store credentials as long-lived secrets. For more information, see [AUTOTITLE](/actions/concepts/security/openid-connect). -{% data variables.product.prodname_actions %} also includes tools to govern your enterprise's software development cycle and meet compliance obligations. For more information, see [AUTOTITLE](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise). +{% data variables.product.prodname_actions %} also includes tools to govern your enterprise's software development cycle and meet compliance obligations. For more information, see [AUTOTITLE](/admin/enforcing-policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise). ## About getting started with {% data variables.product.prodname_actions %} @@ -43,13 +43,13 @@ You can create your own unique automations, or you can use and adapt workflows f {% data reusables.actions.migrating-enterprise %} {% ifversion ghes %} -{% data reusables.actions.ghes-actions-not-enabled-by-default %} After you finish planning, you can follow the instructions for enabling {% data variables.product.prodname_actions %}. For example, you may need to upgrade the CPU and memory resources for {% data variables.location.product_location %}. For more information, see [AUTOTITLE](/admin/github-actions/getting-started-with-github-actions-for-your-enterprise/getting-started-with-github-actions-for-github-enterprise-server). +{% data reusables.actions.ghes-actions-not-enabled-by-default %} After you finish planning, you can follow the instructions for enabling {% data variables.product.prodname_actions %}. For example, you may need to upgrade the CPU and memory resources for {% data variables.location.product_location %}. For more information, see [AUTOTITLE](/admin/managing-github-actions-for-your-enterprise/getting-started-with-github-actions-for-your-enterprise/getting-started-with-github-actions-for-github-enterprise-server). {% else %} -After you finish planning, you can follow the instructions for getting started with {% data variables.product.prodname_actions %}. For more information, see [AUTOTITLE](/admin/github-actions/getting-started-with-github-actions-for-your-enterprise/getting-started-with-github-actions-for-github-enterprise-cloud). +After you finish planning, you can follow the instructions for getting started with {% data variables.product.prodname_actions %}. For more information, see [AUTOTITLE](/admin/managing-github-actions-for-your-enterprise/getting-started-with-github-actions-for-your-enterprise/getting-started-with-github-actions-for-github-enterprise-cloud). {% endif %} ## Further reading -* [AUTOTITLE](/actions/learn-github-actions/understanding-github-actions){% ifversion ghec %} -* [AUTOTITLE](/billing/managing-billing-for-github-actions/about-billing-for-github-actions){% endif %} +* [AUTOTITLE](/actions/get-started/understand-github-actions){% ifversion ghec %} +* [AUTOTITLE](/billing/concepts/product-billing/github-actions){% endif %} diff --git a/content/admin/managing-github-actions-for-your-enterprise/getting-started-with-github-actions-for-your-enterprise/getting-started-with-github-actions-for-github-enterprise-cloud.md b/content/admin/managing-github-actions-for-your-enterprise/getting-started-with-github-actions-for-your-enterprise/getting-started-with-github-actions-for-github-enterprise-cloud.md index a4670766e301..9d391b5a0fe9 100644 --- a/content/admin/managing-github-actions-for-your-enterprise/getting-started-with-github-actions-for-your-enterprise/getting-started-with-github-actions-for-github-enterprise-cloud.md +++ b/content/admin/managing-github-actions-for-your-enterprise/getting-started-with-github-actions-for-your-enterprise/getting-started-with-github-actions-for-github-enterprise-cloud.md @@ -23,13 +23,13 @@ category: ## Managing policies for {% data variables.product.prodname_actions %} -You can use policies to control how enterprise members use {% data variables.product.prodname_actions %}. For example, you can restrict which actions are allowed and configure artifact and log retention. For more information, see [AUTOTITLE](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise). +You can use policies to control how enterprise members use {% data variables.product.prodname_actions %}. For example, you can restrict which actions are allowed and configure artifact and log retention. For more information, see [AUTOTITLE](/admin/enforcing-policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise). ## Adding runners -To run {% data variables.product.prodname_actions %} workflows, you need to use runners. {% data reusables.actions.about-runners %} If you use {% data variables.product.company_short %}-hosted runners, you will be billed based on consumption after exhausting the minutes included in your plan, whereas self-hosted runners are free. For more information, see [AUTOTITLE](/billing/managing-billing-for-github-actions/about-billing-for-github-actions). +To run {% data variables.product.prodname_actions %} workflows, you need to use runners. {% data reusables.actions.about-runners %} If you use {% data variables.product.company_short %}-hosted runners, you will be billed based on consumption after exhausting the minutes included in your plan, whereas self-hosted runners are free. For more information, see [AUTOTITLE](/billing/concepts/product-billing/github-actions). -If you choose self-hosted runners, you can add runners at the enterprise, organization, or repository levels. For more information, see [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners/adding-self-hosted-runners). +If you choose self-hosted runners, you can add runners at the enterprise, organization, or repository levels. For more information, see [AUTOTITLE](/actions/how-tos/manage-runners/self-hosted-runners/add-runners). {% ifversion custom-org-roles %} diff --git a/content/admin/managing-github-actions-for-your-enterprise/getting-started-with-github-actions-for-your-enterprise/getting-started-with-github-actions-for-github-enterprise-server.md b/content/admin/managing-github-actions-for-your-enterprise/getting-started-with-github-actions-for-your-enterprise/getting-started-with-github-actions-for-github-enterprise-server.md index 7be64bdd019c..76eec2e77d34 100644 --- a/content/admin/managing-github-actions-for-your-enterprise/getting-started-with-github-actions-for-your-enterprise/getting-started-with-github-actions-for-github-enterprise-server.md +++ b/content/admin/managing-github-actions-for-your-enterprise/getting-started-with-github-actions-for-your-enterprise/getting-started-with-github-actions-for-github-enterprise-server.md @@ -47,20 +47,20 @@ The peak quantity of connected runners without performance loss depends on such > * Beginning with {% data variables.product.prodname_ghe_server %} 3.6, {% data variables.product.company_short %} documents connected runners as opposed to concurrent jobs. Connected runners represents the most runners you can connect and expect to utilize. It should also be noted that connecting more runners than you can expect to utilize can negatively impact performance. > * Beginning with {% data variables.product.prodname_ghe_server %} 3.5, {% data variables.product.company_short %}'s internal testing uses 3rd generation CPUs to better reflect a typical customer configuration. This change in CPU represents a small portion of the changes to performance targets in this version of {% data variables.product.prodname_ghe_server %}. -If you plan to enable {% data variables.product.prodname_actions %} for the users of an existing instance, review the levels of activity for users and automations on the instance and ensure that you have provisioned adequate CPU and memory for your users. For more information about monitoring the capacity and performance of {% data variables.product.prodname_ghe_server %}, see [AUTOTITLE](/admin/enterprise-management/monitoring-your-appliance). +If you plan to enable {% data variables.product.prodname_actions %} for the users of an existing instance, review the levels of activity for users and automations on the instance and ensure that you have provisioned adequate CPU and memory for your users. For more information about monitoring the capacity and performance of {% data variables.product.prodname_ghe_server %}, see [AUTOTITLE](/admin/monitoring-and-managing-your-instance/monitoring-your-instance). For more information about minimum hardware requirements for {% data variables.location.product_location %}, see the hardware considerations for your instance's platform. -* [AWS](/admin/installation/setting-up-a-github-enterprise-server-instance/installing-github-enterprise-server-on-aws#hardware-considerations) -* [Azure](/admin/installation/setting-up-a-github-enterprise-server-instance/installing-github-enterprise-server-on-azure#hardware-considerations) -* [Google Cloud Platform](/admin/installation/setting-up-a-github-enterprise-server-instance/installing-github-enterprise-server-on-google-cloud-platform#hardware-considerations) -* [Hyper-V](/admin/installation/setting-up-a-github-enterprise-server-instance/installing-github-enterprise-server-on-hyper-v#hardware-considerations) -* [OpenStack KVM](/admin/installation/setting-up-a-github-enterprise-server-instance/installing-github-enterprise-server-on-openstack-kvm#hardware-considerations) -* [VMware](/admin/installation/setting-up-a-github-enterprise-server-instance/installing-github-enterprise-server-on-vmware#hardware-considerations) +* [AWS](/admin/installing-your-enterprise-server/setting-up-a-github-enterprise-server-instance/installing-github-enterprise-server-on-aws#hardware-considerations) +* [Azure](/admin/installing-your-enterprise-server/setting-up-a-github-enterprise-server-instance/installing-github-enterprise-server-on-azure#hardware-considerations) +* [Google Cloud Platform](/admin/installing-your-enterprise-server/setting-up-a-github-enterprise-server-instance/installing-github-enterprise-server-on-google-cloud-platform#hardware-considerations) +* [Hyper-V](/admin/installing-your-enterprise-server/setting-up-a-github-enterprise-server-instance/installing-github-enterprise-server-on-hyper-v#hardware-considerations) +* [OpenStack KVM](/admin/installing-your-enterprise-server/setting-up-a-github-enterprise-server-instance/installing-github-enterprise-server-on-openstack-kvm#hardware-considerations) +* [VMware](/admin/installing-your-enterprise-server/setting-up-a-github-enterprise-server-instance/installing-github-enterprise-server-on-vmware#hardware-considerations) {% data reusables.enterprise_installation.about-adjusting-resources %} -Optionally, you can limit resource consumption on {% data variables.location.product_location %} by configuring a rate limit for {% data variables.product.prodname_actions %}. For more information, see [AUTOTITLE](/admin/configuration/configuring-your-enterprise/configuring-rate-limits#configuring-rate-limits-for-github-actions). +Optionally, you can limit resource consumption on {% data variables.location.product_location %} by configuring a rate limit for {% data variables.product.prodname_actions %}. For more information, see [AUTOTITLE](/admin/configuring-settings/configuring-user-applications-for-your-enterprise/configuring-rate-limits#configuring-rate-limits-for-github-actions). ## External storage requirements @@ -84,32 +84,32 @@ All other {% data variables.product.prodname_actions %} data, such as the workfl ## Networking considerations -{% data reusables.actions.proxy-considerations %} For more information about using a proxy with {% data variables.product.prodname_ghe_server %}, see [AUTOTITLE](/admin/configuration/configuring-network-settings/configuring-an-outbound-web-proxy-server). +{% data reusables.actions.proxy-considerations %} For more information about using a proxy with {% data variables.product.prodname_ghe_server %}, see [AUTOTITLE](/admin/configuring-settings/configuring-network-settings/configuring-an-outbound-web-proxy-server). ## Enabling {% data variables.product.prodname_actions %} with your storage provider Follow one of the procedures below to enable {% data variables.product.prodname_actions %} with your chosen storage provider: -* [Enabling GitHub Actions with Azure Blob storage](/admin/github-actions/enabling-github-actions-for-github-enterprise-server/enabling-github-actions-with-azure-blob-storage) -* [Enabling GitHub Actions with Amazon S3 storage](/admin/github-actions/enabling-github-actions-for-github-enterprise-server/enabling-github-actions-with-amazon-s3-storage) -* [Enabling GitHub Actions with Google Cloud Storage](/admin/github-actions/enabling-github-actions-for-github-enterprise-server/enabling-github-actions-with-google-cloud-storage) -* [Enabling GitHub Actions with MinIO storage](/admin/github-actions/enabling-github-actions-for-github-enterprise-server/enabling-github-actions-with-minio-storage) +* [Enabling GitHub Actions with Azure Blob storage](/admin/managing-github-actions-for-your-enterprise/enabling-github-actions-for-github-enterprise-server/enabling-github-actions-with-azure-blob-storage) +* [Enabling GitHub Actions with Amazon S3 storage](/admin/managing-github-actions-for-your-enterprise/enabling-github-actions-for-github-enterprise-server/enabling-github-actions-with-amazon-s3-storage) +* [Enabling GitHub Actions with Google Cloud Storage](/admin/managing-github-actions-for-your-enterprise/enabling-github-actions-for-github-enterprise-server/enabling-github-actions-with-google-cloud-storage) +* [Enabling GitHub Actions with MinIO storage](/admin/managing-github-actions-for-your-enterprise/enabling-github-actions-for-github-enterprise-server/enabling-github-actions-with-minio-storage) ## Managing access permissions for {% data variables.product.prodname_actions %} in your enterprise -You can use policies to manage access to {% data variables.product.prodname_actions %}. For more information, see [AUTOTITLE](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise). +You can use policies to manage access to {% data variables.product.prodname_actions %}. For more information, see [AUTOTITLE](/admin/enforcing-policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise). ## Adding self-hosted runners {% data reusables.actions.enterprise-github-hosted-runners %} -To run {% data variables.product.prodname_actions %} workflows, you need to add self-hosted runners. You can add self-hosted runners at the enterprise, organization, or repository levels. For more information, see [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners/adding-self-hosted-runners). +To run {% data variables.product.prodname_actions %} workflows, you need to add self-hosted runners. You can add self-hosted runners at the enterprise, organization, or repository levels. For more information, see [AUTOTITLE](/actions/how-tos/manage-runners/self-hosted-runners/add-runners). ## Managing which actions can be used in your enterprise You can control which actions your users are allowed to use in your enterprise. This includes setting up {% data variables.product.prodname_github_connect %} for automatic access to actions from {% data variables.product.prodname_dotcom_the_website %}, or manually syncing actions from {% data variables.product.prodname_dotcom_the_website %}. -For more information, see [AUTOTITLE](/admin/github-actions/managing-access-to-actions-from-githubcom/about-using-actions-in-your-enterprise). +For more information, see [AUTOTITLE](/admin/managing-github-actions-for-your-enterprise/managing-access-to-actions-from-githubcom/about-using-actions-in-your-enterprise). {% data reusables.actions.general-security-hardening %} diff --git a/content/admin/managing-github-actions-for-your-enterprise/getting-started-with-github-actions-for-your-enterprise/getting-started-with-self-hosted-runners-for-your-enterprise.md b/content/admin/managing-github-actions-for-your-enterprise/getting-started-with-github-actions-for-your-enterprise/getting-started-with-self-hosted-runners-for-your-enterprise.md index a2e3637848bb..da793e2853bd 100644 --- a/content/admin/managing-github-actions-for-your-enterprise/getting-started-with-github-actions-for-your-enterprise/getting-started-with-self-hosted-runners-for-your-enterprise.md +++ b/content/admin/managing-github-actions-for-your-enterprise/getting-started-with-github-actions-for-your-enterprise/getting-started-with-self-hosted-runners-for-your-enterprise.md @@ -15,13 +15,13 @@ category: ## About self-hosted runners for {% data variables.product.prodname_actions %} -{% data reusables.actions.about-actions-for-enterprises %} For more information, see [AUTOTITLE](/admin/github-actions/getting-started-with-github-actions-for-your-enterprise/about-github-actions-for-enterprises). +{% data reusables.actions.about-actions-for-enterprises %} For more information, see [AUTOTITLE](/admin/managing-github-actions-for-your-enterprise/getting-started-with-github-actions-for-your-enterprise/about-github-actions-for-enterprises). -With {% data variables.product.prodname_actions %}, developers can write and combine individual tasks called actions to create custom workflows. {% ifversion ghes %}To enable {% data variables.product.prodname_actions %} for {% data variables.location.product_location %}, you must host at least one machine to execute jobs.{% endif %} {% ifversion ghec %}You can host your own runner machine to execute jobs, and this{% elsif ghes %}This{% endif %} machine is called a self-hosted runner. {% data reusables.actions.self-hosted-runner-architecture %} {% ifversion ghec %}All{% elsif ghes %}Self-hosted{% endif %} runners can run Linux, Windows, or macOS. For more information, see [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners/about-self-hosted-runners). +With {% data variables.product.prodname_actions %}, developers can write and combine individual tasks called actions to create custom workflows. {% ifversion ghes %}To enable {% data variables.product.prodname_actions %} for {% data variables.location.product_location %}, you must host at least one machine to execute jobs.{% endif %} {% ifversion ghec %}You can host your own runner machine to execute jobs, and this{% elsif ghes %}This{% endif %} machine is called a self-hosted runner. {% data reusables.actions.self-hosted-runner-architecture %} {% ifversion ghec %}All{% elsif ghes %}Self-hosted{% endif %} runners can run Linux, Windows, or macOS. For more information, see [AUTOTITLE](/actions/concepts/runners/self-hosted-runners). {% ifversion ghec %} -Alternatively, you can use runner machines that {% data variables.product.company_short %} hosts. {% data variables.product.company_short %}-hosted runners are outside the scope of this guide. For more information, see [AUTOTITLE](/actions/using-github-hosted-runners/about-github-hosted-runners). +Alternatively, you can use runner machines that {% data variables.product.company_short %} hosts. {% data variables.product.company_short %}-hosted runners are outside the scope of this guide. For more information, see [AUTOTITLE](/actions/concepts/runners/github-hosted-runners). {% endif %} @@ -31,7 +31,7 @@ This guide shows you how to apply a centralized management approach to self-host 1. Deploy a self-hosted runner for your enterprise 1. Create a group to manage access to the runners available to your enterprise 1. Optionally, further restrict the repositories that can use the runner -1. Optionally, to build and scale self-hosted runners automatically, use {% data variables.product.prodname_actions_runner_controller %} (ARC). For more information, see [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners-with-actions-runner-controller/about-actions-runner-controller). +1. Optionally, to build and scale self-hosted runners automatically, use {% data variables.product.prodname_actions_runner_controller %} (ARC). For more information, see [AUTOTITLE](/actions/concepts/runners/actions-runner-controller). You'll also find additional information about how to monitor and secure your self-hosted runners,{% ifversion ghes %} how to access actions from {% data variables.product.prodname_dotcom_the_website %},{% endif %} and how to customize the software on your runner machines. @@ -54,7 +54,7 @@ First, enable {% data variables.product.prodname_actions %} for all organization 1. To enable local actions{% ifversion actions-workflow-policy %} and reusable workflows, {% endif %} and actions created by {% data variables.product.company_short %}, select {% data reusables.actions.policy-label-for-select-actions-workflows %}, then select **Allow actions created by {% data variables.product.company_short %}**. 1. Click **Save**. -You can configure additional policies to restrict the actions available to {% ifversion ghec %}enterprise members{% elsif ghes %}users of {% data variables.location.product_location %}{% endif %}. For more information, see [AUTOTITLE](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise#allowing-select-actions-to-run). +You can configure additional policies to restrict the actions available to {% ifversion ghec %}enterprise members{% elsif ghes %}users of {% data variables.location.product_location %}{% endif %}. For more information, see [AUTOTITLE](/admin/enforcing-policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise#allowing-select-actions-to-run). ## 2. Deploy the self-hosted runner for your enterprise @@ -81,7 +81,7 @@ You can create a runner group to manage access to the runner that you added to y > [!WARNING] > {% data reusables.actions.self-hosted-runner-security %} > - > For more information, see [AUTOTITLE](/actions/security-for-github-actions/security-guides/security-hardening-for-github-actions). + > For more information, see [AUTOTITLE](/actions/reference/security/secure-use). {% data reusables.actions.create-runner-group %} 1. Click the "Runners" tab. @@ -97,9 +97,9 @@ You've now deployed a self-hosted runner that can run jobs from {% data variable Optionally, organization owners{% ifversion custom-org-roles %} and users with the "Manage organization runners and runner groups" permission{% endif %} can further restrict the access policy of the runner group that you created. For example, an organization owner could allow only certain repositories in the organization to use the runner group. -For more information, see [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners/managing-access-to-self-hosted-runners-using-groups#changing-the-access-policy-of-a-self-hosted-runner-group). +For more information, see [AUTOTITLE](/actions/how-tos/manage-runners/self-hosted-runners/manage-access#changing-which-repositories-can-access-a-runner-group). -{% ifversion custom-org-roles %}For more information about custom organization roles, see [AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/about-custom-organization-roles).{% endif %} +{% ifversion custom-org-roles %}For more information about custom organization roles, see [AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/permissions-of-custom-organization-roles).{% endif %} ## 5. Automatically scale your self-hosted runners @@ -107,9 +107,9 @@ Optionally, you can use {% data variables.product.prodname_actions_runner_contro ## Next steps -* You can monitor self-hosted runners and troubleshoot common issues. For more information, see [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners/monitoring-and-troubleshooting-self-hosted-runners). +* You can monitor self-hosted runners and troubleshoot common issues. For more information, see [AUTOTITLE](/actions/how-tos/manage-runners/self-hosted-runners/monitor-and-troubleshoot). -* {% data variables.product.company_short %} recommends that you review security considerations for self-hosted runner machines. For more information, see [AUTOTITLE](/actions/security-guides/security-hardening-for-github-actions#hardening-for-self-hosted-runners). +* {% data variables.product.company_short %} recommends that you review security considerations for self-hosted runner machines. For more information, see [AUTOTITLE](/actions/reference/security/secure-use#hardening-for-self-hosted-runners). * {% ifversion ghec %}If you use {% data variables.product.prodname_ghe_server %}, you{% elsif ghes %}You{% endif %} can manually sync repositories on {% data variables.product.prodname_dotcom_the_website %} containing actions to your enterprise on {% data variables.product.prodname_ghe_server %}. Alternatively, you can allow members of your enterprise to automatically access actions from {% data variables.product.prodname_dotcom_the_website %} by using {% data variables.product.prodname_github_connect %}. For more information, see the following. @@ -120,5 +120,5 @@ Optionally, you can use {% data variables.product.prodname_actions_runner_contro ## Further reading -* [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners/configuring-the-self-hosted-runner-application-as-a-service) -* [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners/using-self-hosted-runners-in-a-workflow) +* [AUTOTITLE](/actions/how-tos/manage-runners/self-hosted-runners/configure-the-application) +* [AUTOTITLE](/actions/how-tos/manage-runners/self-hosted-runners/use-in-a-workflow) diff --git a/content/admin/managing-github-actions-for-your-enterprise/getting-started-with-github-actions-for-your-enterprise/introducing-github-actions-to-your-enterprise.md b/content/admin/managing-github-actions-for-your-enterprise/getting-started-with-github-actions-for-your-enterprise/introducing-github-actions-to-your-enterprise.md index 7e8f8bed2e9e..6752d88f541c 100644 --- a/content/admin/managing-github-actions-for-your-enterprise/getting-started-with-github-actions-for-your-enterprise/introducing-github-actions-to-your-enterprise.md +++ b/content/admin/managing-github-actions-for-your-enterprise/getting-started-with-github-actions-for-your-enterprise/introducing-github-actions-to-your-enterprise.md @@ -17,7 +17,7 @@ category: ## About {% data variables.product.prodname_actions %} for enterprises -{% data reusables.actions.about-actions %} With {% data variables.product.prodname_actions %}, your enterprise can automate, customize, and execute your software development workflows like testing and deployments. For more information, see [AUTOTITLE](/admin/github-actions/getting-started-with-github-actions-for-your-enterprise/about-github-actions-for-enterprises). +{% data reusables.actions.about-actions %} With {% data variables.product.prodname_actions %}, your enterprise can automate, customize, and execute your software development workflows like testing and deployments. For more information, see [AUTOTITLE](/admin/managing-github-actions-for-your-enterprise/getting-started-with-github-actions-for-your-enterprise/about-github-actions-for-enterprises). Before you introduce {% data variables.product.prodname_actions %} to a large enterprise, you first need to plan your adoption and make decisions about how your enterprise will use {% data variables.product.prodname_actions %} to best support your unique needs. @@ -25,17 +25,17 @@ Before you introduce {% data variables.product.prodname_actions %} to a large en You should create a plan to govern your enterprise's use of {% data variables.product.prodname_actions %} and meet your compliance obligations. -Determine which actions {% ifversion actions-workflow-policy %}and reusable workflows{% endif %} your developers will be allowed to use. {% ifversion ghes %}First, decide whether you'll enable access to actions {% ifversion actions-workflow-policy %}and reusable workflows{% endif %} from outside your instance. {% data reusables.actions.access-actions-on-dotcom %} For more information, see [AUTOTITLE](/admin/github-actions/managing-access-to-actions-from-githubcom/about-using-actions-in-your-enterprise). +Determine which actions {% ifversion actions-workflow-policy %}and reusable workflows{% endif %} your developers will be allowed to use. {% ifversion ghes %}First, decide whether you'll enable access to actions {% ifversion actions-workflow-policy %}and reusable workflows{% endif %} from outside your instance. {% data reusables.actions.access-actions-on-dotcom %} For more information, see [AUTOTITLE](/admin/managing-github-actions-for-your-enterprise/managing-access-to-actions-from-githubcom/about-using-actions-in-your-enterprise). Then,{% else %}First,{% endif %} decide whether you'll allow third-party actions {% ifversion actions-workflow-policy %}and reusable workflows{% endif %} that were not created by {% data variables.product.company_short %}. You can configure the actions {% ifversion actions-workflow-policy %}and reusable workflows{% endif %} that are allowed to run at the repository, organization, and enterprise levels and can choose to only allow actions that are created by {% data variables.product.company_short %}. If you do allow third-party actions{% ifversion actions-workflow-policy %} and reusable workflows{% endif %}, you can limit allowed actions to those created by verified creators or a list of specific actions{% ifversion actions-workflow-policy %} and reusable workflows{% endif %}. -For more information, see [AUTOTITLE](/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#managing-github-actions-permissions-for-your-repository), [AUTOTITLE](/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization#managing-github-actions-permissions-for-your-organization), and [AUTOTITLE](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise#enforcing-a-policy-to-restrict-the-use-of-github-actions-in-your-enterprise). +For more information, see [AUTOTITLE](/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#managing-github-actions-permissions-for-your-repository), [AUTOTITLE](/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization#managing-github-actions-permissions-for-your-organization), and [AUTOTITLE](/admin/enforcing-policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise#enforcing-a-policy-to-restrict-the-use-of-github-actions-in-your-enterprise). -Consider combining OpenID Connect (OIDC) with reusable workflows to enforce consistent deployments across your repository, organization, or enterprise. You can do this by defining trust conditions on cloud roles based on reusable workflows. For more information, see [AUTOTITLE](/actions/deployment/security-hardening-your-deployments/using-openid-connect-with-reusable-workflows). +Consider combining OpenID Connect (OIDC) with reusable workflows to enforce consistent deployments across your repository, organization, or enterprise. You can do this by defining trust conditions on cloud roles based on reusable workflows. For more information, see [AUTOTITLE](/actions/how-tos/secure-your-work/security-harden-deployments/oidc-with-reusable-workflows). -You can access information about activity related to {% data variables.product.prodname_actions %} in the audit logs for your enterprise. If your business needs require retaining this information longer than audit log data is retained, plan how you'll export and store this data outside of {% data variables.product.prodname_dotcom %}. For more information, see {% ifversion ghec %}[AUTOTITLE](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/exporting-audit-log-activity-for-your-enterprise) and [AUTOTITLE](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/streaming-the-audit-log-for-your-enterprise).{% else %}[AUTOTITLE](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/streaming-the-audit-log-for-your-enterprise) and [AUTOTITLE](/admin/monitoring-activity-in-your-enterprise/exploring-user-activity/log-forwarding).{% endif %} +You can access information about activity related to {% data variables.product.prodname_actions %} in the audit logs for your enterprise. If your business needs require retaining this information longer than audit log data is retained, plan how you'll export and store this data outside of {% data variables.product.prodname_dotcom %}. For more information, see {% ifversion ghec %}[AUTOTITLE](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/exporting-audit-log-activity-for-your-enterprise) and [AUTOTITLE](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/streaming-the-audit-log-for-your-enterprise).{% else %}[AUTOTITLE](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/streaming-the-audit-log-for-your-enterprise) and [AUTOTITLE](/admin/monitoring-activity-in-your-enterprise/exploring-user-activity-in-your-enterprise/log-forwarding).{% endif %} -{% ifversion custom-org-roles %}You can practice the principle of least privilege by administering custom organization roles for access to settings in your {% data variables.product.prodname_actions %} CI/CD pipeline. For more information about custom organization roles, see [AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/about-custom-organization-roles).{% endif %} +{% ifversion custom-org-roles %}You can practice the principle of least privilege by administering custom organization roles for access to settings in your {% data variables.product.prodname_actions %} CI/CD pipeline. For more information about custom organization roles, see [AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/permissions-of-custom-organization-roles).{% endif %} ## Security @@ -43,7 +43,7 @@ You should plan your approach to security hardening for {% data variables.produc ### Security hardening individual workflows and repositories -Make a plan to enforce good security practices for people using {% data variables.product.prodname_actions %} features within your enterprise. For more information about these practices, see [AUTOTITLE](/actions/security-guides/security-hardening-for-github-actions). +Make a plan to enforce good security practices for people using {% data variables.product.prodname_actions %} features within your enterprise. For more information about these practices, see [AUTOTITLE](/actions/reference/security/secure-use). You can also encourage reuse of workflows that have already been evaluated for security. For more information, see [Innersourcing](#innersourcing). @@ -51,19 +51,19 @@ You can also encourage reuse of workflows that have already been evaluated for s You should plan where you'll store your secrets. We recommend storing secrets in {% data variables.product.prodname_dotcom %}, but you might choose to store secrets in a cloud provider. -In {% data variables.product.prodname_dotcom %}, you can store secrets at the repository or organization level. Secrets at the repository level can be limited to workflows in certain environments, such as production or testing. For more information, see [AUTOTITLE](/actions/security-guides/encrypted-secrets). +In {% data variables.product.prodname_dotcom %}, you can store secrets at the repository or organization level. Secrets at the repository level can be limited to workflows in certain environments, such as production or testing. For more information, see [AUTOTITLE](/actions/how-tos/write-workflows/choose-what-workflows-do/use-secrets). -You should consider adding manual approval protection for sensitive environments, so that workflows must be approved before getting access to the environments' secrets. For more information, see [AUTOTITLE](/actions/deployment/targeting-different-environments/using-environments-for-deployment). +You should consider adding manual approval protection for sensitive environments, so that workflows must be approved before getting access to the environments' secrets. For more information, see [AUTOTITLE](/actions/how-tos/deploy/configure-and-manage-deployments/manage-environments). ### Security considerations for third-party actions -There is significant risk in sourcing actions from third-party repositories on {% data variables.product.prodname_dotcom %}. If you do allow any third-party actions, you should create internal guidelines that encourage your team to follow best practices, such as pinning actions to the full commit SHA. For more information, see [AUTOTITLE](/actions/security-guides/security-hardening-for-github-actions#using-third-party-actions). +There is significant risk in sourcing actions from third-party repositories on {% data variables.product.prodname_dotcom %}. If you do allow any third-party actions, you should create internal guidelines that encourage your team to follow best practices, such as pinning actions to the full commit SHA. For more information, see [AUTOTITLE](/actions/reference/security/secure-use#using-third-party-actions). {% ifversion ghec %} ### Private networking with GitHub-hosted runners -{% data reusables.actions.azure-vnet-network-configuration-intro %} For more information, see [AUTOTITLE](/admin/configuration/configuring-private-networking-for-hosted-compute-products/about-azure-private-networking-for-github-hosted-runners-in-your-enterprise). +{% data reusables.actions.azure-vnet-network-configuration-intro %} For more information, see [AUTOTITLE](/admin/configuring-settings/configuring-private-networking-for-hosted-compute-products/about-azure-private-networking-for-github-hosted-runners-in-your-enterprise). {% endif %} @@ -73,9 +73,9 @@ Think about how your enterprise can use features of {% data variables.product.pr {% data reusables.actions.internal-actions-summary %} -With reusable workflows, your team can call one workflow from another workflow, avoiding exact duplication. Reusable workflows promote best practice by helping your team use workflows that are well designed and have already been tested. For more information, see [AUTOTITLE](/actions/using-workflows/reusing-workflows). +With reusable workflows, your team can call one workflow from another workflow, avoiding exact duplication. Reusable workflows promote best practice by helping your team use workflows that are well designed and have already been tested. For more information, see [AUTOTITLE](/actions/how-tos/reuse-automations/reuse-workflows). -To provide a starting place for developers building new workflows, you can use workflow templates. This not only saves time for your developers, but promotes consistency and best practice across your enterprise. For more information, see [AUTOTITLE](/actions/using-workflows/creating-starter-workflows-for-your-organization). +To provide a starting place for developers building new workflows, you can use workflow templates. This not only saves time for your developers, but promotes consistency and best practice across your enterprise. For more information, see [AUTOTITLE](/actions/how-tos/reuse-automations/create-workflow-templates). ## Managing resources @@ -85,38 +85,38 @@ You should plan for how you'll manage the resources required to use {% data vari ### Hardware requirements -You may need to upgrade the CPU and memory resources for {% data variables.location.product_location %} to handle the load from {% data variables.product.prodname_actions %} without causing performance loss. For more information, see [AUTOTITLE](/admin/github-actions/getting-started-with-github-actions-for-your-enterprise/getting-started-with-github-actions-for-github-enterprise-server#review-hardware-requirements). +You may need to upgrade the CPU and memory resources for {% data variables.location.product_location %} to handle the load from {% data variables.product.prodname_actions %} without causing performance loss. For more information, see [AUTOTITLE](/admin/managing-github-actions-for-your-enterprise/getting-started-with-github-actions-for-your-enterprise/getting-started-with-github-actions-for-github-enterprise-server#review-hardware-requirements). {% endif %} ### Runners -{% data variables.product.prodname_actions %} workflows require runners.{% ifversion ghec %} You can choose to use {% data variables.product.prodname_dotcom %}-hosted runners or self-hosted runners. {% data variables.product.company_short %} manages maintenance and upgrades for {% data variables.product.prodname_dotcom %}-hosted runners. For more information, see [AUTOTITLE](/actions/using-github-hosted-runners/about-github-hosted-runners). +{% data variables.product.prodname_actions %} workflows require runners.{% ifversion ghec %} You can choose to use {% data variables.product.prodname_dotcom %}-hosted runners or self-hosted runners. {% data variables.product.company_short %} manages maintenance and upgrades for {% data variables.product.prodname_dotcom %}-hosted runners. For more information, see [AUTOTITLE](/actions/concepts/runners/github-hosted-runners). -To manage your own resources, configuration, or geographic location of your runner machines, use self-hosted runners. For more information, see [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners/about-self-hosted-runners). +To manage your own resources, configuration, or geographic location of your runner machines, use self-hosted runners. For more information, see [AUTOTITLE](/actions/concepts/runners/self-hosted-runners). -If you want more control over the networking policies for your runners, use self-hosted runners or private networking options for {% data variables.product.prodname_dotcom %}-hosted runners. For more information about private networking options, see [AUTOTITLE](/actions/using-github-hosted-runners/connecting-to-a-private-network/about-private-networking-with-github-hosted-runners).{% else %} You will need to host your own runners by installing the {% data variables.product.prodname_actions %} self-hosted runner application on your own machines. For more information, see [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners/about-self-hosted-runners).{% endif %} +If you want more control over the networking policies for your runners, use self-hosted runners or private networking options for {% data variables.product.prodname_dotcom %}-hosted runners. For more information about private networking options, see [AUTOTITLE](/actions/concepts/runners/private-networking).{% else %} You will need to host your own runners by installing the {% data variables.product.prodname_actions %} self-hosted runner application on your own machines. For more information, see [AUTOTITLE](/actions/concepts/runners/self-hosted-runners).{% endif %} {% ifversion ghec %}If you are using self-hosted runners, you have to decide whether you want to use physical machines, virtual machines, or containers.{% else %}Decide whether you want to use physical machines, virtual machines, or containers for your self-hosted runners.{% endif %} Physical machines will retain remnants of previous jobs, and so will virtual machines unless you use a fresh image for each job or clean up the machines after each job run. If you choose containers, you should be aware that the runner auto-updating will shut down the container, which can cause workflows to fail. You should come up with a solution for this by preventing auto-updates or skipping the command to kill the container. -You also have to decide where to add each runner. You can add a self-hosted runner to an individual repository, or you can make the runner available to an entire organization or your entire enterprise. Adding runners at the organization or enterprise levels allows sharing of runners, which might reduce the size of your runner infrastructure. You can use policies to limit access to self-hosted runners at the organization and enterprise levels by assigning groups of runners to specific repositories or organizations. For more information, see [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners/adding-self-hosted-runners) and [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners/managing-access-to-self-hosted-runners-using-groups). You can also use policies to prevent people using repository-level self-hosted runners. For more information, see [AUTOTITLE](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise#disabling-repository-level-self-hosted-runners). +You also have to decide where to add each runner. You can add a self-hosted runner to an individual repository, or you can make the runner available to an entire organization or your entire enterprise. Adding runners at the organization or enterprise levels allows sharing of runners, which might reduce the size of your runner infrastructure. You can use policies to limit access to self-hosted runners at the organization and enterprise levels by assigning groups of runners to specific repositories or organizations. For more information, see [AUTOTITLE](/actions/how-tos/manage-runners/self-hosted-runners/add-runners) and [AUTOTITLE](/actions/how-tos/manage-runners/self-hosted-runners/manage-access). You can also use policies to prevent people using repository-level self-hosted runners. For more information, see [AUTOTITLE](/admin/enforcing-policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise#disabling-repository-level-self-hosted-runners). -You should consider using autoscaling to automatically increase or decrease the number of available self-hosted runners. For more information, see [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners/autoscaling-with-self-hosted-runners). +You should consider using autoscaling to automatically increase or decrease the number of available self-hosted runners. For more information, see [AUTOTITLE](/actions/reference/runners/self-hosted-runners). -Finally, you should consider security hardening for self-hosted runners. For more information, see [AUTOTITLE](/actions/security-guides/security-hardening-for-github-actions#hardening-for-self-hosted-runners). +Finally, you should consider security hardening for self-hosted runners. For more information, see [AUTOTITLE](/actions/reference/security/secure-use#hardening-for-self-hosted-runners). ### Storage -{% data reusables.actions.about-artifacts %} For more information, see [AUTOTITLE](/actions/using-workflows/storing-workflow-data-as-artifacts). +{% data reusables.actions.about-artifacts %} For more information, see [AUTOTITLE](/actions/tutorials/store-and-share-data). -{% data variables.product.prodname_actions %} also has a caching system that you can use to cache dependencies to speed up workflow runs. For more information, see [AUTOTITLE](/actions/using-workflows/caching-dependencies-to-speed-up-workflows). +{% data variables.product.prodname_actions %} also has a caching system that you can use to cache dependencies to speed up workflow runs. For more information, see [AUTOTITLE](/actions/reference/workflows-and-actions/dependency-caching). {% ifversion ghes %} -You must configure external blob storage for workflow artifacts, caches, and other workflow logs. Decide which supported storage provider your enterprise will use. For more information, see [AUTOTITLE](/admin/github-actions/getting-started-with-github-actions-for-your-enterprise/getting-started-with-github-actions-for-github-enterprise-server#external-storage-requirements). +You must configure external blob storage for workflow artifacts, caches, and other workflow logs. Decide which supported storage provider your enterprise will use. For more information, see [AUTOTITLE](/admin/managing-github-actions-for-your-enterprise/getting-started-with-github-actions-for-your-enterprise/getting-started-with-github-actions-for-github-enterprise-server#external-storage-requirements). {% endif %} -You can use policy settings for {% data variables.product.prodname_actions %} to customize the storage of workflow artifacts, caches, and log retention. For more information, see [AUTOTITLE](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise). +You can use policy settings for {% data variables.product.prodname_actions %} to customize the storage of workflow artifacts, caches, and log retention. For more information, see [AUTOTITLE](/admin/enforcing-policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise). {% ifversion ghec %} -Some storage is included in your subscription, but additional storage will affect your bill. You should plan for this cost. For more information, see [AUTOTITLE](/billing/managing-billing-for-github-actions/about-billing-for-github-actions). +Some storage is included in your subscription, but additional storage will affect your bill. You should plan for this cost. For more information, see [AUTOTITLE](/billing/concepts/product-billing/github-actions). {% endif %} ## Tracking usage @@ -124,12 +124,12 @@ Some storage is included in your subscription, but additional storage will affec You should consider making a plan to track your enterprise's usage of {% data variables.product.prodname_actions %}, such as how often workflows are running, how many of those runs are passing and failing, and which repositories are using which workflows. {% ifversion ghec %} -You can see basic details of storage and data transfer usage of {% data variables.product.prodname_actions %} for each organization in your enterprise via your billing settings. For more information, see [AUTOTITLE](/billing/managing-billing-for-github-actions/viewing-your-github-actions-usage#viewing-github-actions-usage-for-your-enterprise-account). +You can see basic details of storage and data transfer usage of {% data variables.product.prodname_actions %} for each organization in your enterprise via your billing settings. For more information, see [AUTOTITLE](/billing/how-tos/products/view-productlicense-use#organization-and-enterprise-accounts). > [!NOTE] Enterprise-level metrics for {% data variables.product.prodname_actions %} is in {% data variables.release-phases.public_preview %} and subject to change. -You can view both usage and performance data for your enterprise under the "Insights" tab. These metrics provide the same {% data variables.product.prodname_actions %} data available at the repository and organization levels but aggregated for your entire enterprise. If you need more detailed insights, see [Viewing {% data variables.product.prodname_actions %} metrics for your organization](/actions/administering-github-actions/viewing-github-actions-metrics#viewing-github-actions-metrics-for-your-organization) or [Viewing {% data variables.product.prodname_actions %} metrics for your repository](/actions/administering-github-actions/viewing-github-actions-metrics#viewing-github-actions-metrics-for-your-repository). +You can view both usage and performance data for your enterprise under the "Insights" tab. These metrics provide the same {% data variables.product.prodname_actions %} data available at the repository and organization levels but aggregated for your entire enterprise. If you need more detailed insights, see [Viewing {% data variables.product.prodname_actions %} metrics for your organization](/actions/how-tos/administer/view-metrics#viewing-github-actions-metrics-for-your-organization) or [Viewing {% data variables.product.prodname_actions %} metrics for your repository](/actions/how-tos/administer/view-metrics#viewing-github-actions-metrics-for-your-repository). -For more detailed usage data at a per job or per workflow level, you{% else %}You{% endif %} can use webhooks to subscribe to information about workflow jobs and workflow runs. For more information, see [AUTOTITLE](/webhooks-and-events/webhooks/about-webhooks). +For more detailed usage data at a per job or per workflow level, you{% else %}You{% endif %} can use webhooks to subscribe to information about workflow jobs and workflow runs. For more information, see [AUTOTITLE](/webhooks/about-webhooks). Make a plan for how your enterprise can pass the information from these webhooks into a data archiving system, and plan how you'll enable your teams to get the data they need from your archiving system. diff --git a/content/admin/managing-github-actions-for-your-enterprise/getting-started-with-github-actions-for-your-enterprise/migrating-your-enterprise-to-github-actions.md b/content/admin/managing-github-actions-for-your-enterprise/getting-started-with-github-actions-for-your-enterprise/migrating-your-enterprise-to-github-actions.md index 150f224c04a6..295e44d10390 100644 --- a/content/admin/managing-github-actions-for-your-enterprise/getting-started-with-github-actions-for-your-enterprise/migrating-your-enterprise-to-github-actions.md +++ b/content/admin/managing-github-actions-for-your-enterprise/getting-started-with-github-actions-for-your-enterprise/migrating-your-enterprise-to-github-actions.md @@ -17,7 +17,7 @@ category: To migrate your enterprise to {% data variables.product.prodname_actions %} from an existing system, you can plan the migration, complete the migration, and retire existing systems. -This guide addresses specific considerations for migrations. For additional information about introducing {% data variables.product.prodname_actions %} to your enterprise, see [AUTOTITLE](/admin/github-actions/getting-started-with-github-actions-for-your-enterprise/introducing-github-actions-to-your-enterprise). +This guide addresses specific considerations for migrations. For additional information about introducing {% data variables.product.prodname_actions %} to your enterprise, see [AUTOTITLE](/admin/managing-github-actions-for-your-enterprise/getting-started-with-github-actions-for-your-enterprise/introducing-github-actions-to-your-enterprise). ## Planning your migration @@ -33,7 +33,7 @@ Before you can migrate to {% data variables.product.prodname_actions %}, you nee First, create an inventory of the existing build and release workflows within your enterprise, gathering information about which workflows are being actively used and need to migrated and which can be left behind. -Next, learn the differences between your current provider and {% data variables.product.prodname_actions %}. This will help you assess any difficulties in migrating each workflow, and where your enterprise might experience differences in features. For more information, see [AUTOTITLE](/actions/migrating-to-github-actions). +Next, learn the differences between your current provider and {% data variables.product.prodname_actions %}. This will help you assess any difficulties in migrating each workflow, and where your enterprise might experience differences in features. For more information, see [AUTOTITLE](/actions/tutorials/migrate-to-github-actions). With this information, you'll be able to determine which workflows you can and want to migrate to {% data variables.product.prodname_actions %}. @@ -49,7 +49,7 @@ Identify the gates and checks in your existing system and verify that you can im ### Identifying and validating migration tools -Automated migration tools can translate your enterprise's workflows from the existing system's syntax to the syntax required by {% data variables.product.prodname_actions %}. Identify third-party tooling or contact your dedicated representative or {% data variables.contact.contact_enterprise_sales %} to ask about tools that {% data variables.product.company_short %} can provide. For example, you can use the {% data variables.product.prodname_actions_importer %} to plan, scope, and migrate your CI pipelines to {% data variables.product.prodname_actions %} from various supported services. For more information, see [AUTOTITLE](/actions/migrating-to-github-actions/automated-migrations/automating-migration-with-github-actions-importer). +Automated migration tools can translate your enterprise's workflows from the existing system's syntax to the syntax required by {% data variables.product.prodname_actions %}. Identify third-party tooling or contact your dedicated representative or {% data variables.contact.contact_enterprise_sales %} to ask about tools that {% data variables.product.company_short %} can provide. For example, you can use the {% data variables.product.prodname_actions_importer %} to plan, scope, and migrate your CI pipelines to {% data variables.product.prodname_actions %} from various supported services. For more information, see [AUTOTITLE](/actions/tutorials/migrate-to-github-actions/automated-migrations/use-github-actions-importer). After you've identified a tool to automate your migrations, validate the tool by running the tool on some test workflows and verifying that the results are as expected. diff --git a/content/admin/managing-github-actions-for-your-enterprise/managing-access-to-actions-from-githubcom/about-using-actions-in-your-enterprise.md b/content/admin/managing-github-actions-for-your-enterprise/managing-access-to-actions-from-githubcom/about-using-actions-in-your-enterprise.md index ce771339bd53..76ea0c882365 100644 --- a/content/admin/managing-github-actions-for-your-enterprise/managing-access-to-actions-from-githubcom/about-using-actions-in-your-enterprise.md +++ b/content/admin/managing-github-actions-for-your-enterprise/managing-access-to-actions-from-githubcom/about-using-actions-in-your-enterprise.md @@ -40,10 +40,10 @@ To see all the official actions included on your enterprise instance, browse to There is no connection required between {% data variables.location.product_location %} and {% data variables.product.prodname_dotcom_the_website %} to use these actions. -Each action is a repository in the `actions` organization, and each action repository includes the necessary tags, branches, and commit SHAs that your workflows can use to reference the action. For information on how to update the bundled official actions, see [AUTOTITLE](/admin/github-actions/managing-access-to-actions-from-githubcom/using-the-latest-version-of-the-official-bundled-actions). +Each action is a repository in the `actions` organization, and each action repository includes the necessary tags, branches, and commit SHAs that your workflows can use to reference the action. For information on how to update the bundled official actions, see [AUTOTITLE](/admin/managing-github-actions-for-your-enterprise/managing-access-to-actions-from-githubcom/using-the-latest-version-of-the-official-bundled-actions). > [!NOTE] -> * When using setup actions (such as `actions/setup-LANGUAGE`) on {% data variables.product.prodname_ghe_server %} with self-hosted runners, you might need to set up the tools cache on runners that do not have internet access. For more information, see [AUTOTITLE](/admin/github-actions/managing-access-to-actions-from-githubcom/setting-up-the-tool-cache-on-self-hosted-runners-without-internet-access). +> * When using setup actions (such as `actions/setup-LANGUAGE`) on {% data variables.product.prodname_ghe_server %} with self-hosted runners, you might need to set up the tools cache on runners that do not have internet access. For more information, see [AUTOTITLE](/admin/managing-github-actions-for-your-enterprise/managing-access-to-actions-from-githubcom/setting-up-the-tool-cache-on-self-hosted-runners-without-internet-access). > * All `actions/setup-LANGUAGE` action repositories currently support three platforms: macOS, Windows, and Ubuntu. > * When {% data variables.product.prodname_ghe_server %} is updated, bundled actions are automatically replaced with default versions in the upgrade package. > * Being bundled with {% data variables.product.prodname_ghe_server %} means the action is available within that environment, but it doesn’t automatically guarantee compatibility with all platforms or self-hosted runners. @@ -52,13 +52,13 @@ Each action is a repository in the `actions` organization, and each action repos {% data reusables.actions.access-actions-on-dotcom %} -The recommended approach is to enable automatic access to all actions from {% data variables.product.prodname_dotcom_the_website %}. You can do this by using {% data variables.product.prodname_github_connect %} to integrate {% data variables.product.prodname_ghe_server %} with {% data variables.product.prodname_ghe_cloud %}. For more information, see [AUTOTITLE](/admin/github-actions/managing-access-to-actions-from-githubcom/enabling-automatic-access-to-githubcom-actions-using-github-connect). +The recommended approach is to enable automatic access to all actions from {% data variables.product.prodname_dotcom_the_website %}. You can do this by using {% data variables.product.prodname_github_connect %} to integrate {% data variables.product.prodname_ghe_server %} with {% data variables.product.prodname_ghe_cloud %}. For more information, see [AUTOTITLE](/admin/managing-github-actions-for-your-enterprise/managing-access-to-actions-from-githubcom/enabling-automatic-access-to-githubcom-actions-using-github-connect). > [!NOTE] -> Before you can configure access to actions on {% data variables.product.prodname_dotcom_the_website %}, you must configure {% data variables.location.product_location %} to use {% data variables.product.prodname_actions %}. For more information, see [AUTOTITLE](/admin/github-actions/getting-started-with-github-actions-for-your-enterprise/getting-started-with-github-actions-for-github-enterprise-server). +> Before you can configure access to actions on {% data variables.product.prodname_dotcom_the_website %}, you must configure {% data variables.location.product_location %} to use {% data variables.product.prodname_actions %}. For more information, see [AUTOTITLE](/admin/managing-github-actions-for-your-enterprise/getting-started-with-github-actions-for-your-enterprise/getting-started-with-github-actions-for-github-enterprise-server). {% data reusables.actions.self-hosted-runner-networking-to-dotcom %} {% data reusables.actions.enterprise-limit-actions-use %} -Alternatively, if you want stricter control over which actions are allowed in your enterprise, or you do not want to allow outbound connections to {% data variables.product.prodname_dotcom_the_website %}, you can manually download and sync actions onto your enterprise instance using the `actions-sync` tool. For more information, see [AUTOTITLE](/admin/github-actions/managing-access-to-actions-from-githubcom/manually-syncing-actions-from-githubcom). +Alternatively, if you want stricter control over which actions are allowed in your enterprise, or you do not want to allow outbound connections to {% data variables.product.prodname_dotcom_the_website %}, you can manually download and sync actions onto your enterprise instance using the `actions-sync` tool. For more information, see [AUTOTITLE](/admin/managing-github-actions-for-your-enterprise/managing-access-to-actions-from-githubcom/manually-syncing-actions-from-githubcom). diff --git a/content/admin/managing-github-actions-for-your-enterprise/managing-access-to-actions-from-githubcom/enabling-automatic-access-to-githubcom-actions-using-github-connect.md b/content/admin/managing-github-actions-for-your-enterprise/managing-access-to-actions-from-githubcom/enabling-automatic-access-to-githubcom-actions-using-github-connect.md index 670b3d837455..ce5f1fd7c611 100644 --- a/content/admin/managing-github-actions-for-your-enterprise/managing-access-to-actions-from-githubcom/enabling-automatic-access-to-githubcom-actions-using-github-connect.md +++ b/content/admin/managing-github-actions-for-your-enterprise/managing-access-to-actions-from-githubcom/enabling-automatic-access-to-githubcom-actions-using-github-connect.md @@ -22,7 +22,7 @@ By default, {% data variables.product.prodname_actions %} workflows on {% data v {% data reusables.actions.self-hosted-runner-networking-to-dotcom %} -Alternatively, if you want stricter control over which actions are allowed in your enterprise, you can manually download and sync public actions onto your enterprise instance using the `actions-sync` tool. For more information, see [AUTOTITLE](/admin/github-actions/managing-access-to-actions-from-githubcom/manually-syncing-actions-from-githubcom). +Alternatively, if you want stricter control over which actions are allowed in your enterprise, you can manually download and sync public actions onto your enterprise instance using the `actions-sync` tool. For more information, see [AUTOTITLE](/admin/managing-github-actions-for-your-enterprise/managing-access-to-actions-from-githubcom/manually-syncing-actions-from-githubcom). ## About resolution for actions using {% data variables.product.prodname_github_connect %} @@ -33,8 +33,8 @@ If a user has already created an organization and repository in your enterprise ## Enabling automatic access to public {% data variables.product.prodname_dotcom_the_website %} actions Before enabling access to public actions from {% data variables.product.prodname_dotcom_the_website %} for your enterprise, you must: -* Configure {% data variables.location.product_location %} to use {% data variables.product.prodname_actions %}. For more information, see [AUTOTITLE](/admin/github-actions/getting-started-with-github-actions-for-your-enterprise/getting-started-with-github-actions-for-github-enterprise-server). -* Enable {% data variables.product.prodname_github_connect %}. For more information, see [AUTOTITLE](/admin/configuration/configuring-github-connect/managing-github-connect). +* Configure {% data variables.location.product_location %} to use {% data variables.product.prodname_actions %}. For more information, see [AUTOTITLE](/admin/managing-github-actions-for-your-enterprise/getting-started-with-github-actions-for-your-enterprise/getting-started-with-github-actions-for-github-enterprise-server). +* Enable {% data variables.product.prodname_github_connect %}. For more information, see [AUTOTITLE](/admin/configuring-settings/configuring-github-connect/enabling-github-connect-for-githubcom). {% data reusables.enterprise-accounts.access-enterprise %} {% data reusables.enterprise-accounts.github-connect-tab %} diff --git a/content/admin/managing-github-actions-for-your-enterprise/managing-access-to-actions-from-githubcom/manually-syncing-actions-from-githubcom.md b/content/admin/managing-github-actions-for-your-enterprise/managing-access-to-actions-from-githubcom/manually-syncing-actions-from-githubcom.md index b6a998b8009e..3759fe9dfe4c 100644 --- a/content/admin/managing-github-actions-for-your-enterprise/managing-access-to-actions-from-githubcom/manually-syncing-actions-from-githubcom.md +++ b/content/admin/managing-github-actions-for-your-enterprise/managing-access-to-actions-from-githubcom/manually-syncing-actions-from-githubcom.md @@ -17,7 +17,7 @@ category: {% data reusables.actions.enterprise-no-internet-actions %} -We recommend enabling automatic access to public actions by using {% data variables.product.prodname_github_connect %} to integrate {% data variables.product.prodname_ghe_server %} with {% data variables.product.prodname_ghe_cloud %}. See [AUTOTITLE](/admin/github-actions/managing-access-to-actions-from-githubcom/enabling-automatic-access-to-githubcom-actions-using-github-connect). +We recommend enabling automatic access to public actions by using {% data variables.product.prodname_github_connect %} to integrate {% data variables.product.prodname_ghe_server %} with {% data variables.product.prodname_ghe_cloud %}. See [AUTOTITLE](/admin/managing-github-actions-for-your-enterprise/managing-access-to-actions-from-githubcom/enabling-automatic-access-to-githubcom-actions-using-github-connect). If you want stricter control over which actions are allowed in your enterprise, you can follow this guide to use our open source [`actions-sync`](https://github.com/actions/actions-sync) tool to sync individual action repositories from {% data variables.product.prodname_dotcom_the_website %} to your enterprise. @@ -32,18 +32,18 @@ If your machine has access to both systems at the same time, you can do the sync The `actions-sync` tool can only download actions from {% data variables.product.prodname_dotcom_the_website %} that are stored in public repositories. > [!NOTE] -> The `actions-sync` tool is intended for use in systems where {% data variables.product.prodname_github_connect %} is not enabled. If you run the tool on a system with {% data variables.product.prodname_github_connect %} enabled, you may see the error `The repository has been retired and cannot be reused`. This indicates that a workflow has used that action directly on {% data variables.product.prodname_dotcom_the_website %} and the namespace is retired on {% data variables.location.product_location %}. See [AUTOTITLE](/admin/github-actions/managing-access-to-actions-from-githubcom/enabling-automatic-access-to-githubcom-actions-using-github-connect#automatic-retirement-of-namespaces-for-actions-accessed-on-githubcom). +> The `actions-sync` tool is intended for use in systems where {% data variables.product.prodname_github_connect %} is not enabled. If you run the tool on a system with {% data variables.product.prodname_github_connect %} enabled, you may see the error `The repository has been retired and cannot be reused`. This indicates that a workflow has used that action directly on {% data variables.product.prodname_dotcom_the_website %} and the namespace is retired on {% data variables.location.product_location %}. See [AUTOTITLE](/admin/managing-github-actions-for-your-enterprise/managing-access-to-actions-from-githubcom/enabling-automatic-access-to-githubcom-actions-using-github-connect#automatic-retirement-of-namespaces-for-actions-accessed-on-githubcom). ## Prerequisites * Before using the `actions-sync` tool, you must ensure that all destination organizations already exist in your enterprise. The following example demonstrates how to sync actions to an organization named `synced-actions`. See [AUTOTITLE](/organizations/collaborating-with-groups-in-organizations/creating-a-new-organization-from-scratch). -* You must create a {% data variables.product.pat_generic %} on your enterprise that can create and write to repositories in the destination organizations. See [AUTOTITLE](/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token). +* You must create a {% data variables.product.pat_generic %} on your enterprise that can create and write to repositories in the destination organizations. See [AUTOTITLE](/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens). * If you want to sync the bundled actions in the `actions` organization on {% data variables.location.product_location %}, you must be an owner of the `actions` organization. > [!NOTE] > By default, even site administrators are not owners of the bundled `actions` organization. - Site administrators can use the `ghe-org-admin-promote` command in the administrative shell to promote a user to be an owner of the bundled `actions` organization. See [AUTOTITLE](/admin/configuration/configuring-your-enterprise/accessing-the-administrative-shell-ssh) and [AUTOTITLE](/admin/configuration/configuring-your-enterprise/command-line-utilities#ghe-org-admin-promote). + Site administrators can use the `ghe-org-admin-promote` command in the administrative shell to promote a user to be an owner of the bundled `actions` organization. See [AUTOTITLE](/admin/administering-your-instance/administering-your-instance-from-the-command-line/accessing-the-administrative-shell-ssh) and [AUTOTITLE](/admin/administering-your-instance/administering-your-instance-from-the-command-line/command-line-utilities#ghe-org-admin-promote). ```shell ghe-org-admin-promote -u USERNAME -o actions @@ -91,4 +91,4 @@ This example demonstrates using the `actions-sync` tool to sync an individual ac uses: synced-actions/actions-stale@v1 ``` - See [AUTOTITLE](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsuses). + See [AUTOTITLE](/actions/reference/workflows-and-actions/workflow-syntax#jobsjob_idstepsuses). diff --git a/content/admin/managing-github-actions-for-your-enterprise/managing-access-to-actions-from-githubcom/setting-up-the-tool-cache-on-self-hosted-runners-without-internet-access.md b/content/admin/managing-github-actions-for-your-enterprise/managing-access-to-actions-from-githubcom/setting-up-the-tool-cache-on-self-hosted-runners-without-internet-access.md index d4b8b9d27a8e..fbb42e06b6d5 100644 --- a/content/admin/managing-github-actions-for-your-enterprise/managing-access-to-actions-from-githubcom/setting-up-the-tool-cache-on-self-hosted-runners-without-internet-access.md +++ b/content/admin/managing-github-actions-for-your-enterprise/managing-access-to-actions-from-githubcom/setting-up-the-tool-cache-on-self-hosted-runners-without-internet-access.md @@ -25,7 +25,7 @@ The `actions/setup-LANGUAGE` actions normally need internet access to download t You can populate the runner tool cache by running a {% data variables.product.prodname_actions %} workflow on {% data variables.product.prodname_dotcom_the_website %} that uploads a {% data variables.product.prodname_dotcom %}-hosted runner's tool cache as an artifact, which you can then transfer and extract on your internet-disconnected self-hosted runner. > [!NOTE] -> You can only use a {% data variables.product.prodname_dotcom %}-hosted runner's tool cache for a self-hosted runner that has an identical operating system and architecture. For example, if you are using a `ubuntu-22.04` {% data variables.product.prodname_dotcom %}-hosted runner to generate a tool cache, your self-hosted runner must be a 64-bit Ubuntu 22.04 machine. For more information on {% data variables.product.prodname_dotcom %}-hosted runners, see [AUTOTITLE](/free-pro-team@latest/actions/using-github-hosted-runners/about-github-hosted-runners#supported-runners-and-hardware-resources). +> You can only use a {% data variables.product.prodname_dotcom %}-hosted runner's tool cache for a self-hosted runner that has an identical operating system and architecture. For example, if you are using a `ubuntu-22.04` {% data variables.product.prodname_dotcom %}-hosted runner to generate a tool cache, your self-hosted runner must be a 64-bit Ubuntu 22.04 machine. For more information on {% data variables.product.prodname_dotcom %}-hosted runners, see [AUTOTITLE](/actions/reference/runners/github-hosted-runners#supported-runners-and-hardware-resources). ## Prerequisites @@ -69,7 +69,7 @@ You can populate the runner tool cache by running a {% data variables.product.pr path: {% raw %}${{runner.tool_cache}}/tool_cache.tar.gz{% endraw %} ``` -1. Download the tool cache artifact from the workflow run. For instructions on downloading artifacts, see [AUTOTITLE](/actions/managing-workflow-runs/downloading-workflow-artifacts). +1. Download the tool cache artifact from the workflow run. For instructions on downloading artifacts, see [AUTOTITLE](/actions/how-tos/manage-workflow-runs/download-workflow-artifacts). 1. Transfer the tool cache artifact to your self hosted runner and extract it to the local tool cache directory. The default tool cache directory is `RUNNER_DIR/_work/_tool`. If the runner hasn't processed any jobs yet, you might need to create the `_work/_tool` directories. After extracting the tool cache artifact uploaded in the above example, you should have a directory structure on your self-hosted runner that is similar to the following example: diff --git a/content/admin/managing-github-actions-for-your-enterprise/managing-access-to-actions-from-githubcom/using-the-latest-version-of-the-official-bundled-actions.md b/content/admin/managing-github-actions-for-your-enterprise/managing-access-to-actions-from-githubcom/using-the-latest-version-of-the-official-bundled-actions.md index be9994e55693..5b1a1ed7183c 100644 --- a/content/admin/managing-github-actions-for-your-enterprise/managing-access-to-actions-from-githubcom/using-the-latest-version-of-the-official-bundled-actions.md +++ b/content/admin/managing-github-actions-for-your-enterprise/managing-access-to-actions-from-githubcom/using-the-latest-version-of-the-official-bundled-actions.md @@ -13,17 +13,17 @@ category: --- {% data reusables.actions.enterprise-github-hosted-runners %} -Your enterprise instance includes a number of built-in actions that you can use in your workflows. For more information about the bundled actions, see [AUTOTITLE](/admin/github-actions/managing-access-to-actions-from-githubcom/about-using-actions-in-your-enterprise#official-actions-bundled-with-your-enterprise-instance). +Your enterprise instance includes a number of built-in actions that you can use in your workflows. For more information about the bundled actions, see [AUTOTITLE](/admin/managing-github-actions-for-your-enterprise/managing-access-to-actions-from-githubcom/about-using-actions-in-your-enterprise#official-actions-bundled-with-your-enterprise-instance). These bundled actions are a point-in-time snapshot of the official actions found at https://github.com/actions, so there may be newer versions of these actions available. You can use the `actions-sync` tool to update these actions, or you can configure {% data variables.product.prodname_github_connect %} to allow access to the latest actions on {% data variables.product.prodname_dotcom_the_website %}. These options are described in the following sections. ## Using `actions-sync` to update the bundled actions -To update the bundled actions, you can use the `actions-sync` tool to update the snapshot. For more information on using `actions-sync`, see [AUTOTITLE](/admin/github-actions/managing-access-to-actions-from-githubcom/manually-syncing-actions-from-githubcom). +To update the bundled actions, you can use the `actions-sync` tool to update the snapshot. For more information on using `actions-sync`, see [AUTOTITLE](/admin/managing-github-actions-for-your-enterprise/managing-access-to-actions-from-githubcom/manually-syncing-actions-from-githubcom). ## Using {% data variables.product.prodname_github_connect %} to access the latest actions -You can use {% data variables.product.prodname_github_connect %} to allow {% data variables.product.prodname_ghe_server %} to use actions from {% data variables.product.prodname_dotcom_the_website %}. For more information, see [AUTOTITLE](/admin/github-actions/managing-access-to-actions-from-githubcom/enabling-automatic-access-to-githubcom-actions-using-github-connect). +You can use {% data variables.product.prodname_github_connect %} to allow {% data variables.product.prodname_ghe_server %} to use actions from {% data variables.product.prodname_dotcom_the_website %}. For more information, see [AUTOTITLE](/admin/managing-github-actions-for-your-enterprise/managing-access-to-actions-from-githubcom/enabling-automatic-access-to-githubcom-actions-using-github-connect). Once {% data variables.product.prodname_github_connect %} is configured, you can use the latest version of an action by deleting its local repository in the `actions` organization on your instance. For example, if your enterprise instance is using `v1` of the `actions/checkout` action, and you need to use `{% data reusables.actions.action-checkout %}` which isn't available on your enterprise instance, perform the following steps to be able to use the latest `checkout` action from {% data variables.product.prodname_dotcom_the_website %}: @@ -45,4 +45,4 @@ Once {% data variables.product.prodname_github_connect %} is configured, you can 1. Each time your workflow runs, the runner will use the specified version of `actions/checkout` from {% data variables.product.prodname_dotcom_the_website %}. > [!NOTE] - > The first time the `checkout` action is used from {% data variables.product.prodname_dotcom_the_website %}, the `actions/checkout` namespace is automatically retired on {% data variables.location.product_location %}. If you ever want to revert to using a local copy of the action, you first need to remove the namespace from retirement. For more information, see [AUTOTITLE](/admin/github-actions/managing-access-to-actions-from-githubcom/enabling-automatic-access-to-githubcom-actions-using-github-connect#automatic-retirement-of-namespaces-for-actions-accessed-on-githubcom). + > The first time the `checkout` action is used from {% data variables.product.prodname_dotcom_the_website %}, the `actions/checkout` namespace is automatically retired on {% data variables.location.product_location %}. If you ever want to revert to using a local copy of the action, you first need to remove the namespace from retirement. For more information, see [AUTOTITLE](/admin/managing-github-actions-for-your-enterprise/managing-access-to-actions-from-githubcom/enabling-automatic-access-to-githubcom-actions-using-github-connect#automatic-retirement-of-namespaces-for-actions-accessed-on-githubcom). diff --git a/content/admin/managing-github-apps-for-your-enterprise/adding-and-removing-github-app-managers-in-your-enterprise.md b/content/admin/managing-github-apps-for-your-enterprise/adding-and-removing-github-app-managers-in-your-enterprise.md index 0613ae1680e0..3c3966105696 100644 --- a/content/admin/managing-github-apps-for-your-enterprise/adding-and-removing-github-app-managers-in-your-enterprise.md +++ b/content/admin/managing-github-apps-for-your-enterprise/adding-and-removing-github-app-managers-in-your-enterprise.md @@ -18,7 +18,7 @@ Enterprise owners can designate other users in their enterprise as {% data varia An app manager: -* Can manage the settings for a {% data variables.product.prodname_github_app %} registration that is owned by the enterprise. For the specific app settings that {% data variables.product.prodname_github_app %} managers can control, see [AUTOTITLE](/apps/maintaining-github-apps/modifying-a-github-app). +* Can manage the settings for a {% data variables.product.prodname_github_app %} registration that is owned by the enterprise. For the specific app settings that {% data variables.product.prodname_github_app %} managers can control, see [AUTOTITLE](/apps/maintaining-github-apps/modifying-a-github-app-registration). * Cannot install and uninstall {% data variables.product.prodname_github_apps %} on an enterprise or organization. When an enterprise app manager adds permissions to a {% data variables.product.prodname_github_app %}, the update is automatically accepted in all organizations where the app manager is also an organization owner. When an enterprise owner adds permissions to a {% data variables.product.prodname_github_app %}, the update is automatically accepted in all organizations regardless of their organization membership. @@ -55,5 +55,5 @@ Enterprise app manager is a predefined role that grants access to all app regist ## Further reading -* [AUTOTITLE](/admin/managing-your-enterprise-account/creating-github-apps-for-your-enterprise) +* [AUTOTITLE](/admin/managing-github-apps-for-your-enterprise/creating-github-apps-for-your-enterprise) * [AUTOTITLE](/apps/maintaining-github-apps/about-github-app-managers) diff --git a/content/admin/managing-iam/configuring-authentication-for-enterprise-managed-users/about-support-for-your-idps-conditional-access-policy.md b/content/admin/managing-iam/configuring-authentication-for-enterprise-managed-users/about-support-for-your-idps-conditional-access-policy.md index 64faedecc845..0a64593279e4 100644 --- a/content/admin/managing-iam/configuring-authentication-for-enterprise-managed-users/about-support-for-your-idps-conditional-access-policy.md +++ b/content/admin/managing-iam/configuring-authentication-for-enterprise-managed-users/about-support-for-your-idps-conditional-access-policy.md @@ -20,12 +20,12 @@ category: {% data reusables.enterprise-accounts.emu-cap-public-preview %} -{% data variables.product.github %} supports CAP for any {% data variables.enterprise.prodname_emu_enterprise %} where OIDC SSO is enabled. Enterprise owners can choose to use this IP allow list configuration instead of {% data variables.product.github %}'s IP allow list, and can do so once OIDC SSO is configured. For more information about IP allow lists, see [AUTOTITLE](/admin/configuration/configuring-your-enterprise/restricting-network-traffic-to-your-enterprise-with-an-ip-allow-list#about-your-idps-allow-list) and [AUTOTITLE](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-allowed-ip-addresses-for-your-organization). +{% data variables.product.github %} supports CAP for any {% data variables.enterprise.prodname_emu_enterprise %} where OIDC SSO is enabled. Enterprise owners can choose to use this IP allow list configuration instead of {% data variables.product.github %}'s IP allow list, and can do so once OIDC SSO is configured. For more information about IP allow lists, see [AUTOTITLE](/admin/configuring-settings/hardening-security-for-your-enterprise/restricting-network-traffic-to-your-enterprise-with-an-ip-allow-list#about-your-idps-allow-list) and [AUTOTITLE](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-allowed-ip-addresses-for-your-organization). * {% data variables.product.github %} enforces your IdP's IP conditions but cannot enforce your device compliance conditions. * Policies for multi-factor authentication are only enforced at the point of sign-in to the IdP. -For more information about using OIDC with {% data variables.product.prodname_emus %}, see [AUTOTITLE](/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/configuring-oidc-for-enterprise-managed-users) and [AUTOTITLE](/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/migrating-from-saml-to-oidc). +For more information about using OIDC with {% data variables.product.prodname_emus %}, see [AUTOTITLE](/admin/managing-iam/configuring-authentication-for-enterprise-managed-users/configuring-oidc-for-enterprise-managed-users) and [AUTOTITLE](/admin/managing-iam/reconfiguring-iam-for-enterprise-managed-users/migrating-from-saml-to-oidc). ## About CAP and deploy keys @@ -59,7 +59,7 @@ When {% data variables.product.prodname_github_apps %} call {% data variables.pr You can contact the owners of the apps you want to use, ask for their IP ranges, and configure your IdP's CAP to allow access from those IP ranges. If you're unable to contact the owners, you can review your IdP sign-in logs to review the IP addresses seen in the requests, then allow-list those addresses. -If you do not wish to allow all of the IP ranges for all of your enterprise's apps, you can also exempt installed {% data variables.product.prodname_github_apps %} and authorized {% data variables.product.prodname_oauth_apps %} from the IdP allow list. If you do so, these apps will continue working regardless of the originating IP address. For more information, see [AUTOTITLE](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-security-settings-in-your-enterprise#allowing-access-by-github-apps). +If you do not wish to allow all of the IP ranges for all of your enterprise's apps, you can also exempt installed {% data variables.product.prodname_github_apps %} and authorized {% data variables.product.prodname_oauth_apps %} from the IdP allow list. If you do so, these apps will continue working regardless of the originating IP address. For more information, see [AUTOTITLE](/admin/enforcing-policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-security-settings-in-your-enterprise#allowing-access-by-github-apps). ## Further reading diff --git a/content/admin/managing-iam/configuring-authentication-for-enterprise-managed-users/configuring-oidc-for-enterprise-managed-users.md b/content/admin/managing-iam/configuring-authentication-for-enterprise-managed-users/configuring-oidc-for-enterprise-managed-users.md index 4b60b9c8fee0..5788ac682b8b 100644 --- a/content/admin/managing-iam/configuring-authentication-for-enterprise-managed-users/configuring-oidc-for-enterprise-managed-users.md +++ b/content/admin/managing-iam/configuring-authentication-for-enterprise-managed-users/configuring-oidc-for-enterprise-managed-users.md @@ -18,13 +18,13 @@ category: With {% data variables.product.prodname_emus %}, your enterprise uses your identity provider (IdP) to authenticate all members. You can use OpenID Connect (OIDC) to manage authentication for your {% data variables.enterprise.prodname_emu_enterprise %}. Enabling OIDC SSO is a one-click setup process with certificates managed by {% data variables.product.prodname_dotcom %} and your IdP. -{% data reusables.enterprise-accounts.emu-cap-validates %} See [AUTOTITLE](/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/about-support-for-your-idps-conditional-access-policy). +{% data reusables.enterprise-accounts.emu-cap-validates %} See [AUTOTITLE](/admin/managing-iam/configuring-authentication-for-enterprise-managed-users/about-support-for-your-idps-conditional-access-policy). {% data reusables.enterprise-accounts.emu-cap-public-preview %} You can adjust the lifetime of a session, and how often a {% data variables.enterprise.prodname_managed_user %} needs to reauthenticate with your IdP, by changing the lifetime policy property of the ID tokens issued for {% data variables.product.prodname_dotcom %} from your IdP. The default lifetime is one hour. See [Configure token lifetime policies](https://learn.microsoft.com/en-us/entra/identity-platform/configure-token-lifetimes#create-a-policy-and-assign-it-to-a-service-principal) in the Microsoft documentation. -To change the lifetime policy property, you will need the object ID associated with your {% data variables.product.prodname_emus %} OIDC. See [AUTOTITLE](/admin/identity-and-access-management/configuring-authentication-for-enterprise-managed-users/finding-the-object-id-for-your-entra-oidc-application). +To change the lifetime policy property, you will need the object ID associated with your {% data variables.product.prodname_emus %} OIDC. See [AUTOTITLE](/admin/managing-iam/configuring-authentication-for-enterprise-managed-users/finding-the-object-id-for-your-entra-oidc-application). >[!NOTE] If you need assistance configuring the OIDC session lifetime, contact [Microsoft Support](https://support.microsoft.com). @@ -38,7 +38,7 @@ Support for OIDC is available for customers using Entra ID. {% data reusables.enterprise-accounts.gov-cloud-idp-not-supported %} -Each Entra ID tenant can support only one OIDC integration with {% data variables.product.prodname_emus %}. If you want to connect Entra ID to more than one enterprise on {% data variables.product.prodname_dotcom %}, use SAML instead. See [AUTOTITLE](/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/configuring-saml-single-sign-on-for-enterprise-managed-users). +Each Entra ID tenant can support only one OIDC integration with {% data variables.product.prodname_emus %}. If you want to connect Entra ID to more than one enterprise on {% data variables.product.prodname_dotcom %}, use SAML instead. See [AUTOTITLE](/admin/managing-iam/configuring-authentication-for-enterprise-managed-users/configuring-saml-single-sign-on-for-enterprise-managed-users). OIDC does not support IdP-initiated authentication. @@ -58,7 +58,7 @@ OIDC does not support IdP-initiated authentication. ## Enabling provisioning -After you enable OIDC SSO, enable provisioning. See [AUTOTITLE](/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/configuring-scim-provisioning-for-enterprise-managed-users). +After you enable OIDC SSO, enable provisioning. See [AUTOTITLE](/admin/managing-iam/provisioning-user-accounts-with-scim/configuring-scim-provisioning-for-users). ## Enabling guest collaborators diff --git a/content/admin/managing-iam/configuring-authentication-for-enterprise-managed-users/configuring-saml-single-sign-on-for-enterprise-managed-users.md b/content/admin/managing-iam/configuring-authentication-for-enterprise-managed-users/configuring-saml-single-sign-on-for-enterprise-managed-users.md index a4d06b49e9de..b47c07db56a4 100644 --- a/content/admin/managing-iam/configuring-authentication-for-enterprise-managed-users/configuring-saml-single-sign-on-for-enterprise-managed-users.md +++ b/content/admin/managing-iam/configuring-authentication-for-enterprise-managed-users/configuring-saml-single-sign-on-for-enterprise-managed-users.md @@ -38,7 +38,7 @@ After you configure SAML SSO, we recommend storing your recovery codes so you ca * {% data variables.product.company_short %} offers a "paved-path" integration and full support if you use a **partner IdP** for both authentication and provisioning. * Alternatively, you can use any system or combination of systems that conforms to SAML 2.0 and SCIM 2.0. However, support for resolving problems with these systems may be limited. - For more details, see [AUTOTITLE](/admin/managing-iam/understanding-iam-for-enterprises/about-enterprise-managed-users#identity-management-systems). + For more details, see [AUTOTITLE](/admin/concepts/identity-and-access-management/enterprise-managed-users#identity-management-systems). * Your IdP must adhere to the SAML 2.0 specification. See the [SAML Wiki](https://wiki.oasis-open.org/security) on the OASIS website. * You must have tenant administrative access to your IdP. * If you're configuring SAML SSO for a new enterprise, make sure to complete all previous steps in the initial configuration process. See [AUTOTITLE](/admin/managing-iam/understanding-iam-for-enterprises/getting-started-with-enterprise-managed-users). @@ -72,12 +72,12 @@ To configure SAML SSO for your {% data variables.enterprise.prodname_emu_enterpr | Identity provider | Documentation for {% data variables.product.prodname_dotcom_the_website %} | Documentation for {% data variables.enterprise.data_residency_site %} | | ----------------- | ------------- | ------------------- | | Microsoft Entra ID | [Microsoft Learn](https://docs.microsoft.com/en-us/azure/active-directory/saas-apps/github-enterprise-managed-user-tutorial) | [Microsoft Learn](https://learn.microsoft.com/en-us/entra/identity/saas-apps/github-enterprise-managed-user-ghe-com-tutorial) | - | Okta | [AUTOTITLE](/admin/identity-and-access-management/configuring-authentication-for-enterprise-managed-users/configuring-saml-single-sign-on-with-okta-for-enterprise-managed-users) | [AUTOTITLE](/admin/identity-and-access-management/configuring-authentication-for-enterprise-managed-users/configuring-saml-single-sign-on-with-okta-for-enterprise-managed-users) | + | Okta | [AUTOTITLE](/admin/managing-iam/configuring-authentication-for-enterprise-managed-users/configuring-saml-single-sign-on-with-okta-for-enterprise-managed-users) | [AUTOTITLE](/admin/managing-iam/configuring-authentication-for-enterprise-managed-users/configuring-saml-single-sign-on-with-okta-for-enterprise-managed-users) | | PingFederate | [AUTOTITLE](/admin/managing-iam/provisioning-user-accounts-with-scim/configuring-authentication-and-provisioning-with-pingfederate) ("Prerequisites" and "1. Configure SAML" sections) | [AUTOTITLE](/admin/managing-iam/provisioning-user-accounts-with-scim/configuring-authentication-and-provisioning-with-pingfederate) ("Prerequisites" and "1. Configure SAML" sections) | {% endrowheaders %} - Alternatively, if you don't use a partner IdP, you can use the SAML configuration reference for {% data variables.product.github %} to create and configure a generic SAML 2.0 application on your IdP. See [AUTOTITLE](/admin/identity-and-access-management/iam-configuration-reference/saml-configuration-reference). + Alternatively, if you don't use a partner IdP, you can use the SAML configuration reference for {% data variables.product.github %} to create and configure a generic SAML 2.0 application on your IdP. See [AUTOTITLE](/admin/managing-iam/iam-configuration-reference/saml-configuration-reference). 1. To test and configure your enterprise, assign yourself or the user that will configure SAML SSO for your enterprise on {% data variables.product.github %} to the application you configured for {% data variables.product.prodname_emus %} on your IdP. @@ -96,7 +96,7 @@ To configure SAML SSO for your {% data variables.enterprise.prodname_emu_enterpr After you configure SAML SSO for {% data variables.product.prodname_emus %} on your IdP, you can configure your enterprise on {% data variables.product.github %}. -After the initial configuration of SAML SSO, the only setting you can update on {% data variables.product.github %} for your existing SAML configuration is the SAML certificate, which can be done by any member with the enterprise owner role. If you need to update the sign-on URL or issuer URL, you must first disable SAML SSO, then reconfigure SAML SSO with the new settings. For more information, see [AUTOTITLE](/admin/identity-and-access-management/configuring-authentication-for-enterprise-managed-users/disabling-authentication-for-enterprise-managed-users). +After the initial configuration of SAML SSO, the only setting you can update on {% data variables.product.github %} for your existing SAML configuration is the SAML certificate, which can be done by any member with the enterprise owner role. If you need to update the sign-on URL or issuer URL, you must first disable SAML SSO, then reconfigure SAML SSO with the new settings. For more information, see [AUTOTITLE](/admin/managing-iam/configuring-authentication-for-enterprise-managed-users/disabling-authentication-and-provisioning-for-enterprise-managed-users). {% data reusables.emus.sign-in-as-setup-user %} @@ -126,7 +126,7 @@ After the initial configuration of SAML SSO, the only setting you can update on ### Enable provisioning -After you enable SAML SSO, enable provisioning. For more information, see [AUTOTITLE](/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/configuring-scim-provisioning-for-enterprise-managed-users). +After you enable SAML SSO, enable provisioning. For more information, see [AUTOTITLE](/admin/managing-iam/provisioning-user-accounts-with-scim/configuring-scim-provisioning-for-users). ### Enable guest collaborators diff --git a/content/admin/managing-iam/configuring-authentication-for-enterprise-managed-users/configuring-saml-single-sign-on-with-okta-for-enterprise-managed-users.md b/content/admin/managing-iam/configuring-authentication-for-enterprise-managed-users/configuring-saml-single-sign-on-with-okta-for-enterprise-managed-users.md index e9949eb7bd91..62df53bcb83b 100644 --- a/content/admin/managing-iam/configuring-authentication-for-enterprise-managed-users/configuring-saml-single-sign-on-with-okta-for-enterprise-managed-users.md +++ b/content/admin/managing-iam/configuring-authentication-for-enterprise-managed-users/configuring-saml-single-sign-on-with-okta-for-enterprise-managed-users.md @@ -49,4 +49,4 @@ The {% data variables.product.prodname_emu_idp_application %} application on Okt ## Enabling provisioning -After you enable SAML SSO, enable provisioning. For more information, see [AUTOTITLE](/admin/identity-and-access-management/provisioning-user-accounts-for-enterprise-managed-users/configuring-scim-provisioning-with-okta). +After you enable SAML SSO, enable provisioning. For more information, see [AUTOTITLE](/admin/managing-iam/provisioning-user-accounts-with-scim/configuring-scim-provisioning-with-okta). diff --git a/content/admin/managing-iam/configuring-authentication-for-enterprise-managed-users/disabling-authentication-and-provisioning-for-enterprise-managed-users.md b/content/admin/managing-iam/configuring-authentication-for-enterprise-managed-users/disabling-authentication-and-provisioning-for-enterprise-managed-users.md index eaa600e65640..1ab0c8e34fa4 100644 --- a/content/admin/managing-iam/configuring-authentication-for-enterprise-managed-users/disabling-authentication-and-provisioning-for-enterprise-managed-users.md +++ b/content/admin/managing-iam/configuring-authentication-for-enterprise-managed-users/disabling-authentication-and-provisioning-for-enterprise-managed-users.md @@ -19,11 +19,11 @@ category: After you disable SAML or OIDC authentication for your enterprise, the following effects apply: -* All external identities for the enterprise, and associated email addresses for {% data variables.enterprise.prodname_managed_users %}, will be removed. For more information, see [AUTOTITLE](/admin/user-management/managing-users-in-your-enterprise/viewing-and-managing-a-users-saml-access-to-your-enterprise). -* All {% data variables.enterprise.prodname_managed_users %} will be suspended. The suspended accounts will not be renamed. For more information, see [AUTOTITLE](/admin/user-management/managing-users-in-your-enterprise/viewing-people-in-your-enterprise#viewing-suspended-members). +* All external identities for the enterprise, and associated email addresses for {% data variables.enterprise.prodname_managed_users %}, will be removed. For more information, see [AUTOTITLE](/admin/managing-accounts-and-repositories/managing-users-in-your-enterprise/viewing-and-managing-a-users-saml-access-to-your-enterprise). +* All {% data variables.enterprise.prodname_managed_users %} will be suspended. The suspended accounts will not be renamed. For more information, see [AUTOTITLE](/admin/managing-accounts-and-repositories/managing-users-in-your-enterprise/viewing-people-in-your-enterprise#viewing-suspended-members). * {% data variables.product.pat_v1_caps_plural %}, SSH keys, {% data variables.product.prodname_oauth_app %} authorizations, and {% data variables.product.prodname_github_app %} user-to-server tokens associated with {% data variables.enterprise.prodname_managed_users %} will be deleted. * {% data variables.product.pat_v2_caps_plural %} are not deleted, but they stop working while the accounts are suspended. -* All of the external groups provisioned by SCIM will be deleted. For more information, see [AUTOTITLE](/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/managing-team-memberships-with-identity-provider-groups). +* All of the external groups provisioned by SCIM will be deleted. For more information, see [AUTOTITLE](/admin/managing-iam/provisioning-user-accounts-with-scim/managing-team-memberships-with-identity-provider-groups). Resources owned by an organization are not affected. {% data variables.product.prodname_actions %} secrets and {% data variables.product.prodname_github_app %} installations remain in place, so automation that authenticates as an installed {% data variables.product.prodname_github_app %}—rather than as a managed user—keeps working. @@ -34,7 +34,7 @@ If you later reconfigure authentication for the enterprise, external groups must > * The authentication disabling process can require substantial time to complete for enterprises with a large number of members. > * Avatar data for {% data variables.enterprise.prodname_managed_users %} is permanently removed upon suspension. Reprovisioned users will need to reupload their avatar. -If you want to migrate to a new identity provider (IdP) or tenant rather than disabling authentication entirely, see [AUTOTITLE](/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/migrating-your-enterprise-to-a-new-identity-provider-or-tenant). +If you want to migrate to a new identity provider (IdP) or tenant rather than disabling authentication entirely, see [AUTOTITLE](/admin/managing-iam/reconfiguring-iam-for-enterprise-managed-users/migrating-your-enterprise-to-a-new-identity-provider-or-tenant). ## Disabling authentication @@ -43,7 +43,7 @@ If you want to migrate to a new identity provider (IdP) or tenant rather than di {% data reusables.emus.sign-in-as-setup-user %} -1. Attempt to access your enterprise account, and use a recovery code to bypass SAML SSO or OIDC. For more information, see [AUTOTITLE](/admin/identity-and-access-management/managing-recovery-codes-for-your-enterprise/accessing-your-enterprise-account-if-your-identity-provider-is-unavailable). +1. Attempt to access your enterprise account, and use a recovery code to bypass SAML SSO or OIDC. For more information, see [AUTOTITLE](/admin/managing-iam/managing-recovery-codes-for-your-enterprise/accessing-your-enterprise-account-if-your-identity-provider-is-unavailable). {% data reusables.enterprise-accounts.access-enterprise %} {% data reusables.enterprise-accounts.identity-provider-tab %} {% data reusables.enterprise-accounts.sso-configuration %} diff --git a/content/admin/managing-iam/iam-configuration-reference/saml-configuration-reference.md b/content/admin/managing-iam/iam-configuration-reference/saml-configuration-reference.md index def594f3091c..a55cf2f73f53 100644 --- a/content/admin/managing-iam/iam-configuration-reference/saml-configuration-reference.md +++ b/content/admin/managing-iam/iam-configuration-reference/saml-configuration-reference.md @@ -15,7 +15,7 @@ category: ## About SAML configuration -To use SAML single sign-on (SSO) for authentication to {% data variables.product.github %}, you must configure both your external SAML identity provider (IdP) and {% ifversion ghes %}{% data variables.location.product_location %}{% elsif ghec %}your enterprise or organization on {% data variables.product.github %}{% endif %}. In a SAML configuration, {% data variables.product.github %} functions as a SAML service provider (SP). For more information about authentication for your enterprise, see [AUTOTITLE](/admin/identity-and-access-management/understanding-iam-for-enterprises/about-identity-and-access-management#authentication-methods). +To use SAML single sign-on (SSO) for authentication to {% data variables.product.github %}, you must configure both your external SAML identity provider (IdP) and {% ifversion ghes %}{% data variables.location.product_location %}{% elsif ghec %}your enterprise or organization on {% data variables.product.github %}{% endif %}. In a SAML configuration, {% data variables.product.github %} functions as a SAML service provider (SP). For more information about authentication for your enterprise, see [AUTOTITLE](/admin/concepts/identity-and-access-management/identity-and-access-management-fundamentals#authentication-methods). {% data variables.product.github %} provides integration according to the SAML 2.0 specification. For more information, see the [SAML Wiki](https://wiki.oasis-open.org/security) on the OASIS website. @@ -68,18 +68,18 @@ The SP metadata for {% data variables.location.product_location %} is available ## SAML attributes -The following SAML attributes are available for {% data variables.product.github %}.{% ifversion ghes %} You can change the attribute names in the {% data variables.enterprise.management_console %}, with the exception of the `administrator` attribute. For more information, see [AUTOTITLE](/admin/configuration/administering-your-instance-from-the-management-console).{% endif %} +The following SAML attributes are available for {% data variables.product.github %}.{% ifversion ghes %} You can change the attribute names in the {% data variables.enterprise.management_console %}, with the exception of the `administrator` attribute. For more information, see [AUTOTITLE](/admin/administering-your-instance/administering-your-instance-from-the-web-ui).{% endif %} | Name | Required | Description | | :- | :- | :- | -| `NameID` | {% octicon "check" aria-label="Required" %} | A persistent user identifier. Any persistent name identifier format may be used. {% ifversion ghec %}If you use an enterprise with {% data variables.product.prodname_emus %}, {% endif %}{% data variables.product.github %} will normalize the `NameID` element to use as a username unless one of the alternative assertions is provided. For more information, see [AUTOTITLE](/admin/identity-and-access-management/managing-iam-for-your-enterprise/username-considerations-for-external-authentication).

> [!NOTE] It's important to use a human-readable, persistent identifier. Using a transient identifier format like `urn:oasis:names:tc:SAML:2.0:nameid-format:transient` will result in re-linking of accounts on every sign-in, which can be detrimental to authorization management. | +| `NameID` | {% octicon "check" aria-label="Required" %} | A persistent user identifier. Any persistent name identifier format may be used. {% ifversion ghec %}If you use an enterprise with {% data variables.product.prodname_emus %}, {% endif %}{% data variables.product.github %} will normalize the `NameID` element to use as a username unless one of the alternative assertions is provided. For more information, see [AUTOTITLE](/admin/managing-iam/iam-configuration-reference/username-considerations-for-external-authentication).

> [!NOTE] It's important to use a human-readable, persistent identifier. Using a transient identifier format like `urn:oasis:names:tc:SAML:2.0:nameid-format:transient` will result in re-linking of accounts on every sign-in, which can be detrimental to authorization management. | | `SessionNotOnOrAfter` | {% octicon "x" aria-label="Optional" %} | The date that {% data variables.product.github %} invalidates the associated session. After invalidation, the person must authenticate once again to access {% ifversion ghec %}your enterprise's resources{% elsif ghes %}{% data variables.location.product_location %}{% endif %}. For more information, see [Session duration and timeout](#session-duration-and-timeout). | | {% ifversion ghes %} | | `administrator` | {% octicon "x" aria-label="Optional" %} | When the value is `true`, {% data variables.product.github %} will automatically promote the user to be a site administrator. Setting this attribute to anything but `true` will result in demotion, as long as the value is not blank. Omitting this attribute or leaving the value blank will not change the role of the user. | | `username` | {% octicon "x" aria-label="Optional" %} | The username for {% data variables.location.product_location %}. | | {% endif %} | | `full_name` | {% octicon "x" aria-label="Optional" %} | {% ifversion ghec %}If you configure SAML SSO for an enterprise and you use {% data variables.product.prodname_emus %}, the{% else %}The{% endif %} full name of the user to display on the user's profile page. | -| `emails` | {% octicon "x" aria-label="Optional" %} | The email addresses for the user.{% ifversion ghes %} You can specify more than one address.{% endif %} If you sync license usage between {% data variables.product.prodname_ghe_server %} and {% data variables.product.prodname_ghe_cloud %}, {% data variables.product.prodname_github_connect %} uses `emails` to identify unique users across products. For more information, see [AUTOTITLE](/billing/managing-your-license-for-github-enterprise/syncing-license-usage-between-github-enterprise-server-and-github-enterprise-cloud). | +| `emails` | {% octicon "x" aria-label="Optional" %} | The email addresses for the user.{% ifversion ghes %} You can specify more than one address.{% endif %} If you sync license usage between {% data variables.product.prodname_ghe_server %} and {% data variables.product.prodname_ghe_cloud %}, {% data variables.product.prodname_github_connect %} uses `emails` to identify unique users across products. For more information, see [AUTOTITLE](/billing/how-tos/manage-server-licenses/sync-license-usage). | | `public_keys` | {% octicon "x" aria-label="Optional" %} | {% ifversion ghec %}If you configure SAML SSO for an enterprise and you use {% data variables.product.prodname_emus %}, the{% else %}The{% endif %} public SSH keys for the user. You can specify more than one key. | | `gpg_keys` | {% octicon "x" aria-label="Optional" %} | {% ifversion ghec %}If you configure SAML SSO for an enterprise and you use {% data variables.product.prodname_emus %}, the{% else %}The{% endif %} GPG keys for the user. You can specify more than one key. | @@ -168,7 +168,7 @@ If you define a customized session duration value less than 24 hours, {% data va {% data reusables.enterprise.ghes-user-inactivity-timeout %} {% ifversion ghec %} -To prevent authentication errors, we recommend a minimum session duration of 4 hours. For more information, see [AUTOTITLE](/admin/identity-and-access-management/using-saml-for-enterprise-iam/troubleshooting-saml-authentication#users-are-repeatedly-redirected-to-authenticate). +To prevent authentication errors, we recommend a minimum session duration of 4 hours. For more information, see [AUTOTITLE](/admin/managing-iam/using-saml-for-enterprise-iam/troubleshooting-saml-authentication#users-are-repeatedly-redirected-to-authenticate). {% endif %} ->[!NOTE] Microsoft Entra ID (previously known as Azure AD) **does not support the `SessionNotOnOrAfter` attribute**. Additionally, the configurable lifetime policy for SAML tokens issued by Entra ID **does not control session timeout** for {% data variables.product.github %}. +> [!NOTE] Microsoft Entra ID (previously known as Azure AD) **does not support the `SessionNotOnOrAfter` attribute**. Additionally, the configurable lifetime policy for SAML tokens issued by Entra ID **does not control session timeout** for {% data variables.product.github %}. diff --git a/content/admin/managing-iam/iam-configuration-reference/username-considerations-for-external-authentication.md b/content/admin/managing-iam/iam-configuration-reference/username-considerations-for-external-authentication.md index fc66db65a588..39d85469743b 100644 --- a/content/admin/managing-iam/iam-configuration-reference/username-considerations-for-external-authentication.md +++ b/content/admin/managing-iam/iam-configuration-reference/username-considerations-for-external-authentication.md @@ -25,13 +25,13 @@ category: {% ifversion ghes %} -You can configure external authentication for {% data variables.product.prodname_ghe_server %} using CAS, LDAP, or SAML. For more information, see [AUTOTITLE](/admin/identity-and-access-management/managing-iam-for-your-enterprise/about-authentication-for-your-enterprise#authentication-methods-for-github-enterprise-server). +You can configure external authentication for {% data variables.product.prodname_ghe_server %} using CAS, LDAP, or SAML. For more information, see [AUTOTITLE](/admin/concepts/identity-and-access-management/identity-and-access-management-fundamentals#which-authentication-method-are-available-to-me). When you use external authentication, {% data variables.location.product_location %} automatically creates a username for each person when the person signs into {% data variables.location.product_location %} through your external authentication system for the first time. {% elsif ghec %} -If you use an enterprise with {% data variables.product.prodname_emus %}, members of your enterprise authenticate to access {% data variables.product.prodname_dotcom %} through your SAML identity provider (IdP). For more information, see [AUTOTITLE](/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/about-enterprise-managed-users) and [AUTOTITLE](/admin/identity-and-access-management/managing-iam-for-your-enterprise/about-authentication-for-your-enterprise#authentication-methods-for-github-enterprise-server). +If you use an enterprise with {% data variables.product.prodname_emus %}, members of your enterprise authenticate to access {% data variables.product.prodname_dotcom %} through your SAML identity provider (IdP). For more information, see [AUTOTITLE](/admin/concepts/identity-and-access-management/enterprise-managed-users) and [AUTOTITLE](/admin/concepts/identity-and-access-management/identity-and-access-management-fundamentals#which-authentication-method-are-available-to-me). {% data variables.product.github %} automatically creates a username for each person when their user account is provisioned via SCIM. @@ -141,12 +141,12 @@ If you configure SAML authentication for {% data variables.location.product_loca 1. An `http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress` assertion, if present 1. The `NameID` element -{% data variables.product.github %} requires the `NameID` element even if other attributes are present. For more information, see [AUTOTITLE](/admin/identity-and-access-management/using-saml-for-enterprise-iam/saml-configuration-reference#saml-attributes). +{% data variables.product.github %} requires the `NameID` element even if other attributes are present. For more information, see [AUTOTITLE](/admin/managing-iam/iam-configuration-reference/saml-configuration-reference#saml-attributes). {% data variables.product.github %} creates a mapping between the `NameID` from the IdP and the username on {% data variables.location.product_location %}, so the `NameID` should be persistent, unique, and not subject to change for the lifecycle of the user. > [!NOTE] -> If the `NameID` for a user does change on the IdP, the person will see an error message when signing in to {% data variables.location.product_location %}. To restore the person's access, you'll need to update the user account's `NameID` mapping. For more information, see [AUTOTITLE](/admin/identity-and-access-management/using-saml-for-enterprise-iam/updating-a-users-saml-nameid). +> If the `NameID` for a user does change on the IdP, the person will see an error message when signing in to {% data variables.location.product_location %}. To restore the person's access, you'll need to update the user account's `NameID` mapping. For more information, see [AUTOTITLE](/admin/managing-iam/using-saml-for-enterprise-iam/updating-a-users-saml-nameid). {% endif %} diff --git a/content/admin/managing-iam/managing-recovery-codes-for-your-enterprise/accessing-your-enterprise-account-if-your-identity-provider-is-unavailable.md b/content/admin/managing-iam/managing-recovery-codes-for-your-enterprise/accessing-your-enterprise-account-if-your-identity-provider-is-unavailable.md index 61096aa42340..96233b9280af 100644 --- a/content/admin/managing-iam/managing-recovery-codes-for-your-enterprise/accessing-your-enterprise-account-if-your-identity-provider-is-unavailable.md +++ b/content/admin/managing-iam/managing-recovery-codes-for-your-enterprise/accessing-your-enterprise-account-if-your-identity-provider-is-unavailable.md @@ -16,7 +16,7 @@ category: You can use a recovery code to access your enterprise account when an authentication configuration error or an issue with your identity provider (IdP) prevents you from using SSO. -In order to access your enterprise account this way, you must have previously downloaded and stored the recovery codes for your enterprise. For more information, see [AUTOTITLE](/admin/identity-and-access-management/managing-recovery-codes-for-your-enterprise/downloading-your-enterprise-accounts-single-sign-on-recovery-codes). +In order to access your enterprise account this way, you must have previously downloaded and stored the recovery codes for your enterprise. For more information, see [AUTOTITLE](/admin/managing-iam/managing-recovery-codes-for-your-enterprise/downloading-your-enterprise-accounts-single-sign-on-recovery-codes). {% data reusables.saml.recovery-code-caveats %} diff --git a/content/admin/managing-iam/managing-recovery-codes-for-your-enterprise/downloading-your-enterprise-accounts-single-sign-on-recovery-codes.md b/content/admin/managing-iam/managing-recovery-codes-for-your-enterprise/downloading-your-enterprise-accounts-single-sign-on-recovery-codes.md index 406d6554f663..2030fb2ac26d 100644 --- a/content/admin/managing-iam/managing-recovery-codes-for-your-enterprise/downloading-your-enterprise-accounts-single-sign-on-recovery-codes.md +++ b/content/admin/managing-iam/managing-recovery-codes-for-your-enterprise/downloading-your-enterprise-accounts-single-sign-on-recovery-codes.md @@ -13,7 +13,7 @@ category: - Configure authentication --- -In the event that your IdP is unavailable, you can use a recovery code to sign in and access your enterprise on {% data variables.product.github %}. For more information, see [AUTOTITLE](/admin/identity-and-access-management/managing-recovery-codes-for-your-enterprise/accessing-your-enterprise-account-if-your-identity-provider-is-unavailable). +In the event that your IdP is unavailable, you can use a recovery code to sign in and access your enterprise on {% data variables.product.github %}. For more information, see [AUTOTITLE](/admin/managing-iam/managing-recovery-codes-for-your-enterprise/accessing-your-enterprise-account-if-your-identity-provider-is-unavailable). If you did not save your recovery codes when you configured SSO, you can still access the codes from your enterprise's settings. diff --git a/content/admin/managing-iam/provisioning-user-accounts-with-scim/configuring-authentication-and-provisioning-with-pingfederate.md b/content/admin/managing-iam/provisioning-user-accounts-with-scim/configuring-authentication-and-provisioning-with-pingfederate.md index 779ba4135fe3..6a3540c14c0b 100644 --- a/content/admin/managing-iam/provisioning-user-accounts-with-scim/configuring-authentication-and-provisioning-with-pingfederate.md +++ b/content/admin/managing-iam/provisioning-user-accounts-with-scim/configuring-authentication-and-provisioning-with-pingfederate.md @@ -11,7 +11,7 @@ category: - Provision and manage enterprise users --- -{% data reusables.saml.idp-saml-and-scim-explanation %} For more information, see {% ifversion ghec %}[AUTOTITLE](/admin/managing-iam/understanding-iam-for-enterprises/about-enterprise-managed-users).{% else %}[AUTOTITLE](/admin/managing-iam/provisioning-user-accounts-with-scim/user-provisioning-with-scim-on-ghes).{% endif %} +{% data reusables.saml.idp-saml-and-scim-explanation %} For more information, see {% ifversion ghec %}[AUTOTITLE](/admin/concepts/identity-and-access-management/enterprise-managed-users).{% else %}[AUTOTITLE](/admin/managing-iam/provisioning-user-accounts-with-scim/user-provisioning-with-scim-on-ghes).{% endif %} ## Overview diff --git a/content/admin/managing-iam/provisioning-user-accounts-with-scim/configuring-scim-provisioning-for-users.md b/content/admin/managing-iam/provisioning-user-accounts-with-scim/configuring-scim-provisioning-for-users.md index e15d19f892c5..b95c426d81c3 100644 --- a/content/admin/managing-iam/provisioning-user-accounts-with-scim/configuring-scim-provisioning-for-users.md +++ b/content/admin/managing-iam/provisioning-user-accounts-with-scim/configuring-scim-provisioning-for-users.md @@ -22,7 +22,7 @@ category: {% data reusables.enterprise_user_management.about-scim-provisioning %} -If you use a partner IdP, you can simplify the configuration of SCIM provisioning by using the partner IdP's application. If you don't use a partner IdP for provisioning, you can implement SCIM using calls to {% data variables.product.company_short %}'s REST API for SCIM. For more information, see {% ifversion ghec %}[AUTOTITLE](/admin/managing-iam/understanding-iam-for-enterprises/about-enterprise-managed-users#identity-management-systems).{% else %}[AUTOTITLE](/admin/managing-iam/provisioning-user-accounts-with-scim/user-provisioning-with-scim-on-ghes#supported-identity-providers).{% endif %} +If you use a partner IdP, you can simplify the configuration of SCIM provisioning by using the partner IdP's application. If you don't use a partner IdP for provisioning, you can implement SCIM using calls to {% data variables.product.company_short %}'s REST API for SCIM. For more information, see {% ifversion ghec %}[AUTOTITLE](/admin/concepts/identity-and-access-management/enterprise-managed-users#how-does-emus-integrate-with-identity-management-systems).{% else %}[AUTOTITLE](/admin/managing-iam/provisioning-user-accounts-with-scim/user-provisioning-with-scim-on-ghes#supported-identity-providers).{% endif %} {% data reusables.enterprise-accounts.gov-cloud-idp-not-supported %} @@ -88,7 +88,7 @@ To ensure you can continue to sign in and configure settings when SCIM is enable For help finding these settings, see [AUTOTITLE](/admin/managing-iam/using-saml-for-enterprise-iam/configuring-saml-single-sign-on-for-your-enterprise#configuring-saml-sso). -1. Create a built-in user account{% ifversion scim-for-ghes-ga %} with the username `scim-admin`{% endif %} to perform provisioning actions on your instance. See [AUTOTITLE](/admin/identity-and-access-management/managing-iam-for-your-enterprise/allowing-built-in-authentication-for-users-outside-your-provider#inviting-users-outside-your-provider-to-authenticate-to-your-instance). +1. Create a built-in user account{% ifversion scim-for-ghes-ga %} with the username `scim-admin`{% endif %} to perform provisioning actions on your instance. See [AUTOTITLE](/admin/managing-iam/understanding-iam-for-enterprises/allowing-built-in-authentication-for-users-outside-your-provider#inviting-users-outside-your-provider-to-authenticate-to-your-instance). Ensure the user's email and username are different from any user you plan on provisioning through SCIM. If your email provider supports it, you can modify an email address by adding `+admin`, for example `johndoe+admin@example.com`. @@ -171,7 +171,7 @@ To use a partner IdP's application both authentication and provisioning, review |---|---|---| | Microsoft Entra ID (previously known as Azure AD) | OIDC | [Tutorial: Configure GitHub Enterprise Managed User (OIDC) for automatic user provisioning](https://docs.microsoft.com/azure/active-directory/saas-apps/github-enterprise-managed-user-oidc-provisioning-tutorial) on Microsoft Learn | | Entra ID | SAML | [Tutorial: Configure GitHub Enterprise Managed User for automatic user provisioning](https://docs.microsoft.com/en-us/azure/active-directory/saas-apps/github-enterprise-managed-user-provisioning-tutorial) on Microsoft Learn | -| Okta | SAML | [AUTOTITLE](/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/configuring-scim-provisioning-for-enterprise-managed-users-with-okta) | +| Okta | SAML | [AUTOTITLE](/admin/managing-iam/provisioning-user-accounts-with-scim/configuring-scim-provisioning-with-okta) | | PingFederate | SAML | The "Prerequisites" and "2. Configure SCIM" sections in [AUTOTITLE](/admin/managing-iam/provisioning-user-accounts-with-scim/configuring-authentication-and-provisioning-with-pingfederate) | {% endrowheaders %} @@ -188,7 +188,7 @@ To use a partner IdP's application for both authentication and provisioning, rev ### Configuring provisioning for other identity management systems -If you don't use a partner IdP, or if you only use a partner IdP for SAML authentication, you can manage the lifecycle of user accounts using {% data variables.product.company_short %}'s REST API endpoints for SCIM provisioning. See [AUTOTITLE](/admin/identity-and-access-management/provisioning-user-accounts-for-enterprise-managed-users/provisioning-users-and-groups-with-scim-using-the-rest-api). +If you don't use a partner IdP, or if you only use a partner IdP for SAML authentication, you can manage the lifecycle of user accounts using {% data variables.product.company_short %}'s REST API endpoints for SCIM provisioning. See [AUTOTITLE](/admin/managing-iam/provisioning-user-accounts-with-scim/provisioning-users-and-groups-with-scim-using-the-rest-api). > [!NOTE] > Use of the REST API for SCIM provisioning is not supported with enterprises enabled for OIDC. @@ -206,7 +206,7 @@ If you don't use a partner IdP, or if you only use a partner IdP for SAML authen {% data reusables.enterprise-accounts.identity-provider-tab %} {% data reusables.enterprise-accounts.sso-configuration %} 1. Under "Open SCIM Configuration", select "Enable open SCIM configuration". -1. Manage the lifecycle of your users by making calls to the REST API endpoints for SCIM provisioning. See [AUTOTITLE](/admin/identity-and-access-management/provisioning-user-accounts-for-enterprise-managed-users/provisioning-users-and-groups-with-scim-using-the-rest-api). +1. Manage the lifecycle of your users by making calls to the REST API endpoints for SCIM provisioning. See [AUTOTITLE](/admin/managing-iam/provisioning-user-accounts-with-scim/provisioning-users-and-groups-with-scim-using-the-rest-api). {% endif %} diff --git a/content/admin/managing-iam/provisioning-user-accounts-with-scim/configuring-scim-provisioning-with-okta.md b/content/admin/managing-iam/provisioning-user-accounts-with-scim/configuring-scim-provisioning-with-okta.md index 48af6a8bc3d4..60fc3fbab107 100644 --- a/content/admin/managing-iam/provisioning-user-accounts-with-scim/configuring-scim-provisioning-with-okta.md +++ b/content/admin/managing-iam/provisioning-user-accounts-with-scim/configuring-scim-provisioning-with-okta.md @@ -24,9 +24,9 @@ category: ## About provisioning with Okta -If you use Okta as an IdP, you can use Okta's application to provision user accounts, manage enterprise membership, and manage team memberships for organizations in your enterprise. Okta is a partner IdP, so you can simplify your authentication and provisioning configuration by using the Okta application {% ifversion ghec %}for {% data variables.product.prodname_emus %}. For more information, see [AUTOTITLE](/admin/identity-and-access-management/understanding-iam-for-enterprises/about-enterprise-managed-users#about-authentication-and-user-provisioning).{% else %}to manage both SAML single-sign on and SCIM provisioning on {% data variables.product.prodname_ghe_server %}.{% endif %} +If you use Okta as an IdP, you can use Okta's application to provision user accounts, manage enterprise membership, and manage team memberships for organizations in your enterprise. Okta is a partner IdP, so you can simplify your authentication and provisioning configuration by using the Okta application {% ifversion ghec %}for {% data variables.product.prodname_emus %}. For more information, see [AUTOTITLE](/admin/concepts/identity-and-access-management/enterprise-managed-users#about-authentication-and-user-provisioning).{% else %}to manage both SAML single-sign on and SCIM provisioning on {% data variables.product.prodname_ghe_server %}.{% endif %} -Alternatively, if you only intend to use Okta for SAML authentication and you want to use a different IdP for provisioning, you can integrate with {% data variables.product.prodname_dotcom %}'s REST API for SCIM. For more information, see [AUTOTITLE](/admin/identity-and-access-management/provisioning-user-accounts-for-enterprise-managed-users/provisioning-users-with-scim-using-the-rest-api). +Alternatively, if you only intend to use Okta for SAML authentication and you want to use a different IdP for provisioning, you can integrate with {% data variables.product.prodname_dotcom %}'s REST API for SCIM. For more information, see [AUTOTITLE](/admin/managing-iam/provisioning-user-accounts-with-scim/provisioning-users-and-groups-with-scim-using-the-rest-api). ## Supported features @@ -145,7 +145,7 @@ When you have finished configuring SCIM, you may want to disable some SAML setti {% data reusables.scim.emu-scim-rate-limit %} -You can also automatically manage organization membership by adding groups to the "Push Groups" tab in Okta. When the group is provisioned successfully, it will be available to connect to teams in the enterprise's organizations. For more information about managing teams, see [AUTOTITLE](/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/managing-team-memberships-with-identity-provider-groups). +You can also automatically manage organization membership by adding groups to the "Push Groups" tab in Okta. When the group is provisioned successfully, it will be available to connect to teams in the enterprise's organizations. For more information about managing teams, see [AUTOTITLE](/admin/managing-iam/provisioning-user-accounts-with-scim/managing-team-memberships-with-identity-provider-groups). {% data reusables.enterprise-managed.assigning-roles %} diff --git a/content/admin/managing-iam/provisioning-user-accounts-with-scim/deprovisioning-and-reinstating-users.md b/content/admin/managing-iam/provisioning-user-accounts-with-scim/deprovisioning-and-reinstating-users.md index 4d27c8f09f14..18453968b6e2 100644 --- a/content/admin/managing-iam/provisioning-user-accounts-with-scim/deprovisioning-and-reinstating-users.md +++ b/content/admin/managing-iam/provisioning-user-accounts-with-scim/deprovisioning-and-reinstating-users.md @@ -19,7 +19,7 @@ If you {% ifversion ghec %}use {% data variables.product.prodname_emus %}{% else Before you deprovision a user, it's important to understand the effects of deprovisioning, which depend on the **type of deprovisioning API call** that {% data variables.product.github %} receives from your identity provider. ->[!IMPORTANT] Before reading further, ensure you understand how your enterprise has implemented SCIM. {% data variables.product.company_short %} provides a "paved-path" application if you use a supported identity provider (IdP) for both authentication and provisioning. If you don't use a paved-path application, you will use the REST API to make SCIM requests. See {% ifversion ghec %}[AUTOTITLE](/admin/managing-iam/understanding-iam-for-enterprises/about-enterprise-managed-users#identity-management-systems){% else %}[AUTOTITLE](/admin/managing-iam/provisioning-user-accounts-with-scim/user-provisioning-with-scim-on-ghes#supported-identity-providers){% endif %}. +> [!IMPORTANT] Before reading further, ensure you understand how your enterprise has implemented SCIM. {% data variables.product.company_short %} provides a "paved-path" application if you use a supported identity provider (IdP) for both authentication and provisioning. If you don't use a paved-path application, you will use the REST API to make SCIM requests. See {% ifversion ghec %}[AUTOTITLE](/admin/concepts/identity-and-access-management/enterprise-managed-users#identity-management-systems){% else %}[AUTOTITLE](/admin/managing-iam/provisioning-user-accounts-with-scim/user-provisioning-with-scim-on-ghes#supported-identity-providers){% endif %}. ## Types of user deprovisioning @@ -127,7 +127,7 @@ You can reuse the username of the hard-deprovisioned user when provisioning the ## Audit log events -The audit log for your enterprise displays details about activity in your enterprise. You can use the audit log to support your configuration of SCIM. For more information, see [AUTOTITLE](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/about-the-audit-log-for-your-enterprise). +The audit log for your enterprise displays details about activity in your enterprise. You can use the audit log to support your configuration of SCIM. For more information, see [AUTOTITLE](/admin/concepts/security-and-compliance/audit-log-for-an-enterprise). > [!IMPORTANT] We strongly recommend that an enterprise owner enables enterprise audit log features such as audit log streaming, source IP disclosure, and the option to stream API requests. Streaming these events allows administrators to set a log retention policy that fits the needs of their business and use their preferred tooling for querying these logs. diff --git a/content/admin/managing-iam/provisioning-user-accounts-with-scim/managing-team-memberships-with-identity-provider-groups.md b/content/admin/managing-iam/provisioning-user-accounts-with-scim/managing-team-memberships-with-identity-provider-groups.md index 167217061311..e73ba8121095 100644 --- a/content/admin/managing-iam/provisioning-user-accounts-with-scim/managing-team-memberships-with-identity-provider-groups.md +++ b/content/admin/managing-iam/provisioning-user-accounts-with-scim/managing-team-memberships-with-identity-provider-groups.md @@ -37,7 +37,7 @@ To manage repository access for any team in your enterprise, including teams con ## Requirements for connecting IdP groups with teams -Before you can connect an IdP group with a team on {% data variables.product.github %}, you must assign the group to the {% ifversion ghec %}{% data variables.product.prodname_emu_idp_application %}{% else %}relevant{% endif %} application in your IdP. For more information, see [AUTOTITLE](/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/configuring-scim-provisioning-for-enterprise-managed-users). +Before you can connect an IdP group with a team on {% data variables.product.github %}, you must assign the group to the {% ifversion ghec %}{% data variables.product.prodname_emu_idp_application %}{% else %}relevant{% endif %} application in your IdP. For more information, see [AUTOTITLE](/admin/managing-iam/provisioning-user-accounts-with-scim/configuring-scim-provisioning-for-users). You can connect a team in your enterprise to one IdP group. You can assign the same IdP group to multiple teams in your enterprise. @@ -96,7 +96,7 @@ Enterprise owners can review a list of IdP groups, each group's memberships, and 1. {% data reusables.enterprise-accounts.groups-tab %} 1. To view the teams connected to the IdP group, click **Teams**. -If a team cannot sync with the group on your IdP, the team will display an error. For more information, see [AUTOTITLE](/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/troubleshooting-team-membership-with-identity-provider-groups). +If a team cannot sync with the group on your IdP, the team will display an error. For more information, see [AUTOTITLE](/admin/managing-iam/provisioning-user-accounts-with-scim/troubleshooting-team-membership-with-identity-provider-groups). ## Removing members from organizations @@ -105,4 +105,4 @@ The way a member is added to an organization owned by your enterprise determines * **If a member was added to an organization manually, you must remove them manually.** Unassigning them from the {% ifversion ghec %}{% data variables.product.prodname_emu_idp_application %}{% else %}relevant{% endif %} application on your IdP will suspend the user but not remove them from the organization. * **If a user became an organization member because they were added to IdP groups, remove them from _all_ of the mapped IdP groups** associated with the organization. -To discover how a member was added to an organization, you can filter the member list by type. See {% ifversion ghec %}[AUTOTITLE](/admin/user-management/managing-users-in-your-enterprise/viewing-people-in-your-enterprise#filtering-by-member-type-in-an-enterprise-with-managed-users).{% else %}[AUTOTITLE](/admin/user-management/managing-users-in-your-enterprise/viewing-people-in-your-enterprise#filtering-by-member-type).{% endif %} +To discover how a member was added to an organization, you can filter the member list by type. See {% ifversion ghec %}[AUTOTITLE](/admin/managing-accounts-and-repositories/managing-users-in-your-enterprise/viewing-people-in-your-enterprise#filtering-by-member-type-in-an-enterprise-with-managed-users).{% else %}[AUTOTITLE](/admin/managing-accounts-and-repositories/managing-users-in-your-enterprise/viewing-people-in-your-enterprise#filtering-by-member-type-in-an-enterprise-with-managed-users).{% endif %} diff --git a/content/admin/managing-iam/provisioning-user-accounts-with-scim/provisioning-users-and-groups-with-scim-using-the-rest-api.md b/content/admin/managing-iam/provisioning-user-accounts-with-scim/provisioning-users-and-groups-with-scim-using-the-rest-api.md index 2a81bfc82135..29fb555c1c53 100644 --- a/content/admin/managing-iam/provisioning-user-accounts-with-scim/provisioning-users-and-groups-with-scim-using-the-rest-api.md +++ b/content/admin/managing-iam/provisioning-user-accounts-with-scim/provisioning-users-and-groups-with-scim-using-the-rest-api.md @@ -50,9 +50,9 @@ When you configure authentication and provisioning for your enterprise, you can ### Using a partner identity provider -Each partner IdP provides a "paved-path" application, which implements both SSO and user lifecycle management. To simplify configuration, {% data variables.product.company_short %} recommends that you use a single partner IdP application for both authentication and provisioning. For more information and a list of partner IdPs, see {% ifversion ghec %}[AUTOTITLE](/admin/identity-and-access-management/understanding-iam-for-enterprises/about-enterprise-managed-users#identity-management-systems).{% else %}[AUTOTITLE](/admin/managing-iam/provisioning-user-accounts-with-scim/user-provisioning-with-scim-on-ghes#supported-identity-providers).{% endif %} +Each partner IdP provides a "paved-path" application, which implements both SSO and user lifecycle management. To simplify configuration, {% data variables.product.company_short %} recommends that you use a single partner IdP application for both authentication and provisioning. For more information and a list of partner IdPs, see {% ifversion ghec %}[AUTOTITLE](/admin/concepts/identity-and-access-management/enterprise-managed-users).{% else %}[AUTOTITLE](/admin/managing-iam/provisioning-user-accounts-with-scim/user-provisioning-with-scim-on-ghes#supported-identity-providers).{% endif %} -For more information about configuring SCIM provisioning using a partner IdP, see [AUTOTITLE](/admin/identity-and-access-management/provisioning-user-accounts-for-enterprise-managed-users/configuring-scim-provisioning-for-enterprise-managed-users). +For more information about configuring SCIM provisioning using a partner IdP, see [AUTOTITLE](/admin/managing-iam/provisioning-user-accounts-with-scim/configuring-scim-provisioning-for-users). ### Using other identity management systems @@ -65,7 +65,7 @@ If you cannot use a single partner IdP for both authentication and provisioning {%- ifversion ghec %} * {% data reusables.enterprise-managed.emu-prerequisite %} * {% data reusables.scim.emu-prerequisite-authentication %} -* You must enable an open SCIM configuration for your enterprise. For more information, see [AUTOTITLE](/admin/identity-and-access-management/provisioning-user-accounts-for-enterprise-managed-users/configuring-scim-provisioning-for-enterprise-managed-users#configuring-provisioning-for-other-identity-management-systems). +* You must enable an open SCIM configuration for your enterprise. For more information, see [AUTOTITLE](/admin/managing-iam/provisioning-user-accounts-with-scim/configuring-scim-provisioning-for-users#configuring-provisioning-for-other-identity-management-systems). * To authenticate requests to the REST API endpoints for SCIM, you must use a {% data variables.product.pat_v1 %} associated with your enterprise's setup user. The token requires the **scim:enterprise** scope. {% data variables.product.company_short %} recommends that you do not configure an expiration date for the token. See [AUTOTITLE](/admin/managing-iam/understanding-iam-for-enterprises/getting-started-with-enterprise-managed-users#create-a-personal-access-token). {%- else %} To implement SCIM using the REST API, the general prerequisites for using SCIM on {% data variables.product.prodname_ghe_server %} apply. See the "Prerequisites" section in [AUTOTITLE](/admin/managing-iam/provisioning-user-accounts-with-scim/configuring-scim-provisioning-for-users#prerequisites). @@ -141,7 +141,7 @@ For more information, see [AUTOTITLE](/rest/using-the-rest-api/rate-limits-for-t ### Configure audit log streaming -The audit log for your enterprise displays details about activity in your enterprise. You can use the audit log to support your configuration of SCIM. For more information, see [AUTOTITLE](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/about-the-audit-log-for-your-enterprise). +The audit log for your enterprise displays details about activity in your enterprise. You can use the audit log to support your configuration of SCIM. For more information, see [AUTOTITLE](/admin/concepts/security-and-compliance/audit-log-for-an-enterprise). Due to the volume of events in this log, {% data variables.product.company_short %} retains the data for 180 days. To ensure that you don't lose audit log data, and to view more granular activity in the audit log, {% data variables.product.company_short %} recommends that you configure audit log streaming. When you stream the audit log, you can optionally choose to stream events for API requests, including requests to REST API endpoints for SCIM provisioning. For more information, see [AUTOTITLE](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/streaming-the-audit-log-for-your-enterprise). @@ -198,11 +198,11 @@ You can hard-deprovision the user by sending a `DELETE` request to `/scim/v2/{% To control access to repositories in your enterprise, you can use groups on your identity management system to control organization and team membership for users in your enterprise. You can read about the associated API endpoints in the REST API documentation and see code examples, and you can review audit log events associated with each request. -While your enterprise doesn't require an available license to provision a new user account, if you provision a group that results in the addition of users to an organization, you must have available licenses for those users.{% ifversion ghec %} If your enterprise only uses {% data variables.visual_studio.prodname_vss_ghe %}, the associated user must be assigned to a subscriber. For more information, see [AUTOTITLE](/billing/managing-billing-for-your-products/managing-licenses-for-visual-studio-subscriptions-with-github-enterprise/about-visual-studio-subscriptions-with-github-enterprise#about-licenses-for-visual-studio-subscriptions-with-github-enterprise).{% endif %} +While your enterprise doesn't require an available license to provision a new user account, if you provision a group that results in the addition of users to an organization, you must have available licenses for those users.{% ifversion ghec %} If your enterprise only uses {% data variables.visual_studio.prodname_vss_ghe %}, the associated user must be assigned to a subscriber. For more information, see [AUTOTITLE](/billing/concepts/enterprise-billing/visual-studio-subs#about-licenses-for-visual-studio-subscriptions-with-github-enterprise-cloud).{% endif %} * For an overview of the supported attributes for groups, see [SCIM](/rest/enterprise-admin/scim#supported-scim-group-attributes) in the REST API documentation. * For an overview of audit log events related to groups, see [AUTOTITLE](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/audit-log-events-for-your-enterprise#external_group). -* You can view provisioned groups in the {% data variables.product.github %} UI. For more information, see [AUTOTITLE](/admin/identity-and-access-management/provisioning-user-accounts-for-enterprise-managed-users/managing-team-memberships-with-identity-provider-groups#viewing-idp-groups-group-membership-and-connected-teams). +* You can view provisioned groups in the {% data variables.product.github %} UI. For more information, see [AUTOTITLE](/admin/managing-iam/provisioning-user-accounts-with-scim/managing-team-memberships-with-identity-provider-groups#viewing-idp-groups-group-membership-and-connected-teams). | Action | Method | Endpoint and more information | Related events in the audit log | | :- | :- | :- | :- | @@ -232,7 +232,7 @@ If your request updates a group linked to a team in an organization where a user ## Migrating to a new SCIM provider -After you configure SCIM provisioning for your enterprise, you may need to migrate to a new SCIM provider. For more information, see [AUTOTITLE](/admin/identity-and-access-management/reconfiguring-iam-for-enterprise-managed-users/migrating-your-enterprise-to-a-new-identity-provider-or-tenant). +After you configure SCIM provisioning for your enterprise, you may need to migrate to a new SCIM provider. For more information, see [AUTOTITLE](/admin/managing-iam/reconfiguring-iam-for-enterprise-managed-users/migrating-your-enterprise-to-a-new-identity-provider-or-tenant). {% endif %} @@ -246,13 +246,13 @@ After you configure SCIM provisioning for your enterprise, you may need to migra * If a SCIM request fails and you're unable to determine the cause, check the status of your identity management system to ensure that services were available.{% ifversion ghec %} Additionally, check {% data variables.product.company_short %}'s status page. For more information, see [AUTOTITLE](/support/learning-about-github-support/about-github-support#about-github-status).{% endif %} -* If a request to provision a user fails with a `400` error, and the error message in your identity management system's log indicates issues with account ownership or username formatting, review [AUTOTITLE](/admin/identity-and-access-management/iam-configuration-reference/username-considerations-for-external-authentication). +* If a request to provision a user fails with a `400` error, and the error message in your identity management system's log indicates issues with account ownership or username formatting, review [AUTOTITLE](/admin/managing-iam/iam-configuration-reference/username-considerations-for-external-authentication). * After successful authentication, {% data variables.product.github %} links the user who authenticated to an identity provisioned by SCIM. The unique identifiers for authentication and provisioning must match. For more information, see [AUTOTITLE](/rest/enterprise-admin/scim#mapping-of-saml-and-scim-data).{% ifversion ghec %} You can also view this mapping on {% data variables.product.github %}. See [AUTOTITLE](/admin/managing-accounts-and-repositories/managing-users-in-your-enterprise/viewing-and-managing-a-users-saml-access-to-your-enterprise#viewing-and-revoking-a-linked-identity).{% endif %} * If you manage access using groups on your identity management system, you can troubleshoot using the REST API or web UI for {% data variables.product.github %}. * You can use the REST API to compare your identity management system's group memberships with {% data variables.product.prodname_dotcom %}'s understanding of those groups. See [AUTOTITLE](/rest/teams/external-groups#about-external-groups) and [AUTOTITLE](/rest/teams/teams#get-a-team-by-name). - * For more information about troubleshooting using the web UI, see [AUTOTITLE](/admin/identity-and-access-management/provisioning-user-accounts-for-enterprise-managed-users/troubleshooting-team-membership-with-identity-provider-groups). + * For more information about troubleshooting using the web UI, see [AUTOTITLE](/admin/managing-iam/provisioning-user-accounts-with-scim/troubleshooting-team-membership-with-identity-provider-groups). -For additional troubleshooting suggestions, see [AUTOTITLE](/admin/identity-and-access-management/understanding-iam-for-enterprises/troubleshooting-identity-and-access-management-for-your-enterprise#scim-provisioning-errors). +For additional troubleshooting suggestions, see [AUTOTITLE](/admin/managing-iam/understanding-iam-for-enterprises/troubleshooting-identity-and-access-management-for-your-enterprise#scim-provisioning-errors). diff --git a/content/admin/managing-iam/provisioning-user-accounts-with-scim/troubleshooting-team-membership-with-identity-provider-groups.md b/content/admin/managing-iam/provisioning-user-accounts-with-scim/troubleshooting-team-membership-with-identity-provider-groups.md index be976d2a5651..02c15af81b8d 100644 --- a/content/admin/managing-iam/provisioning-user-accounts-with-scim/troubleshooting-team-membership-with-identity-provider-groups.md +++ b/content/admin/managing-iam/provisioning-user-accounts-with-scim/troubleshooting-team-membership-with-identity-provider-groups.md @@ -17,7 +17,7 @@ category: ## About management of team membership with IdP groups -{% data reusables.emus.about-team-management-with-idp %} You can review a list of teams that you've synchronized to IdP groups from your enterprise's settings. For more information, see [AUTOTITLE](/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/managing-team-memberships-with-identity-provider-groups#viewing-idp-groups-group-membership-and-connected-teams). +{% data reusables.emus.about-team-management-with-idp %} You can review a list of teams that you've synchronized to IdP groups from your enterprise's settings. For more information, see [AUTOTITLE](/admin/managing-iam/provisioning-user-accounts-with-scim/managing-team-memberships-with-identity-provider-groups#viewing-idp-groups-group-membership-and-connected-teams). {% data variables.product.github %} also runs a reconciliation job once per day, which synchronizes team membership with IdP group membership that is stored on {% data variables.product.github %}, based on information previously sent from the IdP via SCIM. If this job finds that a user is a member of an IdP group in the enterprise, but they are not a member of the mapped team or its organization, the job will attempt to add the user to the organization and team. @@ -50,7 +50,7 @@ As a result, the affected team or organization may be missing members. ![Screenshot of the IdP group page. A warning that a team is out of sync due to insufficient licenses is outlined in dark orange.](/assets/images/help/enterprises/emu-group-team-not-synced-missing-licenses.png) -To investigate this issue, review your enterprise's total available licenses, as well as detailed information about which users are consuming licenses and why. For more information, see [AUTOTITLE](/billing/reference/github-license-users#organizations-on-github-enterprise-cloud) and [AUTOTITLE](/billing/managing-your-license-for-github-enterprise/viewing-license-usage-for-github-enterprise). +To investigate this issue, review your enterprise's total available licenses, as well as detailed information about which users are consuming licenses and why. For more information, see [AUTOTITLE](/billing/reference/github-license-users#organizations-on-github-enterprise-cloud) and [AUTOTITLE](/billing/how-tos/manage-plan-and-licenses/view-enterprise-usage). #### Resolving the issue @@ -75,6 +75,6 @@ If synchronization of team membership with a group on your IdP fails due to a pr ![Screenshot of the IdP group page. A warning that a team is out of sync is outlined in dark orange.](/assets/images/help/enterprises/emu-group-team-not-synced-generic.png) -{% data variables.product.prodname_dotcom %} will try to resolve this problem automatically during the next sync, which occurs at least once daily. You may be able to resolve the problem by unlinking the impacted team from the IdP group and then linking it to the same group again. For more information, see [AUTOTITLE](/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/managing-team-memberships-with-identity-provider-groups#managing-the-connection-between-an-existing-team-and-an-idp-group). +{% data variables.product.prodname_dotcom %} will try to resolve this problem automatically during the next sync, which occurs at least once daily. You may be able to resolve the problem by unlinking the impacted team from the IdP group and then linking it to the same group again. For more information, see [AUTOTITLE](/admin/managing-iam/provisioning-user-accounts-with-scim/managing-team-memberships-with-identity-provider-groups#managing-the-connection-between-an-existing-organization-team-and-an-idp-group). If the problem persists, contact {% data variables.contact.contact_ent_support %} and provide details about the organization, team, and the IdP group you're experiencing problems with. diff --git a/content/admin/managing-iam/provisioning-user-accounts-with-scim/user-provisioning-with-scim-on-ghes.md b/content/admin/managing-iam/provisioning-user-accounts-with-scim/user-provisioning-with-scim-on-ghes.md index a3be901402d7..d0157937db3a 100644 --- a/content/admin/managing-iam/provisioning-user-accounts-with-scim/user-provisioning-with-scim-on-ghes.md +++ b/content/admin/managing-iam/provisioning-user-accounts-with-scim/user-provisioning-with-scim-on-ghes.md @@ -47,13 +47,13 @@ If you cannot use a single partner IdP for both authentication and provisioning, * Adhere to **{% data variables.product.company_short %}'s integration guidelines** * Provide **authentication using SAML**, adhering to SAML 2.0 specification -* Provide **user lifecycle management using SCIM**, adhering to the SCIM 2.0 specification and communicating with {% data variables.product.company_short %}'s REST API (see [AUTOTITLE](/admin/identity-and-access-management/provisioning-user-accounts-for-enterprise-managed-users/provisioning-users-with-scim-using-the-rest-api)) +* Provide **user lifecycle management using SCIM**, adhering to the SCIM 2.0 specification and communicating with {% data variables.product.company_short %}'s REST API (see [AUTOTITLE](/admin/managing-iam/provisioning-user-accounts-with-scim/provisioning-users-and-groups-with-scim-using-the-rest-api)) ## How will I manage user lifecycles with SCIM? {% data reusables.enterprise_user_management.scim-manages-user-lifecycle %} -When SCIM is enabled, you will no longer be able to delete, suspend, or promote SCIM-provisioned users directly on {% data variables.product.prodname_ghe_server %}. You must manage these processes from your IdP. If an issue arises with your IdP and you need to manage a user directly, you will need to use the SCIM REST API to manage the user identities on your appliance (see [AUTOTITLE](/admin/identity-and-access-management/provisioning-user-accounts-for-enterprise-managed-users/provisioning-users-with-scim-using-the-rest-api)). +When SCIM is enabled, you will no longer be able to delete, suspend, or promote SCIM-provisioned users directly on {% data variables.product.prodname_ghe_server %}. You must manage these processes from your IdP. If an issue arises with your IdP and you need to manage a user directly, you will need to use the SCIM REST API to manage the user identities on your appliance (see [AUTOTITLE](/admin/managing-iam/provisioning-user-accounts-with-scim/provisioning-users-and-groups-with-scim-using-the-rest-api)). To view suspended members, navigate to the "Suspended Members" tab of your enterprise settings. This page will be present when SCIM is enabled on {% data variables.product.prodname_ghe_server %}. @@ -79,11 +79,11 @@ If you currently use SAML SSO, and you are enabling SCIM, you should be aware of After an IdP administrator grants a person access to {% data variables.location.product_location %}, the user can authenticate through the IdP to access {% data variables.product.prodname_ghe_server %} using SAML SSO. -* When a user authenticates through SAML, to associate a user with a SAML identity, {% data variables.product.prodname_dotcom %} compares a normalized `NameID` claim from the IdP (or another value you have configured) to the account's username. For details about normalization, see [AUTOTITLE](/admin/identity-and-access-management/managing-iam-for-your-enterprise/username-considerations-for-external-authentication#about-username-normalization). +* When a user authenticates through SAML, to associate a user with a SAML identity, {% data variables.product.prodname_dotcom %} compares a normalized `NameID` claim from the IdP (or another value you have configured) to the account's username. For details about normalization, see [AUTOTITLE](/admin/managing-iam/iam-configuration-reference/username-considerations-for-external-authentication#about-username-normalization). * If there is no account with a matching username on the instance, the user will fail to sign in. * To make this match, {% data variables.product.prodname_ghe_server %} compares the SAML `NameId` claim from the IdP to the SCIM `userName` attribute for each user account provisioned by SCIM on the instance. * Additionally, for Entra ID, {% data variables.product.prodname_ghe_server %} compares the object identifier from the SAML request with an existing SCIM external ID. -* If your environment does not use `NameID` to uniquely identify users, a site administrator can configure custom user attributes for the instance. {% data variables.product.prodname_ghe_server %} will respect this mapping when SCIM is configured. For more information about mapping user attributes, see [AUTOTITLE](/admin/identity-and-access-management/using-saml-for-enterprise-iam/configuring-saml-single-sign-on-for-your-enterprise#configuring-saml-sso). +* If your environment does not use `NameID` to uniquely identify users, a site administrator can configure custom user attributes for the instance. {% data variables.product.prodname_ghe_server %} will respect this mapping when SCIM is configured. For more information about mapping user attributes, see [AUTOTITLE](/admin/managing-iam/using-saml-for-enterprise-iam/configuring-saml-single-sign-on-for-your-enterprise). ## How is SCIM disabled? diff --git a/content/admin/managing-iam/reconfiguring-iam-for-enterprise-managed-users/migrating-from-oidc-to-saml.md b/content/admin/managing-iam/reconfiguring-iam-for-enterprise-managed-users/migrating-from-oidc-to-saml.md index dcc77aa01210..25962e5b8ed9 100644 --- a/content/admin/managing-iam/reconfiguring-iam-for-enterprise-managed-users/migrating-from-oidc-to-saml.md +++ b/content/admin/managing-iam/reconfiguring-iam-for-enterprise-managed-users/migrating-from-oidc-to-saml.md @@ -20,14 +20,14 @@ To migrate from OIDC to SAML, you will first disable OIDC, which will suspend al Then, you will configure SAML and SCIM. At this time, users, groups, and identities will be re-provisioned. -If you're new to {% data variables.product.prodname_emus %} and haven't yet configured authentication for your enterprise, you do not need to migrate and can set up SAML single sign-on (SSO) immediately. For more information, see [AUTOTITLE](/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/configuring-saml-single-sign-on-for-enterprise-managed-users). +If you're new to {% data variables.product.prodname_emus %} and haven't yet configured authentication for your enterprise, you do not need to migrate and can set up SAML single sign-on (SSO) immediately. For more information, see [AUTOTITLE](/admin/managing-iam/configuring-authentication-for-enterprise-managed-users/configuring-saml-single-sign-on-for-enterprise-managed-users). > [!WARNING] > {% data reusables.enterprise_user_management.migration-teams-warning %} ## Prerequisites -* Your enterprise on {% data variables.product.github %} must currently be configured to use OIDC for authentication. For more information, see [AUTOTITLE](/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/configuring-oidc-for-enterprise-managed-users). +* Your enterprise on {% data variables.product.github %} must currently be configured to use OIDC for authentication. For more information, see [AUTOTITLE](/admin/managing-iam/configuring-authentication-for-enterprise-managed-users/configuring-oidc-for-enterprise-managed-users). {% data reusables.emus.migration-roles-prereq %} {% data reusables.emus.migration-schedule-downtime %} diff --git a/content/admin/managing-iam/reconfiguring-iam-for-enterprise-managed-users/migrating-from-saml-to-oidc.md b/content/admin/managing-iam/reconfiguring-iam-for-enterprise-managed-users/migrating-from-saml-to-oidc.md index 8f968d09979c..f9304d80b1a8 100644 --- a/content/admin/managing-iam/reconfiguring-iam-for-enterprise-managed-users/migrating-from-saml-to-oidc.md +++ b/content/admin/managing-iam/reconfiguring-iam-for-enterprise-managed-users/migrating-from-saml-to-oidc.md @@ -22,14 +22,14 @@ If your {% data variables.enterprise.prodname_emu_enterprise %} uses SAML SSO to When you migrate from SAML to OIDC, {% data variables.enterprise.prodname_managed_users %} and groups that were previously provisioned for SAML but are not provisioned by the {% data variables.product.prodname_emu_idp_oidc_application %} application will have "(SAML)" appended to their display names. -If you're new to {% data variables.product.prodname_emus %} and haven't yet configured authentication for your enterprise, you do not need to migrate and can set up OIDC single sign-on immediately. For more information, see [AUTOTITLE](/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/configuring-oidc-for-enterprise-managed-users). +If you're new to {% data variables.product.prodname_emus %} and haven't yet configured authentication for your enterprise, you do not need to migrate and can set up OIDC single sign-on immediately. For more information, see [AUTOTITLE](/admin/managing-iam/configuring-authentication-for-enterprise-managed-users/configuring-oidc-for-enterprise-managed-users). > [!WARNING] > {% data reusables.enterprise_user_management.migration-teams-warning %} ## Prerequisites -* Your enterprise on {% data variables.product.github %} must currently be configured to use SAML for authentication, with Entra ID as your identity provider (IdP). For more information, see [AUTOTITLE](/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/configuring-saml-single-sign-on-for-enterprise-managed-users). +* Your enterprise on {% data variables.product.github %} must currently be configured to use SAML for authentication, with Entra ID as your identity provider (IdP). For more information, see [AUTOTITLE](/admin/managing-iam/configuring-authentication-for-enterprise-managed-users/configuring-saml-single-sign-on-for-enterprise-managed-users). {% data reusables.emus.migration-roles-prereq %} {% data reusables.emus.migration-schedule-downtime %} @@ -41,7 +41,7 @@ To migrate your enterprise from SAML to OIDC, you will disable your existing {% > Migration of your enterprise from SAML to OIDC can take up to an hour. During the migration, users cannot access your enterprise on {% data variables.product.github %}. 1. Before you begin the migration, sign in to Azure and disable provisioning in the existing {% data variables.product.prodname_emu_idp_application %} application. -1. If you use [Conditional Access (CA) network location policies](https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/location-condition) in Entra ID, and you're currently using an IP allow list with your enterprise account or any of the organizations owned by the enterprise account, disable the IP allow lists. See [AUTOTITLE](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-security-settings-in-your-enterprise#managing-allowed-ip-addresses-for-organizations-in-your-enterprise) and [AUTOTITLE](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-allowed-ip-addresses-for-your-organization). +1. If you use [Conditional Access (CA) network location policies](https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/location-condition) in Entra ID, and you're currently using an IP allow list with your enterprise account or any of the organizations owned by the enterprise account, disable the IP allow lists. See [AUTOTITLE](/admin/enforcing-policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-security-settings-in-your-enterprise) and [AUTOTITLE](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-allowed-ip-addresses-for-your-organization). {% data reusables.emus.sign-in-as-setup-user %} {% data reusables.enterprise-accounts.access-enterprise %} {% data reusables.emus.use-enterprise-recovery-code %} @@ -57,7 +57,7 @@ To migrate your enterprise from SAML to OIDC, you will disable your existing {% > [!WARNING] > Do not provision new users from the application on Entra ID during the migration. -1. In a new tab or window, while signed in as the setup user, create a {% data variables.product.pat_v1 %} with the **scim:enterprise** scope and **no expiration** and copy it to your clipboard. For more information about creating a new token, see [AUTOTITLE](/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/configuring-scim-provisioning-for-enterprise-managed-users#creating-a-personal-access-token). +1. In a new tab or window, while signed in as the setup user, create a {% data variables.product.pat_v1 %} with the **scim:enterprise** scope and **no expiration** and copy it to your clipboard. For more information about creating a new token, see [AUTOTITLE](/admin/managing-iam/provisioning-user-accounts-with-scim/configuring-scim-provisioning-for-users#creating-a-personal-access-token). 1. In the provisioning settings for the {% data variables.product.prodname_emu_idp_oidc_application %} application in the Microsoft Entra admin center, under "Tenant URL", the tenant URL for your enterprise: * For **{% data variables.product.prodname_dotcom_the_website %}**: `https://api.github.com/scim/v2/enterprises/YOUR_ENTERPRISE`, replacing YOUR_ENTERPRISE with the name of your enterprise account. For example, if your enterprise account's URL is `https://github.com/enterprises/octo-corp`, the name of the enterprise account is `octo-corp`. * For **{% data variables.enterprise.data_residency_site %}**: `https://api.SUBDOMAIN.ghe.com/scim/v2/enterprises/SUBDOMAIN`, where SUBDOMAIN is your enterprise's subdomain on {% data variables.enterprise.data_residency_site %}. diff --git a/content/admin/managing-iam/reconfiguring-iam-for-enterprise-managed-users/migrating-your-enterprise-to-a-new-identity-provider-or-tenant.md b/content/admin/managing-iam/reconfiguring-iam-for-enterprise-managed-users/migrating-your-enterprise-to-a-new-identity-provider-or-tenant.md index ace51bcdd1c1..42bb39d7a220 100644 --- a/content/admin/managing-iam/reconfiguring-iam-for-enterprise-managed-users/migrating-your-enterprise-to-a-new-identity-provider-or-tenant.md +++ b/content/admin/managing-iam/reconfiguring-iam-for-enterprise-managed-users/migrating-your-enterprise-to-a-new-identity-provider-or-tenant.md @@ -26,14 +26,14 @@ After authentication and provisioning is reconfigured at the end of the migratio ## Prerequisites * {% data reusables.enterprise-managed.emu-prerequisite %} -* Review and understand the requirements for integration with {% data variables.product.prodname_emus %} from an external identity management system. To simplify configuration and support, you can use a single partner IdP for a "paved-path" integration. Alternatively, you can configure authentication using a system that adheres to the Security Assertion Markup Language (SAML) 2.0 and System for Cross-domain Identity Management (SCIM) 2.0 standards. For more information, see [AUTOTITLE](/admin/identity-and-access-management/understanding-iam-for-enterprises/about-enterprise-managed-users#about-authentication-and-user-provisioning). +* Review and understand the requirements for integration with {% data variables.product.prodname_emus %} from an external identity management system. To simplify configuration and support, you can use a single partner IdP for a "paved-path" integration. Alternatively, you can configure authentication using a system that adheres to the Security Assertion Markup Language (SAML) 2.0 and System for Cross-domain Identity Management (SCIM) 2.0 standards. For more information, see [AUTOTITLE](/admin/concepts/identity-and-access-management/enterprise-managed-users#about-authentication-and-user-provisioning). * You must have already configured authentication and SCIM provisioning for your enterprise. ## Preparing for migration To migrate to a new configuration for authentication and provisioning, you must first disable authentication and provisioning for your enterprise. Before you disable your existing configuration, review the following considerations: -* Before you migrate, determine whether the values of the normalized SCIM `userName` attribute will remain the same for {% data variables.enterprise.prodname_managed_users %} in the new environment. These normalized SCIM `userName` attribute values must remain the same for users in order for the SCIM identities provisioned from the new IdP/tenant to get properly linked to the existing enterprise managed user accounts. For more information, see [AUTOTITLE](/admin/identity-and-access-management/iam-configuration-reference/username-considerations-for-external-authentication). +* Before you migrate, determine whether the values of the normalized SCIM `userName` attribute will remain the same for {% data variables.enterprise.prodname_managed_users %} in the new environment. These normalized SCIM `userName` attribute values must remain the same for users in order for the SCIM identities provisioned from the new IdP/tenant to get properly linked to the existing enterprise managed user accounts. For more information, see [AUTOTITLE](/admin/managing-iam/iam-configuration-reference/username-considerations-for-external-authentication). * If the normalized SCIM `userName` values will remain the same after the migration, you can complete the migration yourself. * If the normalized SCIM `userName` values will change after the migration, {% data variables.product.company_short %} will need to help with your migration. For more information, see [Migrating when the normalized SCIM `userName` values will change](#migrating-when-the-normalized-scim-username-values-will-change). @@ -60,7 +60,7 @@ For a seamless migration, ensure that the SCIM `userName` attribute on your new ### 2. Download single sign-on recovery codes -If you don't already have single sign-on recovery codes for your enterprise, download the codes now. For more information, see [AUTOTITLE](/admin/identity-and-access-management/managing-recovery-codes-for-your-enterprise/downloading-your-enterprise-accounts-single-sign-on-recovery-codes). +If you don't already have single sign-on recovery codes for your enterprise, download the codes now. For more information, see [AUTOTITLE](/admin/managing-iam/managing-recovery-codes-for-your-enterprise/downloading-your-enterprise-accounts-single-sign-on-recovery-codes). ### 3. Disable provisioning on your current IdP @@ -72,8 +72,8 @@ If you don't already have single sign-on recovery codes for your enterprise, dow ### 4. Disable authentication for your enterprise -1. Use a recovery code to sign into {% data variables.product.prodname_dotcom %} as the setup user, whose username is your enterprise's shortcode suffixed with `_admin`. For more information about the setup user, see [AUTOTITLE](/admin/identity-and-access-management/understanding-iam-for-enterprises/getting-started-with-enterprise-managed-users). -1. Disable authentication for your enterprise. For more information, see [AUTOTITLE](/admin/identity-and-access-management/configuring-authentication-for-enterprise-managed-users/disabling-authentication-for-enterprise-managed-users#disabling-authentication). +1. Use a recovery code to sign into {% data variables.product.prodname_dotcom %} as the setup user, whose username is your enterprise's shortcode suffixed with `_admin`. For more information about the setup user, see [AUTOTITLE](/admin/managing-iam/understanding-iam-for-enterprises/getting-started-with-enterprise-managed-users). +1. Disable authentication for your enterprise. For more information, see [AUTOTITLE](/admin/managing-iam/configuring-authentication-for-enterprise-managed-users/disabling-authentication-and-provisioning-for-enterprise-managed-users#disabling-authentication). 1. Wait for {% data variables.product.github %} to suspend your enterprise's members, delete the linked SCIM identities, and delete the SCIM-provisioned IdP groups. > [!NOTE] @@ -91,8 +91,8 @@ After you disable authentication in your {% data variables.product.github %} ent After you validate the suspension of your enterprise's members, reconfigure authentication and provisioning. -1. Configure authentication using SAML or OIDC SSO. For more information, see [AUTOTITLE](/admin/identity-and-access-management/configuring-authentication-for-enterprise-managed-users). -1. Configure SCIM provisioning. For more information, see [AUTOTITLE](/admin/identity-and-access-management/provisioning-user-accounts-for-enterprise-managed-users/configuring-scim-provisioning-for-enterprise-managed-users). +1. Configure authentication using SAML or OIDC SSO. For more information, see [AUTOTITLE](/admin/managing-iam/configuring-authentication-for-enterprise-managed-users). +1. Configure SCIM provisioning. For more information, see [AUTOTITLE](/admin/managing-iam/provisioning-user-accounts-with-scim/configuring-scim-provisioning-for-users). ### 7. Make sure users and groups are reprovisioned from the new IdP/tenant diff --git a/content/admin/managing-iam/respond-to-incidents/revoke-authorizations-or-tokens.md b/content/admin/managing-iam/respond-to-incidents/revoke-authorizations-or-tokens.md index 8f090e377cba..cbcf1d6a6dff 100644 --- a/content/admin/managing-iam/respond-to-incidents/revoke-authorizations-or-tokens.md +++ b/content/admin/managing-iam/respond-to-incidents/revoke-authorizations-or-tokens.md @@ -95,6 +95,8 @@ The following credential types are **not** affected: * Deploy keys * {% data variables.product.prodname_actions %} `GITHUB_TOKEN` access +> [!NOTE] A deploy key created with a {% data variables.product.pat_generic %} or an {% data variables.product.prodname_oauth_app %} token is deleted when the "Delete keys and tokens" action deletes that token. Deploy keys created through the web interface or with a {% data variables.product.prodname_github_app %} user access token are not affected. See [AUTOTITLE](/rest/deploy-keys/deploy-keys). + ### Audit and security log events The "revoke authorizations" action generates the following events: diff --git a/content/admin/managing-iam/understanding-iam-for-enterprises/abilities-and-restrictions-of-managed-user-accounts.md b/content/admin/managing-iam/understanding-iam-for-enterprises/abilities-and-restrictions-of-managed-user-accounts.md index fc5f9e493320..4aaa31837708 100644 --- a/content/admin/managing-iam/understanding-iam-for-enterprises/abilities-and-restrictions-of-managed-user-accounts.md +++ b/content/admin/managing-iam/understanding-iam-for-enterprises/abilities-and-restrictions-of-managed-user-accounts.md @@ -12,7 +12,7 @@ category: - Configure authentication --- -With {% data variables.product.prodname_emus %}, you can control the user accounts of your enterprise members through your identity provider (IdP). See [AUTOTITLE](/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/about-enterprise-managed-users). +With {% data variables.product.prodname_emus %}, you can control the user accounts of your enterprise members through your identity provider (IdP). See [AUTOTITLE](/admin/concepts/identity-and-access-management/enterprise-managed-users). {% data variables.enterprise.prodname_managed_users_caps %} can contribute only to private and internal repositories within their enterprise and their own private repositories. On {% data variables.product.prodname_dotcom_the_website %}, they have read-only access to the wider {% data variables.product.prodname_dotcom %} community. These visibility and access restrictions apply to all requests, including API requests. @@ -45,7 +45,7 @@ With {% data variables.product.prodname_emus %}, you can control the user accoun ## {% data variables.product.prodname_copilot %} -* {% data variables.enterprise.prodname_managed_users_caps %} cannot sign up for {% data variables.copilot.copilot_pro %} or {% data variables.copilot.copilot_free %}. To allow a managed user to use {% data variables.product.prodname_copilot_short %}, you must grant the user access to a {% data variables.copilot.copilot_business_short %} or {% data variables.copilot.copilot_enterprise_short %} subscription. See [AUTOTITLE](/copilot/about-github-copilot/what-is-github-copilot#getting-access-to-copilot). +* {% data variables.enterprise.prodname_managed_users_caps %} cannot sign up for {% data variables.copilot.copilot_pro %} or {% data variables.copilot.copilot_free %}. To allow a managed user to use {% data variables.product.prodname_copilot_short %}, you must grant the user access to a {% data variables.copilot.copilot_business_short %} or {% data variables.copilot.copilot_enterprise_short %} subscription. See [AUTOTITLE](/copilot/get-started/what-is-github-copilot#getting-access-to-copilot). * {% data reusables.copilot.cloud-agent-emu-limitation %} ## {% data variables.product.prodname_pages %} @@ -64,7 +64,7 @@ With {% data variables.product.prodname_emus %}, you can control the user accoun ## Repository management -* You can choose whether {% data variables.enterprise.prodname_managed_users %} are able to create repositories owned by their user accounts. See [AUTOTITLE](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-repository-creation). +* You can choose whether {% data variables.enterprise.prodname_managed_users %} are able to create repositories owned by their user accounts. See [AUTOTITLE](/admin/enforcing-policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-repository-creation). * If you allow {% data variables.enterprise.prodname_managed_users %} to create repositories owned by their user accounts, they can only own private repositories and can only invite other enterprise members to collaborate on their user-owned repositories. * {% data reusables.enterprise-accounts.emu-forks %} * Only private and internal repositories can be created in organizations owned by an {% data variables.enterprise.prodname_emu_enterprise %}, depending on organization and enterprise repository visibility settings. diff --git a/content/admin/managing-iam/understanding-iam-for-enterprises/about-saml-for-enterprise-iam.md b/content/admin/managing-iam/understanding-iam-for-enterprises/about-saml-for-enterprise-iam.md index 586f9e37c530..f26985a2fafd 100644 --- a/content/admin/managing-iam/understanding-iam-for-enterprises/about-saml-for-enterprise-iam.md +++ b/content/admin/managing-iam/understanding-iam-for-enterprises/about-saml-for-enterprise-iam.md @@ -30,19 +30,19 @@ If your enterprise members manage their own user accounts on {% data variables.l {% data reusables.saml.saml-accounts %} -{% data reusables.saml.about-saml-enterprise-accounts %} For more information, see [AUTOTITLE](/admin/identity-and-access-management/managing-iam-for-your-enterprise/about-authentication-for-your-enterprise#considerations-for-enabling-saml-for-an-enterprise-or-organization) and [AUTOTITLE](/admin/identity-and-access-management/using-saml-for-enterprise-iam/configuring-saml-single-sign-on-for-your-enterprise). +{% data reusables.saml.about-saml-enterprise-accounts %} For more information, see [AUTOTITLE](/admin/concepts/identity-and-access-management/identity-and-access-management-fundamentals#considerations-for-enabling-saml-for-an-enterprise-or-organization) and [AUTOTITLE](/admin/managing-iam/using-saml-for-enterprise-iam/configuring-saml-single-sign-on-for-your-enterprise). -Alternatively, you can provision and manage the accounts of your enterprise members with {% data variables.product.prodname_emus %}. To help you determine whether SAML SSO or {% data variables.product.prodname_emus %} is better for your enterprise, see [AUTOTITLE](/admin/identity-and-access-management/managing-iam-for-your-enterprise/identifying-the-best-authentication-method-for-your-enterprise). +Alternatively, you can provision and manage the accounts of your enterprise members with {% data variables.product.prodname_emus %}. To help you determine whether SAML SSO or {% data variables.product.prodname_emus %} is better for your enterprise, see [AUTOTITLE](/enterprise-onboarding/getting-started-with-your-enterprise/choose-an-enterprise-type). -{% data reusables.enterprise-accounts.about-recovery-codes %} For more information, see [AUTOTITLE](/admin/identity-and-access-management/managing-recovery-codes-for-your-enterprise). +{% data reusables.enterprise-accounts.about-recovery-codes %} For more information, see [AUTOTITLE](/admin/managing-iam/managing-recovery-codes-for-your-enterprise). After you enable SAML SSO, depending on the IdP you use, you may be able to enable additional identity and access management features. {% data reusables.saml.no-scim-for-enterprises %} -If you use Microsoft Entra ID (previously known as Azure AD) as your IdP, you can use team synchronization to manage team membership within each organization. {% data reusables.identity-and-permissions.about-team-sync %} For more information, see [AUTOTITLE](/admin/identity-and-access-management/using-saml-for-enterprise-iam/managing-team-synchronization-for-organizations-in-your-enterprise). +If you use Microsoft Entra ID (previously known as Azure AD) as your IdP, you can use team synchronization to manage team membership within each organization. {% data reusables.identity-and-permissions.about-team-sync %} For more information, see [AUTOTITLE](/admin/managing-iam/using-saml-for-enterprise-iam/managing-team-synchronization-for-organizations-in-your-enterprise). -{% data reusables.saml.switching-from-org-to-enterprise %} For more information, see [AUTOTITLE](/admin/identity-and-access-management/using-saml-for-enterprise-iam/switching-your-saml-configuration-from-an-organization-to-an-enterprise-account). +{% data reusables.saml.switching-from-org-to-enterprise %} For more information, see [AUTOTITLE](/admin/managing-iam/using-saml-for-enterprise-iam/switching-your-saml-configuration-from-an-organization-to-an-enterprise-account). {% elsif ghes %} @@ -58,19 +58,19 @@ SAML is an XML-based standard for authentication and authorization. When you con {% data reusables.enterprise_user_management.external_auth_disables_2fa %} -After you configure SAML, people who use {% data variables.location.product_location %} must use a {% data variables.product.pat_generic %} to authenticate API requests. For more information, see [AUTOTITLE](/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token). +After you configure SAML, people who use {% data variables.location.product_location %} must use a {% data variables.product.pat_generic %} to authenticate API requests. For more information, see [AUTOTITLE](/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens). {% data reusables.enterprise_user_management.built-in-authentication %} {% endif %} -For more information about the configuration of SAML SSO on {% data variables.product.github %}, see [AUTOTITLE](/admin/identity-and-access-management/using-saml-for-enterprise-iam/configuring-saml-single-sign-on-for-your-enterprise). +For more information about the configuration of SAML SSO on {% data variables.product.github %}, see [AUTOTITLE](/admin/managing-iam/using-saml-for-enterprise-iam/configuring-saml-single-sign-on-for-your-enterprise). {% ifversion ghes %} ## About creation of user accounts -{% data reusables.scim.after-you-configure-saml %} For more information, see [AUTOTITLE](/admin/identity-and-access-management/using-saml-for-enterprise-iam/configuring-user-provisioning-with-scim-for-your-enterprise). +{% data reusables.scim.after-you-configure-saml %} For more information, see [AUTOTITLE](/admin/managing-iam/provisioning-user-accounts-with-scim/user-provisioning-with-scim-on-ghes). {% data reusables.saml.saml-ghes-account-revocation %} @@ -103,6 +103,6 @@ If your IdP supports encrypted assertions, you can configure encrypted assertion ## Further reading -* [AUTOTITLE](/admin/identity-and-access-management/using-saml-for-enterprise-iam) +* [AUTOTITLE](/admin/managing-iam/using-saml-for-enterprise-iam) * [SAML Wiki](https://wiki.oasis-open.org/security) on the OASIS website * [System for Cross-domain Identity Management: Protocol (RFC 7644)](https://tools.ietf.org/html/rfc7644) on the IETF website diff --git a/content/admin/managing-iam/understanding-iam-for-enterprises/allowing-built-in-authentication-for-users-outside-your-provider.md b/content/admin/managing-iam/understanding-iam-for-enterprises/allowing-built-in-authentication-for-users-outside-your-provider.md index dcc5c4adcea8..a9d243d486d9 100644 --- a/content/admin/managing-iam/understanding-iam-for-enterprises/allowing-built-in-authentication-for-users-outside-your-provider.md +++ b/content/admin/managing-iam/understanding-iam-for-enterprises/allowing-built-in-authentication-for-users-outside-your-provider.md @@ -19,14 +19,14 @@ category: ## About built-in authentication for users outside your provider -By default, when you enable external authentication for {% data variables.product.prodname_ghe_server %}, built-in authentication is disabled for your instance. For more information, see [AUTOTITLE](/admin/identity-and-access-management/managing-iam-for-your-enterprise/about-authentication-for-your-enterprise#external-authentication). +By default, when you enable external authentication for {% data variables.product.prodname_ghe_server %}, built-in authentication is disabled for your instance. For more information, see [AUTOTITLE](/admin/concepts/identity-and-access-management/identity-and-access-management-fundamentals). If you're unable to add specific accounts to your external authentication provider, such as accounts for contractors or machine users, you can configure fallback authentication. Fallback authentication allows built-in authentication for outside users and to access a fallback account if your authentication provider is unavailable. If you configure built-in authentication and a person successfully authenticates with SAML or CAS, the person will no longer have the option to authenticate with a username and password. If a user successfully authenticates with LDAP, the credentials are no longer considered internal. > [!WARNING] -> If you disable built-in authentication, you must individually suspend any users that should no longer have access to the instance. For more information, see [AUTOTITLE](/admin/user-management/managing-users-in-your-enterprise/suspending-and-unsuspending-users). +> If you disable built-in authentication, you must individually suspend any users that should no longer have access to the instance. For more information, see [AUTOTITLE](/admin/managing-accounts-and-repositories/managing-users-in-your-enterprise/suspending-and-unsuspending-users). ## Configuring built-in authentication for users outside your provider @@ -51,6 +51,6 @@ When a user accepts the invitation, they can use their username and password to ## Further reading -* [AUTOTITLE](/admin/identity-and-access-management/using-cas-for-enterprise-iam) -* [AUTOTITLE](/admin/identity-and-access-management/using-ldap-for-enterprise-iam) -* [AUTOTITLE](/admin/identity-and-access-management/using-saml-for-enterprise-iam) +* [AUTOTITLE](/admin/managing-iam/using-cas-for-enterprise-iam) +* [AUTOTITLE](/admin/managing-iam/using-ldap-for-enterprise-iam) +* [AUTOTITLE](/admin/managing-iam/using-saml-for-enterprise-iam) diff --git a/content/admin/managing-iam/understanding-iam-for-enterprises/changing-authentication-methods.md b/content/admin/managing-iam/understanding-iam-for-enterprises/changing-authentication-methods.md index c0570398d388..03df1382d361 100644 --- a/content/admin/managing-iam/understanding-iam-for-enterprises/changing-authentication-methods.md +++ b/content/admin/managing-iam/understanding-iam-for-enterprises/changing-authentication-methods.md @@ -24,21 +24,21 @@ Other issues you should take into consideration include: * **Passwords:** If you switch to using built-in authentication for your instance, users must [set a password](/authentication/keeping-your-account-and-data-secure/updating-your-github-access-credentials) after the change is completed. -* **Site administrators:** Administrative privileges are [controlled by your identity provider when you use SAML](/admin/identity-and-access-management/using-saml-for-enterprise-iam#saml-attributes) and can be [controlled by group membership when you use LDAP](/admin/identity-and-access-management/using-ldap-for-enterprise-iam/using-ldap#configuring-ldap-with-your-github-enterprise-server-instance). +* **Site administrators:** Administrative privileges are [controlled by your identity provider when you use SAML](/admin/managing-iam/using-saml-for-enterprise-iam) and can be [controlled by group membership when you use LDAP](/admin/managing-iam/using-ldap-for-enterprise-iam/using-ldap#configuring-ldap-with-your-github-enterprise-server-instance). -* **Team membership:** Only LDAP lets you [control team membership](/admin/identity-and-access-management/using-ldap-for-enterprise-iam/using-ldap#configuring-ldap-with-your-github-enterprise-server-instance) from your directory server. +* **Team membership:** Only LDAP lets you [control team membership](/admin/managing-iam/using-ldap-for-enterprise-iam/using-ldap#configuring-ldap-with-your-github-enterprise-server-instance) from your directory server. * **User suspension:** When you use LDAP to authenticate, access to {% data variables.product.prodname_ghe_server %} can be controlled via _restricted groups_. After switching to LDAP, if restricted groups are configured, existing users who are not in one of those groups will be suspended. Suspension will occur either when they log in or during the next LDAP Sync. -* **Group membership:** When you use LDAP to authenticate, users are automatically [suspended and unsuspended](/admin/user-management/managing-users-in-your-enterprise/suspending-and-unsuspending-users) based on restricted group membership and account status with Active Directory. +* **Group membership:** When you use LDAP to authenticate, users are automatically [suspended and unsuspended](/admin/managing-accounts-and-repositories/managing-users-in-your-enterprise/suspending-and-unsuspending-users) based on restricted group membership and account status with Active Directory. -* **Git authentication:** SAML and CAS only supports Git authentication over HTTP or HTTPS using a [{% data variables.product.pat_generic %}](/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token). Password authentication over HTTP or HTTPS is not supported. LDAP supports password-based Git authentication by default, but we recommend that you [disable that method](/admin/identity-and-access-management/using-ldap-for-enterprise-iam/using-ldap#disabling-password-authentication-for-git-operations) and force authentication via a {% data variables.product.pat_generic %} or SSH key. +* **Git authentication:** SAML and CAS only supports Git authentication over HTTP or HTTPS using a [{% data variables.product.pat_generic %}](/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens). Password authentication over HTTP or HTTPS is not supported. LDAP supports password-based Git authentication by default, but we recommend that you [disable that method](/admin/managing-iam/using-ldap-for-enterprise-iam/using-ldap#disabling-password-authentication-for-git-operations) and force authentication via a {% data variables.product.pat_generic %} or SSH key. -* **API authentication:** SAML and CAS only supports API authentication using a [{% data variables.product.pat_generic %}](/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token). Basic authentication is not supported. +* **API authentication:** SAML and CAS only supports API authentication using a [{% data variables.product.pat_generic %}](/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens). Basic authentication is not supported. * **Two-factor authentication:** {% data reusables.enterprise_user_management.external_auth_disables_2fa %} -* **Fallback authentication for users with no account on your external authentication provider:** You can invite users to authenticate to {% data variables.location.product_location %} without adding them to your identity provider. For more information, see [AUTOTITLE](/admin/identity-and-access-management/managing-iam-for-your-enterprise/allowing-built-in-authentication-for-users-outside-your-provider). +* **Fallback authentication for users with no account on your external authentication provider:** You can invite users to authenticate to {% data variables.location.product_location %} without adding them to your identity provider. For more information, see [AUTOTITLE](/admin/managing-iam/understanding-iam-for-enterprises/allowing-built-in-authentication-for-users-outside-your-provider). ## Migrating from LDAP to SAML and SCIM diff --git a/content/admin/managing-iam/understanding-iam-for-enterprises/getting-started-with-enterprise-managed-users.md b/content/admin/managing-iam/understanding-iam-for-enterprises/getting-started-with-enterprise-managed-users.md index a1df9fc015ff..d36721f4a201 100644 --- a/content/admin/managing-iam/understanding-iam-for-enterprises/getting-started-with-enterprise-managed-users.md +++ b/content/admin/managing-iam/understanding-iam-for-enterprises/getting-started-with-enterprise-managed-users.md @@ -51,7 +51,7 @@ Using an **incognito or private browsing window**: {% data reusables.enterprise-accounts.emu-configure-authentication %} -{% data variables.product.company_short %} offers a "paved-path" integration and full support if you use a partner IdP for both authentication and provisioning. Alternatively, you can use any system, or combination of systems, that conforms to SAML 2.0 and SCIM 2.0. However, support for resolving problems with these systems may be limited. For more details, see [AUTOTITLE](/admin/identity-and-access-management/understanding-iam-for-enterprises/about-enterprise-managed-users#identity-management-systems). +{% data variables.product.company_short %} offers a "paved-path" integration and full support if you use a partner IdP for both authentication and provisioning. Alternatively, you can use any system, or combination of systems, that conforms to SAML 2.0 and SCIM 2.0. However, support for resolving problems with these systems may be limited. For more details, see [AUTOTITLE](/admin/concepts/identity-and-access-management/enterprise-managed-users#identity-management-systems). ## Configure provisioning @@ -65,6 +65,6 @@ Using an **incognito or private browsing window**: Developers may need to maintain separate, personal accounts for their work outside of your {% data variables.enterprise.prodname_emu_enterprise %}. You can help them manage multiple accounts by providing the following resources: -* **On the command line**, developers can configure Git to simplify the process of using multiple accounts. See [AUTOTITLE](/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-your-personal-account/managing-multiple-accounts). +* **On the command line**, developers can configure Git to simplify the process of using multiple accounts. See [AUTOTITLE](/account-and-profile/how-tos/account-management/managing-multiple-accounts). * **In Git Credential Manager (GCM)**: Turn off account filtering to prevent multiple sign-in prompts if the [SSO Redirect setting](/admin/enforcing-policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-security-settings-in-your-enterprise#managing-sso-for-unauthenticated-users) is not enabled for your enterprise. See [AUTOTITLE](/admin/enforcing-policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-security-settings-in-your-enterprise#managing-sso-for-unauthenticated-users). * **In the web interface**, developers can switch between accounts without always needing to re-authenticate. See [AUTOTITLE](/authentication/keeping-your-account-and-data-secure/switching-between-accounts). diff --git a/content/admin/managing-iam/understanding-iam-for-enterprises/troubleshooting-identity-and-access-management-for-your-enterprise.md b/content/admin/managing-iam/understanding-iam-for-enterprises/troubleshooting-identity-and-access-management-for-your-enterprise.md index 1ce9e0e3ab63..aa94daf253de 100644 --- a/content/admin/managing-iam/understanding-iam-for-enterprises/troubleshooting-identity-and-access-management-for-your-enterprise.md +++ b/content/admin/managing-iam/understanding-iam-for-enterprises/troubleshooting-identity-and-access-management-for-your-enterprise.md @@ -23,7 +23,7 @@ If a user is unable to successfully authenticate using SAML, it may be helpful t ## Username conflicts -{% ifversion ghec %}If your enterprise uses {% data variables.product.prodname_emus %}, {% endif %}{% data variables.product.github %} normalizes the SCIM `userName` attribute value that is sent by an identity provider (IdP) in a SCIM API call to create each person's username on {% data variables.product.prodname_dotcom %}. If multiple accounts are normalized into the same {% data variables.product.prodname_dotcom %} username, a username conflict occurs, and only the first user account is created. For more information, see [AUTOTITLE](/admin/identity-and-access-management/managing-iam-for-your-enterprise/username-considerations-for-external-authentication). +{% ifversion ghec %}If your enterprise uses {% data variables.product.prodname_emus %}, {% endif %}{% data variables.product.github %} normalizes the SCIM `userName` attribute value that is sent by an identity provider (IdP) in a SCIM API call to create each person's username on {% data variables.product.prodname_dotcom %}. If multiple accounts are normalized into the same {% data variables.product.prodname_dotcom %} username, a username conflict occurs, and only the first user account is created. For more information, see [AUTOTITLE](/admin/managing-iam/iam-configuration-reference/username-considerations-for-external-authentication). {% ifversion ghec %} @@ -31,15 +31,15 @@ If a user is unable to successfully authenticate using SAML, it may be helpful t If you're experiencing problems while switching between different authentication configurations, such as changing your SAML SSO configuration from an organization to an enterprise account or migrating from SAML to OIDC for {% data variables.product.prodname_emus %}, ensure you're following our best practices for the change. -* [AUTOTITLE](/admin/identity-and-access-management/using-saml-for-enterprise-iam/switching-your-saml-configuration-from-an-organization-to-an-enterprise-account) -* [AUTOTITLE](/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/migrating-from-saml-to-oidc) -* [AUTOTITLE](/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/migrating-your-enterprise-to-a-new-identity-provider-or-tenant) +* [AUTOTITLE](/admin/managing-iam/using-saml-for-enterprise-iam/switching-your-saml-configuration-from-an-organization-to-an-enterprise-account) +* [AUTOTITLE](/admin/managing-iam/reconfiguring-iam-for-enterprise-managed-users/migrating-from-saml-to-oidc) +* [AUTOTITLE](/admin/managing-iam/reconfiguring-iam-for-enterprise-managed-users/migrating-your-enterprise-to-a-new-identity-provider-or-tenant) {% endif %} ## Accessing your enterprise when SSO is not available -When a configuration error or an issue with your identity provider IdP prevents you from using SSO, you can use a {% ifversion ghec %}recovery code to access your enterprise. For more information, see [AUTOTITLE](/admin/identity-and-access-management/managing-recovery-codes-for-your-enterprise/accessing-your-enterprise-account-if-your-identity-provider-is-unavailable).{% else %}site admin with access to the Management Console to update your settings, or disable SAML temporarily. For more information, see [AUTOTITLE](/admin/configuration/administering-your-instance-from-the-management-console).{% endif %} +When a configuration error or an issue with your identity provider IdP prevents you from using SSO, you can use a {% ifversion ghec %}recovery code to access your enterprise. For more information, see [AUTOTITLE](/admin/managing-iam/managing-recovery-codes-for-your-enterprise/accessing-your-enterprise-account-if-your-identity-provider-is-unavailable).{% else %}site admin with access to the Management Console to update your settings, or disable SAML temporarily. For more information, see [AUTOTITLE](/admin/administering-your-instance/administering-your-instance-from-the-web-ui).{% endif %} ## SCIM provisioning errors @@ -55,7 +55,7 @@ In{% ifversion ghec %} an {% data variables.enterprise.prodname_emu_enterprise % ## SAML authentication errors -If users are experiencing errors when attempting to authenticate with SAML, see [AUTOTITLE](/admin/identity-and-access-management/using-saml-for-enterprise-iam/troubleshooting-saml-authentication). +If users are experiencing errors when attempting to authenticate with SAML, see [AUTOTITLE](/admin/managing-iam/using-saml-for-enterprise-iam/troubleshooting-saml-authentication). {% ifversion scim-for-ghes-ga %} @@ -93,8 +93,8 @@ For more information on how {% data variables.product.github %} maps SAML and SC ## Further reading {% ifversion scim-for-ghes-public-beta %} -* [AUTOTITLE](/admin/identity-and-access-management/provisioning-user-accounts-for-enterprise-managed-users/troubleshooting-team-membership-with-identity-provider-groups) +* [AUTOTITLE](/admin/managing-iam/provisioning-user-accounts-with-scim/troubleshooting-team-membership-with-identity-provider-groups) {% elsif ghec %} -* [AUTOTITLE](/admin/identity-and-access-management/provisioning-user-accounts-for-enterprise-managed-users/troubleshooting-team-membership-with-identity-provider-groups) +* [AUTOTITLE](/admin/managing-iam/provisioning-user-accounts-with-scim/troubleshooting-team-membership-with-identity-provider-groups) * [AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/troubleshooting-identity-and-access-management-for-your-organization) {% endif %} diff --git a/content/admin/managing-iam/using-built-in-authentication/configuring-built-in-authentication.md b/content/admin/managing-iam/using-built-in-authentication/configuring-built-in-authentication.md index d5a2dc0e2f9b..b439a1ab6ed8 100644 --- a/content/admin/managing-iam/using-built-in-authentication/configuring-built-in-authentication.md +++ b/content/admin/managing-iam/using-built-in-authentication/configuring-built-in-authentication.md @@ -23,7 +23,7 @@ By default, {% data variables.product.prodname_ghe_server %} uses built-in authe By default, users can use passkeys for built-in authentication, but you can disable passkeys for your instance. See [AUTOTITLE](/admin/managing-iam/using-built-in-authentication/disabling-passkeys-for-your-instance). -You can prevent unauthenticated people from creating new user accounts on your instance. For more information, see [AUTOTITLE](/admin/identity-and-access-management/using-built-in-authentication/disabling-unauthenticated-sign-ups). +You can prevent unauthenticated people from creating new user accounts on your instance. For more information, see [AUTOTITLE](/admin/managing-iam/using-built-in-authentication/disabling-unauthenticated-sign-ups). {% data reusables.enterprise_user_management.alternatively-enable-external-authentication %} @@ -47,8 +47,8 @@ Once your instance has been created, you'll need to create your own admin accoun -After you configure built-in authentication and create your administrative account, you can invite people to create accounts and use your instance. For more information, see [AUTOTITLE](/admin/identity-and-access-management/using-built-in-authentication/inviting-people-to-use-your-instance). +After you configure built-in authentication and create your administrative account, you can invite people to create accounts and use your instance. For more information, see [AUTOTITLE](/admin/managing-iam/using-built-in-authentication/inviting-people-to-use-your-instance). ## Further reading -* [AUTOTITLE](/admin/configuration/configuring-your-enterprise/configuring-email-for-notifications) +* [AUTOTITLE](/admin/configuring-settings/configuring-user-applications-for-your-enterprise/configuring-email-for-notifications) diff --git a/content/admin/managing-iam/using-built-in-authentication/inviting-people-to-use-your-instance.md b/content/admin/managing-iam/using-built-in-authentication/inviting-people-to-use-your-instance.md index f491b0123a76..973c27a0bf54 100644 --- a/content/admin/managing-iam/using-built-in-authentication/inviting-people-to-use-your-instance.md +++ b/content/admin/managing-iam/using-built-in-authentication/inviting-people-to-use-your-instance.md @@ -16,7 +16,7 @@ category: {% data reusables.enterprise_user_management.built-in-authentication-new-accounts %} {% data reusables.enterprise_user_management.unauthenticated-sign-ups %} -You can disable unauthenticated sign-ups and require an invitation to create a new user account on your instance. For more information, see [AUTOTITLE](/admin/identity-and-access-management/using-built-in-authentication/disabling-unauthenticated-sign-ups). +You can disable unauthenticated sign-ups and require an invitation to create a new user account on your instance. For more information, see [AUTOTITLE](/admin/managing-iam/using-built-in-authentication/disabling-unauthenticated-sign-ups). {% data reusables.enterprise_user_management.alternatively-enable-external-authentication %} @@ -26,4 +26,4 @@ You can disable unauthenticated sign-ups and require an invitation to create a n {% data reusables.enterprise_site_admin_settings.invite-user-sidebar-tab %} {% data reusables.enterprise_site_admin_settings.invite-user-reset-link %} -If you've configured email for notifications on {% data variables.location.product_location %}, your instance will send the invitation to the provided email address. For more information, see [AUTOTITLE](/admin/configuration/configuring-your-enterprise/configuring-email-for-notifications). +If you've configured email for notifications on {% data variables.location.product_location %}, your instance will send the invitation to the provided email address. For more information, see [AUTOTITLE](/admin/configuring-settings/configuring-user-applications-for-your-enterprise/configuring-email-for-notifications). diff --git a/content/admin/managing-iam/using-cas-for-enterprise-iam/using-cas.md b/content/admin/managing-iam/using-cas-for-enterprise-iam/using-cas.md index 3b1fd912ccc9..1b1856fee49a 100644 --- a/content/admin/managing-iam/using-cas-for-enterprise-iam/using-cas.md +++ b/content/admin/managing-iam/using-cas-for-enterprise-iam/using-cas.md @@ -21,7 +21,7 @@ category: CAS is a single sign-on (SSO) protocol that centralizes authentication to multiple web applications. For more information, see [Central Authentication Service](https://en.wikipedia.org/wiki/Central_Authentication_Service) on Wikipedia. -After you configure CAS, people who use {% data variables.location.product_location %} must use a {% data variables.product.pat_generic %} to authenticate API or Git requests over HTTP(S). CAS credentials cannot be used to authenticate these requests. For more information, see [AUTOTITLE](/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token). +After you configure CAS, people who use {% data variables.location.product_location %} must use a {% data variables.product.pat_generic %} to authenticate API or Git requests over HTTP(S). CAS credentials cannot be used to authenticate these requests. For more information, see [AUTOTITLE](/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens). If you configure CAS, people with accounts on your identity provider (IdP) do not consume a user license until the person signs into {% data variables.location.product_location %}. @@ -29,7 +29,7 @@ If you configure CAS, people with accounts on your identity provider (IdP) do no ## Username considerations with CAS -{% data reusables.enterprise_user_management.consider-usernames-for-external-authentication %} For more information, see [AUTOTITLE](/admin/identity-and-access-management/managing-iam-for-your-enterprise/username-considerations-for-external-authentication). +{% data reusables.enterprise_user_management.consider-usernames-for-external-authentication %} For more information, see [AUTOTITLE](/admin/managing-iam/iam-configuration-reference/username-considerations-for-external-authentication). ## CAS attributes @@ -44,5 +44,5 @@ No other attributes are available. {% data reusables.enterprise_management_console.authentication %} 1. Under "Authentication", select **CAS**. 1. {% data reusables.enterprise_user_management.built-in-authentication-option %} -1. In the **Server URL** field, type the full URL of your CAS server. If your CAS server uses a certificate that can't be validated by {% data variables.product.prodname_ghe_server %}, you can use the `ghe-ssl-ca-certificate-install` command to install it as a trusted certificate. For more information, see [AUTOTITLE](/admin/configuration/configuring-your-enterprise/command-line-utilities#ghe-ssl-ca-certificate-install). +1. In the **Server URL** field, type the full URL of your CAS server. If your CAS server uses a certificate that can't be validated by {% data variables.product.prodname_ghe_server %}, you can use the `ghe-ssl-ca-certificate-install` command to install it as a trusted certificate. For more information, see [AUTOTITLE](/admin/administering-your-instance/administering-your-instance-from-the-command-line/command-line-utilities#ghe-ssl-ca-certificate-install). {% data reusables.enterprise.apply-configuration %} diff --git a/content/admin/managing-iam/using-ldap-for-enterprise-iam/using-ldap.md b/content/admin/managing-iam/using-ldap-for-enterprise-iam/using-ldap.md index 03040210c44d..a6d0181aaba1 100644 --- a/content/admin/managing-iam/using-ldap-for-enterprise-iam/using-ldap.md +++ b/content/admin/managing-iam/using-ldap-for-enterprise-iam/using-ldap.md @@ -43,7 +43,7 @@ If you use an LDAP directory for centralized authentication, you can configure L ## Username considerations with LDAP -{% data reusables.enterprise_user_management.consider-usernames-for-external-authentication %} For more information, see [AUTOTITLE](/admin/identity-and-access-management/managing-iam-for-your-enterprise/username-considerations-for-external-authentication). +{% data reusables.enterprise_user_management.consider-usernames-for-external-authentication %} For more information, see [AUTOTITLE](/admin/managing-iam/iam-configuration-reference/username-considerations-for-external-authentication). ## Configuring LDAP with {% data variables.location.product_location %} @@ -193,8 +193,8 @@ You can view the full list of LDAP users who have access to your instance and pr Unless [LDAP Sync is enabled](#enabling-ldap-sync), changes to LDAP accounts are not automatically synchronized with {% data variables.product.prodname_ghe_server %}. * To use a new LDAP admin group, users must be manually promoted and demoted on {% data variables.product.prodname_ghe_server %} to reflect changes in LDAP. -* To add or remove LDAP accounts in LDAP admin groups, [promote or demote the accounts on {% data variables.product.prodname_ghe_server %}](/admin/user-management/managing-users-in-your-enterprise/promoting-or-demoting-a-site-administrator). -* To remove LDAP accounts, [suspend the {% data variables.product.prodname_ghe_server %} accounts](/admin/user-management/managing-users-in-your-enterprise/suspending-and-unsuspending-users). +* To add or remove LDAP accounts in LDAP admin groups, [promote or demote the accounts on {% data variables.product.prodname_ghe_server %}](/admin/managing-accounts-and-repositories/managing-users-in-your-enterprise/promoting-or-demoting-a-site-administrator). +* To remove LDAP accounts, [suspend the {% data variables.product.prodname_ghe_server %} accounts](/admin/managing-accounts-and-repositories/managing-users-in-your-enterprise/suspending-and-unsuspending-users). ## Manually syncing LDAP accounts @@ -212,7 +212,7 @@ You can also [use the API to trigger a manual sync](/rest/enterprise-admin/ldap) If [LDAP Sync is enabled](#enabling-ldap-sync), removing a user's LDAP credentials will suspend their account after the next synchronization run. -If LDAP Sync is **not** enabled, you must manually suspend the {% data variables.product.prodname_ghe_server %} account after you remove the LDAP credentials. For more information, see [AUTOTITLE](/admin/user-management/managing-users-in-your-enterprise/suspending-and-unsuspending-users). +If LDAP Sync is **not** enabled, you must manually suspend the {% data variables.product.prodname_ghe_server %} account after you remove the LDAP credentials. For more information, see [AUTOTITLE](/admin/managing-accounts-and-repositories/managing-users-in-your-enterprise/suspending-and-unsuspending-users). ## About logging for LDAP diff --git a/content/admin/managing-iam/using-saml-for-enterprise-iam/configuring-saml-single-sign-on-for-your-enterprise-using-okta.md b/content/admin/managing-iam/using-saml-for-enterprise-iam/configuring-saml-single-sign-on-for-your-enterprise-using-okta.md index 9d5c99a1e77a..a450cfe676f1 100644 --- a/content/admin/managing-iam/using-saml-for-enterprise-iam/configuring-saml-single-sign-on-for-your-enterprise-using-okta.md +++ b/content/admin/managing-iam/using-saml-for-enterprise-iam/configuring-saml-single-sign-on-for-your-enterprise-using-okta.md @@ -23,11 +23,11 @@ category: You can control access to your enterprise account in {% data variables.product.github %} and other web applications from one central interface by configuring the enterprise account to use SAML SSO with Okta, an Identity Provider (IdP). -SAML SSO controls and secures access to enterprise account resources like organizations, repositories, issues, and pull requests. For more information, see [AUTOTITLE](/admin/identity-and-access-management/using-saml-for-enterprise-iam/configuring-saml-single-sign-on-for-your-enterprise). +SAML SSO controls and secures access to enterprise account resources like organizations, repositories, issues, and pull requests. For more information, see [AUTOTITLE](/admin/managing-iam/using-saml-for-enterprise-iam/configuring-saml-single-sign-on-for-your-enterprise). {% data reusables.saml.no-scim-for-enterprises %} -{% data reusables.saml.switching-from-org-to-enterprise %} For more information, see [AUTOTITLE](/admin/identity-and-access-management/using-saml-for-enterprise-iam/switching-your-saml-configuration-from-an-organization-to-an-enterprise-account). +{% data reusables.saml.switching-from-org-to-enterprise %} For more information, see [AUTOTITLE](/admin/managing-iam/using-saml-for-enterprise-iam/switching-your-saml-configuration-from-an-organization-to-an-enterprise-account). Alternatively, you can also configure SAML SSO using Okta for an organization that uses {% data variables.product.prodname_ghe_cloud %}. For more information, see [AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/configuring-saml-single-sign-on-and-scim-using-okta). @@ -52,4 +52,4 @@ Alternatively, you can also configure SAML SSO using Okta for an organization th 1. To the right of the drop-down menu, type `.*.*`. 1. Click **Save**. {% data reusables.saml.okta-view-setup-instructions %} -1. Enable SAML for your enterprise account using the information in the setup instructions. For more information, see [AUTOTITLE](/admin/identity-and-access-management/using-saml-for-enterprise-iam/configuring-saml-single-sign-on-for-your-enterprise). +1. Enable SAML for your enterprise account using the information in the setup instructions. For more information, see [AUTOTITLE](/admin/managing-iam/using-saml-for-enterprise-iam/configuring-saml-single-sign-on-for-your-enterprise). diff --git a/content/admin/managing-iam/using-saml-for-enterprise-iam/configuring-saml-single-sign-on-for-your-enterprise.md b/content/admin/managing-iam/using-saml-for-enterprise-iam/configuring-saml-single-sign-on-for-your-enterprise.md index c0f34db75eb9..c81e4e87653a 100644 --- a/content/admin/managing-iam/using-saml-for-enterprise-iam/configuring-saml-single-sign-on-for-your-enterprise.md +++ b/content/admin/managing-iam/using-saml-for-enterprise-iam/configuring-saml-single-sign-on-for-your-enterprise.md @@ -23,7 +23,7 @@ category: **Before** following the steps in this article, make sure that your enterprise uses **personal accounts**. You can do so by checking whether your enterprise view has the "Users managed by ACCOUNT NAME" header bar at the top of the screen. -If you see this, your enterprise uses **managed users** and you must follow a different process to configure SAML single sign-on. See [AUTOTITLE](/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/configuring-saml-single-sign-on-for-enterprise-managed-users). +If you see this, your enterprise uses **managed users** and you must follow a different process to configure SAML single sign-on. See [AUTOTITLE](/admin/managing-iam/configuring-authentication-for-enterprise-managed-users/configuring-saml-single-sign-on-for-enterprise-managed-users). {% endif %} @@ -39,7 +39,7 @@ For more information, see [AUTOTITLE](/organizations/managing-saml-single-sign-o {% data reusables.saml.about-saml-enterprise-accounts %} -{% data reusables.saml.about-saml-access-enterprise-account %} For more information, see [AUTOTITLE](/admin/user-management/managing-users-in-your-enterprise/viewing-and-managing-a-users-saml-access-to-your-enterprise). +{% data reusables.saml.about-saml-access-enterprise-account %} For more information, see [AUTOTITLE](/admin/managing-accounts-and-repositories/managing-users-in-your-enterprise/viewing-and-managing-a-users-saml-access-to-your-enterprise). {% data reusables.saml.no-scim-for-enterprises %} @@ -51,7 +51,7 @@ For more information, see [AUTOTITLE](/organizations/managing-saml-single-sign-o SAML SSO allows you to centrally control and secure access to {% data variables.location.product_location %} from your SAML IdP. -If an unauthenticated user attempts to sign in to {% data variables.location.product_location %} and you have disabled [built-in authentication](/admin/identity-and-access-management/managing-iam-for-your-enterprise/allowing-built-in-authentication-for-users-outside-your-provider), {% data variables.product.github %} redirects the user to your SAML IdP for authentication. After the user successfully authenticates with an account on the IdP, the IdP redirects the user back to {% data variables.location.product_location %}. {% data variables.product.github %} validates the response from your IdP, then grants access to the user. The user's SAML session is active in the browser for 24 hours. After that, the user must authenticate again with your IdP. +If an unauthenticated user attempts to sign in to {% data variables.location.product_location %} and you have disabled [built-in authentication](/admin/managing-iam/understanding-iam-for-enterprises/allowing-built-in-authentication-for-users-outside-your-provider), {% data variables.product.github %} redirects the user to your SAML IdP for authentication. After the user successfully authenticates with an account on the IdP, the IdP redirects the user back to {% data variables.location.product_location %}. {% data variables.product.github %} validates the response from your IdP, then grants access to the user. The user's SAML session is active in the browser for 24 hours. After that, the user must authenticate again with your IdP. {% data reusables.saml.saml-ghes-account-revocation %} @@ -75,7 +75,7 @@ For more information about connecting Entra ID to your enterprise, see [Tutorial ## Username considerations with SAML -{% data reusables.enterprise_user_management.consider-usernames-for-external-authentication %} For more information, see [AUTOTITLE](/admin/identity-and-access-management/managing-iam-for-your-enterprise/username-considerations-for-external-authentication). +{% data reusables.enterprise_user_management.consider-usernames-for-external-authentication %} For more information, see [AUTOTITLE](/admin/managing-iam/iam-configuration-reference/username-considerations-for-external-authentication). {% endif %} @@ -83,11 +83,11 @@ For more information about connecting Entra ID to your enterprise, see [Tutorial ## Enforcing SAML single-sign on for organizations in your enterprise account -When you enforce SAML SSO for your enterprise, the enterprise configuration will override any existing organization-level SAML configurations. {% data reusables.saml.switching-from-org-to-enterprise %} For more information, see [AUTOTITLE](/admin/identity-and-access-management/using-saml-for-enterprise-iam/switching-your-saml-configuration-from-an-organization-to-an-enterprise-account). +When you enforce SAML SSO for your enterprise, the enterprise configuration will override any existing organization-level SAML configurations. {% data reusables.saml.switching-from-org-to-enterprise %} For more information, see [AUTOTITLE](/admin/managing-iam/using-saml-for-enterprise-iam/switching-your-saml-configuration-from-an-organization-to-an-enterprise-account). When you enforce SAML SSO for an organization, {% data variables.product.company_short %} removes any members of the organization that have not authenticated successfully with your SAML IdP. When you require SAML SSO for your enterprise, {% data variables.product.company_short %} does not remove members of the enterprise that have not authenticated successfully with your SAML IdP. The next time a member accesses the enterprise's resources, the member must authenticate with your SAML IdP. -For more detailed information about how to enable SAML using Okta, see [AUTOTITLE](/admin/identity-and-access-management/using-saml-for-enterprise-iam/configuring-saml-single-sign-on-for-your-enterprise-using-okta). +For more detailed information about how to enable SAML using Okta, see [AUTOTITLE](/admin/managing-iam/using-saml-for-enterprise-iam/configuring-saml-single-sign-on-for-your-enterprise-using-okta). {% data reusables.enterprise-accounts.access-enterprise %} {% data reusables.enterprise-accounts.settings-tab %} @@ -114,7 +114,7 @@ For more detailed information about how to enable SAML using Okta, see [AUTOTITL ## Configuring SAML SSO -You can enable or disable SAML authentication for {% data variables.location.product_location %}, or you can edit an existing configuration. You can view and edit authentication settings in the {% data variables.enterprise.management_console %}. For more information, see [AUTOTITLE](/admin/configuration/administering-your-instance-from-the-management-console). +You can enable or disable SAML authentication for {% data variables.location.product_location %}, or you can edit an existing configuration. You can view and edit authentication settings in the {% data variables.enterprise.management_console %}. For more information, see [AUTOTITLE](/admin/administering-your-instance/administering-your-instance-from-the-web-ui). > [!NOTE] > {% data reusables.enterprise.test-in-staging %} @@ -133,9 +133,9 @@ You can enable or disable SAML authentication for {% data variables.location.pro 1. Optionally, if you do not want your SAML provider to determine administrator rights for users on {% data variables.location.product_location %}, select **Disable administrator demotion/promotion** 1. Optionally, to allow {% data variables.location.product_location %} to receive encrypted assertions from your SAML IdP, select **Require encrypted assertions**. - You must ensure that your IdP supports encrypted assertions and that the encryption and key transport methods in the management console match the values configured on your IdP. You must also provide {% data variables.location.product_location %}'s public certificate to your IdP. For more information, see [AUTOTITLE](/admin/identity-and-access-management/using-saml-for-enterprise-iam/enabling-encrypted-assertions). + You must ensure that your IdP supports encrypted assertions and that the encryption and key transport methods in the management console match the values configured on your IdP. You must also provide {% data variables.location.product_location %}'s public certificate to your IdP. For more information, see [AUTOTITLE](/admin/managing-iam/using-saml-for-enterprise-iam/enabling-encrypted-assertions). -1. In the **Single sign-on URL** field, type the HTTP or HTTPS endpoint on your IdP for single sign-on requests. This value is provided by your IdP configuration. If the host is only available from your internal network, you may need to [configure {% data variables.location.product_location %} to use internal nameservers](/admin/configuration/configuring-network-settings/configuring-dns-nameservers). +1. In the **Single sign-on URL** field, type the HTTP or HTTPS endpoint on your IdP for single sign-on requests. This value is provided by your IdP configuration. If the host is only available from your internal network, you may need to [configure {% data variables.location.product_location %} to use internal nameservers](/admin/configuring-settings/configuring-network-settings/configuring-dns-nameservers). 1. Optionally, in the **Issuer** field, type your SAML issuer's name. This verifies the authenticity of messages sent to {% data variables.location.product_location %}. 1. Select the **Signature Method** and **Digest Method** dropdown menus, then click the hashing algorithm used by your SAML issuer to verify the integrity of the requests from {% data variables.location.product_location %}. 1. Select the **Name Identifier Format** dropdown menu, then click a format. @@ -155,6 +155,6 @@ You can enable or disable SAML authentication for {% data variables.location.pro * [AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization) {%- endif %} {%- ifversion ghes %} -* [AUTOTITLE](/admin/user-management/managing-users-in-your-enterprise/promoting-or-demoting-a-site-administrator) +* [AUTOTITLE](/admin/managing-accounts-and-repositories/managing-users-in-your-enterprise/promoting-or-demoting-a-site-administrator) {% ifversion scim-for-ghes-public-beta %}* [AUTOTITLE](/admin/managing-iam/provisioning-user-accounts-with-scim/configuring-scim-provisioning-for-users){% endif %} {%- endif %} diff --git a/content/admin/managing-iam/using-saml-for-enterprise-iam/deciding-whether-to-configure-saml-for-your-enterprise-or-your-organizations.md b/content/admin/managing-iam/using-saml-for-enterprise-iam/deciding-whether-to-configure-saml-for-your-enterprise-or-your-organizations.md index c1479f822dd6..194f15630cb1 100644 --- a/content/admin/managing-iam/using-saml-for-enterprise-iam/deciding-whether-to-configure-saml-for-your-enterprise-or-your-organizations.md +++ b/content/admin/managing-iam/using-saml-for-enterprise-iam/deciding-whether-to-configure-saml-for-your-enterprise-or-your-organizations.md @@ -11,7 +11,7 @@ category: - Configure authentication --- -{% data reusables.enterprise.ghec-authentication-options %} For more information, see [AUTOTITLE](/admin/identity-and-access-management/managing-iam-for-your-enterprise/about-authentication-for-your-enterprise). +{% data reusables.enterprise.ghec-authentication-options %} For more information, see [AUTOTITLE](/admin/concepts/identity-and-access-management/identity-and-access-management-fundamentals). If you decide to use SAML instead of {% data variables.product.prodname_emus %}, you must choose whether to configure SAML at the enterprise level or the organization level. @@ -21,6 +21,6 @@ If you configure SAML at the organization level, members are not required to aut If you need to protect internal repositories or enforce a consistent authentication experience for every organization in your enterprise, you can configure SAML authentication for your enterprise account instead. The SAML configuration for your enterprise overrides any SAML configuration for individual organizations, and organizations cannot override the enterprise configuration. After you configure SAML for your enterprise, organization members must authenticate with SAML before accessing organization resources, including internal repositories. -SCIM is not available for enterprise accounts without {% data variables.product.prodname_emus %}, and team synchronization is only available for SAML at the enterprise level if you use Microsoft Entra ID (previously known as Azure AD) as an IdP. For more information, see [AUTOTITLE](/admin/identity-and-access-management/using-saml-for-enterprise-iam/managing-team-synchronization-for-organizations-in-your-enterprise). +SCIM is not available for enterprise accounts without {% data variables.product.prodname_emus %}, and team synchronization is only available for SAML at the enterprise level if you use Microsoft Entra ID (previously known as Azure AD) as an IdP. For more information, see [AUTOTITLE](/admin/managing-iam/using-saml-for-enterprise-iam/managing-team-synchronization-for-organizations-in-your-enterprise). Regardless of the SAML implementation you choose, you cannot add external collaborators to organizations or teams. You can only add external collaborators to individual repositories. diff --git a/content/admin/managing-iam/using-saml-for-enterprise-iam/disabling-saml-single-sign-on-for-your-enterprise.md b/content/admin/managing-iam/using-saml-for-enterprise-iam/disabling-saml-single-sign-on-for-your-enterprise.md index 9811144de436..a9f69ed32712 100644 --- a/content/admin/managing-iam/using-saml-for-enterprise-iam/disabling-saml-single-sign-on-for-your-enterprise.md +++ b/content/admin/managing-iam/using-saml-for-enterprise-iam/disabling-saml-single-sign-on-for-your-enterprise.md @@ -15,7 +15,7 @@ category: After you disable SAML SSO for your enterprise, the following effects apply: -* All external identities for your enterprise will be removed. For more information, see [AUTOTITLE](/admin/user-management/managing-users-in-your-enterprise/viewing-and-managing-a-users-saml-access-to-your-enterprise). +* All external identities for your enterprise will be removed. For more information, see [AUTOTITLE](/admin/managing-accounts-and-repositories/managing-users-in-your-enterprise/viewing-and-managing-a-users-saml-access-to-your-enterprise). * Any SAML settings configured for individual organizations within the enterprise will take effect. For more information, see [AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/enabling-and-testing-saml-single-sign-on-for-your-organization). {% data reusables.saml.credentials-persist-when-sso-disabled %} @@ -25,7 +25,7 @@ After you disable SAML SSO for your enterprise, the following effects apply: {% data reusables.enterprise-accounts.access-enterprise %} > [!NOTE] - > If you're unable to access the enterprise because your IdP is unavailable, you can use a recovery code to bypass SSO. For more information, see [AUTOTITLE](/admin/identity-and-access-management/managing-recovery-codes-for-your-enterprise/accessing-your-enterprise-account-if-your-identity-provider-is-unavailable). + > If you're unable to access the enterprise because your IdP is unavailable, you can use a recovery code to bypass SSO. For more information, see [AUTOTITLE](/admin/managing-iam/managing-recovery-codes-for-your-enterprise/accessing-your-enterprise-account-if-your-identity-provider-is-unavailable). {% data reusables.enterprise-accounts.settings-tab %} {% data reusables.enterprise-accounts.security-tab %} @@ -35,4 +35,4 @@ After you disable SAML SSO for your enterprise, the following effects apply: ## Further reading -* [AUTOTITLE](/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/disabling-authentication-for-enterprise-managed-users) +* [AUTOTITLE](/admin/managing-iam/configuring-authentication-for-enterprise-managed-users/disabling-authentication-and-provisioning-for-enterprise-managed-users) diff --git a/content/admin/managing-iam/using-saml-for-enterprise-iam/enabling-encrypted-assertions.md b/content/admin/managing-iam/using-saml-for-enterprise-iam/enabling-encrypted-assertions.md index 7eb11888e8e3..f0f0cbbd618b 100644 --- a/content/admin/managing-iam/using-saml-for-enterprise-iam/enabling-encrypted-assertions.md +++ b/content/admin/managing-iam/using-saml-for-enterprise-iam/enabling-encrypted-assertions.md @@ -27,7 +27,7 @@ To enable encrypted assertions, you must provide {% data variables.location.prod > [!NOTE] > {% data reusables.enterprise.test-in-staging %} -1. Optionally, enable SAML debugging. SAML debugging records verbose entries in {% data variables.product.prodname_ghe_server %}'s authentication log, and may help you troubleshoot failed authentication attempts. For more information, see [AUTOTITLE](/admin/identity-and-access-management/using-saml-for-enterprise-iam/troubleshooting-saml-authentication#configuring-saml-debugging). +1. Optionally, enable SAML debugging. SAML debugging records verbose entries in {% data variables.product.prodname_ghe_server %}'s authentication log, and may help you troubleshoot failed authentication attempts. For more information, see [AUTOTITLE](/admin/managing-iam/using-saml-for-enterprise-iam/troubleshooting-saml-authentication#configuring-saml-debugging). {% data reusables.enterprise_site_admin_settings.access-settings %} {% data reusables.enterprise_site_admin_settings.management-console %} {% data reusables.enterprise_management_console.authentication %} @@ -43,7 +43,7 @@ To enable encrypted assertions, you must provide {% data variables.location.prod 1. Click **Save settings**. {% data reusables.enterprise_site_admin_settings.wait-for-configuration-run %} -If you enabled SAML debugging to test authentication with encrypted assertions, disable SAML debugging when you're done testing. For more information, see [AUTOTITLE](/admin/identity-and-access-management/using-saml-for-enterprise-iam/troubleshooting-saml-authentication#configuring-saml-debugging). +If you enabled SAML debugging to test authentication with encrypted assertions, disable SAML debugging when you're done testing. For more information, see [AUTOTITLE](/admin/managing-iam/using-saml-for-enterprise-iam/troubleshooting-saml-authentication#configuring-saml-debugging). ## SAML signing certificate for AuthnRequests diff --git a/content/admin/managing-iam/using-saml-for-enterprise-iam/managing-team-synchronization-for-organizations-in-your-enterprise.md b/content/admin/managing-iam/using-saml-for-enterprise-iam/managing-team-synchronization-for-organizations-in-your-enterprise.md index 617dfcff5c97..f5189eb8e6c4 100644 --- a/content/admin/managing-iam/using-saml-for-enterprise-iam/managing-team-synchronization-for-organizations-in-your-enterprise.md +++ b/content/admin/managing-iam/using-saml-for-enterprise-iam/managing-team-synchronization-for-organizations-in-your-enterprise.md @@ -40,7 +40,7 @@ You can also configure and manage team synchronization for an individual organiz * You must use an Entra ID commercial tenant, not Gov Cloud. * You or your Entra ID administrator must be a Global administrator or a Privileged Role administrator in Entra ID. -* You must enforce SAML single sign-on for organizations in your enterprise account with your supported IdP. For more information, see [AUTOTITLE](/admin/identity-and-access-management/using-saml-for-enterprise-iam/configuring-saml-single-sign-on-for-your-enterprise). +* You must enforce SAML single sign-on for organizations in your enterprise account with your supported IdP. For more information, see [AUTOTITLE](/admin/managing-iam/using-saml-for-enterprise-iam/configuring-saml-single-sign-on-for-your-enterprise). * You must authenticate to your enterprise account using SAML SSO and the supported IdP. For more information, see [AUTOTITLE](/authentication/authenticating-with-single-sign-on). ## Managing team synchronization for Entra ID diff --git a/content/admin/managing-iam/using-saml-for-enterprise-iam/switching-your-saml-configuration-from-an-organization-to-an-enterprise-account.md b/content/admin/managing-iam/using-saml-for-enterprise-iam/switching-your-saml-configuration-from-an-organization-to-an-enterprise-account.md index 063337fef72b..4ed7661d7077 100644 --- a/content/admin/managing-iam/using-saml-for-enterprise-iam/switching-your-saml-configuration-from-an-organization-to-an-enterprise-account.md +++ b/content/admin/managing-iam/using-saml-for-enterprise-iam/switching-your-saml-configuration-from-an-organization-to-an-enterprise-account.md @@ -39,13 +39,13 @@ SCIM provisioning is not currently supported when SAML SSO is configured for an You are not required to remove any organization-level SAML configurations before configuring SAML SSO for your enterprise account, but you may want to consider doing so. If SAML is ever disabled for the enterprise account in the future, any remaining organization-level SAML configurations will take effect. Removing the organization-level configurations can prevent unexpected issues in the future. -For more information about the decision to implement SAML SSO at the organization or enterprise level, see [AUTOTITLE](/admin/identity-and-access-management/managing-iam-for-your-enterprise/about-authentication-for-your-enterprise#considerations-for-enabling-saml-for-an-enterprise-or-organization). +For more information about the decision to implement SAML SSO at the organization or enterprise level, see [AUTOTITLE](/admin/concepts/identity-and-access-management/identity-and-access-management-fundamentals#considerations-for-enabling-saml-for-an-enterprise-or-organization). ## Switching your SAML configuration from an organization to an enterprise account -1. Enforce SAML SSO for your enterprise account, making sure all organization members are assigned or given access to the IdP app being used for the enterprise account. For more information, see [AUTOTITLE](/admin/identity-and-access-management/using-saml-for-enterprise-iam/configuring-saml-single-sign-on-for-your-enterprise). +1. Enforce SAML SSO for your enterprise account, making sure all organization members are assigned or given access to the IdP app being used for the enterprise account. For more information, see [AUTOTITLE](/admin/managing-iam/using-saml-for-enterprise-iam/configuring-saml-single-sign-on-for-your-enterprise). 1. If you kept any organization-level SAML configurations in place, to prevent confusion, consider hiding the tile for the organization-level apps in your IdP. 1. Advise your enterprise members about the change. * Members will no longer be able to access their organizations by clicking the SAML app for the organization in the IdP dashboard. They will need to use the new app configured for the enterprise account. - * Members will need to authorize any PATs or SSH keys that were not previously authorized for use with SAML SSO for their organization. For more information, see [AUTOTITLE](/authentication/authenticating-with-saml-single-sign-on/authorizing-a-personal-access-token-for-use-with-saml-single-sign-on) and [AUTOTITLE](/authentication/authenticating-with-saml-single-sign-on/authorizing-an-ssh-key-for-use-with-saml-single-sign-on). - * Members may need to reauthorize {% data variables.product.prodname_oauth_apps %} that were previously authorized for the organization. For more information, see [AUTOTITLE](/authentication/authenticating-with-saml-single-sign-on/about-authentication-with-saml-single-sign-on#about-oauth-apps-github-apps-and-saml-sso). + * Members will need to authorize any PATs or SSH keys that were not previously authorized for use with SAML SSO for their organization. For more information, see [AUTOTITLE](/authentication/authenticating-with-single-sign-on/authorizing-a-personal-access-token-for-use-with-single-sign-on) and [AUTOTITLE](/authentication/authenticating-with-single-sign-on/authorizing-an-ssh-key-for-use-with-single-sign-on). + * Members may need to reauthorize {% data variables.product.prodname_oauth_apps %} that were previously authorized for the organization. For more information, see [AUTOTITLE](/authentication/authenticating-with-single-sign-on/about-authentication-with-single-sign-on#about-oauth-apps-github-apps-and-saml-sso). diff --git a/content/admin/managing-iam/using-saml-for-enterprise-iam/troubleshooting-saml-authentication.md b/content/admin/managing-iam/using-saml-for-enterprise-iam/troubleshooting-saml-authentication.md index c5711c261650..78fd0fa69337 100644 --- a/content/admin/managing-iam/using-saml-for-enterprise-iam/troubleshooting-saml-authentication.md +++ b/content/admin/managing-iam/using-saml-for-enterprise-iam/troubleshooting-saml-authentication.md @@ -18,7 +18,7 @@ category: {% data variables.product.prodname_ghe_server %} logs error messages for failed SAML authentication in the systemd journal logs for the `github-unicorn` container. You can review responses in this log, and you can also configure more verbose logging. -For more information about SAML response requirements, see [AUTOTITLE](/admin/identity-and-access-management/using-saml-for-enterprise-iam/saml-configuration-reference#saml-response-requirements). +For more information about SAML response requirements, see [AUTOTITLE](/admin/managing-iam/iam-configuration-reference/saml-configuration-reference#saml-response-requirements). ## Configuring SAML debugging @@ -27,7 +27,7 @@ You can configure {% data variables.product.prodname_ghe_server %} to write verb > [!WARNING] > > * Only enable SAML debugging temporarily, and disable debugging immediately after you finish troubleshooting. If you leave debugging enabled, the size of the logs increases much faster than usual, which can negatively impact the performance of {% data variables.product.prodname_ghe_server %}. -> * Test new authentication settings for {% data variables.location.product_location %} in a staging environment before you apply the settings in your production environment. For more information, see [AUTOTITLE](/admin/installation/setting-up-a-github-enterprise-server-instance/setting-up-a-staging-instance). +> * Test new authentication settings for {% data variables.location.product_location %} in a staging environment before you apply the settings in your production environment. For more information, see [AUTOTITLE](/admin/installing-your-enterprise-server/setting-up-a-github-enterprise-server-instance/setting-up-a-staging-instance). {% data reusables.enterprise-accounts.access-enterprise %} {% data reusables.enterprise-accounts.policies-tab %} @@ -40,7 +40,7 @@ You can configure {% data variables.product.prodname_ghe_server %} to write verb ## Decoding responses -Some output in the `systemd` journal for `github-unicorn` may be Base64-encoded. You can access the administrative shell and use the `base64` utility on {% data variables.location.product_location %} to decode these responses. For more information, see [AUTOTITLE](/admin/configuration/configuring-your-enterprise/accessing-the-administrative-shell-ssh). +Some output in the `systemd` journal for `github-unicorn` may be Base64-encoded. You can access the administrative shell and use the `base64` utility on {% data variables.location.product_location %} to decode these responses. For more information, see [AUTOTITLE](/admin/administering-your-instance/administering-your-instance-from-the-command-line/accessing-the-administrative-shell-ssh). To decode the output, run the following command, replacing `ENCODED_OUTPUT` with the encoded output from the log. @@ -56,7 +56,7 @@ When the user signs in again, {% data variables.product.prodname_ghe_server %} c > Another user already owns the account. Please have your administrator check the authentication log. -The message typically indicates that the person's username or email address has changed on the IdP. Ensure that the `NameID` and `nameid-format` mapping for the user account on {% data variables.product.prodname_ghe_server %} matches the user's `NameID` and `nameid-format` on your IdP. For more information, see [AUTOTITLE](/admin/identity-and-access-management/using-saml-for-enterprise-iam/updating-a-users-saml-nameid). +The message typically indicates that the person's username or email address has changed on the IdP. Ensure that the `NameID` and `nameid-format` mapping for the user account on {% data variables.product.prodname_ghe_server %} matches the user's `NameID` and `nameid-format` on your IdP. For more information, see [AUTOTITLE](/admin/managing-iam/using-saml-for-enterprise-iam/updating-a-users-saml-nameid). ## Error: Recipient in SAML response was blank or not valid @@ -111,6 +111,6 @@ This error can occur in version 3.17.0 or later of {% data variables.location.pr A "Digest mismatch" error indicates that your SAML IdP is using a different SAML signing certificate than the one you have uploaded to {% data variables.product.github %}{% ifversion ghes %} or that the **Signature Method** or **Digest Method** configured on {% data variables.product.github %} differs from what your IdP is using{% endif %}. -{% ifversion ghes %}Re-download this SAML certificate from your IdP and validate it using an online tool, such as the [Format a x509 cert](https://www.samltool.com/format_x509cert.php) tool from OneLogin. Then upload the SAML certificate again in the "Authentication" section in your {% data variables.product.prodname_ghe_server %} management console. See [AUTOTITLE](/admin/configuration/configuring-your-enterprise/accessing-the-management-console#accessing-the-management-console-as-an-unauthenticated-user).{% endif %} +{% ifversion ghes %}Re-download this SAML certificate from your IdP and validate it using an online tool, such as the [Format a x509 cert](https://www.samltool.com/format_x509cert.php) tool from OneLogin. Then upload the SAML certificate again in the "Authentication" section in your {% data variables.product.prodname_ghe_server %} management console. See [AUTOTITLE](/admin/administering-your-instance/administering-your-instance-from-the-web-ui/accessing-the-management-console#accessing-the-as-an-unauthenticated-user).{% endif %} {% ifversion ghec %}Re-download this SAML certificate from your IdP and validate it using a tool such as the [Format a x509 cert](https://www.samltool.com/format_x509cert.php) tool from OneLogin. Then update the certificate saved in the {% data variables.product.github %} SAML settings.{% endif %} diff --git a/content/admin/managing-iam/using-saml-for-enterprise-iam/updating-a-users-saml-nameid.md b/content/admin/managing-iam/using-saml-for-enterprise-iam/updating-a-users-saml-nameid.md index 4d329149a420..c079d1810f11 100644 --- a/content/admin/managing-iam/using-saml-for-enterprise-iam/updating-a-users-saml-nameid.md +++ b/content/admin/managing-iam/using-saml-for-enterprise-iam/updating-a-users-saml-nameid.md @@ -13,7 +13,7 @@ category: ## About updates to users' SAML `NameID` -In some situations, you may need to update values associated with a person's account on your SAML IdP. If that identifier is also the `NameID` that you use for authentication on {% data variables.product.github %}, you must update the `NameID` mapping on your instance so the person can continue to authenticate successfully. For more information, see [AUTOTITLE](/admin/identity-and-access-management/managing-iam-for-your-enterprise/username-considerations-for-external-authentication). +In some situations, you may need to update values associated with a person's account on your SAML IdP. If that identifier is also the `NameID` that you use for authentication on {% data variables.product.github %}, you must update the `NameID` mapping on your instance so the person can continue to authenticate successfully. For more information, see [AUTOTITLE](/admin/managing-iam/iam-configuration-reference/username-considerations-for-external-authentication). To update user SAML `NameID` mappings in bulk, you can use the `ghe-saml-mapping-csv` command. For more information, see [AUTOTITLE](/admin/administering-your-instance/administering-your-instance-from-the-command-line/command-line-utilities#ghe-saml-mapping-csv). diff --git a/content/admin/managing-your-enterprise-account/changing-the-url-for-your-enterprise.md b/content/admin/managing-your-enterprise-account/changing-the-url-for-your-enterprise.md index 09df7338622f..f898e0825de0 100644 --- a/content/admin/managing-your-enterprise-account/changing-the-url-for-your-enterprise.md +++ b/content/admin/managing-your-enterprise-account/changing-the-url-for-your-enterprise.md @@ -28,9 +28,9 @@ Parts of your system that may be affected by changing the slug include, but are ### SAML single sign-on (SSO) -If you have enabled SAML single sign-on (SSO) at the enterprise level, you will need to reconfigure the settings in your identity provider (IdP) to use the new enterprise slug. When you change your slug, existing IdP sessions are not revoked, but your members won't be able to use SSO to access resources in your enterprise until you update the IdP settings. If you have enabled SAML or SCIM at the organization level, changing the slug will not affect SSO. For more information, see [AUTOTITLE](/admin/identity-and-access-management/using-saml-for-enterprise-iam/configuring-saml-single-sign-on-for-your-enterprise). +If you have enabled SAML single sign-on (SSO) at the enterprise level, you will need to reconfigure the settings in your identity provider (IdP) to use the new enterprise slug. When you change your slug, existing IdP sessions are not revoked, but your members won't be able to use SSO to access resources in your enterprise until you update the IdP settings. If you have enabled SAML or SCIM at the organization level, changing the slug will not affect SSO. For more information, see [AUTOTITLE](/admin/managing-iam/using-saml-for-enterprise-iam/configuring-saml-single-sign-on-for-your-enterprise). -Before changing the slug, to ensure you will have access to your enterprise even if SSO is not working, we recommend you download the recovery codes for your enterprise. For more information, see [AUTOTITLE](/admin/identity-and-access-management/managing-recovery-codes-for-your-enterprise/downloading-your-enterprise-accounts-single-sign-on-recovery-codes). +Before changing the slug, to ensure you will have access to your enterprise even if SSO is not working, we recommend you download the recovery codes for your enterprise. For more information, see [AUTOTITLE](/admin/managing-iam/managing-recovery-codes-for-your-enterprise/downloading-your-enterprise-accounts-single-sign-on-recovery-codes). ### API endpoints @@ -38,11 +38,11 @@ Many {% data variables.product.company_short %} API endpoints for managing an en ### OpenID Connect with {% data variables.product.prodname_actions %} workflows -If you use OpenID Connect (OIDC) in {% data variables.product.prodname_actions %} workflows, and have configured your cloud provider to only accept tokens from a unique URL that includes your enterprise slug, you will need to update the settings in your cloud provider. To prevent workflows from failing, the most robust option is to configure your provider to accept tokens from both the old and new slug just before you change the slug. For more information, see [AUTOTITLE](/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect#customizing-the-issuer-value-for-an-enterprise). +If you use OpenID Connect (OIDC) in {% data variables.product.prodname_actions %} workflows, and have configured your cloud provider to only accept tokens from a unique URL that includes your enterprise slug, you will need to update the settings in your cloud provider. To prevent workflows from failing, the most robust option is to configure your provider to accept tokens from both the old and new slug just before you change the slug. For more information, see [AUTOTITLE](/actions/concepts/security/openid-connect#customizing-the-issuer-value-for-an-enterprise). ### {% data variables.product.prodname_github_connect %} -If your enterprise is linked to one or more {% data variables.product.prodname_ghe_server %} instances via {% data variables.product.prodname_github_connect %}, after changing the slug, you'll need to reset the connection by disabling and then reenabling {% data variables.product.prodname_github_connect %}. For more information, see [AUTOTITLE](/enterprise-server@latest/admin/configuration/configuring-github-connect/managing-github-connect) in the {% data variables.product.prodname_ghe_server %} documentation. +If your enterprise is linked to one or more {% data variables.product.prodname_ghe_server %} instances via {% data variables.product.prodname_github_connect %}, after changing the slug, you'll need to reset the connection by disabling and then reenabling {% data variables.product.prodname_github_connect %}. For more information, see [AUTOTITLE](/enterprise-server@latest/admin/configuring-settings/configuring-github-connect/enabling-github-connect-for-githubcom) in the {% data variables.product.prodname_ghe_server %} documentation. ## Changing the enterprise slug diff --git a/content/admin/managing-your-enterprise-account/creating-a-readme-for-an-enterprise.md b/content/admin/managing-your-enterprise-account/creating-a-readme-for-an-enterprise.md index 0649b63c0c12..d1fb54cd4633 100644 --- a/content/admin/managing-your-enterprise-account/creating-a-readme-for-an-enterprise.md +++ b/content/admin/managing-your-enterprise-account/creating-a-readme-for-an-enterprise.md @@ -33,4 +33,4 @@ You can also create READMEs for organizations in your enterprise, visible either ## Further reading * [AUTOTITLE](/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/about-readmes) -* [AUTOTITLE](/account-and-profile/setting-up-and-managing-your-github-profile/customizing-your-profile/managing-your-profile-readme) +* [AUTOTITLE](/account-and-profile/how-tos/profile-customization/managing-your-profile-readme) diff --git a/content/admin/managing-your-enterprise-account/creating-an-enterprise-account.md b/content/admin/managing-your-enterprise-account/creating-an-enterprise-account.md index fa371c845c67..23d2dd5f55ec 100644 --- a/content/admin/managing-your-enterprise-account/creating-an-enterprise-account.md +++ b/content/admin/managing-your-enterprise-account/creating-an-enterprise-account.md @@ -23,7 +23,7 @@ category: ## When should I create an enterprise account? -{% data variables.product.prodname_ghe_cloud %} allows you to create an enterprise account, which enables collaboration between **multiple organizations** and gives administrators a single point of visibility and management. See [AUTOTITLE](/admin/managing-your-enterprise-account/about-enterprise-accounts). +{% data variables.product.prodname_ghe_cloud %} allows you to create an enterprise account, which enables collaboration between **multiple organizations** and gives administrators a single point of visibility and management. See [AUTOTITLE](/admin/concepts/enterprise-fundamentals/enterprise-accounts). In most cases, you can create an enterprise account **yourself**. @@ -43,7 +43,7 @@ In these cases, contact {% data variables.contact.contact_enterprise_sales %}. The following changes also apply to single organizations that are automatically upgraded to an enterprise account. For details, see [{% data variables.product.prodname_blog %}](https://github.blog/changelog/2024-06-19-upcoming-automatic-upgrade-to-the-enterprise-account-experience/). -* **Ownership transfer:** Your organization will automatically be owned by the enterprise account. For details, see [AUTOTITLE](/admin/user-management/managing-organizations-in-your-enterprise/adding-organizations-to-your-enterprise#about-addition-of-organizations-to-your-enterprise-account). +* **Ownership transfer:** Your organization will automatically be owned by the enterprise account. For details, see [AUTOTITLE](/admin/managing-accounts-and-repositories/managing-organizations-in-your-enterprise/adding-organizations-to-your-enterprise). * **Ownership roles:** All organization owners will become enterprise owners. * **Billing details:** The organization’s billing details will now apply to the enterprise account. * **Billing managers:** All organization billing managers will become enterprise billing managers. @@ -72,4 +72,4 @@ Set up your new enterprise with our [AUTOTITLE](/enterprise-cloud@latest/enterpr ## Further reading -* [AUTOTITLE](/admin/user-management/managing-users-in-your-enterprise/roles-in-an-enterprise) +* [AUTOTITLE](/admin/managing-accounts-and-repositories/managing-roles-in-your-enterprise/abilities-of-roles) diff --git a/content/admin/monitoring-activity-in-your-enterprise/analyzing-how-your-team-works-with-server-statistics/about-server-statistics.md b/content/admin/monitoring-activity-in-your-enterprise/analyzing-how-your-team-works-with-server-statistics/about-server-statistics.md index a1afc50a9152..3f33cf3af41f 100644 --- a/content/admin/monitoring-activity-in-your-enterprise/analyzing-how-your-team-works-with-server-statistics/about-server-statistics.md +++ b/content/admin/monitoring-activity-in-your-enterprise/analyzing-how-your-team-works-with-server-statistics/about-server-statistics.md @@ -14,7 +14,7 @@ category: {% data variables.product.prodname_server_statistics %} can help you anticipate the needs of your organization, understand how your team works, and show the value you get from {% data variables.product.prodname_ghe_server %}. -Once enabled, {% data variables.product.prodname_server_statistics %} collects aggregate data on how much certain features are used on your instance over time. Unlike other [Admin Stats API](/rest/enterprise-admin/admin-stats) endpoints, which only return data for the last day, {% data variables.product.prodname_server_statistics %} provides historical data of all {% data variables.product.prodname_server_statistics %} metrics collected since the day you enabled the feature. For more information, see [AUTOTITLE](/admin/configuration/configuring-github-connect/enabling-server-statistics-for-your-enterprise). +Once enabled, {% data variables.product.prodname_server_statistics %} collects aggregate data on how much certain features are used on your instance over time. Unlike other [Admin Stats API](/rest/enterprise-admin/admin-stats) endpoints, which only return data for the last day, {% data variables.product.prodname_server_statistics %} provides historical data of all {% data variables.product.prodname_server_statistics %} metrics collected since the day you enabled the feature. For more information, see [AUTOTITLE](/admin/configuring-settings/configuring-github-connect/enabling-server-statistics-for-your-enterprise). When you enable {% data variables.product.prodname_server_statistics %}, you're helping to build a better {% data variables.product.prodname_dotcom %}. The aggregated data you'll provide gives us insights into how {% data variables.product.prodname_dotcom %} adds value to our customers. This information allows {% data variables.product.company_short %} to make better and more informed product decisions, ultimately benefiting you. @@ -36,7 +36,7 @@ For a better understanding of how we store and secure {% data variables.product. {% data variables.product.company_short %} collects {% data variables.product.prodname_server_statistics %} data for as long as your {% data variables.product.prodname_ghe_server %} license is active and the {% data variables.product.prodname_server_statistics %} feature is enabled. -If you would like to delete your data, you may do so by contacting GitHub Support, your {% data variables.product.prodname_dotcom %} account representative, or your Customer Success Manager. Generally, we delete data in the timeframe specified in our privacy statement. For more information, see [{% data variables.product.company_short %}'s privacy statement](/free-pro-team@latest/site-policy/privacy-policies/github-privacy-statement#data-retention-and-deletion-of-data) in the {% data variables.product.prodname_dotcom_the_website %} documentation. +If you would like to delete your data, you may do so by contacting GitHub Support, your {% data variables.product.prodname_dotcom %} account representative, or your Customer Success Manager. Generally, we delete data in the timeframe specified in our privacy statement. For more information, see [{% data variables.product.company_short %}'s privacy statement](/free-pro-team@latest/site-policy/privacy-policies/github-general-privacy-statement) in the {% data variables.product.prodname_dotcom_the_website %} documentation. ### About data portability @@ -44,7 +44,7 @@ As an organization owner or enterprise owner on {% data variables.product.prodna ## About disabling data collection -You can disable the {% data variables.product.prodname_server_statistics %} feature at any time. For more information, see [AUTOTITLE](/admin/configuration/configuring-github-connect/enabling-server-statistics-for-your-enterprise). +You can disable the {% data variables.product.prodname_server_statistics %} feature at any time. For more information, see [AUTOTITLE](/admin/configuring-settings/configuring-github-connect/enabling-server-statistics-for-your-enterprise). ## {% data variables.product.prodname_server_statistics %} data collected @@ -54,7 +54,7 @@ The following aggregate metrics will be collected and transmitted on a daily bas | CSV column | Name | Description | | ---------- | ---- | ----------- | -| A | `github_connect.features_enabled` | Array of {% data variables.product.prodname_github_connect %} features that are enabled for your instance (see [AUTOTITLE](/admin/configuration/configuring-github-connect/about-github-connect#github-connect-features) ) | +| A | `github_connect.features_enabled` | Array of {% data variables.product.prodname_github_connect %} features that are enabled for your instance (see [AUTOTITLE](/admin/configuring-settings/configuring-github-connect/about-github-connect#github-connect-features) ) | | B | `host_name` | The hostname for your instance | | C | `dormant_users.dormancy_threshold` | The length of time a user must be inactive to be considered dormant | | D | `dormant_users.total_dormant_users` | Number of dormant user accounts | diff --git a/content/admin/monitoring-activity-in-your-enterprise/analyzing-how-your-team-works-with-server-statistics/exporting-server-statistics.md b/content/admin/monitoring-activity-in-your-enterprise/analyzing-how-your-team-works-with-server-statistics/exporting-server-statistics.md index 66cb3f356c17..d81cc40ee63d 100644 --- a/content/admin/monitoring-activity-in-your-enterprise/analyzing-how-your-team-works-with-server-statistics/exporting-server-statistics.md +++ b/content/admin/monitoring-activity-in-your-enterprise/analyzing-how-your-team-works-with-server-statistics/exporting-server-statistics.md @@ -12,7 +12,7 @@ category: You can download up to the last 365 days of {% data variables.product.prodname_server_statistics %} data in a CSV or JSON file. This data, which includes aggregate metrics on repositories, issues, and pull requests, can help you anticipate the needs of your organization, understand how your team works, and show the value you get from {% data variables.product.prodname_ghe_server %}. -Before you can download this data, you must enable {% data variables.product.prodname_server_statistics %}. For more information, see [AUTOTITLE](/admin/configuration/configuring-github-connect/enabling-server-statistics-for-your-enterprise). +Before you can download this data, you must enable {% data variables.product.prodname_server_statistics %}. For more information, see [AUTOTITLE](/admin/configuring-settings/configuring-github-connect/enabling-server-statistics-for-your-enterprise). To preview the metrics available to download, see [AUTOTITLE](/admin/monitoring-activity-in-your-enterprise/analyzing-how-your-team-works-with-server-statistics/about-server-statistics). @@ -20,7 +20,7 @@ To download these metrics, you must be an enterprise owner or organization owner * If {% data variables.location.product_location %} is connected to an enterprise account on {% data variables.product.prodname_ghe_cloud %}, see [Downloading metrics from your enterprise account](#downloading-metrics-from-your-enterprise-account). * If {% data variables.location.product_location %} is connected to an organization on {% data variables.product.prodname_ghe_cloud %}, see [Downloading metrics from your organization](#downloading-metrics-from-your-organization). -To learn more about {% data variables.product.prodname_github_connect %}, see [AUTOTITLE](/admin/configuration/configuring-github-connect/about-github-connect). +To learn more about {% data variables.product.prodname_github_connect %}, see [AUTOTITLE](/admin/configuring-settings/configuring-github-connect/about-github-connect). ## Downloading metrics from your enterprise account diff --git a/content/admin/monitoring-activity-in-your-enterprise/analyzing-how-your-team-works-with-server-statistics/requesting-server-statistics-using-the-rest-api.md b/content/admin/monitoring-activity-in-your-enterprise/analyzing-how-your-team-works-with-server-statistics/requesting-server-statistics-using-the-rest-api.md index d219d394da48..8015aa2241df 100644 --- a/content/admin/monitoring-activity-in-your-enterprise/analyzing-how-your-team-works-with-server-statistics/requesting-server-statistics-using-the-rest-api.md +++ b/content/admin/monitoring-activity-in-your-enterprise/analyzing-how-your-team-works-with-server-statistics/requesting-server-statistics-using-the-rest-api.md @@ -12,6 +12,6 @@ category: You can request up to 365 days of metrics in a single {% data variables.product.prodname_server_statistics %} REST API request. This data, which includes aggregate metrics on repositories, issues, and pull requests, can help you anticipate the needs of your organization, understand how your team works, and show the value you get from {% data variables.product.prodname_ghe_server %}. For a list of the metrics collected, see [AUTOTITLE](/admin/monitoring-activity-in-your-enterprise/analyzing-how-your-team-works-with-server-statistics/about-server-statistics#server-statistics-data-collected). -Before you can use the {% data variables.product.prodname_server_statistics %} REST API, you must enable {% data variables.product.prodname_server_statistics %}. For more information, see [AUTOTITLE](/admin/configuration/configuring-github-connect/enabling-server-statistics-for-your-enterprise). +Before you can use the {% data variables.product.prodname_server_statistics %} REST API, you must enable {% data variables.product.prodname_server_statistics %}. For more information, see [AUTOTITLE](/admin/configuring-settings/configuring-github-connect/enabling-server-statistics-for-your-enterprise). For more information about using the REST API to request server statistics, see [AUTOTITLE](/enterprise-cloud@latest/rest/enterprise-admin/admin-stats#get-github-enterprise-server-statistics) in the {% data variables.product.prodname_ghe_cloud %} documentation. diff --git a/content/admin/monitoring-activity-in-your-enterprise/exploring-user-activity-in-your-enterprise/accessing-reports-for-your-instance.md b/content/admin/monitoring-activity-in-your-enterprise/exploring-user-activity-in-your-enterprise/accessing-reports-for-your-instance.md index 19ac5cbc7e46..4cbfc9445a45 100644 --- a/content/admin/monitoring-activity-in-your-enterprise/exploring-user-activity-in-your-enterprise/accessing-reports-for-your-instance.md +++ b/content/admin/monitoring-activity-in-your-enterprise/exploring-user-activity-in-your-enterprise/accessing-reports-for-your-instance.md @@ -25,14 +25,14 @@ You can download CSV files that report the following information: * All users * All active users -* All [dormant users](/admin/user-management/managing-users-in-your-enterprise/managing-dormant-users) +* All [dormant users](/admin/managing-accounts-and-repositories/managing-users-in-your-enterprise/managing-dormant-users) * All users who have been suspended * All organizations * All repositories ## Downloading reports programmatically -You can also access reports programmatically via standard HTTP authentication and a {% data variables.product.pat_v1 %}. You must use a {% data variables.product.pat_v1 %} with the `site_admin` scope. For more information, see [AUTOTITLE](/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token). +You can also access reports programmatically via standard HTTP authentication and a {% data variables.product.pat_v1 %}. You must use a {% data variables.product.pat_v1 %} with the `site_admin` scope. For more information, see [AUTOTITLE](/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens). For example, you can download the "all users" report using curl: diff --git a/content/admin/monitoring-activity-in-your-enterprise/exploring-user-activity-in-your-enterprise/managing-global-webhooks.md b/content/admin/monitoring-activity-in-your-enterprise/exploring-user-activity-in-your-enterprise/managing-global-webhooks.md index d42cce89fda4..88b5a5ca499c 100644 --- a/content/admin/monitoring-activity-in-your-enterprise/exploring-user-activity-in-your-enterprise/managing-global-webhooks.md +++ b/content/admin/monitoring-activity-in-your-enterprise/exploring-user-activity-in-your-enterprise/managing-global-webhooks.md @@ -25,7 +25,7 @@ category: ## About global webhooks -You can use global webhooks to notify an external web server when events occur within your enterprise. You can configure the server to receive the webhook's payload, then run an application or code that monitors, responds to, or enforces rules for user and organization management for your enterprise. For more information, see [AUTOTITLE](/webhooks-and-events/webhooks). +You can use global webhooks to notify an external web server when events occur within your enterprise. You can configure the server to receive the webhook's payload, then run an application or code that monitors, responds to, or enforces rules for user and organization management for your enterprise. For more information, see [AUTOTITLE](/webhooks). For example, you can configure {% data variables.product.github %} to send a webhook when someone creates, deletes, or modifies a repository or organization within your enterprise. You can configure the server to automatically perform a task after receiving the webhook. diff --git a/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/configuring-the-audit-log-for-your-enterprise.md b/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/configuring-the-audit-log-for-your-enterprise.md index 3b422b7b7218..f38d8ae73db8 100644 --- a/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/configuring-the-audit-log-for-your-enterprise.md +++ b/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/configuring-the-audit-log-for-your-enterprise.md @@ -31,7 +31,7 @@ You can configure a retention period for audit log data for {% data variables.lo You can enable or disable Git-related events, such as `git.clone` and `git.push`, from appearing in your audit log. For a list of the Git events are logged, see [AUTOTITLE](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/audit-log-events-for-your-enterprise#git). -If you do enable Git events, due to the large number of Git events that are logged, we recommend monitoring your instance's file storage and reviewing your related alert configurations. For more information, see [AUTOTITLE](/admin/enterprise-management/monitoring-your-appliance/recommended-alert-thresholds#monitoring-storage). +If you do enable Git events, due to the large number of Git events that are logged, we recommend monitoring your instance's file storage and reviewing your related alert configurations. For more information, see [AUTOTITLE](/admin/monitoring-and-managing-your-instance/monitoring-your-instance/recommended-alert-thresholds#monitoring-storage). Before you can enable Git events in the audit log, you must configure a retention period for audit log data other than "infinite." For more information, see [Configuring a retention period for audit log data](#configuring-a-retention-period-for-audit-log-data). diff --git a/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/displaying-ip-addresses-in-the-audit-log-for-your-enterprise.md b/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/displaying-ip-addresses-in-the-audit-log-for-your-enterprise.md index b396ba80df26..fbeb4cf15714 100644 --- a/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/displaying-ip-addresses-in-the-audit-log-for-your-enterprise.md +++ b/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/displaying-ip-addresses-in-the-audit-log-for-your-enterprise.md @@ -18,7 +18,7 @@ You are responsible for meeting any legal obligations that accompany the viewing If you choose to display IP addresses for your enterprise account, IP addresses for **new and existing events** will appear in both your enterprise's audit log and the audit log of every organization owned by your enterprise. Alternatively, you can enable the display of IP addresses in the audit log for individual organizations. For more information, see [AUTOTITLE](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/displaying-ip-addresses-in-the-audit-log-for-your-organization). -You can display IP addresses in the audit log regardless of which authentication method you use for your enterprise on {% data variables.product.github %}. For more information, see [AUTOTITLE](/admin/identity-and-access-management/managing-iam-for-your-enterprise/about-authentication-for-your-enterprise). +You can display IP addresses in the audit log regardless of which authentication method you use for your enterprise on {% data variables.product.github %}. For more information, see [AUTOTITLE](/admin/concepts/identity-and-access-management/identity-and-access-management-fundamentals). {% data reusables.audit_log.users-agree-to-ip-collection %} diff --git a/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/using-the-audit-log-api-for-your-enterprise.md b/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/using-the-audit-log-api-for-your-enterprise.md index ece35061c04d..aefd47fa7595 100644 --- a/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/using-the-audit-log-api-for-your-enterprise.md +++ b/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/using-the-audit-log-api-for-your-enterprise.md @@ -33,15 +33,15 @@ You can use the `read:audit_log` scope to access the audit log via the API. ## Rate limit -Each audit log API endpoint has a rate limit of 1,750 queries per hour for a given combination of user and IP address. To avoid rate limiting, integrations that query the audit log API should query at a maximum frequency of 1,750 queries per hour. Additionally, if your integration receives a rate limit error (typically a 403 or 429 response), it should wait before making another request to the API. See [AUTOTITLE](/rest/overview/rate-limits-for-the-rest-api) and [AUTOTITLE](/rest/guides/best-practices-for-integrators).{% endif %} +Each audit log API endpoint has a rate limit of 1,750 queries per hour for a given combination of user and IP address. To avoid rate limiting, integrations that query the audit log API should query at a maximum frequency of 1,750 queries per hour. Additionally, if your integration receives a rate limit error (typically a 403 or 429 response), it should wait before making another request to the API. See [AUTOTITLE](/rest/using-the-rest-api/rate-limits-for-the-rest-api) and [AUTOTITLE](/rest/using-the-rest-api/best-practices-for-using-the-rest-api). {% endif %} ## Example 1: All events in an enterprise, for a specific date, with pagination -You can use {% ifversion ghes %}page-based{% else %}cursor based{% endif %} pagination. For more information about pagination, see [AUTOTITLE](/rest/guides/using-pagination-in-the-rest-api). +You can use {% ifversion ghes %}page-based{% else %}cursor-based{% endif %} pagination. For more information about pagination, see [AUTOTITLE](/rest/using-the-rest-api/using-pagination-in-the-rest-api). {% ifversion ghes %} -The query below searches for audit log events created on Jan 1st, 2022 in the `avocado-corp` enterprise, and return the first page with a maximum of 100 items per page using pagination. For more information about pagination, see [AUTOTITLE](/rest/guides/using-pagination-in-the-rest-api). +The query below searches for audit log events created on Jan 1st, 2022 in the `avocado-corp` enterprise, and returns the first page with a maximum of 100 items per page using pagination. For more information about pagination, see [AUTOTITLE](/rest/using-the-rest-api/using-pagination-in-the-rest-api). ```shell curl -H "Authorization: Bearer TOKEN" \ @@ -51,7 +51,7 @@ curl -H "Authorization: Bearer TOKEN" \ {% else %} -The query below searches for audit log events created on Jan 1st, 2022 in the `avocado-corp` enterprise, and returns the first page with a maximum of 100 items per page using pagination. For more information about pagination, see [AUTOTITLE](/rest/guides/using-pagination-in-the-rest-api). The `--include` flag causes the headers to be returned along with the response. +The query below searches for audit log events created on Jan 1st, 2022 in the `avocado-corp` enterprise, and returns the first page with a maximum of 100 items per page using pagination. For more information about pagination, see [AUTOTITLE](/rest/using-the-rest-api/using-pagination-in-the-rest-api). The `--include` flag causes the headers to be returned along with the response. ```shell curl --include -H "Authorization: Bearer TOKEN" \ diff --git a/content/admin/monitoring-and-managing-your-instance/caching-repositories/about-repository-caching.md b/content/admin/monitoring-and-managing-your-instance/caching-repositories/about-repository-caching.md index d1c4921049da..7265a44484e4 100644 --- a/content/admin/monitoring-and-managing-your-instance/caching-repositories/about-repository-caching.md +++ b/content/admin/monitoring-and-managing-your-instance/caching-repositories/about-repository-caching.md @@ -15,12 +15,12 @@ If you have teams and CI farms located around the world, you may experience redu A repository cache eliminates the need for {% data variables.product.prodname_ghe_server %} to transmit the same Git data over a long-haul network link multiple times to serve multiple clients, by serving your repository data close to CI farms and distributed teams. For instance, if your primary instance is in North America and you also have a large presence in Asia, you will benefit from setting up the repository cache in Asia for use by CI runners there. -The repository cache listens to the primary instance, whether that's a single instance or a geo-replicated set of instances, for changes to Git data. CI farms and other read-heavy consumers clone and fetch from the repository cache instead of the primary instance. Changes are propagated across the network, at periodic intervals, once per cache instance rather than once per client. Git data will typically be visible on the repository cache within several minutes after the data is pushed to the primary instance. The [`cache_sync` webhook](/webhooks-and-events/webhooks/webhook-events-and-payloads#cache_sync) can be used by CI systems to react to data being available in the cache. +The repository cache listens to the primary instance, whether that's a single instance or a geo-replicated set of instances, for changes to Git data. CI farms and other read-heavy consumers clone and fetch from the repository cache instead of the primary instance. Changes are propagated across the network, at periodic intervals, once per cache instance rather than once per client. Git data will typically be visible on the repository cache within several minutes after the data is pushed to the primary instance. The [`cache_sync` webhook](/webhooks/webhook-events-and-payloads#cache_sync) can be used by CI systems to react to data being available in the cache. {% data variables.product.prodname_ghe_server %} caches both Git and {% data variables.large_files.product_name_long %} ({% data variables.large_files.product_name_short %}) data. You have fine-grained control over which repositories are allowed to sync to the repository cache. Git data will only be replicated to the locations you specify. -{% data reusables.enterprise.repository-caching-config-summary %} For more information, see [AUTOTITLE](/admin/enterprise-management/caching-repositories/configuring-a-repository-cache). +{% data reusables.enterprise.repository-caching-config-summary %} For more information, see [AUTOTITLE](/admin/monitoring-and-managing-your-instance/caching-repositories/configuring-a-repository-cache). {% data reusables.enterprise_installation.replica-limit %} diff --git a/content/admin/monitoring-and-managing-your-instance/caching-repositories/configuring-a-repository-cache.md b/content/admin/monitoring-and-managing-your-instance/caching-repositories/configuring-a-repository-cache.md index 8f9d48569615..9a9059df15e0 100644 --- a/content/admin/monitoring-and-managing-your-instance/caching-repositories/configuring-a-repository-cache.md +++ b/content/admin/monitoring-and-managing-your-instance/caching-repositories/configuring-a-repository-cache.md @@ -34,7 +34,7 @@ Then, when told to fetch `https://github.example.com/myorg/myrepo`, Git will ins ## Configuring a repository cache -1. Set up a new {% data variables.product.prodname_ghe_server %} instance on your desired platform. This instance will be your repository cache. For more information, see [AUTOTITLE](/admin/installation/setting-up-a-github-enterprise-server-instance). +1. Set up a new {% data variables.product.prodname_ghe_server %} instance on your desired platform. This instance will be your repository cache. For more information, see [AUTOTITLE](/admin/installing-your-enterprise-server/setting-up-a-github-enterprise-server-instance). {% data reusables.enterprise_installation.replica-steps %} 1. Connect to the repository cache's IP address using SSH. @@ -58,8 +58,8 @@ Then, when told to fetch `https://github.example.com/myorg/myrepo`, Git will ins ``` 1. To configure the repository cache, use the `ghe-repl-node` command and include the necessary parameters. - * Set a `cache-location` for the repository cache, replacing _CACHE-LOCATION_ with an alphanumeric identifier, such as the region where the cache is deployed. The _CACHE-LOCATION_ value must not be any of the subdomains reserved for use with subdomain isolation, such as `assets` or `media`. For a list of reserved names, see [AUTOTITLE](/admin/configuration/configuring-network-settings/enabling-subdomain-isolation#about-subdomain-isolation). - * Set a `cache-domain` for the repository cache, replacing _EXTERNAL-CACHE-DOMAIN_ with the hostname Git clients will use to access the repository cache. If you do not specify a `cache-domain`, {% data variables.product.prodname_ghe_server %} will prepend the _CACHE-LOCATION_ value as a subdomain to the hostname configured for your instance. For more information, see [AUTOTITLE](/admin/configuration/configuring-network-settings/configuring-a-hostname). + * Set a `cache-location` for the repository cache, replacing _CACHE-LOCATION_ with an alphanumeric identifier, such as the region where the cache is deployed. The _CACHE-LOCATION_ value must not be any of the subdomains reserved for use with subdomain isolation, such as `assets` or `media`. For a list of reserved names, see [AUTOTITLE](/admin/configuring-settings/hardening-security-for-your-enterprise/enabling-subdomain-isolation#about-subdomain-isolation). + * Set a `cache-domain` for the repository cache, replacing _EXTERNAL-CACHE-DOMAIN_ with the hostname Git clients will use to access the repository cache. If you do not specify a `cache-domain`, {% data variables.product.prodname_ghe_server %} will prepend the _CACHE-LOCATION_ value as a subdomain to the hostname configured for your instance. For more information, see [AUTOTITLE](/admin/configuring-settings/configuring-network-settings/configuring-the-hostname-for-your-instance). * If you haven't already, set the datacenter name on the primary and any replica appliances, replacing DC-NAME with a datacenter name. ```shell diff --git a/content/admin/monitoring-and-managing-your-instance/configuring-clustering/about-clustering.md b/content/admin/monitoring-and-managing-your-instance/configuring-clustering/about-clustering.md index b715801168b3..876dfc2df20c 100644 --- a/content/admin/monitoring-and-managing-your-instance/configuring-clustering/about-clustering.md +++ b/content/admin/monitoring-and-managing-your-instance/configuring-clustering/about-clustering.md @@ -21,7 +21,7 @@ category: The cluster topology for {% data variables.product.prodname_ghe_server %} provides horizontal scaling for companies with tens of thousands of developers. {% data variables.product.company_short %} recommends clustering if a single primary node would routinely experience resource exhaustion. -In a cluster, the instance provides services and distributes data across multiple virtual machines (VMs) that run the {% data variables.product.prodname_ghe_server %} software. Each VM is called a node. For more information, see [AUTOTITLE](/admin/enterprise-management/configuring-clustering/about-cluster-nodes). +In a cluster, the instance provides services and distributes data across multiple virtual machines (VMs) that run the {% data variables.product.prodname_ghe_server %} software. Each VM is called a node. For more information, see [AUTOTITLE](/admin/monitoring-and-managing-your-instance/configuring-clustering/about-cluster-nodes). @@ -31,7 +31,7 @@ In a cluster, the instance provides services and distributes data across multipl {% data variables.product.prodname_ghe_server %} requires low latency between nodes and is not intended for redundancy across geographic locations. -Clustering provides redundancy, but it is not intended to replace a high-availability configuration. Configuration and maintenance of a high-availability configuration is far simpler than clustering and will accommodate most environments. For more information, see [AUTOTITLE](/admin/enterprise-management/configuring-high-availability) and [AUTOTITLE](/admin/enterprise-management/configuring-clustering/differences-between-clustering-and-high-availability-ha). +Clustering provides redundancy, but it is not intended to replace a high-availability configuration. Configuration and maintenance of a high-availability configuration is far simpler than clustering and will accommodate most environments. For more information, see [AUTOTITLE](/admin/monitoring-and-managing-your-instance/configuring-high-availability) and [AUTOTITLE](/admin/monitoring-and-managing-your-instance/configuring-clustering/differences-between-clustering-and-high-availability-ha). {% data reusables.package_registry.packages-cluster-support %} diff --git a/content/admin/monitoring-and-managing-your-instance/configuring-clustering/configuring-high-availability-replication-for-a-cluster.md b/content/admin/monitoring-and-managing-your-instance/configuring-clustering/configuring-high-availability-replication-for-a-cluster.md index 5d37c8bb5d2f..87428bf0f7c0 100644 --- a/content/admin/monitoring-and-managing-your-instance/configuring-clustering/configuring-high-availability-replication-for-a-cluster.md +++ b/content/admin/monitoring-and-managing-your-instance/configuring-clustering/configuring-high-availability-replication-for-a-cluster.md @@ -19,7 +19,7 @@ You can provide protection against disruption in a datacenter or cloud region by In a high availability configuration, nodes that host data services sync regularly with the replica cluster. Replica nodes run in standby and do not serve applications or process user requests. -We recommend configuring high availability as a part of a comprehensive disaster recovery plan for {% data variables.product.prodname_ghe_server %} clustering. We also recommend performing regular backups. For more information, see [AUTOTITLE](/enterprise/admin/configuration/configuring-backups-on-your-appliance). +We recommend configuring high availability as a part of a comprehensive disaster recovery plan for {% data variables.product.prodname_ghe_server %} clustering. We also recommend performing regular backups. For more information, see [AUTOTITLE](/admin/backing-up-and-restoring-your-instance/configuring-backups-on-your-instance). ## Prerequisites @@ -27,7 +27,7 @@ We recommend configuring high availability as a part of a comprehensive disaster For each existing node in your active cluster, you'll need to provision a second virtual machine with identical hardware resources. For example, if your cluster has 13 nodes and each node has 12 vCPUs, 96 GB of RAM, and 750 GB of attached storage, you must provision 13 new virtual machines that each have 12 vCPUs, 96 GB of RAM, and 750 GB of attached storage. -On each new virtual machine, install the same version of {% data variables.product.prodname_ghe_server %} that runs on the nodes in your active cluster. You don't need to upload a license or perform any additional configuration. For more information, see [AUTOTITLE](/enterprise/admin/installation/setting-up-a-github-enterprise-server-instance). +On each new virtual machine, install the same version of {% data variables.product.prodname_ghe_server %} that runs on the nodes in your active cluster. You don't need to upload a license or perform any additional configuration. For more information, see [AUTOTITLE](/admin/installing-your-enterprise-server/setting-up-a-github-enterprise-server-instance). > [!NOTE] > The nodes that you intend to use for high availability replication should be standalone {% data variables.product.prodname_ghe_server %} instances. Don't initialize the replica nodes as a second cluster. @@ -36,7 +36,7 @@ On each new virtual machine, install the same version of {% data variables.produ You must assign a static IP address to each new node that you provision, and you must configure a load balancer to accept connections and direct them to the nodes in your cluster's front-end tier. -{% data reusables.enterprise_clustering.network-latency %} For more information about network connectivity between nodes in the replica cluster, see [AUTOTITLE](/enterprise/admin/enterprise-management/cluster-network-configuration). +{% data reusables.enterprise_clustering.network-latency %} For more information about network connectivity between nodes in the replica cluster, see [AUTOTITLE](/admin/monitoring-and-managing-your-instance/configuring-clustering/cluster-network-configuration). ## Creating a high availability replica for a cluster @@ -60,7 +60,7 @@ To create a high availability replica for your cluster, use the `ghe-cluster-rep Initial replication between the active and replica nodes in your cluster takes time. The amount of time depends on the amount of data to replicate and the activity levels for {% data variables.product.prodname_ghe_server %}. -You can monitor the progress on any node in the cluster, using command-line tools available via the {% data variables.product.prodname_ghe_server %} administrative shell. For more information about the administrative shell, see [AUTOTITLE](/enterprise/admin/configuration/accessing-the-administrative-shell-ssh). +You can monitor the progress on any node in the cluster, using command-line tools available via the {% data variables.product.prodname_ghe_server %} administrative shell. For more information about the administrative shell, see [AUTOTITLE](/admin/administering-your-instance/administering-your-instance-from-the-command-line/accessing-the-administrative-shell-ssh). To monitor the replication of all services, use the following command. @@ -68,7 +68,7 @@ To monitor the replication of all services, use the following command. ghe-cluster-repl-status ``` -You can use `ghe-cluster-status` to review the overall health of your cluster. For more information, see [AUTOTITLE](/enterprise/admin/configuration/command-line-utilities#ghe-cluster-status). +You can use `ghe-cluster-status` to review the overall health of your cluster. For more information, see [AUTOTITLE](/admin/administering-your-instance/administering-your-instance-from-the-command-line/command-line-utilities#ghe-cluster-status). ## Reconfiguring high availability replication after a failover diff --git a/content/admin/monitoring-and-managing-your-instance/configuring-clustering/differences-between-clustering-and-high-availability-ha.md b/content/admin/monitoring-and-managing-your-instance/configuring-clustering/differences-between-clustering-and-high-availability-ha.md index 164c42a85e2b..7e2db84e9b32 100644 --- a/content/admin/monitoring-and-managing-your-instance/configuring-clustering/differences-between-clustering-and-high-availability-ha.md +++ b/content/admin/monitoring-and-managing-your-instance/configuring-clustering/differences-between-clustering-and-high-availability-ha.md @@ -20,9 +20,9 @@ category: You can deploy the virtual machines for a {% data variables.product.prodname_ghe_server %} instance in different topologies depending on your environment and user needs. -* To support a plan for disaster recovery and supplement backups, or to improve network and write performance for geographically distributed users, you can configure high availability. In a high-availability configuration, one node acts as a primary, while others act as replicas. For more information, see [AUTOTITLE](/admin/enterprise-management/configuring-high-availability/about-high-availability-configuration). +* To support a plan for disaster recovery and supplement backups, or to improve network and write performance for geographically distributed users, you can configure high availability. In a high-availability configuration, one node acts as a primary, while others act as replicas. For more information, see [AUTOTITLE](/admin/monitoring-and-managing-your-instance/configuring-high-availability/about-high-availability-configuration). -* To provide horizontal scaling for environments with tens of thousands of developers, a cluster topology is available. Clustering addresses situations where a single primary node would routinely experience resource exhaustion. This configuration requires careful planning and additional administrative overhead. {% data variables.product.company_short %} will work with you to determine your eligibility for clustering. For more information, see [AUTOTITLE](/admin/enterprise-management/configuring-clustering/about-clustering). +* To provide horizontal scaling for environments with tens of thousands of developers, a cluster topology is available. Clustering addresses situations where a single primary node would routinely experience resource exhaustion. This configuration requires careful planning and additional administrative overhead. {% data variables.product.company_short %} will work with you to determine your eligibility for clustering. For more information, see [AUTOTITLE](/admin/monitoring-and-managing-your-instance/configuring-clustering/about-clustering). ## Failure scenarios @@ -43,8 +43,8 @@ High availability (HA) and clustering both provide redundancy by eliminating the ## Backups and disaster recovery -Neither HA nor clustering should be considered a replacement for regular backups. For more information, see [AUTOTITLE](/admin/configuration/configuring-your-enterprise/configuring-backups-on-your-appliance). +Neither HA nor clustering should be considered a replacement for regular backups. For more information, see [AUTOTITLE](/admin/backing-up-and-restoring-your-instance/configuring-backups-on-your-instance). ## Monitoring -Availability features, especially ones with automatic failover such as clustering, can mask a failure since service is usually not disrupted when something fails. Whether you are using HA or clustering, monitoring the health of each instance is important so that you are aware when a failure occurs. For more information about monitoring, see [AUTOTITLE](/admin/enterprise-management/monitoring-your-appliance/recommended-alert-thresholds) and [AUTOTITLE](/admin/enterprise-management/configuring-clustering/monitoring-the-health-of-your-cluster). +Availability features, especially ones with automatic failover such as clustering, can mask a failure since service is usually not disrupted when something fails. Whether you are using HA or clustering, monitoring the health of each instance is important so that you are aware when a failure occurs. For more information about monitoring, see [AUTOTITLE](/admin/monitoring-and-managing-your-instance/monitoring-your-instance/recommended-alert-thresholds) and [AUTOTITLE](/admin/monitoring-and-managing-your-instance/configuring-clustering/monitoring-the-health-of-your-cluster). diff --git a/content/admin/monitoring-and-managing-your-instance/configuring-clustering/initializing-the-cluster.md b/content/admin/monitoring-and-managing-your-instance/configuring-clustering/initializing-the-cluster.md index 027b7e96ddae..0ef0509d0b5d 100644 --- a/content/admin/monitoring-and-managing-your-instance/configuring-clustering/initializing-the-cluster.md +++ b/content/admin/monitoring-and-managing-your-instance/configuring-clustering/initializing-the-cluster.md @@ -25,14 +25,14 @@ To deploy a {% data variables.product.prodname_ghe_server %} cluster in your env To start setting up the cluster, install the {% data variables.product.prodname_ghe_server %} appliance on each node's virtual machine (VM), then configure an IP address. -1. On each cluster node, provision and install {% data variables.product.prodname_ghe_server %}. For more information, see [AUTOTITLE](/admin/installation/setting-up-a-github-enterprise-server-instance). +1. On each cluster node, provision and install {% data variables.product.prodname_ghe_server %}. For more information, see [AUTOTITLE](/admin/installing-your-enterprise-server/setting-up-a-github-enterprise-server-instance). 1. Using the administrative shell or DHCP, **only** configure the IP address of each node. Don't configure any other settings. ## Configuring the first node On the node that will function as your primary MySQL node, install your {% data variables.product.prodname_ghe_server %} license. -1. Connect to the node that will be designated as MySQL primary in `cluster.conf`. For more information, see [AUTOTITLE](/admin/enterprise-management/configuring-clustering/initializing-the-cluster#about-the-cluster-configuration-file). +1. Connect to the node that will be designated as MySQL primary in `cluster.conf`. For more information, see [AUTOTITLE](/admin/monitoring-and-managing-your-instance/configuring-clustering/initializing-the-cluster). 1. In your web browser, visit `https://:8443/setup/`. {% data reusables.enterprise_installation.upload-a-license-file %} {% data reusables.enterprise_installation.save-settings-in-web-based-mgmt-console %} @@ -40,7 +40,7 @@ On the node that will function as your primary MySQL node, install your {% data ## Initializing the cluster -To initialize the cluster, you need a cluster configuration file (`cluster.conf`). For more information, see [AUTOTITLE](/admin/enterprise-management/configuring-clustering/initializing-the-cluster#about-the-cluster-configuration-file). +To initialize the cluster, you need a cluster configuration file (`cluster.conf`). For more information, see [AUTOTITLE](/admin/monitoring-and-managing-your-instance/configuring-clustering/initializing-the-cluster). 1. From the first node that was configured, run `ghe-cluster-config-init`. This will initialize the cluster if there are nodes in the cluster configuration file that are not configured. 1. Run `ghe-cluster-config-apply`. This will validate the `cluster.conf` file, apply the configuration to each node file and bring up the configured services on each node. @@ -50,7 +50,7 @@ To check the status of a running cluster use the `ghe-cluster-status` command. ## About the cluster configuration file The cluster configuration file (`cluster.conf`) defines the nodes in the cluster, and what services they run. -For more information, see [AUTOTITLE](/admin/enterprise-management/configuring-clustering/about-cluster-nodes). +For more information, see [AUTOTITLE](/admin/monitoring-and-managing-your-instance/configuring-clustering/about-cluster-nodes). This example `cluster.conf` defines a cluster with 11 nodes. @@ -61,7 +61,7 @@ This example `cluster.conf` defines a cluster with 11 nodes. You must choose a valid and unique hostname and IPv4 address for each node. To ensure that nodes are locally resolvable to each other, {% data variables.product.prodname_ghe_server %} will add a record for each node's hostname to `/etc/hosts` on every node. -* For more information about valid hostnames for {% data variables.product.prodname_ghe_server %}, see [AUTOTITLE](/admin/configuration/configuring-network-settings/configuring-the-hostname-for-your-instance). +* For more information about valid hostnames for {% data variables.product.prodname_ghe_server %}, see [AUTOTITLE](/admin/configuring-settings/configuring-network-settings/configuring-the-hostname-for-your-instance). * Each IPv4 address must be an address on a private network. See [RFC 1918](https://datatracker.ietf.org/doc/html/rfc1918) on the IETF website. Specify the first cluster node you configured as the MySQL primary via `mysql-server` and `mysql-master`. diff --git a/content/admin/monitoring-and-managing-your-instance/configuring-clustering/initiating-a-failover-to-your-replica-cluster.md b/content/admin/monitoring-and-managing-your-instance/configuring-clustering/initiating-a-failover-to-your-replica-cluster.md index 60078c00ced8..9576e5f6ead9 100644 --- a/content/admin/monitoring-and-managing-your-instance/configuring-clustering/initiating-a-failover-to-your-replica-cluster.md +++ b/content/admin/monitoring-and-managing-your-instance/configuring-clustering/initiating-a-failover-to-your-replica-cluster.md @@ -19,15 +19,15 @@ If the data center for your active cluster experiences a failure and you've conf Failing over to your replica cluster promotes it to be your new active cluster, and decouples the new active cluster from the old active cluster. The nodes in your old active cluster are placed in maintenance mode if they are in a healthy enough state for this operation to be performed. -After failover, you will have two standalone clusters without high availability configured. You can reconfigure replication from the new active cluster. For more information, see [AUTOTITLE](/enterprise/admin/enterprise-management/configuring-high-availability-replication-for-a-cluster#reconfiguring-high-availability-replication-after-a-failover). +After failover, you will have two standalone clusters without high availability configured. You can reconfigure replication from the new active cluster. For more information, see [AUTOTITLE](/admin/monitoring-and-managing-your-instance/configuring-clustering/configuring-high-availability-replication-for-a-cluster#reconfiguring-high-availability-replication-after-a-failover). ## Prerequisites -To fail over to replica nodes, you must have configured high availability replication for your cluster. For more information, see [AUTOTITLE](/enterprise/admin/enterprise-management/configuring-high-availability-replication-for-a-cluster). +To fail over to replica nodes, you must have configured high availability replication for your cluster. For more information, see [AUTOTITLE](/admin/monitoring-and-managing-your-instance/configuring-clustering/configuring-high-availability-replication-for-a-cluster). ## Initiating a failover to your replica cluster -1. SSH into the primary MySQL node in the replica cluster. For more information, see [AUTOTITLE](/enterprise/admin/configuration/accessing-the-administrative-shell-ssh#enabling-access-to-the-administrative-shell-via-ssh). +1. SSH into the primary MySQL node in the replica cluster. For more information, see [AUTOTITLE](/admin/administering-your-instance/administering-your-instance-from-the-command-line/accessing-the-administrative-shell-ssh#enabling-access-to-the-administrative-shell-via-ssh). 1. To begin the failover to the secondary cluster and configure the nodes to respond to requests, run the following command. ```shell diff --git a/content/admin/monitoring-and-managing-your-instance/configuring-clustering/monitoring-the-health-of-your-cluster-nodes-with-node-eligibility-service.md b/content/admin/monitoring-and-managing-your-instance/configuring-clustering/monitoring-the-health-of-your-cluster-nodes-with-node-eligibility-service.md index e91b2d3e4ff8..6cbad8bb373d 100644 --- a/content/admin/monitoring-and-managing-your-instance/configuring-clustering/monitoring-the-health-of-your-cluster-nodes-with-node-eligibility-service.md +++ b/content/admin/monitoring-and-managing-your-instance/configuring-clustering/monitoring-the-health-of-your-cluster-nodes-with-node-eligibility-service.md @@ -22,7 +22,7 @@ You can proactively mitigate the impact of reduced node availability by using {% By default, {% data variables.product.prodname_nes %} is disabled. If you enable {% data variables.product.prodname_nes %}, your instance will alert you of unhealthy nodes by displaying a banner in the administrative web UI for {% data variables.product.prodname_ghe_server %}, and in CLI output for some cluster-related utilities, such as `ghe-config-apply` and `ghe-cluster-diagnostics`. -{% data variables.product.prodname_nes %} allows you to monitor the health of individual nodes. You can also monitor the overall health of your cluster. For more information, see [AUTOTITLE](/admin/enterprise-management/configuring-clustering/monitoring-the-health-of-your-cluster). +{% data variables.product.prodname_nes %} allows you to monitor the health of individual nodes. You can also monitor the overall health of your cluster. For more information, see [AUTOTITLE](/admin/monitoring-and-managing-your-instance/configuring-clustering/monitoring-the-health-of-your-cluster). ## About health and eligibility of cluster nodes @@ -118,7 +118,7 @@ To manage whether {% data variables.product.prodname_nes %} can take a node and To view an overview of your nodes' health using {% data variables.product.prodname_nes %}, use one of the following methods. * SSH into any node in the cluster, then run `nes get-cluster-health`. -* Navigate to the {% data variables.enterprise.management_console %}'s "Status" page. For more information, see [AUTOTITLE](/admin/configuration/administering-your-instance-from-the-management-console/accessing-the-management-console). +* Navigate to the {% data variables.enterprise.management_console %}'s "Status" page. For more information, see [AUTOTITLE](/admin/administering-your-instance/administering-your-instance-from-the-web-ui/accessing-the-management-console). ## Re-enabling an ineligible node to join the cluster @@ -188,4 +188,4 @@ You can view logs for {% data variables.product.prodname_nes %} from any node in ## Further reading -* [AUTOTITLE](/admin/configuration/configuring-your-enterprise/command-line-utilities#nes) +* [AUTOTITLE](/admin/administering-your-instance/administering-your-instance-from-the-command-line/command-line-utilities#nes) diff --git a/content/admin/monitoring-and-managing-your-instance/configuring-clustering/monitoring-the-health-of-your-cluster.md b/content/admin/monitoring-and-managing-your-instance/configuring-clustering/monitoring-the-health-of-your-cluster.md index db9722cf8689..b5635290c720 100644 --- a/content/admin/monitoring-and-managing-your-instance/configuring-clustering/monitoring-the-health-of-your-cluster.md +++ b/content/admin/monitoring-and-managing-your-instance/configuring-clustering/monitoring-the-health-of-your-cluster.md @@ -21,7 +21,7 @@ category: A {% data variables.product.prodname_ghe_server %} cluster comprises multiple nodes, with redundant services distributed across two or more nodes. If an individual service or an entire node fails, users should not notice. Failures affect performance and redundancy, so it's important to monitor the health of your cluster. You can monitor the health of your cluster using a command-line utility or an external monitoring tool like Nagios. -You can also monitor the health of individual nodes using {% data variables.product.prodname_nes %}. For more information, see [AUTOTITLE](/admin/enterprise-management/configuring-clustering/monitoring-the-health-of-your-cluster-nodes-with-node-eligibility-service). +You can also monitor the health of individual nodes using {% data variables.product.prodname_nes %}. For more information, see [AUTOTITLE](/admin/monitoring-and-managing-your-instance/configuring-clustering/monitoring-the-health-of-your-cluster-nodes-with-node-eligibility-service). ## Manually checking cluster status diff --git a/content/admin/monitoring-and-managing-your-instance/configuring-clustering/rebalancing-cluster-workloads.md b/content/admin/monitoring-and-managing-your-instance/configuring-clustering/rebalancing-cluster-workloads.md index 3f810785f56e..91690d079bf3 100644 --- a/content/admin/monitoring-and-managing-your-instance/configuring-clustering/rebalancing-cluster-workloads.md +++ b/content/admin/monitoring-and-managing-your-instance/configuring-clustering/rebalancing-cluster-workloads.md @@ -22,7 +22,7 @@ If a cluster node is unreachable by other nodes due to a hardware or software fa You can manage allocations using the `ghe-cluster-balance` utility, which can display the status of existing allocations or force your instance to balance allocations. For example, you should balance allocations after you add a new node to the cluster. Optionally, you can schedule regular balancing. -You can run the following commands from any node in your cluster using the administrative shell. For more information, see [Accessing the administrative shell (SSH)](/admin/configuration/configuring-your-enterprise/accessing-the-administrative-shell-ssh). +You can run the following commands from any node in your cluster using the administrative shell. For more information, see [AUTOTITLE](/admin/administering-your-instance/administering-your-instance-from-the-command-line/accessing-the-administrative-shell-ssh). ## Checking the distribution of cluster jobs @@ -82,4 +82,4 @@ You can schedule rebalancing of jobs on your cluster by setting and applying con ## Further reading -* [AUTOTITLE](/admin/configuration/configuring-your-enterprise/command-line-utilities#ghe-cluster-balance) +* [AUTOTITLE](/admin/administering-your-instance/administering-your-instance-from-the-command-line/command-line-utilities#ghe-cluster-balance) diff --git a/content/admin/monitoring-and-managing-your-instance/configuring-clustering/replacing-a-cluster-node.md b/content/admin/monitoring-and-managing-your-instance/configuring-clustering/replacing-a-cluster-node.md index 82c6491fe4d0..706cac9ca180 100644 --- a/content/admin/monitoring-and-managing-your-instance/configuring-clustering/replacing-a-cluster-node.md +++ b/content/admin/monitoring-and-managing-your-instance/configuring-clustering/replacing-a-cluster-node.md @@ -19,7 +19,7 @@ category: You can replace a functional node in a {% data variables.product.prodname_ghe_server %} cluster, or you can replace a node that has failed unexpectedly. -After you replace a node, {% data variables.location.product_location %} does not automatically distribute jobs to the new node. You can force your instance to balance jobs across nodes. For more information, see [AUTOTITLE](/admin/enterprise-management/configuring-clustering/rebalancing-cluster-workloads). +After you replace a node, {% data variables.location.product_location %} does not automatically distribute jobs to the new node. You can force your instance to balance jobs across nodes. For more information, see [AUTOTITLE](/admin/monitoring-and-managing-your-instance/configuring-clustering/rebalancing-cluster-workloads). > [!WARNING] > To avoid conflicts, do not reuse a hostname that was previously assigned to a node in the cluster. diff --git a/content/admin/monitoring-and-managing-your-instance/configuring-clustering/upgrading-a-cluster.md b/content/admin/monitoring-and-managing-your-instance/configuring-clustering/upgrading-a-cluster.md index 7381d5c5cbe9..9e6eae4f6d27 100644 --- a/content/admin/monitoring-and-managing-your-instance/configuring-clustering/upgrading-a-cluster.md +++ b/content/admin/monitoring-and-managing-your-instance/configuring-clustering/upgrading-a-cluster.md @@ -36,7 +36,7 @@ Use an upgrade package to upgrade a {% data variables.product.prodname_ghe_serve ### Preparing to upgrade -1. Review [AUTOTITLE](/admin/enterprise-management/configuring-clustering/cluster-network-configuration) for the version you are upgrading to, and update your configuration as needed. +1. Review [AUTOTITLE](/admin/monitoring-and-managing-your-instance/configuring-clustering/cluster-network-configuration) for the version you are upgrading to, and update your configuration as needed. 1. Back up your data with [{% data variables.product.prodname_enterprise_backup_utilities %}](https://github.com/github/backup-utils#readme). 1. Schedule a maintenance window for end users of your {% data variables.product.prodname_ghe_server %} cluster, as it will be unavailable for normal use during the upgrade. Maintenance mode blocks user access and prevents data changes while the cluster upgrade is in progress. 1. On the [{% data variables.product.prodname_ghe_server %} Download Page](https://enterprise.github.com/download), copy the URL for the upgrade _.pkg_ file to the clipboard. diff --git a/content/admin/monitoring-and-managing-your-instance/configuring-high-availability/about-geo-replication.md b/content/admin/monitoring-and-managing-your-instance/configuring-high-availability/about-geo-replication.md index b36b0074125c..2214c3e573d4 100644 --- a/content/admin/monitoring-and-managing-your-instance/configuring-high-availability/about-geo-replication.md +++ b/content/admin/monitoring-and-managing-your-instance/configuring-high-availability/about-geo-replication.md @@ -25,7 +25,7 @@ Geo DNS, such as [Amazon's Route 53 service](https://docs.aws.amazon.com/Route53 Writing requests to the replica requires sending the data to the primary and all replicas. This means that the performance of all writes is limited by the slowest replica, although new geo-replicas can seed the majority of their data from existing co-located geo-replicas, rather than from the primary. -{% data reusables.enterprise_clustering.network-latency %} To reduce the latency and bandwidth caused by distributed teams and large CI farms without impacting write throughput, you can configure repository caching instead. For more information, see [AUTOTITLE](/admin/enterprise-management/caching-repositories/about-repository-caching). +{% data reusables.enterprise_clustering.network-latency %} To reduce the latency and bandwidth caused by distributed teams and large CI farms without impacting write throughput, you can configure repository caching instead. For more information, see [AUTOTITLE](/admin/monitoring-and-managing-your-instance/caching-repositories/about-repository-caching). Geo-replication will not add capacity to a {% data variables.product.prodname_ghe_server %} instance or solve performance issues related to insufficient CPU or memory resources. If the primary appliance is offline, active replicas will be unable to serve any read or write requests. @@ -37,4 +37,4 @@ Geo-replication will not add capacity to a {% data variables.product.prodname_gh ## Further reading -* [AUTOTITLE](/admin/enterprise-management/configuring-high-availability/creating-a-high-availability-replica#creating-geo-replication-replicas) +* [AUTOTITLE](/admin/monitoring-and-managing-your-instance/configuring-high-availability/creating-a-high-availability-replica#creating-geo-replication-replicas) diff --git a/content/admin/monitoring-and-managing-your-instance/configuring-high-availability/about-high-availability-configuration.md b/content/admin/monitoring-and-managing-your-instance/configuring-high-availability/about-high-availability-configuration.md index b8b6e987f92c..827fc2b23dbe 100644 --- a/content/admin/monitoring-and-managing-your-instance/configuring-high-availability/about-high-availability-configuration.md +++ b/content/admin/monitoring-and-managing-your-instance/configuring-high-availability/about-high-availability-configuration.md @@ -14,7 +14,7 @@ contentType: concepts category: - Scale your instance --- -When you configure high availability, there is an automated setup of one-way, asynchronous replication of all datastores (Git repositories, MySQL, Redis, and Elasticsearch) from the primary to the replica appliance. Most {% data variables.product.prodname_ghe_server %} configuration settings are also replicated, including the {% data variables.enterprise.management_console %} password. For more information, see [AUTOTITLE](/admin/configuration/administering-your-instance-from-the-management-console). +When you configure high availability, there is an automated setup of one-way, asynchronous replication of all datastores (Git repositories, MySQL, Redis, and Elasticsearch) from the primary to the replica appliance. Most {% data variables.product.prodname_ghe_server %} configuration settings are also replicated, including the {% data variables.enterprise.management_console %} password. For more information, see [AUTOTITLE](/admin/administering-your-instance/administering-your-instance-from-the-web-ui). {% data variables.product.prodname_ghe_server %} supports an active/passive configuration, where replica appliances run as a standby with database services running in replication mode but application services stopped. @@ -32,8 +32,8 @@ Use a high availability configuration for protection against: A high availability configuration is not a good solution for: -* **Scaling-out**. While you can distribute traffic geographically using geo-replication, the performance of writes is limited to the speed and availability of the primary appliance. For more information, see [AUTOTITLE](/admin/enterprise-management/configuring-high-availability/about-geo-replication). -* **CI/CD load**. If you have a large number of CI clients that are geographically distant from your primary instance, you may benefit from configuring a repository cache. For more information, see [AUTOTITLE](/admin/enterprise-management/caching-repositories/about-repository-caching). +* **Scaling-out**. While you can distribute traffic geographically using geo-replication, the performance of writes is limited to the speed and availability of the primary appliance. For more information, see [AUTOTITLE](/admin/monitoring-and-managing-your-instance/configuring-high-availability/about-geo-replication). +* **CI/CD load**. If you have a large number of CI clients that are geographically distant from your primary instance, you may benefit from configuring a repository cache. For more information, see [AUTOTITLE](/admin/monitoring-and-managing-your-instance/caching-repositories/about-repository-caching). * **Backing up your primary appliance**. A high availability replica does not replace off-site backups in your disaster recovery plan. Some forms of data corruption or loss may be replicated immediately from the primary to the replica. To ensure safe rollback to a stable past state, you must perform regular backups with historical snapshots. * **Zero downtime upgrades**. To prevent data loss and split-brain situations in controlled promotion scenarios, place the primary appliance in maintenance mode and wait for all writes to complete before promoting the replica. @@ -47,21 +47,21 @@ With DNS failover, use short TTL values in the DNS records that point to the pri During failover, you must place the primary into maintenance mode and redirect its DNS records to the replica appliance's IP address. The time needed to redirect traffic from primary to replica will depend on the TTL configuration and time required to update the DNS records. -If you are using geo-replication, you must configure Geo DNS to direct traffic to the nearest replica. For more information, see [AUTOTITLE](/admin/enterprise-management/configuring-high-availability/about-geo-replication). +If you are using geo-replication, you must configure Geo DNS to direct traffic to the nearest replica. For more information, see [AUTOTITLE](/admin/monitoring-and-managing-your-instance/configuring-high-availability/about-geo-replication). ### Load balancer {% data reusables.enterprise_clustering.load_balancer_intro %} {% data reusables.enterprise_clustering.load_balancer_dns %} -During failover, you must place the primary appliance into maintenance mode. You can configure the load balancer to automatically detect when the replica has been promoted to primary, or it may require a manual configuration change. You must manually promote the replica to primary before it will respond to user traffic. For more information, see [AUTOTITLE](/admin/configuration/configuring-network-settings/using-github-enterprise-server-with-a-load-balancer). +During failover, you must place the primary appliance into maintenance mode. You can configure the load balancer to automatically detect when the replica has been promoted to primary, or it may require a manual configuration change. You must manually promote the replica to primary before it will respond to user traffic. For more information, see [AUTOTITLE](/admin/configuring-settings/configuring-network-settings/using-github-enterprise-server-with-a-load-balancer). {% data reusables.enterprise_installation.monitoring-replicas %} ## Utilities for replication management -People with administrative SSH access to an instance in a high-availability configuration can use command-line utilities to manage replication. For more information, see [AUTOTITLE](/admin/configuration/configuring-your-enterprise/command-line-utilities#high-availability). +People with administrative SSH access to an instance in a high-availability configuration can use command-line utilities to manage replication. For more information, see [AUTOTITLE](/admin/administering-your-instance/administering-your-instance-from-the-command-line/command-line-utilities#high-availability). ## Further reading -* [AUTOTITLE](/admin/enterprise-management/configuring-high-availability/creating-a-high-availability-replica) -* [AUTOTITLE](/admin/configuration/configuring-network-settings/network-ports) +* [AUTOTITLE](/admin/monitoring-and-managing-your-instance/configuring-high-availability/creating-a-high-availability-replica) +* [AUTOTITLE](/admin/configuring-settings/configuring-network-settings/network-ports) diff --git a/content/admin/monitoring-and-managing-your-instance/configuring-high-availability/creating-a-high-availability-replica.md b/content/admin/monitoring-and-managing-your-instance/configuring-high-availability/creating-a-high-availability-replica.md index fe9d2bf8331f..36c0ad580054 100644 --- a/content/admin/monitoring-and-managing-your-instance/configuring-high-availability/creating-a-high-availability-replica.md +++ b/content/admin/monitoring-and-managing-your-instance/configuring-high-availability/creating-a-high-availability-replica.md @@ -18,8 +18,8 @@ category: ## Creating a high availability replica -1. Set up a new {% data variables.product.prodname_ghe_server %} appliance on your desired platform. The replica appliance should mirror the primary appliance's CPU, RAM, and storage settings. We recommend that you install the replica appliance in an independent environment. The underlying hardware, software, and network components should be isolated from those of the primary appliance. If you are a using a cloud provider, use a separate region or zone. For more information, see [AUTOTITLE](/admin/installation/setting-up-a-github-enterprise-server-instance). -1. Ensure that the new appliance can communicate with all other appliances in this high availability environment over ports 122/TCP and 1194/UDP. For more information, see [AUTOTITLE](/admin/configuration/configuring-network-settings/network-ports#administrative-ports). +1. Set up a new {% data variables.product.prodname_ghe_server %} appliance on your desired platform. The replica appliance should mirror the primary appliance's CPU, RAM, and storage settings. We recommend that you install the replica appliance in an independent environment. The underlying hardware, software, and network components should be isolated from those of the primary appliance. If you are a using a cloud provider, use a separate region or zone. For more information, see [AUTOTITLE](/admin/installing-your-enterprise-server/setting-up-a-github-enterprise-server-instance). +1. Ensure that the new appliance can communicate with all other appliances in this high availability environment over ports 122/TCP and 1194/UDP. For more information, see [AUTOTITLE](/admin/configuring-settings/configuring-network-settings/network-ports#administrative-ports). 1. In a browser, navigate to the new replica appliance's IP address and upload your {% data variables.product.prodname_enterprise %} license. {% data reusables.enterprise_installation.replica-steps %} 1. Connect to the replica appliance's IP address using SSH. @@ -41,9 +41,9 @@ category: ## Creating geo-replication replicas -This example configuration uses a primary and two replicas, which are located in three different geographic regions. While the three nodes can be in different networks, all nodes are required to be reachable from all the other nodes. At the minimum, the required administrative ports should be open to all the other nodes. For more information about the port requirements, see [AUTOTITLE](/admin/configuration/configuring-network-settings/network-ports#administrative-ports). +This example configuration uses a primary and two replicas, which are located in three different geographic regions. While the three nodes can be in different networks, all nodes are required to be reachable from all the other nodes. At the minimum, the required administrative ports should be open to all the other nodes. For more information about the port requirements, see [AUTOTITLE](/admin/configuring-settings/configuring-network-settings/network-ports#administrative-ports). -{% data reusables.enterprise_clustering.network-latency %} If latency is more than 70 milliseconds, we recommend cache replica nodes instead. For more information, see [AUTOTITLE](/admin/enterprise-management/caching-repositories/configuring-a-repository-cache). +{% data reusables.enterprise_clustering.network-latency %} If latency is more than 70 milliseconds, we recommend cache replica nodes instead. For more information, see [AUTOTITLE](/admin/monitoring-and-managing-your-instance/caching-repositories/configuring-a-repository-cache). 1. Create the first replica the same way you would for a standard two node configuration by running `ghe-repl-setup` on the first replica. @@ -116,5 +116,5 @@ For testing, you can add entries to the local workstation's `hosts` file (for ex ## Further reading -* [AUTOTITLE](/admin/enterprise-management/configuring-high-availability/about-high-availability-configuration) -* [AUTOTITLE](/admin/enterprise-management/configuring-high-availability/about-geo-replication) +* [AUTOTITLE](/admin/monitoring-and-managing-your-instance/configuring-high-availability/about-high-availability-configuration) +* [AUTOTITLE](/admin/monitoring-and-managing-your-instance/configuring-high-availability/about-geo-replication) diff --git a/content/admin/monitoring-and-managing-your-instance/configuring-high-availability/elasticsearch-cross-cluster-replication.md b/content/admin/monitoring-and-managing-your-instance/configuring-high-availability/elasticsearch-cross-cluster-replication.md index 3067e7c51595..a8709e563e06 100644 --- a/content/admin/monitoring-and-managing-your-instance/configuring-high-availability/elasticsearch-cross-cluster-replication.md +++ b/content/admin/monitoring-and-managing-your-instance/configuring-high-availability/elasticsearch-cross-cluster-replication.md @@ -52,7 +52,7 @@ Before you enable CCR, confirm the following. {% endnote %} 1. Contact {% data variables.contact.github_support %} and request access to the new HA search architecture. {% data variables.product.company_short %} will enable your enterprise so that you can download the required CCR-enabled license. -1. Download your updated license and upload it to your instance. For more information, see [AUTOTITLE](/admin/overview/managing-your-github-enterprise-license). +1. Download your updated license and upload it to your instance. For more information, see [AUTOTITLE](/billing/how-tos/manage-server-licenses/download-your-license). 1. On the primary appliance, enable the feature. ```shell diff --git a/content/admin/monitoring-and-managing-your-instance/configuring-high-availability/initiating-a-failover-to-your-replica-appliance.md b/content/admin/monitoring-and-managing-your-instance/configuring-high-availability/initiating-a-failover-to-your-replica-appliance.md index 14c694e18566..533ca71f9cfd 100644 --- a/content/admin/monitoring-and-managing-your-instance/configuring-high-availability/initiating-a-failover-to-your-replica-appliance.md +++ b/content/admin/monitoring-and-managing-your-instance/configuring-high-availability/initiating-a-failover-to-your-replica-appliance.md @@ -22,7 +22,7 @@ The time required to failover depends on how long it takes to manually promote t * Put the appliance into maintenance mode. - * To use the management console, see [AUTOTITLE](/admin/configuration/configuring-your-enterprise/enabling-and-scheduling-maintenance-mode) + * To use the management console, see [AUTOTITLE](/admin/administering-your-instance/configuring-maintenance-mode/enabling-and-scheduling-maintenance-mode). * You can also use the `ghe-maintenance -s` command. @@ -41,7 +41,7 @@ The time required to failover depends on how long it takes to manually promote t ghe-repl-status -vv ``` -1. Enable maintenance mode on all active replica appliances. For more information, see [AUTOTITLE](/admin/administering-your-instance/enabling-and-scheduling-maintenance-mode). +1. Enable maintenance mode on all active replica appliances. For more information, see [AUTOTITLE](/admin/administering-your-instance/configuring-maintenance-mode/enabling-and-scheduling-maintenance-mode). 1. On the replica appliance you'd like to fail over to, to stop replication and promote the replica appliance to primary status, use the `ghe-repl-promote` command. @@ -54,7 +54,7 @@ The time required to failover depends on how long it takes to manually promote t 1. Update the DNS record to point to the IP address of the replica. Traffic is directed to the replica after the TTL period elapses. If you are using a load balancer, ensure it is configured to send traffic to the replica. 1. Notify users that they can resume normal operations. -1. If desired, set up replication from the new primary to existing appliances and the previous primary. For more information, see [AUTOTITLE](/admin/enterprise-management/configuring-high-availability/about-high-availability-configuration#utilities-for-replication-management). +1. If desired, set up replication from the new primary to existing appliances and the previous primary. For more information, see [AUTOTITLE](/admin/monitoring-and-managing-your-instance/configuring-high-availability/about-high-availability-configuration#utilities-for-replication-management). > [!NOTE] > If there were multiple replicas before failover, the replicas that were not promoted during failover will remain part of the high availability group associated with the previous primary. Before re-establishing replication from the new primary, you must remove these replicas from the high availability configuration of the old primary. For more information, see [AUTOTITLE](/admin/monitoring-and-managing-your-instance/configuring-high-availability/removing-a-high-availability-replica#removing-replication-permanently). 1. Appliances you do not intend to setup replication to that were part of the high availability configuration prior the failover, need to be removed from the high availability configuration by UUID. @@ -75,4 +75,4 @@ The time required to failover depends on how long it takes to manually promote t ## Further reading -* [AUTOTITLE](/admin/enterprise-management/configuring-high-availability/about-high-availability-configuration#utilities-for-replication-management) +* [AUTOTITLE](/admin/monitoring-and-managing-your-instance/configuring-high-availability/about-high-availability-configuration#utilities-for-replication-management) diff --git a/content/admin/monitoring-and-managing-your-instance/configuring-high-availability/monitoring-a-high-availability-configuration.md b/content/admin/monitoring-and-managing-your-instance/configuring-high-availability/monitoring-a-high-availability-configuration.md index d3759743ea52..2a0304935978 100644 --- a/content/admin/monitoring-and-managing-your-instance/configuring-high-availability/monitoring-a-high-availability-configuration.md +++ b/content/admin/monitoring-and-managing-your-instance/configuring-high-availability/monitoring-a-high-availability-configuration.md @@ -15,7 +15,7 @@ category: ## About observability for high availability -{% data reusables.enterprise.about-ha %} For more information, see [AUTOTITLE](/admin/enterprise-management/configuring-high-availability/about-high-availability-configuration). +{% data reusables.enterprise.about-ha %} For more information, see [AUTOTITLE](/admin/monitoring-and-managing-your-instance/configuring-high-availability/about-high-availability-configuration). After you configure high availability, you can proactively ensure redundancy by monitoring the overall health of replication and the status of each of your instance's replica nodes. You can use command-line utilities on the instance, an overview dashboard, the instance's REST API, or a remote monitoring system such as Nagios. @@ -23,7 +23,7 @@ With high availability, your instance uses several approaches to replicate data ## Monitoring replication from your instance -To monitor the replication status of an existing replica node for {% data variables.location.product_location %}, connect to the node's administrative console (SSH) and run the `ghe-repl-status` command-line utility. For more information, see [AUTOTITLE](/admin/configuration/configuring-your-enterprise/command-line-utilities#ghe-repl-status). +To monitor the replication status of an existing replica node for {% data variables.location.product_location %}, connect to the node's administrative console (SSH) and run the `ghe-repl-status` command-line utility. For more information, see [AUTOTITLE](/admin/administering-your-instance/administering-your-instance-from-the-command-line/command-line-utilities#ghe-repl-status). You can also monitor replication status from the overview dashboard on your instance. In a browser, navigate to the following URL, replacing HOSTNAME with your instance's hostname. @@ -39,9 +39,9 @@ You can monitor replication status on your instance using the REST API. For more ## Monitoring replication from a remote system -Output from the `ghe-repl-status` command-line utility conforms to the expectations of Nagios' check_by_ssh plugin. For more information, see [AUTOTITLE](/admin/configuration/configuring-your-enterprise/command-line-utilities#ghe-repl-status). +Output from the `ghe-repl-status` command-line utility conforms to the expectations of Nagios' check_by_ssh plugin. For more information, see [AUTOTITLE](/admin/administering-your-instance/administering-your-instance-from-the-command-line/command-line-utilities#ghe-repl-status). -Additionally, you can monitor the availability of your instance by parsing the status code returned by a request to the following URL. For example, if you deploy a load balancer as part of your failover strategy, you can configure health checks that parse this output. For more information, see [AUTOTITLE](/admin/configuration/configuring-network-settings/using-github-enterprise-server-with-a-load-balancer#configuring-health-checks). +Additionally, you can monitor the availability of your instance by parsing the status code returned by a request to the following URL. For example, if you deploy a load balancer as part of your failover strategy, you can configure health checks that parse this output. For more information, see [AUTOTITLE](/admin/configuring-settings/configuring-network-settings/using-github-enterprise-server-with-a-load-balancer#configuring-health-checks). Depending on where and how you configure monitoring, replace HOST with either your instance's hostname or an individual node's IP address. @@ -51,9 +51,9 @@ An active node for geo-replication, which can respond to user requests, will ret * The individual node is a passive replica node, such as the replica node in a two-node high-availability configuration. * The individual node is part of a geo-replication configuration, but is a passive replica node. -* The instance is in maintenance mode. For more information, see [AUTOTITLE](/admin/configuration/configuring-your-enterprise/enabling-and-scheduling-maintenance-mode). +* The instance is in maintenance mode. For more information, see [AUTOTITLE](/admin/administering-your-instance/configuring-maintenance-mode/enabling-and-scheduling-maintenance-mode). -For more information about geo-replication, see [AUTOTITLE](/admin/enterprise-management/configuring-high-availability/about-geo-replication). +For more information about geo-replication, see [AUTOTITLE](/admin/monitoring-and-managing-your-instance/configuring-high-availability/about-geo-replication). ## Troubleshooting replication issues @@ -61,11 +61,11 @@ To troubleshoot replication issues on your instance, ensure replication is runni ### Replication is not running -You must start replication on each node using the `ghe-repl-start` command-line utility. If replication is not running, connect to the affected node using SSH, then run `ghe-repl-start`. For more information, see [AUTOTITLE](/admin/configuration/configuring-your-enterprise/command-line-utilities#ghe-repl-start). +You must start replication on each node using the `ghe-repl-start` command-line utility. If replication is not running, connect to the affected node using SSH, then run `ghe-repl-start`. For more information, see [AUTOTITLE](/admin/administering-your-instance/administering-your-instance-from-the-command-line/command-line-utilities#ghe-repl-start). ### Communication issues between nodes -Replication requires that the primary node and all replica nodes can communicate with each other over the network. At minimum, ensure that ports 122/TCP and 1194/UDP are open for bidirectional communication between all of your instance's nodes. For more information, see [AUTOTITLE](/admin/configuration/configuring-network-settings/network-ports#administrative-ports). +Replication requires that the primary node and all replica nodes can communicate with each other over the network. At minimum, ensure that ports 122/TCP and 1194/UDP are open for bidirectional communication between all of your instance's nodes. For more information, see [AUTOTITLE](/admin/configuring-settings/configuring-network-settings/network-ports#administrative-ports). {% data reusables.enterprise_clustering.network-latency %} You can use `ping` or another network administration utility to test the network connectivity between nodes. @@ -106,5 +106,5 @@ ghe-storage info OID If you review the troubleshooting advice for replication and continue to experience issues on your instance, collect the following information, then contact us by visiting {% data variables.contact.contact_ent_support %}. -* On each affected node, run `ghe-repl-status -vv`, then copy the output to your ticket. For more information, see [AUTOTITLE](/admin/configuration/configuring-your-enterprise/command-line-utilities#ghe-repl-status). +* On each affected node, run `ghe-repl-status -vv`, then copy the output to your ticket. For more information, see [AUTOTITLE](/admin/administering-your-instance/administering-your-instance-from-the-command-line/command-line-utilities#ghe-repl-status). * On each affected node, create a support bundle to attach to your ticket. For more information, see [AUTOTITLE](/support/contacting-github-support/providing-data-to-github-support#creating-and-sharing-support-bundles). diff --git a/content/admin/monitoring-and-managing-your-instance/configuring-high-availability/recovering-a-high-availability-configuration.md b/content/admin/monitoring-and-managing-your-instance/configuring-high-availability/recovering-a-high-availability-configuration.md index a3312eef742f..f82eb3362bdc 100644 --- a/content/admin/monitoring-and-managing-your-instance/configuring-high-availability/recovering-a-high-availability-configuration.md +++ b/content/admin/monitoring-and-managing-your-instance/configuring-high-availability/recovering-a-high-availability-configuration.md @@ -17,7 +17,7 @@ category: ## About recovery for a high availability configuration -You can use the former primary appliance as the new replica appliance if the failover was planned or was not related to the health of the appliance. If the failover was related to an issue with the primary appliance, you may prefer to create a new replica appliance. For more information, see [AUTOTITLE](/admin/enterprise-management/configuring-high-availability/creating-a-high-availability-replica). +You can use the former primary appliance as the new replica appliance if the failover was planned or was not related to the health of the appliance. If the failover was related to an issue with the primary appliance, you may prefer to create a new replica appliance. For more information, see [AUTOTITLE](/admin/monitoring-and-managing-your-instance/configuring-high-availability/creating-a-high-availability-replica). > [!WARNING] > You must enable maintenance mode before configuring a former primary appliance as a new replica. If you do not enable maintenance mode, you will cause a production outage. @@ -30,7 +30,7 @@ You can use the former primary appliance as the new replica appliance if the fai ssh -p 122 admin@ FORMER_PRIMARY_IP ``` -1. Enable maintenance mode on the former primary appliance. For more information, see [AUTOTITLE](/admin/configuration/configuring-your-enterprise/enabling-and-scheduling-maintenance-mode). +1. Enable maintenance mode on the former primary appliance. For more information, see [AUTOTITLE](/admin/administering-your-instance/configuring-maintenance-mode/enabling-and-scheduling-maintenance-mode). 1. On the former primary appliance, run `ghe-repl-setup` with the IP address of the former replica. You may need to use the `--force` option to replace the existing configuration. ```shell diff --git a/content/admin/monitoring-and-managing-your-instance/configuring-high-availability/removing-a-high-availability-replica.md b/content/admin/monitoring-and-managing-your-instance/configuring-high-availability/removing-a-high-availability-replica.md index 2adf3a17e4e9..54ab5f1b2f3a 100644 --- a/content/admin/monitoring-and-managing-your-instance/configuring-high-availability/removing-a-high-availability-replica.md +++ b/content/admin/monitoring-and-managing-your-instance/configuring-high-availability/removing-a-high-availability-replica.md @@ -45,4 +45,4 @@ category: ``` > [!NOTE] - > If you have {% data variables.product.prodname_actions %} enabled, you should decommission the former replica server or update its {% data variables.product.prodname_actions %} configuration to use different external storage. For more information, see [AUTOTITLE](/admin/github-actions/advanced-configuration-and-troubleshooting/high-availability-for-github-actions#high-availability-replicas). + > If you have {% data variables.product.prodname_actions %} enabled, you should decommission the former replica server or update its {% data variables.product.prodname_actions %} configuration to use different external storage. For more information, see [AUTOTITLE](/admin/managing-github-actions-for-your-enterprise/advanced-configuration-and-troubleshooting/high-availability-for-github-actions#high-availability-replicas). diff --git a/content/admin/monitoring-and-managing-your-instance/monitoring-your-instance/about-system-logs.md b/content/admin/monitoring-and-managing-your-instance/monitoring-your-instance/about-system-logs.md index dcef16b9fbd3..9349e9e8a762 100644 --- a/content/admin/monitoring-and-managing-your-instance/monitoring-your-instance/about-system-logs.md +++ b/content/admin/monitoring-and-managing-your-instance/monitoring-your-instance/about-system-logs.md @@ -21,9 +21,9 @@ To trace, review, and troubleshoot activity and exceptions on {% data variables. By default, {% data variables.product.prodname_ghe_server %} rotates system logs automatically every 24 hours and retains rotated logs for seven days. System logs include system-level events, application logs, and data about Git events. Because log files are written often and can be large in size, you may prefer to extract and parse log entries on a host separate from {% data variables.location.product_location %}. -People with administrative SSH access to a {% data variables.product.prodname_ghe_server %} instance can access and read system logs. For more information, see [AUTOTITLE](/admin/configuration/configuring-your-enterprise/accessing-the-administrative-shell-ssh). +People with administrative SSH access to a {% data variables.product.prodname_ghe_server %} instance can access and read system logs. For more information, see [AUTOTITLE](/admin/administering-your-instance/administering-your-instance-from-the-command-line/accessing-the-administrative-shell-ssh). -You can forward system logs and audit logs to an external system for analysis or longer retention. For more information see [AUTOTITLE](/admin/monitoring-activity-in-your-enterprise/exploring-user-activity/log-forwarding) and [AUTOTITLE](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/streaming-the-audit-log-for-your-enterprise). +You can forward system logs and audit logs to an external system for analysis or longer retention. For more information, see [AUTOTITLE](/admin/monitoring-activity-in-your-enterprise/exploring-user-activity-in-your-enterprise/log-forwarding) and [AUTOTITLE](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/streaming-the-audit-log-for-your-enterprise). In addition to reviewing your system logs, you can monitor activity on your instance in other ways. For example, you can review audit logs and push logs, or configure global webhooks. For more information, see [AUTOTITLE](/admin/monitoring-activity-in-your-enterprise). @@ -74,12 +74,12 @@ The following log files record events from the instance's HTTP server. |
/var/log/nginx/gist.error.log
| Records errors related to HTTP requests for gists. | |
/var/log/nginx/github.log
| Records HTTP requests to the {% data variables.product.prodname_dotcom %} application. | |
/var/log/nginx/github.error.log
| Records errors associated with HTTP requests. | -|
/var/log/nginx/pages.log
| Records HTTP requests associated with {% data variables.product.prodname_pages %}. For more information, see [AUTOTITLE](/pages/getting-started-with-github-pages/about-github-pages). | +|
/var/log/nginx/pages.log
| Records HTTP requests associated with {% data variables.product.prodname_pages %}. For more information, see [AUTOTITLE](/pages/getting-started-with-github-pages/what-is-github-pages). | |
/var/log/nginx/pages.error.log
| Records errors related to HTTP requests for {% data variables.product.prodname_pages %}. | ### Log files for the {% data variables.enterprise.management_console %} -The following log files contain events from your instance's {% data variables.enterprise.management_console %}. For more information, see [AUTOTITLE](/admin/configuration/administering-your-instance-from-the-management-console/about-the-management-console). +The following log files contain events from your instance's {% data variables.enterprise.management_console %}. For more information, see [AUTOTITLE](/admin/administering-your-instance/administering-your-instance-from-the-web-ui/about-the-management-console). | Path | Description | | :- | :- | @@ -92,7 +92,7 @@ The following log files contain events related to the configuration of your inst | Path | Description | | :- | :- | -|
/data/user/common/ghe-config.log
| Records events associated with the latest configuration run. If a configuration run fails, output to the log stops. This log also records information about migrations that run during the process of upgrading an instance's software. For more information, see [AUTOTITLE](/admin/configuration/configuring-your-enterprise/command-line-utilities#ghe-config-apply). | +|
/data/user/common/ghe-config.log
| Records events associated with the latest configuration run. If a configuration run fails, output to the log stops. This log also records information about migrations that run during the process of upgrading an instance's software. For more information, see [AUTOTITLE](/admin/administering-your-instance/administering-your-instance-from-the-command-line/command-line-utilities#ghe-config-apply). | |
/data/user/config-apply/logs/YYYYMMDD/*
| Stores log files for previous configuration runs. The instance stores the files in a directory that reflects the date, and each file name reflects the node and the ID of the run. | ### Log files for search @@ -111,10 +111,10 @@ The following logs contain events from system services on your instance. | :- | :- | |
/var/log/coredumps.log
| Records information about system processes that terminate unexpectedly. | |
/var/log/boot.log
| Records information about the instance's boot process. | -|
/var/log/chrony/
| This directory contains logs related to Network Time Protocol (NTP) synchronization and the instance's system clock. For more information, see [AUTOTITLE](/admin/configuration/configuring-your-enterprise/configuring-time-synchronization). | +|
/var/log/chrony/
| This directory contains logs related to Network Time Protocol (NTP) synchronization and the instance's system clock. For more information, see [AUTOTITLE](/admin/configuring-settings/configuring-network-settings/configuring-time-synchronization). | |
/var/log/haproxy.log
| Records all web and API requests to the instance. For HTTP connections, entries include the URL that the client requested, as well as the HTTP method for the request. | -|
/var/log/ssh-console-audit.log
| Records commands that administrators run using the administrative shell (SSH). For more information, see [AUTOTITLE](/admin/configuration/configuring-your-enterprise/accessing-the-administrative-shell-ssh). | -|
/var/log/mail-replies/metroplex.log
| Records information about mail that your instance receives. For more information, see [AUTOTITLE](/admin/configuration/configuring-your-enterprise/configuring-email-for-notifications). | +|
/var/log/ssh-console-audit.log
| Records commands that administrators run using the administrative shell (SSH). For more information, see [AUTOTITLE](/admin/administering-your-instance/administering-your-instance-from-the-command-line/accessing-the-administrative-shell-ssh). | +|
/var/log/mail-replies/metroplex.log
| Records information about mail that your instance receives. For more information, see [AUTOTITLE](/admin/configuring-settings/configuring-user-applications-for-your-enterprise/configuring-email-for-notifications). | ## System logs in the systemd journal @@ -138,8 +138,8 @@ The following logs record events from the {% data variables.product.prodname_dot | Service name | Description | | :- | :- | -|
github-resqued
| Records events related to background jobs. If the job involves built-in or external authentication, this log includes information about the request.

If the instance uses LDAP authentication and LDAP Sync is enabled, events for LDAP Sync appear in this log. For more information, see [AUTOTITLE](/admin/identity-and-access-management/using-ldap-for-enterprise-iam/using-ldap#enabling-ldap-sync). | -|
github-unicorn
| Records HTTP and HTTPS operations that users perform in the instance's web UI or via the APIs. If the operation involves built-in or external authentication, this log includes information about the request.

If debug logging is enabled for LDAP or SAML authentication, the debug-level information for authenticated requests appear in this log. For more information, see [AUTOTITLE](/admin/identity-and-access-management/using-ldap-for-enterprise-iam/using-ldap) or [AUTOTITLE](/admin/identity-and-access-management/using-saml-for-enterprise-iam/troubleshooting-saml-authentication#configuring-saml-debugging). | +|
github-resqued
| Records events related to background jobs. If the job involves built-in or external authentication, this log includes information about the request.

If the instance uses LDAP authentication and LDAP Sync is enabled, events for LDAP Sync appear in this log. For more information, see [AUTOTITLE](/admin/managing-iam/using-ldap-for-enterprise-iam/using-ldap#enabling-ldap-sync). | +|
github-unicorn
| Records HTTP and HTTPS operations that users perform in the instance's web UI or via the APIs. If the operation involves built-in or external authentication, this log includes information about the request.

If debug logging is enabled for LDAP or SAML authentication, the debug-level information for authenticated requests appear in this log. For more information, see [AUTOTITLE](/admin/managing-iam/using-ldap-for-enterprise-iam/using-ldap) or [AUTOTITLE](/admin/managing-iam/using-saml-for-enterprise-iam/troubleshooting-saml-authentication#configuring-saml-debugging). | ### Journal logs for Git diff --git a/content/admin/monitoring-and-managing-your-instance/monitoring-your-instance/troubleshooting-resource-allocation-problems.md b/content/admin/monitoring-and-managing-your-instance/monitoring-your-instance/troubleshooting-resource-allocation-problems.md index f7b78dfa34db..75a63202ba2a 100644 --- a/content/admin/monitoring-and-managing-your-instance/monitoring-your-instance/troubleshooting-resource-allocation-problems.md +++ b/content/admin/monitoring-and-managing-your-instance/monitoring-your-instance/troubleshooting-resource-allocation-problems.md @@ -18,7 +18,7 @@ category: > > To avoid these problems, we strongly recommend using webhooks to receive updates. Webhooks allow the system to push updates to you automatically, eliminating the need for constant polling. Additionally, consider using conditional requests and caching strategies to minimize unnecessary requests. Avoid running jobs in large, simultaneous batches (thundering herds) and instead wait for webhook events to trigger actions. > -> For more information, see [AUTOTITLE](/get-started/exploring-integrations/about-webhooks). +> For more information, see [AUTOTITLE](/webhooks/about-webhooks). We recommend using the monitor dashboard to stay informed on your appliance's resource health and make decisions on how to fix high usage issues, such as the ones outlined on this page. diff --git a/content/admin/monitoring-and-managing-your-instance/updating-the-virtual-machine-and-physical-resources/changing-your-platform.md b/content/admin/monitoring-and-managing-your-instance/updating-the-virtual-machine-and-physical-resources/changing-your-platform.md index 86be95c6aa52..777f05a78753 100644 --- a/content/admin/monitoring-and-managing-your-instance/updating-the-virtual-machine-and-physical-resources/changing-your-platform.md +++ b/content/admin/monitoring-and-managing-your-instance/updating-the-virtual-machine-and-physical-resources/changing-your-platform.md @@ -24,14 +24,14 @@ Moving via backup and restore will not require any changes to your live environm ## Move platforms using a HA replica -1. Set up a new {% data variables.product.prodname_ghe_server %} instance on your chosen platform. See [AUTOTITLE](/admin/installation/setting-up-a-github-enterprise-server-instance). +1. Set up a new {% data variables.product.prodname_ghe_server %} instance on your chosen platform. See [AUTOTITLE](/admin/installing-your-enterprise-server/setting-up-a-github-enterprise-server-instance). 1. Configure your new {% data variables.product.prodname_ghe_server %} instance as a replica. See [AUTOTITLE](/admin/monitoring-and-managing-your-instance/configuring-high-availability/creating-a-high-availability-replica). 1. Failover to your replica. See [AUTOTITLE](/admin/monitoring-and-managing-your-instance/configuring-high-availability/initiating-a-failover-to-your-replica-appliance). ## Moving platforms using backup and restore 1. Setup backups for your existing {% data variables.product.prodname_ghe_server %} instance. See [AUTOTITLE](/admin/backing-up-and-restoring-your-instance/about-the-backup-service-for-github-enterprise-server). -1. Set up a new {% data variables.product.prodname_ghe_server %} instance on your chosen platform. See [AUTOTITLE](/admin/installation/setting-up-a-github-enterprise-server-instance). +1. Set up a new {% data variables.product.prodname_ghe_server %} instance on your chosen platform. See [AUTOTITLE](/admin/installing-your-enterprise-server/setting-up-a-github-enterprise-server-instance). 1. Communicate the upcoming downtime to your users and enable maintenance mode. For more information, see the following articles. * [AUTOTITLE](/admin/managing-accounts-and-repositories/communicating-information-to-users-in-your-enterprise/customizing-user-messages-for-your-enterprise#creating-a-mandatory-message) diff --git a/content/admin/monitoring-and-managing-your-instance/updating-the-virtual-machine-and-physical-resources/increasing-storage-capacity.md b/content/admin/monitoring-and-managing-your-instance/updating-the-virtual-machine-and-physical-resources/increasing-storage-capacity.md index 32f2da632fd4..60f07baefaa8 100644 --- a/content/admin/monitoring-and-managing-your-instance/updating-the-virtual-machine-and-physical-resources/increasing-storage-capacity.md +++ b/content/admin/monitoring-and-managing-your-instance/updating-the-virtual-machine-and-physical-resources/increasing-storage-capacity.md @@ -21,7 +21,7 @@ As more users join {% data variables.location.product_location %}, you may need ## Requirements and recommendations > [!NOTE] -> Before resizing any storage volume, put your instance in maintenance mode. You can validate changes by configuring an IP exception list to allow access from specified IP addresses. For more information, see [AUTOTITLE](/admin/configuration/configuring-your-enterprise/enabling-and-scheduling-maintenance-mode). +> Before resizing any storage volume, put your instance in maintenance mode. You can validate changes by configuring an IP exception list to allow access from specified IP addresses. For more information, see [AUTOTITLE](/admin/administering-your-instance/configuring-maintenance-mode/enabling-and-scheduling-maintenance-mode). > [!WARNING] > Changing the disk cache setting of an Azure disk detaches and reattaches the target disk. If the disk is in use, this can disrupt running services and may lead to data corruption. If you intend to change disk caching settings while increasing storage capacity, make sure to shutdown your appliance. @@ -36,7 +36,7 @@ Root storage refers to the total size of your instance's root disk. The availabl 1. Resize the existing user volume disk using your virtualization platform's tools. {% data reusables.enterprise_installation.ssh-into-instance %} -1. Put the appliance in maintenance mode. For more information, see [AUTOTITLE](/admin/configuration/configuring-your-enterprise/enabling-and-scheduling-maintenance-mode). +1. Put the appliance in maintenance mode. For more information, see [AUTOTITLE](/admin/administering-your-instance/configuring-maintenance-mode/enabling-and-scheduling-maintenance-mode). 1. Reboot the appliance to detect the new storage allocation: ```shell @@ -49,7 +49,7 @@ Root storage refers to the total size of your instance's root disk. The availabl ghe-storage-extend ``` -1. Ensure system services are functioning correctly, then release maintenance mode. For more information, see [AUTOTITLE](/admin/configuration/configuring-your-enterprise/enabling-and-scheduling-maintenance-mode). +1. Ensure system services are functioning correctly, then release maintenance mode. For more information, see [AUTOTITLE](/admin/administering-your-instance/configuring-maintenance-mode/enabling-and-scheduling-maintenance-mode). > [!WARNING] > If the `ghe-storage-extend` command (or a prior automatic check) reports: `ghe_user_data contains a file system with errors`, you must repair the filesystem before retrying the resize. Do not rerun `ghe-storage-extend` until the check completes cleanly. For recovery instructions, see [Repairing filesystem errors](#repairing-filesystem-errors). @@ -97,7 +97,7 @@ Ensure the appliance is in maintenance mode and no background jobs are running: ## Increasing the root partition size using a new appliance -1. Set up a new {% data variables.product.prodname_ghe_server %} instance with a larger root disk using the same version as your current appliance. For more information, see [AUTOTITLE](/admin/installation/setting-up-a-github-enterprise-server-instance). +1. Set up a new {% data variables.product.prodname_ghe_server %} instance with a larger root disk using the same version as your current appliance. For more information, see [AUTOTITLE](/admin/installing-your-enterprise-server/setting-up-a-github-enterprise-server-instance). 1. Shut down the current appliance: ```shell @@ -110,7 +110,7 @@ Ensure the appliance is in maintenance mode and no background jobs are running: ## Increasing the root partition size using an existing appliance > [!WARNING] -> Before increasing the root partition size, you must put your instance in maintenance mode. For more information, see [AUTOTITLE](/admin/configuration/configuring-your-enterprise/enabling-and-scheduling-maintenance-mode). +> Before increasing the root partition size, you must put your instance in maintenance mode. For more information, see [AUTOTITLE](/admin/administering-your-instance/configuring-maintenance-mode/enabling-and-scheduling-maintenance-mode). Before resizing the root partition, determine whether the appliance has a GUID partition table. @@ -176,7 +176,7 @@ To verify the partition table type, run the following command. The result should 1. In the hypervisor, remove the old root disk and attach the new root disk at the same location as the old root disk. 1. Start the appliance. -1. Ensure system services are functioning correctly, then release maintenance mode. For more information, see [AUTOTITLE](/admin/configuration/configuring-your-enterprise/enabling-and-scheduling-maintenance-mode). +1. Ensure system services are functioning correctly, then release maintenance mode. For more information, see [AUTOTITLE](/admin/administering-your-instance/configuring-maintenance-mode/enabling-and-scheduling-maintenance-mode). If your appliance is configured for high-availability or geo-replication, remember to start replication on each replica node using `ghe-repl-start` after the storage on all nodes has been upgraded. @@ -216,6 +216,6 @@ If your appliance is configured for high-availability or geo-replication, rememb 1. In the hypervisor, remove the old root disk and attach the new root disk at the same location as the old root disk. 1. Start the appliance. -1. Ensure system services are functioning correctly, then release maintenance mode. For more information, see [AUTOTITLE](/admin/configuration/configuring-your-enterprise/enabling-and-scheduling-maintenance-mode). +1. Ensure system services are functioning correctly, then release maintenance mode. For more information, see [AUTOTITLE](/admin/administering-your-instance/configuring-maintenance-mode/enabling-and-scheduling-maintenance-mode). If your appliance is configured for high-availability or geo-replication, remember to start replication on each replica node using `ghe-repl-start` after the storage on all nodes has been upgraded. diff --git a/content/admin/overview/about-github-enterprise-cloud.md b/content/admin/overview/about-github-enterprise-cloud.md index 77063af6730a..07ae8a47bc90 100644 --- a/content/admin/overview/about-github-enterprise-cloud.md +++ b/content/admin/overview/about-github-enterprise-cloud.md @@ -22,7 +22,7 @@ For a full list of features included with {% data variables.product.prodname_ghe ## What are the differences between {% data variables.product.prodname_ghe_cloud %} and other plans? -A key difference between {% data variables.product.prodname_ghe_cloud %} and other {% data variables.product.prodname_dotcom %} plans is access to an enterprise account, which gives administrators a central point for managing multiple organizations. See [AUTOTITLE](/admin/overview/about-enterprise-accounts). +A key difference between {% data variables.product.prodname_ghe_cloud %} and other {% data variables.product.prodname_dotcom %} plans is access to an enterprise account, which gives administrators a central point for managing multiple organizations. See [AUTOTITLE](/admin/concepts/enterprise-fundamentals/enterprise-accounts). {% data reusables.enterprise.ghe-includes-ghec-and-ghes %} For more information about {% data variables.product.prodname_ghe_server %} and how it differs from {% data variables.product.prodname_ghe_cloud %}, see [AUTOTITLE](/admin/overview/about-github-for-enterprises#about-deployment-options). diff --git a/content/admin/overview/about-upgrades-to-new-releases.md b/content/admin/overview/about-upgrades-to-new-releases.md index 6251307ed9f1..9151161e2692 100644 --- a/content/admin/overview/about-upgrades-to-new-releases.md +++ b/content/admin/overview/about-upgrades-to-new-releases.md @@ -43,7 +43,7 @@ Between feature releases, you can benefit from patch releases, which: There are two ways to upgrade {% data variables.product.prodname_ghe_server %}: -* To set up a **completely new {% data variables.product.prodname_ghe_server %} instance** and configure the instance however you like, see [AUTOTITLE](/admin/installation/setting-up-a-github-enterprise-server-instance) and [AUTOTITLE](/admin/configuration/configuring-your-enterprise). +* To set up a **completely new {% data variables.product.prodname_ghe_server %} instance** and configure the instance however you like, see [AUTOTITLE](/admin/installing-your-enterprise-server/setting-up-a-github-enterprise-server-instance) and [AUTOTITLE](/admin/configuring-settings). * To upgrade your **existing instance** to a new release, see [AUTOTITLE](/admin/upgrading-your-instance/preparing-to-upgrade/overview-of-the-upgrade-process). ## Further reading diff --git a/content/admin/overview/accessing-compliance-reports-for-your-enterprise.md b/content/admin/overview/accessing-compliance-reports-for-your-enterprise.md index 27fd80291134..7b6d18d10165 100644 --- a/content/admin/overview/accessing-compliance-reports-for-your-enterprise.md +++ b/content/admin/overview/accessing-compliance-reports-for-your-enterprise.md @@ -27,4 +27,4 @@ You can access {% data variables.product.company_short %}'s compliance reports i ## Further reading * [AUTOTITLE](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/accessing-compliance-reports-for-your-organization){% ifversion enterprise-member-csv %} -* [AUTOTITLE](/admin/user-management/managing-users-in-your-enterprise/exporting-membership-information-for-your-enterprise){% endif %} +* [AUTOTITLE](/admin/managing-accounts-and-repositories/managing-users-in-your-enterprise/exporting-membership-information-for-your-enterprise){% endif %} diff --git a/content/admin/overview/establishing-a-governance-framework-for-your-enterprise.md b/content/admin/overview/establishing-a-governance-framework-for-your-enterprise.md index 30c4c8af9b6d..a221c07681d9 100644 --- a/content/admin/overview/establishing-a-governance-framework-for-your-enterprise.md +++ b/content/admin/overview/establishing-a-governance-framework-for-your-enterprise.md @@ -89,11 +89,11 @@ To protect intellectual property and prevent security incidents, it's important ### {% data variables.product.prodname_secret_scanning_caps %} -With **{% data variables.product.prodname_secret_scanning %}**, you can scan your code to detect sensitive information such as API keys, passwords, and other credentials in the codebase, preventing unauthorized access and potential breaches. {% data variables.product.prodname_secret_scanning_caps %} alerts you to sensitive information in your codebase, allowing you to respond appropriately by changing passwords or rotating tokens.{% ifversion ghec %} For generic secrets such as passwords, {% data variables.product.prodname_secret_scanning %} is powered by {% data variables.product.prodname_copilot %} and uses AI. See [AUTOTITLE](/code-security/secret-scanning/copilot-secret-scanning/responsible-ai-generic-secrets){% endif %} +With **{% data variables.product.prodname_secret_scanning %}**, you can scan your code to detect sensitive information such as API keys, passwords, and other credentials in the codebase, preventing unauthorized access and potential breaches. {% data variables.product.prodname_secret_scanning_caps %} alerts you to sensitive information in your codebase, allowing you to respond appropriately by changing passwords or rotating tokens.{% ifversion ghec %} For generic secrets such as passwords, {% data variables.product.prodname_secret_scanning %} is powered by {% data variables.product.prodname_copilot %} and uses AI. See [AUTOTITLE](/code-security/responsible-use/security-and-quality-ai-features){% endif %} -To learn more, see [AUTOTITLE](/code-security/secret-scanning/introduction/about-secret-scanning). +To learn more, see [AUTOTITLE](/code-security/concepts/secret-security/secret-scanning). -{% data variables.product.prodname_secret_scanning_caps %} can be enabled at the enterprise, organization, and repository level. See {% ifversion ghes %}[AUTOTITLE](/admin/managing-code-security/managing-github-advanced-security-for-your-enterprise/configuring-secret-scanning-for-your-appliance){% elsif ghec %}[AUTOTITLE](/code-security/concepts/security-at-scale/about-security-configurations){% endif %} for enablement at enterprise level. +{% data variables.product.prodname_secret_scanning_caps %} can be enabled at the enterprise, organization, and repository level. See {% ifversion ghes %}[AUTOTITLE](/code-security/how-tos/secure-at-scale/configure-enterprise-security/configure-specific-tools/configure-secret-scanning){% elsif ghec %}[AUTOTITLE](/code-security/concepts/security-at-scale/organization-security){% endif %} for enablement at enterprise level. ### Push protection @@ -101,15 +101,15 @@ Additionally, you can prevent sensitive data and credentials from being accident Push protection acts as a safeguard by scanning for secrets in real-time and blocking pushes that contain potentially sensitive information. Organization owners can configure push protection policies at the organization level to enforce consistent security standards across all repositories. When a push is blocked, developers receive detailed guidance on how to remediate the issue, such as removing the secret from the code. -See [AUTOTITLE](/code-security/secret-scanning/introduction/about-push-protection). +See [AUTOTITLE](/code-security/concepts/secret-security/push-protection). -Push protection can be enabled at the organization, repository, and user account level. See [AUTOTITLE](/code-security/secret-scanning/enabling-secret-scanning-features/enabling-push-protection-for-your-repository). +Push protection can be enabled at the organization, repository, and user account level. See [AUTOTITLE](/code-security/how-tos/secure-your-secrets/prevent-future-leaks/enable-push-protection). {% ifversion push-protected-pattern-configuration %} {% data reusables.secret-scanning.push-protected-pattern-configuration-org-enterprise-preview %} -To align secret detection with internal security policies and more effectively prevent unauthorized exposure of sensitive information in your repositories, you can customize which secret patterns are included in push protection at the enterprise or organization level. See [AUTOTITLE](/admin/managing-code-security/securing-your-enterprise/configuring-additional-secret-scanning-settings-for-your-enterprise#specifying-patterns-to-include-in-push-protection-for-your-enterprise) and [AUTOTITLE](/code-security/securing-your-organization/enabling-security-features-in-your-organization/configuring-global-security-settings-for-your-organization#specifying-patterns-to-include-in-push-protection). +To align secret detection with internal security policies and more effectively prevent unauthorized exposure of sensitive information in your repositories, you can customize which secret patterns are included in push protection at the enterprise or organization level. See [AUTOTITLE](/code-security/how-tos/secure-at-scale/configure-enterprise-security/establish-complete-coverage/configure-additional-settings#specifying-patterns-to-include-in-push-protection-for-your-enterprise) and [AUTOTITLE](/code-security/how-tos/secure-at-scale/configure-organization-security/establish-complete-coverage/configure-global-settings#specifying-patterns-to-include-in-push-protection). {% endif %} @@ -117,14 +117,14 @@ To align secret detection with internal security policies and more effectively p You may want to set up an approval process for better control over who in your enterprise can perform sensitive actions. An approval process helps mitigate the risk of unauthorized or malicious changes, and can provide a record of who used the bypass and why, ensuring that all actions are traceable and accountable. ->[!NOTE] The implementation of these approval processes can potentially cause some friction, so it's important to ensure that your security management team has adequate coverage before proceeding. +> [!NOTE] The implementation of these approval processes can potentially cause some friction, so it's important to ensure that your security management team has adequate coverage before proceeding. Approval processes are available for: -* Bypasses of push protection—You can choose who is allowed to bypass push protection, and add a review and approval cycle for pushes containing secrets from all other contributors. For more information about **delegated bypass for push protection**, see [AUTOTITLE](/code-security/secret-scanning/using-advanced-secret-scanning-and-push-protection-features/delegated-bypass-for-push-protection/about-delegated-bypass-for-push-protection). +* Bypasses of push protection—You can choose who is allowed to bypass push protection, and add a review and approval cycle for pushes containing secrets from all other contributors. For more information about **delegated bypass for push protection**, see [AUTOTITLE](/code-security/concepts/secret-security/delegated-bypass). * Dismissals of alerts for {% data variables.product.prodname_code_scanning %}{% ifversion dependabot-delegated-alert-dismissal %}, {% data variables.product.prodname_dependabot %},{% endif %} and {% data variables.product.prodname_secret_scanning %}—You can provide additional control and visibility over alert assessment by ensuring that only designated individuals can dismiss (or close) alerts. For more information about **delegated alert dismissal**, see the following articles: - * [AUTOTITLE](/code-security/code-scanning/managing-your-code-scanning-configuration/enabling-delegated-alert-dismissal-for-code-scanning){% ifversion dependabot-delegated-alert-dismissal %} - * [AUTOTITLE](/code-security/dependabot/dependabot-alerts/enable-delegated-alert-dismissal){% endif %} - * [AUTOTITLE](/code-security/secret-scanning/using-advanced-secret-scanning-and-push-protection-features/enabling-delegated-alert-dismissal-for-secret-scanning) + * [AUTOTITLE](/code-security/how-tos/manage-security-alerts/manage-code-scanning-alerts/enable-delegated-alert-dismissal){% ifversion dependabot-delegated-alert-dismissal %} + * [AUTOTITLE](/code-security/how-tos/manage-security-alerts/manage-dependabot-alerts/enable-delegated-alert-dismissal){% endif %} + * [AUTOTITLE](/code-security/how-tos/manage-security-alerts/manage-secret-scanning-alerts/enable-delegated-dismissal) ## Identifying security vulnerabilities and errors @@ -132,6 +132,6 @@ Many industries have regulations that require regular security assessments and v {% data variables.product.prodname_code_scanning_caps %} can be integrated to your CI/CD pipeline, providing continuous monitoring and assessment of your codebase. -To get started quickly with {% data variables.product.prodname_code_scanning %}, we recommend you use the default setup. See [AUTOTITLE](/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning). +To get started quickly with {% data variables.product.prodname_code_scanning %}, we recommend you use the default setup. See [AUTOTITLE](/code-security/how-tos/find-and-fix-code-vulnerabilities/configure-code-scanning/configure-code-scanning). -{% data variables.product.prodname_code_scanning_caps %} can be enabled at the enterprise, organization, and repository level. See {% ifversion ghes %}[AUTOTITLE](/admin/managing-code-security/managing-github-advanced-security-for-your-enterprise/configuring-code-scanning-for-your-appliance){% elsif ghec %}[AUTOTITLE](/code-security/concepts/security-at-scale/about-security-configurations){% endif %} for enablement at enterprise level. +{% data variables.product.prodname_code_scanning_caps %} can be enabled at the enterprise, organization, and repository level. See {% ifversion ghes %}[AUTOTITLE](/code-security/how-tos/secure-at-scale/configure-enterprise-security/configure-specific-tools/configuring-code-scanning-for-your-appliance){% elsif ghec %}[AUTOTITLE](/code-security/concepts/security-at-scale/organization-security){% endif %} for enablement at enterprise level. diff --git a/content/admin/overview/setting-up-a-trial-of-github-enterprise-cloud.md b/content/admin/overview/setting-up-a-trial-of-github-enterprise-cloud.md index 996422e79399..29e02f8b3eeb 100644 --- a/content/admin/overview/setting-up-a-trial-of-github-enterprise-cloud.md +++ b/content/admin/overview/setting-up-a-trial-of-github-enterprise-cloud.md @@ -32,7 +32,7 @@ The trial lasts for **{% data reusables.enterprise.ghec-trial-length %} days** a * Access to **most** {% data variables.product.prodname_ghe_cloud %} features. * {% data variables.product.prodname_GH_cs_and_sp %} ({% data variables.product.prodname_dotcom_the_website %} trials only) -* Access to the **new billing platform**.{% ifversion enhanced-billing-platform %} See [AUTOTITLE](/billing/using-the-new-billing-platform/about-the-new-billing-platform-for-enterprises).{% endif %} +* Access to the **new billing platform**.{% ifversion enhanced-billing-platform %} See [AUTOTITLE](/billing/get-started/introduction-to-billing).{% endif %} * An **enterprise account**, which allows you to manage multiple organizations. See [AUTOTITLE](/enterprise-cloud@latest/get-started/learning-about-github/types-of-github-accounts). * Up to **50 licenses** to grant access to users. * Up to 3,000 minutes of standard {% data variables.product.prodname_dotcom %}-hosted runners. @@ -78,7 +78,7 @@ You can end your trial at any time by purchasing {% data variables.product.prodn If you **purchase {% data variables.product.prodname_enterprise %}**: -* You can use usage-based billing for {% data variables.product.prodname_ghe_cloud %} and {% data variables.product.prodname_GHAS %} products, which means you pay monthly for the number of licenses you use. You will not need to buy a predefined number of licenses in advance. See [AUTOTITLE](/billing/using-the-new-billing-platform/about-usage-based-billing-for-licenses). +* You can use usage-based billing for {% data variables.product.prodname_ghe_cloud %} and {% data variables.product.prodname_GHAS %} products, which means you pay monthly for the number of licenses you use. You will not need to buy a predefined number of licenses in advance. See [AUTOTITLE](/billing/concepts/enterprise-billing/usage-based-licenses). If you did not set up a free trial and you want to use usage-based billing to pay for {% data variables.product.prodname_GHAS %} products after the {% data variables.product.prodname_ghe_cloud %} trial ends, contact [{% data variables.product.prodname_dotcom %}'s Sales team](https://enterprise.github.com/contact). @@ -95,7 +95,7 @@ If your **trial expires**: * Enterprise owners and members retain access to the enterprise account and organizations created during the trial in a downgraded state, allowing you to either upgrade to {% data variables.product.prodname_enterprise %} or move assets elsewhere. * You can delete an expired trial to remove people's access to the enterprise and organizations created during the trial. -For more information about the effects of downgrading an organization, see [AUTOTITLE](/enterprise-cloud@latest/billing/managing-the-plan-for-your-github-account/downgrading-your-accounts-plan#downgrading-your-organizations-plan). +For more information about the effects of downgrading an organization, see [AUTOTITLE](/enterprise-cloud@latest/billing/how-tos/manage-plan-and-licenses/downgrade-plan#downgrading-your-organizations-plan). ## Ending your trial @@ -119,5 +119,5 @@ You can cancel a trial at any time. Once the trial has expired, you can delete t ## Further reading -* [AUTOTITLE](/admin/overview/best-practices-for-enterprises) +* [AUTOTITLE](/admin/concepts/enterprise-best-practices/organize-work) * [{% data variables.product.prodname_roadmap %}]({% data variables.product.prodname_roadmap_link %}) diff --git a/content/admin/overview/setting-up-a-trial-of-github-enterprise-server.md b/content/admin/overview/setting-up-a-trial-of-github-enterprise-server.md index db3dfb0b5a3a..486593f8dccc 100644 --- a/content/admin/overview/setting-up-a-trial-of-github-enterprise-server.md +++ b/content/admin/overview/setting-up-a-trial-of-github-enterprise-server.md @@ -19,7 +19,7 @@ category: You can request a 45-day trial to evaluate {% data variables.product.prodname_ghe_server %}. Your trial will be installed as a virtual appliance, with options for on-premises or cloud deployment. For more information about {% data variables.product.prodname_ghe_server %}, and for a list of supported virtualization platforms, see [AUTOTITLE](/enterprise-server@latest/admin/overview/about-github-enterprise-server). -{% ifversion ghes %}{% data variables.product.prodname_dependabot %}{% else %}Security{% endif %} alerts and {% data variables.product.prodname_github_connect %} are not currently available in trials of {% data variables.product.prodname_ghe_server %}. For a demonstration of these features, contact {% data variables.contact.contact_enterprise_sales %}. For more information about these features, see [AUTOTITLE](/code-security/dependabot/dependabot-alerts/about-dependabot-alerts) and [AUTOTITLE](/enterprise-server@latest/admin/configuration/configuring-github-connect/managing-github-connect). +{% ifversion ghes %}{% data variables.product.prodname_dependabot %}{% else %}Security{% endif %} alerts and {% data variables.product.prodname_github_connect %} are not currently available in trials of {% data variables.product.prodname_ghe_server %}. For a demonstration of these features, contact {% data variables.contact.contact_enterprise_sales %}. For more information about these features, see [AUTOTITLE](/code-security/concepts/supply-chain-security/dependabot-alerts) and [AUTOTITLE](/enterprise-server@latest/admin/configuring-settings/configuring-github-connect/enabling-github-connect-for-githubcom). Trials are also available for {% data variables.product.prodname_ghe_cloud %}. For more information, see [AUTOTITLE](/admin/overview/setting-up-a-trial-of-github-enterprise-cloud). @@ -29,9 +29,9 @@ Trials are also available for {% data variables.product.prodname_ghe_cloud %}. F {% data variables.product.prodname_ghe_server %} is installed as a virtual appliance. Determine the best person in your organization to set up a virtual machine, and ask that person to submit a [trial request](https://enterprise.github.com/trial). You can begin your trial immediately after submitting a request. -To set up an account for the {% data variables.product.prodname_enterprise %} Web portal, click the link in the email you received after submitting your trial request, and follow the prompts. Then, download your license file. For more information, see [AUTOTITLE](/enterprise-server@latest/billing/managing-your-license-for-github-enterprise). +To set up an account for the {% data variables.product.prodname_enterprise %} Web portal, click the link in the email you received after submitting your trial request, and follow the prompts. Then, download your license file. For more information, see [AUTOTITLE](/enterprise-server@latest/billing/how-tos/manage-server-licenses/download-your-license). -To install {% data variables.product.prodname_ghe_server %}, download the necessary components and upload your license file. For more information, see the instructions for your chosen visualization platform in [AUTOTITLE](/enterprise-server@latest/admin/installation/setting-up-a-github-enterprise-server-instance). +To install {% data variables.product.prodname_ghe_server %}, download the necessary components and upload your license file. For more information, see the instructions for your chosen virtualization platform in [AUTOTITLE](/enterprise-server@latest/admin/installing-your-enterprise-server/setting-up-a-github-enterprise-server-instance). ## Next steps @@ -42,11 +42,11 @@ To get the most out of your trial, follow these steps: * [Intro to {% data variables.product.prodname_dotcom %}](https://resources.github.com/devops/methodology/maximizing-devops-roi/) webcast * [Understanding the {% data variables.product.prodname_dotcom %} flow](https://guides.github.com/introduction/flow/) in {% data variables.product.prodname_dotcom %} Guides * [Hello World](https://guides.github.com/activities/hello-world/) in {% data variables.product.prodname_dotcom %} Guides - * [AUTOTITLE](/get-started/learning-about-github/about-versions-of-github-docs) -1. To configure your instance to meet your organization's needs, see [AUTOTITLE](/enterprise-server@latest/admin/configuration/configuring-your-enterprise). -1. To integrate {% data variables.product.prodname_ghe_server %} with your identity provider, see [AUTOTITLE](/enterprise-server@latest/admin/identity-and-access-management/using-saml-for-enterprise-iam) and [AUTOTITLE](/enterprise-server@latest/admin/identity-and-access-management/using-ldap-for-enterprise-iam/using-ldap). + * [AUTOTITLE](/get-started/using-github-docs/about-versions-of-github-docs) +1. To configure your instance to meet your organization's needs, see [AUTOTITLE](/enterprise-server@latest/admin/configuring-settings). +1. To integrate {% data variables.product.prodname_ghe_server %} with your identity provider, see [AUTOTITLE](/enterprise-server@latest/admin/managing-iam/using-saml-for-enterprise-iam) and [AUTOTITLE](/enterprise-server@latest/admin/managing-iam/using-ldap-for-enterprise-iam/using-ldap). 1. Invite people to join your trial. - * Add users to your {% data variables.product.prodname_ghe_server %} instance using built-in authentication or your configured identity provider. For more information, see [AUTOTITLE](/enterprise-server@latest/admin/identity-and-access-management/using-built-in-authentication/configuring-built-in-authentication). + * Add users to your {% data variables.product.prodname_ghe_server %} instance using built-in authentication or your configured identity provider. For more information, see [AUTOTITLE](/enterprise-server@latest/admin/managing-iam/using-built-in-authentication/configuring-built-in-authentication). * To invite people to become account administrators, visit the [{% data variables.product.prodname_enterprise %} Web portal](https://enterprise.github.com/login). > [!NOTE] diff --git a/content/admin/overview/system-overview.md b/content/admin/overview/system-overview.md index e12479d870c7..5336f35e55bc 100644 --- a/content/admin/overview/system-overview.md +++ b/content/admin/overview/system-overview.md @@ -45,9 +45,9 @@ The user filesystem contains files that store following configuration and data. By default, {% data variables.product.prodname_ghe_server %} runs as a standalone instance. You can increase the reliability and performance of {% data variables.product.prodname_ghe_server %} by using a different topology for your deployment. -* To mitigate the impact of system or network failures, you can deploy a passive replica instance. During an outage that affects your primary instance, you can manually fail over to the replica instance. For more information, see [AUTOTITLE](/admin/enterprise-management/configuring-high-availability/about-high-availability-configuration). -* You can configure multiple active replicas to improve performance for developers who are geographically distant from your primary instance. For more information, see [AUTOTITLE](/admin/enterprise-management/configuring-high-availability/about-geo-replication). -* Some enterprises with tens of thousands of developers may benefit from a cluster configuration that scales horizontally instead of vertically. For more information, see [AUTOTITLE](/admin/enterprise-management/configuring-clustering/about-clustering). +* To mitigate the impact of system or network failures, you can deploy a passive replica instance. During an outage that affects your primary instance, you can manually fail over to the replica instance. For more information, see [AUTOTITLE](/admin/monitoring-and-managing-your-instance/configuring-high-availability/about-high-availability-configuration). +* You can configure multiple active replicas to improve performance for developers who are geographically distant from your primary instance. For more information, see [AUTOTITLE](/admin/monitoring-and-managing-your-instance/configuring-high-availability/about-geo-replication). +* Some enterprises with tens of thousands of developers may benefit from a cluster configuration that scales horizontally instead of vertically. For more information, see [AUTOTITLE](/admin/monitoring-and-managing-your-instance/configuring-clustering/about-clustering). ## Data retention and datacenter redundancy @@ -58,7 +58,7 @@ By default, {% data variables.product.prodname_ghe_server %} runs as a standalon In addition to network backups, both AWS (EBS) and VMware disk snapshots of the user storage volumes are supported while the instance is offline or in maintenance mode. Regular volume snapshots can be used as a low-cost, low-complexity alternative to network backups with {% data variables.product.prodname_enterprise_backup_utilities %} if your service level requirements allow for regular offline maintenance. -For more information, see [AUTOTITLE](/admin/configuration/configuring-your-enterprise/configuring-backups-on-your-appliance). +For more information, see [AUTOTITLE](/admin/backing-up-and-restoring-your-instance/configuring-backups-on-your-instance). ## Security @@ -87,7 +87,7 @@ Regular patch updates are released on the {% data variables.product.prodname_ghe ### Network security -{% data variables.product.prodname_ghe_server %}'s internal firewall restricts network access to the instance's services. Only services necessary for the appliance to function are available over the network. For more information, see [AUTOTITLE](/admin/configuration/configuring-network-settings/network-ports). +{% data variables.product.prodname_ghe_server %}'s internal firewall restricts network access to the instance's services. Only services necessary for the appliance to function are available over the network. For more information, see [AUTOTITLE](/admin/configuring-settings/configuring-network-settings/network-ports). ### Application security @@ -95,23 +95,23 @@ Regular patch updates are released on the {% data variables.product.prodname_ghe ### External services and support access -{% data variables.product.prodname_ghe_server %} can operate without any egress access from your network to outside services. You can optionally enable integration with external services for email delivery, external monitoring, and log forwarding. For more information, see [AUTOTITLE](/admin/configuration/configuring-your-enterprise/configuring-email-for-notifications), [AUTOTITLE](/admin/enterprise-management/monitoring-your-appliance/setting-up-external-monitoring), and [AUTOTITLE](/admin/monitoring-activity-in-your-enterprise/exploring-user-activity/log-forwarding). +{% data variables.product.prodname_ghe_server %} can operate without any egress access from your network to outside services. You can optionally enable integration with external services for email delivery, external monitoring, and log forwarding. For more information, see [AUTOTITLE](/admin/configuring-settings/configuring-user-applications-for-your-enterprise/configuring-email-for-notifications), [AUTOTITLE](/admin/monitoring-and-managing-your-instance/monitoring-your-instance/collectd-metrics/setting-up-external-monitoring-with-collectd), and [AUTOTITLE](/admin/monitoring-activity-in-your-enterprise/exploring-user-activity-in-your-enterprise/log-forwarding). You can manually collect and send troubleshooting data to {% data variables.contact.github_support %}. For more information, see [AUTOTITLE](/support/contacting-github-support/providing-data-to-github-support). ### Encrypted communication -{% data variables.product.company_short %} designs {% data variables.product.prodname_ghe_server %} to run behind your corporate firewall. To secure communication over the wire, we encourage you to enable Transport Layer Security (TLS). {% data variables.product.prodname_ghe_server %} supports 2048-bit and higher commercial TLS certificates for HTTPS traffic. For more information, see [AUTOTITLE](/admin/configuration/configuring-network-settings/configuring-tls). +{% data variables.product.company_short %} designs {% data variables.product.prodname_ghe_server %} to run behind your corporate firewall. To secure communication over the wire, we encourage you to enable Transport Layer Security (TLS). {% data variables.product.prodname_ghe_server %} supports 2048-bit and higher commercial TLS certificates for HTTPS traffic. For more information, see [AUTOTITLE](/admin/configuring-settings/hardening-security-for-your-enterprise/configuring-tls). -By default, the instance also offers Secure Shell (SSH) access for both repository access using Git and administrative purposes. For more information, see [AUTOTITLE](/authentication/connecting-to-github-with-ssh/about-ssh) and [AUTOTITLE](/admin/configuration/configuring-your-enterprise/accessing-the-administrative-shell-ssh). +By default, the instance also offers Secure Shell (SSH) access for both repository access using Git and administrative purposes. For more information, see [AUTOTITLE](/authentication/connecting-to-github-with-ssh/about-ssh) and [AUTOTITLE](/admin/administering-your-instance/administering-your-instance-from-the-command-line/accessing-the-administrative-shell-ssh). -If you configure SAML authentication for {% data variables.location.product_location %}, you can enable encrypted assertions between the instance and your SAML IdP. For more information, see [AUTOTITLE](/admin/identity-and-access-management/using-saml-for-enterprise-iam#enabling-encrypted-assertions). +If you configure SAML authentication for {% data variables.location.product_location %}, you can enable encrypted assertions between the instance and your SAML IdP. For more information, see [AUTOTITLE](/admin/managing-iam/using-saml-for-enterprise-iam#enabling-encrypted-assertions). ### Users and access permissions {% data variables.product.prodname_ghe_server %} provides three types of accounts. -* The `admin` Linux user account has controlled access to the underlying operating system, including direct filesystem and database access. A small set of trusted administrators should have access to this account, which they can access over SSH. For more information, see [AUTOTITLE](/admin/configuration/configuring-your-enterprise/accessing-the-administrative-shell-ssh). +* The `admin` Linux user account has controlled access to the underlying operating system, including direct filesystem and database access. A small set of trusted administrators should have access to this account, which they can access over SSH. For more information, see [AUTOTITLE](/admin/administering-your-instance/administering-your-instance-from-the-command-line/accessing-the-administrative-shell-ssh). * User accounts in the instance's web application have full access to their own data and any data that other users or organizations explicitly grant. * Site administrators in the instance's web application are user accounts that can manage high-level web application and instance settings, user and organization account settings, and repository data. @@ -121,14 +121,14 @@ For more information about {% data variables.product.prodname_ghe_server %}'s us {% data variables.product.prodname_ghe_server %} provides four authentication methods. -* SSH public key authentication provides both repository access using Git and administrative shell access. For more information, see [AUTOTITLE](/authentication/connecting-to-github-with-ssh/about-ssh) and [AUTOTITLE](/admin/configuration/configuring-your-enterprise/accessing-the-administrative-shell-ssh). -* Username and password authentication with HTTP cookies provides web application access and session management, with optional two-factor authentication (2FA). For more information, see [AUTOTITLE](/admin/identity-and-access-management/using-built-in-authentication/configuring-built-in-authentication). -* External LDAP, SAML, or CAS authentication using an LDAP service, SAML Identity Provider (IdP), or other compatible service provides access to the web application. For more information, see [AUTOTITLE](/admin/identity-and-access-management/using-saml-for-enterprise-iam). -* OAuth and {% data variables.product.pat_generic %}s provide access to Git repository data and APIs for both external clients and services. For more information, see [AUTOTITLE](/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token). +* SSH public key authentication provides both repository access using Git and administrative shell access. For more information, see [AUTOTITLE](/authentication/connecting-to-github-with-ssh/about-ssh) and [AUTOTITLE](/admin/administering-your-instance/administering-your-instance-from-the-command-line/accessing-the-administrative-shell-ssh). +* Username and password authentication with HTTP cookies provides web application access and session management, with optional two-factor authentication (2FA). For more information, see [AUTOTITLE](/admin/managing-iam/using-built-in-authentication/configuring-built-in-authentication). +* External LDAP, SAML, or CAS authentication using an LDAP service, SAML Identity Provider (IdP), or other compatible service provides access to the web application. For more information, see [AUTOTITLE](/admin/managing-iam/using-saml-for-enterprise-iam). +* OAuth and {% data variables.product.pat_generic %}s provide access to Git repository data and APIs for both external clients and services. For more information, see [AUTOTITLE](/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens). ### Audit and access logging -{% data variables.product.prodname_ghe_server %} stores both traditional operating system and application logs. The application also writes detailed auditing and security logs, which {% data variables.product.prodname_ghe_server %} stores permanently. You can forward both types of logs in real time to multiple destinations via the `syslog-ng` protocol. For more information, see [AUTOTITLE](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/about-the-audit-log-for-your-enterprise) and [AUTOTITLE](/admin/monitoring-activity-in-your-enterprise/exploring-user-activity/log-forwarding). +{% data variables.product.prodname_ghe_server %} stores both traditional operating system and application logs. The application also writes detailed auditing and security logs, which {% data variables.product.prodname_ghe_server %} stores permanently. You can forward both types of logs in real time to multiple destinations via the `syslog-ng` protocol. For more information, see [AUTOTITLE](/admin/concepts/security-and-compliance/audit-log-for-an-enterprise) and [AUTOTITLE](/admin/monitoring-activity-in-your-enterprise/exploring-user-activity-in-your-enterprise/log-forwarding). Access and audit logs include information like the following. @@ -159,4 +159,4 @@ Tarballs are also available, with a full list of dependencies and metadata, at ` ## Further reading * [AUTOTITLE](/admin/overview/setting-up-a-trial-of-github-enterprise-server) -* [AUTOTITLE](/admin/installation/setting-up-a-github-enterprise-server-instance) +* [AUTOTITLE](/admin/installing-your-enterprise-server/setting-up-a-github-enterprise-server-instance) diff --git a/content/admin/upgrading-your-instance/performing-an-upgrade/migrating-from-github-enterprise-1110x-to-2123.md b/content/admin/upgrading-your-instance/performing-an-upgrade/migrating-from-github-enterprise-1110x-to-2123.md index fa8a2ab362a5..6e7cca81f259 100644 --- a/content/admin/upgrading-your-instance/performing-an-upgrade/migrating-from-github-enterprise-1110x-to-2123.md +++ b/content/admin/upgrading-your-instance/performing-an-upgrade/migrating-from-github-enterprise-1110x-to-2123.md @@ -55,7 +55,7 @@ To upgrade to the latest version of {% data variables.product.prodname_enterpris 1. In the "Add new SSH key" text field, paste your backup host access SSH key. 1. Click **Add key** and then click **Continue**. 1. Copy the `ghe-restore` command that you'll run on the backup host to migrate data to the new instance. -1. Enable maintenance mode on the old instance and wait for all active processes to complete. For more information, see [AUTOTITLE](/admin/configuration/configuring-your-enterprise/enabling-and-scheduling-maintenance-mode). +1. Enable maintenance mode on the old instance and wait for all active processes to complete. For more information, see [AUTOTITLE](/admin/administering-your-instance/configuring-maintenance-mode/enabling-and-scheduling-maintenance-mode). > [!NOTE] > The instance will be unavailable for normal use from this point forward. diff --git a/content/admin/upgrading-your-instance/performing-an-upgrade/upgrading-with-a-hotpatch.md b/content/admin/upgrading-your-instance/performing-an-upgrade/upgrading-with-a-hotpatch.md index a041162160df..ed74d7f0cbe3 100644 --- a/content/admin/upgrading-your-instance/performing-an-upgrade/upgrading-with-a-hotpatch.md +++ b/content/admin/upgrading-your-instance/performing-an-upgrade/upgrading-with-a-hotpatch.md @@ -14,7 +14,7 @@ category: {% data reusables.enterprise_installation.hotpatching-explanation %} -Using the {% data variables.enterprise.management_console %}, you can install a hotpatch immediately or schedule it for later installation. You can use the administrative shell to install a hotpatch with the `ghe-upgrade` utility. See [AUTOTITLE](/admin/upgrading-your-instance/preparing-to-upgrade/overview-of-the-upgrade-process) and [AUTOTITLE](/admin/enterprise-management/updating-the-virtual-machine-and-physical-resources/upgrade-requirements). +Using the {% data variables.enterprise.management_console %}, you can install a hotpatch immediately or schedule it for later installation. You can use the administrative shell to install a hotpatch with the `ghe-upgrade` utility. See [AUTOTITLE](/admin/upgrading-your-instance/preparing-to-upgrade/overview-of-the-upgrade-process) and [AUTOTITLE](/admin/upgrading-your-instance/preparing-to-upgrade/upgrade-requirements). ## Upgrading a standalone instance using a hotpatch @@ -29,7 +29,7 @@ You can use the {% data variables.enterprise.management_console %} to upgrade wi If the upgrade target you're presented with is a feature release instead of a patch release, you cannot use the {% data variables.enterprise.management_console %} to install a hotpatch. You must install the hotpatch using the administrative shell instead. -1. Enable automatic updates. For more information, see [AUTOTITLE](/admin/enterprise-management/updating-the-virtual-machine-and-physical-resources/enabling-automatic-update-checks). +1. Enable automatic updates. For more information, see [AUTOTITLE](/admin/upgrading-your-instance/preparing-to-upgrade/enabling-automatic-update-checks). {% data reusables.enterprise_site_admin_settings.access-settings %} {% data reusables.enterprise_site_admin_settings.management-console %} {% data reusables.enterprise_management_console.updates-tab %} diff --git a/content/admin/upgrading-your-instance/performing-an-upgrade/upgrading-with-an-upgrade-package.md b/content/admin/upgrading-your-instance/performing-an-upgrade/upgrading-with-an-upgrade-package.md index c15a4c5b145c..0872f1c48401 100644 --- a/content/admin/upgrading-your-instance/performing-an-upgrade/upgrading-with-an-upgrade-package.md +++ b/content/admin/upgrading-your-instance/performing-an-upgrade/upgrading-with-an-upgrade-package.md @@ -14,7 +14,7 @@ category: Using the administrative shell, you can install an upgrade package with the `ghe-upgrade` utility. -If you're running back-to-back feature version upgrades, you must ensure background jobs are complete before proceeding with the following upgrade to a feature release. {% data variables.product.prodname_dotcom %} recommends waiting for any background upgrade tasks to complete before upgrading a second time. See [AUTOTITLE](/admin/upgrading-your-instance/preparing-to-upgrade/overview-of-the-upgrade-process) and [AUTOTITLE](/admin/enterprise-management/updating-the-virtual-machine-and-physical-resources/upgrade-requirements). +If you're running back-to-back feature version upgrades, you must ensure background jobs are complete before proceeding with the following upgrade to a feature release. {% data variables.product.prodname_dotcom %} recommends waiting for any background upgrade tasks to complete before upgrading a second time. See [AUTOTITLE](/admin/upgrading-your-instance/preparing-to-upgrade/overview-of-the-upgrade-process) and [AUTOTITLE](/admin/upgrading-your-instance/preparing-to-upgrade/upgrade-requirements). While you can use a hotpatch to upgrade to the latest patch release within a feature series, you must use an upgrade package to upgrade to a newer feature release. For example, to upgrade from 2.11.10 to 2.12.4 you must use an upgrade package since these are in different feature series. @@ -25,7 +25,7 @@ While you can use a hotpatch to upgrade to the latest patch release within a fea {% data reusables.enterprise_installation.ssh-into-instance %} 1. {% data reusables.enterprise_installation.enterprise-download-upgrade-pkg %} Select the appropriate platform and copy the URL for the upgrade package (_.pkg_ file). {% data reusables.enterprise_installation.download-package %} -1. Enable maintenance mode and wait for all active processes to complete on the {% data variables.product.prodname_ghe_server %} instance. See [AUTOTITLE](/admin/configuration/configuring-your-enterprise/enabling-and-scheduling-maintenance-mode). +1. Enable maintenance mode and wait for all active processes to complete on the {% data variables.product.prodname_ghe_server %} instance. See [AUTOTITLE](/admin/administering-your-instance/configuring-maintenance-mode/enabling-and-scheduling-maintenance-mode). > [!NOTE] When upgrading the primary node in a high availability configuration, the instance should already be in maintenance mode if you are following the instructions in [Upgrading the primary node with an upgrade package](#upgrading-the-primary-node-with-an-upgrade-package). @@ -46,12 +46,12 @@ While you can use a hotpatch to upgrade to the latest patch release within a fea Proceed with installation? [y/N] ``` -1. Optionally, during an upgrade to a feature release, you can monitor the status of database migrations using the `ghe-migrations` utility. See [AUTOTITLE](/admin/configuration/configuring-your-enterprise/command-line-utilities#ghe-migrations). +1. Optionally, during an upgrade to a feature release, you can monitor the status of database migrations using the `ghe-migrations` utility. See [AUTOTITLE](/admin/administering-your-instance/administering-your-instance-from-the-command-line/command-line-utilities#ghe-migrations). 1. After the instance restarts, the upgrade will continue in the background. You cannot unset maintenance mode until the process completes. To check the status of background jobs, use the `ghe-check-background-upgrade-jobs` utility. If you're running back-to-back upgrades, you must ensure background jobs are complete before proceeding with the following upgrade to a feature release. - See [AUTOTITLE](/admin/configuration/configuring-your-enterprise/command-line-utilities#ghe-check-background-upgrade-jobs). + See [AUTOTITLE](/admin/administering-your-instance/administering-your-instance-from-the-command-line/command-line-utilities#ghe-check-background-upgrade-jobs). > [!NOTE] > Background upgrade jobs only need to complete before you begin a subsequent feature upgrade. You don't need to wait for `ghe-check-background-upgrade-jobs` before upgrading replica or other additional nodes to the same release. @@ -65,7 +65,7 @@ While you can use a hotpatch to upgrade to the latest patch release within a fea The configuration runs in the background and you don't need to run `ghe-config-apply` explicitly unless you encounter a problem. > [!WARNING] If you are upgrading a node in a multi-node cluster, running `ghe-config-apply` on the command line or saving settings in the {% data variables.enterprise.management_console %} may fail and result in an incomplete upgrade if not all the nodes are upgraded to the same version. Please use `ghe-single-config-apply` instead. -1. Optionally, after the upgrade, validate the upgrade by configuring an IP exception list to allow access to a specified list of IP addresses. See [AUTOTITLE](/admin/configuration/configuring-your-enterprise/enabling-and-scheduling-maintenance-mode#validating-changes-in-maintenance-mode-using-the-ip-exception-list). +1. Optionally, after the upgrade, validate the upgrade by configuring an IP exception list to allow access to a specified list of IP addresses. See [AUTOTITLE](/admin/administering-your-instance/configuring-maintenance-mode/enabling-and-scheduling-maintenance-mode#validating-changes-in-maintenance-mode-using-the-ip-exception-list). 1. For single node upgrades, perform any post-upgrade tasks including disabling maintenance mode so users can use {% data variables.location.product_location %}. > [!NOTE] After you upgrade an instance in a high availability configuration, you should remain in maintenance mode until you have upgraded all of the replica nodes and replication is current. See [Upgrading additional nodes with an upgrade package](#upgrading-additional-nodes-with-an-upgrade-package). @@ -81,7 +81,7 @@ To upgrade a multi-node {% data variables.product.prodname_ghe_server %} environ > [!WARNING] When replication is stopped, if the primary fails, any work from before the replica is upgraded and the replication begins again will be lost. -1. On the primary node, enable maintenance mode and wait for all active processes to complete. See [AUTOTITLE](/admin/configuration/configuring-your-enterprise/enabling-and-scheduling-maintenance-mode). +1. On the primary node, enable maintenance mode and wait for all active processes to complete. See [AUTOTITLE](/admin/administering-your-instance/configuring-maintenance-mode/enabling-and-scheduling-maintenance-mode). {% data reusables.enterprise_installation.replica-ssh %} 1. To stop replication on all nodes, run `ghe-repl-stop` on each node. Alternatively, if there are multiple replicas, run `ghe-repl-stop-all` on the primary node instead, which will stop replication in a single run. 1. To upgrade the primary node, follow the instructions in [Upgrading a standalone instance using an upgrade package](#upgrading-a-standalone-instance-using-an-upgrade-package). @@ -105,7 +105,7 @@ Phased upgrade execution allows {% data variables.product.prodname_ghe_server %} ghe-upgrade --phase pre-upgrade GITHUB-UPGRADE.pkg ``` -1. Enable maintenance mode and wait for all active processes to complete on the {% data variables.product.prodname_ghe_server %} instance. See [AUTOTITLE](/admin/configuration/configuring-your-enterprise/enabling-and-scheduling-maintenance-mode). +1. Enable maintenance mode and wait for all active processes to complete on the {% data variables.product.prodname_ghe_server %} instance. See [AUTOTITLE](/admin/administering-your-instance/configuring-maintenance-mode/enabling-and-scheduling-maintenance-mode). > [!NOTE] When upgrading the primary node in a high availability configuration, the instance should already be in maintenance mode if you are following the instructions in [Upgrading the primary node with an upgrade package](#upgrading-the-primary-node-with-an-upgrade-package). 1. Run the upgrade phase @@ -114,7 +114,7 @@ Phased upgrade execution allows {% data variables.product.prodname_ghe_server %} ghe-upgrade --phase pre-upgrade GITHUB-UPGRADE.pkg ``` -1. Optionally, after the upgrade, validate the upgrade by configuring an IP exception list to allow access to a specified list of IP addresses. See [AUTOTITLE](/admin/configuration/configuring-your-enterprise/enabling-and-scheduling-maintenance-mode#validating-changes-in-maintenance-mode-using-the-ip-exception-list). +1. Optionally, after the upgrade, validate the upgrade by configuring an IP exception list to allow access to a specified list of IP addresses. See [AUTOTITLE](/admin/administering-your-instance/configuring-maintenance-mode/enabling-and-scheduling-maintenance-mode#validating-changes-in-maintenance-mode-using-the-ip-exception-list). 1. For single node upgrades, perform any post-upgrade tasks including disabling maintenance mode so users can use {% data variables.location.product_location %}. > [!NOTE] After you upgrade an instance in a high availability configuration, you should remain in maintenance mode until you have upgraded all of the replica nodes and replication is current. See [Upgrading additional nodes with an upgrade package](#upgrading-additional-nodes-with-an-upgrade-package). diff --git a/content/admin/upgrading-your-instance/preparing-to-upgrade/overview-of-the-upgrade-process.md b/content/admin/upgrading-your-instance/preparing-to-upgrade/overview-of-the-upgrade-process.md index 6214a53b253b..0ef950a4f052 100644 --- a/content/admin/upgrading-your-instance/preparing-to-upgrade/overview-of-the-upgrade-process.md +++ b/content/admin/upgrading-your-instance/preparing-to-upgrade/overview-of-the-upgrade-process.md @@ -40,8 +40,8 @@ The process you must follow to apply an upgrade package depends on how many node ### Plan your upgrade * Review the release notes and documented known issues before performing an upgrade. See [AUTOTITLE](/admin/release-notes) and [AUTOTITLE](/admin/upgrading-your-instance/troubleshooting-upgrades/known-issues-with-upgrades-to-your-instance). -* Review [AUTOTITLE](/admin/enterprise-management/updating-the-virtual-machine-and-physical-resources/upgrade-requirements) to ensure you understand the requirements and recommendations for upgrading. -* Check that {% data variables.location.product_location %}'s data disk is at least 15% free. {% data variables.product.company_short %} recommends ensuring there is additional free storage on the disk. In some rare cases, for customers with large data volumes, this threshold may differ. See [AUTOTITLE](/admin/monitoring-managing-and-updating-your-instance/updating-the-virtual-machine-and-physical-resources/increasing-storage-capacity). +* Review [AUTOTITLE](/admin/upgrading-your-instance/preparing-to-upgrade/upgrade-requirements) to ensure you understand the requirements and recommendations for upgrading. +* Check that {% data variables.location.product_location %}'s data disk is at least 15% free. {% data variables.product.company_short %} recommends ensuring there is additional free storage on the disk. In some rare cases, for customers with large data volumes, this threshold may differ. See [AUTOTITLE](/admin/monitoring-and-managing-your-instance/updating-the-virtual-machine-and-physical-resources/increasing-storage-capacity). * Check that you have sufficient hardware resources for {% data variables.product.prodname_ghe_server %}. {% data reusables.enterprise_installation.preflight-checks %} * Ensure you have a copy of all custom firewall rules for {% data variables.location.product_location %}, as customized rules will not persist post-upgrade. You must reapply any custom rules following the upgrade. See [AUTOTITLE](/admin/configuring-settings/configuring-network-settings/configuring-built-in-firewall-rules). * For instances in a high availability configuration, check that the status of replication reports `OK` before upgrading. See [AUTOTITLE](/admin/monitoring-and-managing-your-instance/configuring-high-availability/monitoring-a-high-availability-configuration). @@ -79,14 +79,14 @@ Check if you need to upgrade the following applications: * Upgrades using a hotpatch usually don't require a maintenance window. Sometimes a reboot is required, which you can perform at a later time. > [!NOTE] - > Hotpatches require a configuration run, which can cause a brief period of errors or unresponsiveness for some or all services on {% data variables.location.product_location %}. You are not required to enable maintenance mode during installation of a hotpatch, but doing so will guarantee that users see a maintenance page instead of errors or timeouts. See [AUTOTITLE](/admin/configuration/configuring-your-enterprise/enabling-and-scheduling-maintenance-mode). + > Hotpatches require a configuration run, which can cause a brief period of errors or unresponsiveness for some or all services on {% data variables.location.product_location %}. You are not required to enable maintenance mode during installation of a hotpatch, but doing so will guarantee that users see a maintenance page instead of errors or timeouts. See [AUTOTITLE](/admin/administering-your-instance/configuring-maintenance-mode/enabling-and-scheduling-maintenance-mode). * Patch releases using an upgrade package typically require less than five minutes of downtime. * Upgrading to a new feature release that includes data migrations may cause a few hours of downtime, depending on storage performance and the amount of data that is migrated. During this time none of your users will be able to use the enterprise. You may notice that upgrades to a new feature release take less time. This is because selective database transitions will now run concurrently, with the number of concurrent workers defaulting to the number of CPU cores, up to a maximum of 16. ## Communicating your upgrade -* Prior to your upgrade, you can publish a global announcement banner to highlight important information to your users, such as incoming changes or possible downtime. See [AUTOTITLE](/admin/user-management/managing-users-in-your-enterprise/customizing-user-messages-for-your-enterprise#creating-a-global-announcement-banner). -* At the time of the upgrade, you can enable maintenance mode and set a custom message to inform users that the instance is temporarily unavailable. See [AUTOTITLE](/admin/configuration/configuring-your-enterprise/enabling-and-scheduling-maintenance-mode). +* Prior to your upgrade, you can publish a global announcement banner to highlight important information to your users, such as incoming changes or possible downtime. See [AUTOTITLE](/admin/managing-accounts-and-repositories/communicating-information-to-users-in-your-enterprise/customizing-user-messages-for-your-enterprise#creating-a-global-announcement-banner). +* At the time of the upgrade, you can enable maintenance mode and set a custom message to inform users that the instance is temporarily unavailable. See [AUTOTITLE](/admin/administering-your-instance/configuring-maintenance-mode/enabling-and-scheduling-maintenance-mode). ## Preparing your backup strategy @@ -119,5 +119,5 @@ The instructions for upgrading your {% data variables.product.prodname_ghe_serve * Check basic {% data variables.product.prodname_ghe_server %} functionality. For example, ensure you can sign in via the user interface, and verify that several of your organizations, repositories and issues can be reached as expected. It's also a good idea to manually run several Git fetches, clones, and pushes using SSH and/or HTTPS, and check that API requests and webhook deliveries complete successfully. * Reapply any custom firewall rules. See [AUTOTITLE](/admin/configuring-settings/configuring-network-settings/configuring-built-in-firewall-rules). * Delete any VM snapshots taken prior to upgrading. See [AUTOTITLE](/admin/upgrading-your-instance/preparing-to-upgrade/taking-a-snapshot). -* Disable maintenance mode, and update any pre-upgrade communications such as announcement banners. See [AUTOTITLE](/admin/user-management/managing-users-in-your-enterprise/customizing-user-messages-for-your-enterprise#creating-a-global-announcement-banner) and [AUTOTITLE](/admin/configuration/configuring-your-enterprise/enabling-and-scheduling-maintenance-mode). +* Disable maintenance mode, and update any pre-upgrade communications such as announcement banners. See [AUTOTITLE](/admin/managing-accounts-and-repositories/communicating-information-to-users-in-your-enterprise/customizing-user-messages-for-your-enterprise#creating-a-global-announcement-banner) and [AUTOTITLE](/admin/administering-your-instance/configuring-maintenance-mode/enabling-and-scheduling-maintenance-mode). * Monitor all queued background jobs on your instance to ensure they complete successfully. See [AUTOTITLE](/admin/administering-your-instance/administering-your-instance-from-the-command-line/command-line-utilities). diff --git a/content/admin/upgrading-your-instance/preparing-to-upgrade/upgrade-requirements.md b/content/admin/upgrading-your-instance/preparing-to-upgrade/upgrade-requirements.md index d67a38b9b9e5..edab5314d85e 100644 --- a/content/admin/upgrading-your-instance/preparing-to-upgrade/upgrade-requirements.md +++ b/content/admin/upgrading-your-instance/preparing-to-upgrade/upgrade-requirements.md @@ -19,7 +19,7 @@ category: > [!NOTE] > * Upgrade packages are available at [enterprise.github.com](https://enterprise.github.com/releases) for supported versions. Verify the availability of the upgrade packages you will need to complete the upgrade. If a package is not available, visit {% data variables.contact.contact_ent_support %} and contact us for assistance. -> * If you're using {% data variables.product.prodname_ghe_server %} Clustering, see [AUTOTITLE](/admin/enterprise-management/configuring-clustering/upgrading-a-cluster) in the {% data variables.product.prodname_ghe_server %} Clustering Guide for specific instructions unique to clustering. +> * If you're using {% data variables.product.prodname_ghe_server %} Clustering, see [AUTOTITLE](/admin/monitoring-and-managing-your-instance/configuring-clustering/upgrading-a-cluster) in the {% data variables.product.prodname_ghe_server %} Clustering Guide for specific instructions unique to clustering. > * The release notes for {% data variables.product.prodname_ghe_server %} provide a comprehensive list of new features for every version of {% data variables.product.prodname_ghe_server %}. For more information, see the [releases page](https://enterprise.github.com/releases). ## Recommendations @@ -27,8 +27,8 @@ category: * Include as few upgrades as possible in your upgrade process. For example, instead of upgrading from {% data variables.product.prodname_enterprise %} {{ enterpriseServerReleases.supported[2] }} to {{ enterpriseServerReleases.supported[1] }} to {{ enterpriseServerReleases.latest }}, you could upgrade from {% data variables.product.prodname_enterprise %} {{ enterpriseServerReleases.supported[2] }} to {{ enterpriseServerReleases.latest }}. Use the [{% data variables.enterprise.upgrade_assistant %}](https://support.github.com/enterprise/server-upgrade) to find the upgrade path from your current release version. * If you’re several versions behind, upgrade {% data variables.location.product_location %} as far forward as possible with each step of your upgrade process. Using the latest version possible on each upgrade allows you to take advantage of performance improvements and bug fixes. For example, you could upgrade from {% data variables.product.prodname_enterprise %} 2.7 to 2.8 to 2.10, but upgrading from {% data variables.product.prodname_enterprise %} 2.7 to 2.9 to 2.10 uses a later version in the second step. * Use the latest patch release when upgrading. {% data reusables.enterprise_installation.enterprise-download-upgrade-pkg %} -* Use a staging instance to test the upgrade steps. For more information, see [AUTOTITLE](/admin/installation/setting-up-a-github-enterprise-server-instance/setting-up-a-staging-instance). -* When running multiple upgrades, ensure data migrations and upgrade tasks running in the background are fully complete before proceeding to the next feature upgrade. To check the status of these processes, you can use the `ghe-migrations` and `ghe-check-background-upgrade-jobs` command-line utilities. For more information, see [AUTOTITLE](/admin/configuration/configuring-your-enterprise/command-line-utilities#upgrading-github-enterprise-server). +* Use a staging instance to test the upgrade steps. For more information, see [AUTOTITLE](/admin/installing-your-enterprise-server/setting-up-a-github-enterprise-server-instance/setting-up-a-staging-instance). +* When running multiple upgrades, ensure data migrations and upgrade tasks running in the background are fully complete before proceeding to the next feature upgrade. To check the status of these processes, you can use the `ghe-migrations` and `ghe-check-background-upgrade-jobs` command-line utilities. For more information, see [AUTOTITLE](/admin/administering-your-instance/administering-your-instance-from-the-command-line/command-line-utilities#upgrading-github-enterprise-server). * Take a snapshot before upgrading your virtual machine. For more information, see [AUTOTITLE](/admin/upgrading-your-instance/preparing-to-upgrade/taking-a-snapshot). After the snapshot is taken, turn off automatic snapshots to avoid possible performance impacts during upgrade. * Ensure you have a recent, successful backup of your instance. For more information, see the [{% data variables.product.prodname_enterprise_backup_utilities %} README.md file](https://github.com/github/backup-utils#readme). diff --git a/content/admin/upgrading-your-instance/troubleshooting-upgrades/known-issues-with-upgrades-to-your-instance.md b/content/admin/upgrading-your-instance/troubleshooting-upgrades/known-issues-with-upgrades-to-your-instance.md index 7d1876163a05..59c0f816fb97 100644 --- a/content/admin/upgrading-your-instance/troubleshooting-upgrades/known-issues-with-upgrades-to-your-instance.md +++ b/content/admin/upgrading-your-instance/troubleshooting-upgrades/known-issues-with-upgrades-to-your-instance.md @@ -19,7 +19,7 @@ category: If you see the error `The file provided is not a valid GitHub Enterprise Server package` when attempting an upgrade, you may need to rotate the GPG signing key on your instance. For more information, see [AUTOTITLE](/admin/upgrading-your-instance/troubleshooting-upgrades/rotating-the-signing-key-for-upgrade-packages). -{% data variables.product.company_short %} strongly recommends regular backups of your instance's configuration and data. Before you proceed with any upgrade, back up your instance, then validate the backup in a staging environment. For more information, see [AUTOTITLE](/admin/configuration/configuring-your-enterprise/configuring-backups-on-your-appliance) and [AUTOTITLE](/admin/installation/setting-up-a-github-enterprise-server-instance/setting-up-a-staging-instance). +{% data variables.product.company_short %} strongly recommends regular backups of your instance's configuration and data. Before you proceed with any upgrade, back up your instance, then validate the backup in a staging environment. For more information, see [AUTOTITLE](/admin/backing-up-and-restoring-your-instance/configuring-backups-on-your-instance) and [AUTOTITLE](/admin/installing-your-enterprise-server/setting-up-a-github-enterprise-server-instance/setting-up-a-staging-instance). ## Lifting the pause on upgrades to version 3.15 and above diff --git a/content/admin/upgrading-your-instance/troubleshooting-upgrades/restoring-from-a-failed-upgrade.md b/content/admin/upgrading-your-instance/troubleshooting-upgrades/restoring-from-a-failed-upgrade.md index ef4f1aac10ec..5b81208b3885 100644 --- a/content/admin/upgrading-your-instance/troubleshooting-upgrades/restoring-from-a-failed-upgrade.md +++ b/content/admin/upgrading-your-instance/troubleshooting-upgrades/restoring-from-a-failed-upgrade.md @@ -19,7 +19,7 @@ If your instance is configured for high availability and your primary node upgra To roll back a patch release, use the `ghe-upgrade` command with the `--allow-patch-rollback` switch. Before rolling back, replication must be temporarily stopped by running `ghe-repl-stop` on all replica nodes, or `ghe-repl-stop-all` on the primary node. {% data reusables.enterprise_installation.command-line-utilities-ghe-upgrade-rollback %} -After the rollback is complete, restart replication by running `ghe-repl-start` on all nodes, or `ghe-repl-start-all` on the primary node. See [AUTOTITLE](/admin/configuration/configuring-your-enterprise/command-line-utilities#ghe-upgrade). +After the rollback is complete, restart replication by running `ghe-repl-start` on all nodes, or `ghe-repl-start-all` on the primary node. See [AUTOTITLE](/admin/administering-your-instance/administering-your-instance-from-the-command-line/command-line-utilities#ghe-upgrade). ## Rolling back a feature release diff --git a/content/admin/upgrading-your-instance/troubleshooting-upgrades/rotating-the-signing-key-for-upgrade-packages.md b/content/admin/upgrading-your-instance/troubleshooting-upgrades/rotating-the-signing-key-for-upgrade-packages.md index 7a92b7d137e8..b20f0125bb70 100644 --- a/content/admin/upgrading-your-instance/troubleshooting-upgrades/rotating-the-signing-key-for-upgrade-packages.md +++ b/content/admin/upgrading-your-instance/troubleshooting-upgrades/rotating-the-signing-key-for-upgrade-packages.md @@ -31,7 +31,7 @@ For help determining the correct upgrade path, use the [{% data variables.enterp ## Prerequisites -* SSH access to your {% data variables.product.prodname_ghe_server %} instance. For more information, see [AUTOTITLE](/admin/administering-your-instance/accessing-the-administrative-shell-ssh). +* SSH access to your {% data variables.product.prodname_ghe_server %} instance. For more information, see [AUTOTITLE](/admin/administering-your-instance/administering-your-instance-from-the-command-line/accessing-the-administrative-shell-ssh). * Your instance must be able to reach `enterprise.github.com` over HTTPS to download the rotation script. If your instance is behind a restrictive firewall or in an air-gapped environment, download the script from an external machine and transfer it to the appliance manually. ## Rotating the signing key on a single-node instance diff --git a/content/code-security/index.md b/content/code-security/index.md index d1ee65400a98..ab70c776e0a9 100644 --- a/content/code-security/index.md +++ b/content/code-security/index.md @@ -4,6 +4,9 @@ shortTitle: Security and code quality intro: Build security and code quality into your {% data variables.product.github %} workflow with integrated tooling. redirect_from: - /code-security/guides + - /enterprise-onboarding/govern-people-and-repositories/about-enterprise-security + - /enterprise-onboarding/feature-enhancements/about-code-security-for-your-enterprise + - /enterprise-onboarding/feature-enhancements/about-enterprise-security introLinks: overview: '{% ifversion ghes %}/code-security/getting-started/github-security-features{% endif %}' generate_secret_risk_assessment_report_for_free: '{% ifversion secret-risk-assessment %}https://github.com/get_started?with=risk-assessment{% endif %}' diff --git a/content/copilot/how-tos/administer-copilot/manage-for-enterprise/manage-agents/configure-enterprise-managed-settings.md b/content/copilot/how-tos/administer-copilot/manage-for-enterprise/manage-agents/configure-enterprise-managed-settings.md index 62d4329b0c3f..4e30abb0cac2 100644 --- a/content/copilot/how-tos/administer-copilot/manage-for-enterprise/manage-agents/configure-enterprise-managed-settings.md +++ b/content/copilot/how-tos/administer-copilot/manage-for-enterprise/manage-agents/configure-enterprise-managed-settings.md @@ -21,6 +21,10 @@ These settings apply enterprise-wide, with no organization-level override. For e Managed settings are loaded locally when the client starts, even if the device has no network connection. This means controls such as disabled bypass mode and restricted plugin configuration still apply before sign in or any server round trip, and remain active when users switch accounts. +## Defining settings + +For detailed information on the available properties and syntax, see [AUTOTITLE](/copilot/reference/enterprise-managed-settings-reference). + ## Choosing a deployment method There are multiple ways to deploy enterprise managed settings. Use the following guidelines to choose the right method for you. For any method, pilot on a small device group before broad deployment. @@ -55,121 +59,6 @@ There are multiple ways to deploy enterprise managed settings. Use the following 1. Ask users to restart supported clients so the updated policy is loaded at startup. 1. Confirm the settings took effect. See [Verifying the configuration has applied](#verifying-the-configuration-has-applied). -## Consolidated schema reference - -The `{% data variables.copilot.managed_setting_file %}` file supports the following top-level properties. You can include any combination of these properties based on which settings you want to enforce. - -```json copy -{ - "extraKnownMarketplaces": { - "agent-skills": { - "source": { - "source": "github", - "repo": "OWNER/REPO" - } - } - }, - "strictKnownMarketplaces": [ - { - "source": "github", - "repo": "OWNER/REPO" - } - ], - "enabledPlugins": { - "PLUGIN-NAME@MARKETPLACE-NAME": true - }, - "permissions": { - "disableBypassPermissionsMode": "disable" - }, - "model": "auto" -} -``` - -* `extraKnownMarketplaces`: Defines additional plugin marketplaces available to users. Each entry is a named marketplace object containing a `source` property that specifies the provider (`"github"`) and the repository in `OWNER/REPO` format. -* `strictKnownMarketplaces`: Restricts plugin installation to only the marketplaces explicitly defined by the enterprise. Each entry is a marketplace object containing a `source` property. The `source` specifies the provider as either `"github"` with a `repo` in `OWNER/REPO` format, or `"git"` with a `url` pointing to a git repository. -* `enabledPlugins`: Defines plugins that are automatically installed for all enterprise users. Each entry uses the format `PLUGIN-NAME@MARKETPLACE-NAME` as the key, with a boolean value of `true` to enable the plugin. -* `permissions`: Controls whether users can bypass command approval. Set `disableBypassPermissionsMode` to `"disable"` to prevent users from turning on bypass mode. See [Disabling bypass mode for your enterprise](#disabling-bypass-mode-for-your-enterprise) further in this article for more information. -* `model`: Controls default model governance settings. Set to `"auto"` so new conversations start with Copilot auto model selection by default. Users can still switch to a different model on a per-conversation basis. - -## Configuring enterprise plugin standards - -You can apply settings to control users' available plugin marketplaces and default-installed plugins. See [AUTOTITLE](/copilot/concepts/agents/about-enterprise-plugin-standards). - -{% data reusables.copilot.create-managed-settings %} -1. Add the `extraKnownMarketplaces`, `strictKnownMarketplaces`, and `enabledPlugins` properties you need to the file. See the example and property descriptions in [Consolidated schema reference](#consolidated-schema-reference). Merge these properties into an existing file rather than overwriting it, so you don't remove settings configured for other policies, such as `permissions`. - - ```json copy - { - "extraKnownMarketplaces": { - "agent-skills": { - "source": { - "source": "github", - "repo": "OWNER/REPO" - } - } - }, - "strictKnownMarketplaces": [ - { - "source": "github", - "repo": "OWNER/REPO" - } - ], - "enabledPlugins": { - "PLUGIN-NAME@MARKETPLACE-NAME": true - } - } - ``` - -1. Commit and push your changes to the default branch of the `.github-private` repository. - -## Setting {% data variables.product.prodname_copilot_short %} auto model selection as the default - -You can set auto model selection as the default model for new conversations in {% data variables.copilot.copilot_cli_short %} and {% data variables.product.prodname_vscode_shortname %}. To learn more see [AUTOTITLE](/copilot/concepts/models/auto-model-selection). By setting it as the default for your enterprise, you ensure new conversations start with Auto model selected. - -### What setting Auto model as the default does - -When you `model` to `"auto"`, new conversations start with Auto model selected in both clients: - -* In {% data variables.copilot.copilot_cli_short %}, new sessions use Auto model unless the user specifies a different model. -* In {% data variables.product.prodname_vscode_shortname %}, the model picker defaults to Auto model when a user starts a new conversation. - -Users can still switch to a different model on a per-conversation basis. - -### Configuring the setting - -{% data reusables.copilot.create-managed-settings %} -1. Add the `model` property to the file, set to `"auto"`. - - ```json copy - { - "model": "auto" - } - ``` - -## Disabling bypass mode for your enterprise - -You can prevent users from enabling bypass mode (also known as "YOLO mode") in {% data variables.copilot.copilot_cli_short %} and {% data variables.product.prodname_vscode_shortname %}. Bypass mode lets an agent run commands, access files, and fetch URLs without asking for approval. By disabling it for your enterprise, you ensure that a person reviews each of these actions. - -### What disabling bypass mode prevents - -When you set `disableBypassPermissionsMode` to `"disable"`, users cannot turn on bypass mode in either client: - -* In {% data variables.copilot.copilot_cli_short %}, the `--yolo`, `--allow-all`, `--allow-all-tools`, `--allow-all-paths`, and `--allow-all-urls` command-line options and the `/yolo` and `/allow-all` slash commands are blocked. -* In {% data variables.product.prodname_vscode_shortname %}, the global auto-approve setting (`chat.tools.global.autoApprove`), also known as "YOLO mode," is turned off and cannot be re-enabled. - -### Configuring the setting - -{% data reusables.copilot.create-managed-settings %} -1. Add the `permissions` property to the file, with `disableBypassPermissionsMode` set to `"disable"`. If the file already has a `permissions` object (for example, from other permission settings), merge this key into it rather than replacing the object. - - ```json copy - { - "permissions": { - "disableBypassPermissionsMode": "disable" - } - } - ``` - ## Verifying the configuration has applied Once the configuration is committed, users on a supported client see the specified settings within about an hour, since clients periodically check the server for updated configuration. Restarting the client or signing in again applies the latest settings immediately. diff --git a/content/copilot/how-tos/github-copilot-app/agent-sessions.md b/content/copilot/how-tos/github-copilot-app/agent-sessions.md index 61a4bf55c60d..e631dd158188 100644 --- a/content/copilot/how-tos/github-copilot-app/agent-sessions.md +++ b/content/copilot/how-tos/github-copilot-app/agent-sessions.md @@ -47,24 +47,18 @@ Hover over the {% octicon "info" aria-label="the info icon" %} icon in the model **Quick chats** in the sidebar opens a conversation mode without creating a dedicated branch or worktree. Use it for brainstorming, asking questions, or exploring ideas before starting a session. Your chat history is saved and listed by conversation name. -## Using `/chronicle` with app sessions +## Using `/security-review` in app sessions -Because the {% data variables.copilot.github_copilot_app %} is built on {% data variables.copilot.copilot_cli %}, you can use {% data variables.copilot.copilot_cli_short %} session history features such as `/chronicle` to get insights from work you did in the app and in other {% data variables.copilot.copilot_cli_short %} sessions. +> [!NOTE] +> The `/security-review` slash command is currently in {% data variables.release-phases.public_preview %} and subject to change. -For example, you can use `/chronicle standup` to summarize recent work. For more information, see [AUTOTITLE](/copilot/how-tos/copilot-cli/use-copilot-cli/chronicle). +You can run the `/security-review` slash command in an active agent session to review your current workstream changes for high-confidence vulnerabilities. The command returns prioritized findings with severity and confidence scores, plus suggested fixes you can apply and verify in the same session. -## Using voice dictation +1. Open an active session that has in-progress code changes. +1. In the prompt box, type `/security-review` and press Enter. +1. Review the findings, then update your code changes as needed. -You can use voice dictation to speak prompts in a session instead of typing them. - -Before you can use voice dictation, you need to configure it in the app settings. - -1. Open the app settings, then select the **Voice dictation** tab. -1. Choose a keyboard shortcut. -1. Allow microphone access in your operating system settings. -1. Download a local transcription model. - -After setup, use your shortcut to start and stop voice transcription. The app inserts transcribed text into the prompt box so you can review or edit it before sending. +This lightweight, on-demand review complements {% data variables.product.github %} {% data variables.product.prodname_code_scanning %}, {% data variables.product.prodname_dependabot %}, and {% data variables.product.prodname_secret_scanning %} by giving you an initial check on your local changes before opening a pull request. ## Using the rubber duck agent @@ -82,6 +76,25 @@ You can also manually ask {% data variables.product.prodname_copilot_short %} to For more information on the rubber duck agent, see [AUTOTITLE](/copilot/concepts/agents/copilot-cli/rubber-duck). +## Using `/chronicle` with app sessions + +Because the {% data variables.copilot.github_copilot_app %} is built on {% data variables.copilot.copilot_cli %}, you can use {% data variables.copilot.copilot_cli_short %} session history features such as `/chronicle` to get insights from work you did in the app and in other {% data variables.copilot.copilot_cli_short %} sessions. + +For example, you can use `/chronicle standup` to summarize recent work. For more information, see [AUTOTITLE](/copilot/how-tos/copilot-cli/use-copilot-cli/chronicle). + +## Using voice dictation + +You can use voice dictation to speak prompts in a session instead of typing them. + +Before you can use voice dictation, you need to configure it in the app settings. + +1. Open the app settings, then select the **Voice dictation** tab. +1. Choose a keyboard shortcut. +1. Allow microphone access in your operating system settings. +1. Download a local transcription model. + +After setup, use your shortcut to start and stop voice transcription. The app inserts transcribed text into the prompt box so you can review or edit it before sending. + ## Keyboard shortcuts The {% data variables.copilot.github_copilot_app %} supports keyboard shortcuts to help you navigate sessions, switch between workspaces, and perform common actions. To see available shortcuts, open the app, go to **Help**, then **Keyboard Shortcuts**. diff --git a/content/copilot/reference/copilot-allowlist-reference.md b/content/copilot/reference/copilot-allowlist-reference.md index 312a3690ab08..7e22b8ac28b1 100644 --- a/content/copilot/reference/copilot-allowlist-reference.md +++ b/content/copilot/reference/copilot-allowlist-reference.md @@ -14,7 +14,18 @@ redirect_from: contentType: reference --- -If your company employs security measures like a firewall or proxy server, you should add the following URLs, ports, and protocols to an allowlist to ensure {% data variables.product.prodname_copilot_short %} works as expected: +If your company employs security measures like a firewall or proxy server, you should add the URLs in this article to an allowlist to ensure {% data variables.product.prodname_copilot_short %} works as expected. + +## Enable users to sign in to {% data variables.product.prodname_copilot_short %} + +Allowlisting the URLs below is **not enough on its own**. If your network blocks {% data variables.product.github %} more broadly, users won't be able to sign in to {% data variables.product.prodname_copilot_short %}, even with every URL below allowed. + +To sign in, users complete the standard {% data variables.product.github %} browser sign-in flow, which loads the {% data variables.product.github %} sign-in page. On a restricted network, this requires access to {% data variables.product.github %}'s general website domains (for example, `*.githubassets.com` and `*.githubusercontent.com`), which are not specific to {% data variables.product.prodname_copilot_short %}. + +To enable sign-in on a restricted network: + +1. Allow access to {% data variables.product.github %}'s general website domains. For more information, see [AUTOTITLE](/get-started/using-github/allowing-access-to-githubs-services-from-a-restricted-network). +1. Add the URLs in this article to your allowlist. ## {% data variables.product.github %} public URLs diff --git a/content/copilot/reference/copilot-cli-reference/cli-command-reference.md b/content/copilot/reference/copilot-cli-reference/cli-command-reference.md index 00e6ea8413a7..42add5338360 100644 --- a/content/copilot/reference/copilot-cli-reference/cli-command-reference.md +++ b/content/copilot/reference/copilot-cli-reference/cli-command-reference.md @@ -1008,6 +1008,8 @@ OTel is off by default with zero overhead. It activates when any of the followin * `OTEL_EXPORTER_OTLP_ENDPOINT` is set * `COPILOT_OTEL_FILE_EXPORTER_PATH` is set +OTel configuration can also be set in {% data variables.product.prodname_vscode_shortname %}, or in an enterprise-wide `{% data variables.copilot.managed_setting_file %}` file. See [Enable OTel monitoring](https://code.visualstudio.com/docs/agents/guides/monitoring-agents#_enable-otel-monitoring) in the {% data variables.product.prodname_vscode_shortname %} documentation and [AUTOTITLE](/copilot/reference/enterprise-managed-settings-reference). + ### OTel environment variables | Variable | Default | Description | diff --git a/content/copilot/reference/enterprise-managed-settings-reference.md b/content/copilot/reference/enterprise-managed-settings-reference.md index 8a3eb6e01506..f89f3d785694 100644 --- a/content/copilot/reference/enterprise-managed-settings-reference.md +++ b/content/copilot/reference/enterprise-managed-settings-reference.md @@ -9,24 +9,19 @@ category: - Configure Copilot --- -> [!NOTE] -> This feature is in {% data variables.release-phases.public_preview %} and subject to change. - Use this reference to understand the currently supported keys in `{% data variables.copilot.managed_setting_file %}`. For deployment methods, see [AUTOTITLE](/copilot/how-tos/administer-copilot/manage-for-enterprise/manage-agents/configure-enterprise-managed-settings#choosing-a-deployment-method). ## Precedence rules -When multiple settings sources are present, clients apply settings in this order: +When multiple settings sources are present, settings earlier in this list take precedence over settings later in the list: -1. Server-managed settings 1. MDM-managed settings +1. Server-managed settings 1. File-based settings 1. User-level settings -MDM-managed settings take precedence. If MDM-managed settings are not available, clients apply server-managed settings before file-based settings. - ## Supported keys {% rowheaders %} @@ -34,11 +29,11 @@ MDM-managed settings take precedence. If MDM-managed settings are not available, | Key | Type | Accepted values | Purpose | | --- | --- | --- | --- | | `permissions.disableBypassPermissionsMode` | `string` | `"disable"` | Disables bypass or YOLO-style allow-all behavior | -| `enabledPlugins` | `object` | Key format: `PLUGIN-NAME@MARKETPLACE-NAME`; value: `true` | Enables specific plugins by key | -| `extraKnownMarketplaces` | `object` | Named marketplace object with `source.source` (`"github"`) and `source.repo` (`OWNER/REPO`) | Adds plugin marketplaces that users can access | -| `strictKnownMarketplaces` | `array` | Array of marketplace objects with `source` values (`"github"` with `repo`, or `"git"` with `url`) | Restricts plugin installation to explicitly listed marketplaces | -| `model` | `object` | `default` set to a supported model name | Defines default model governance settings | -| `telemetry` | `object` | `enabled` (`boolean`), `endpoint` (`string`), `protocol` (`"otlp-http"` or `"otlp-grpc"`), `captureContent` (`boolean`), `lockCaptureContent` (`boolean`), `serviceName` (`string`), `resourceAttributes` (`object`), `headers` (`object`) | Configures OpenTelemetry export for {% data variables.product.prodname_vscode_shortname %} | +| `permissions.model` | `string` | `"auto"` | Sets auto model selection as the default for new conversations| +| `enabledPlugins` | `object` | Key format: `PLUGIN-NAME@MARKETPLACE-NAME`; value: `true` (enable) or `false` (disable) | Enables or disables specific plugins by key | +| `extraKnownMarketplaces` | `object` | Named marketplace objects; supported source types: `"github"`, `"git"`, `"directory"` | Adds plugin marketplaces that users can access | +| `strictKnownMarketplaces` | `array` | Array of marketplace objects; supported source types: `"github"`, `"git"`, `"url"`, `"npm"`, `"file"`, `"directory"`, `"hostPattern"`, `"pathPattern"` | Restricts plugin installation to explicitly listed marketplaces | +| `telemetry` | `object` | `enabled` (`boolean`), `endpoint` (`string`), `protocol` (`"http/json"` or `"http/protobuf"`), `captureContent` (`boolean`), `lockCaptureContent` (`boolean`), `serviceName` (`string`), `resourceAttributes` (`object`), `headers` (`object`) | Configures OpenTelemetry export for {% data variables.product.prodname_vscode_shortname %} | {% endrowheaders %} @@ -49,7 +44,8 @@ The following example shows these keys in one managed settings file. ```json { "permissions": { - "disableBypassPermissionsMode": "disable" + "disableBypassPermissionsMode": "disable", + "model": "auto" }, "enabledPlugins": { "my-plugin@agent-skills": true @@ -68,13 +64,10 @@ The following example shows these keys in one managed settings file. "repo": "OWNER/REPO" } ], - "model": { - "default": "MODEL-NAME" - }, "telemetry": { "enabled": true, "endpoint": "https://otel-collector.example.com", - "protocol": "otlp-http", + "protocol": "http/protobuf", "captureContent": false, "lockCaptureContent": true, "serviceName": "copilot", @@ -87,3 +80,62 @@ The following example shows these keys in one managed settings file. } } ``` + +## `enabledPlugins` + +Defines plugins that are automatically installed or blocked for all enterprise users. Each entry uses the format `PLUGIN-NAME@MARKETPLACE-NAME` as the key, with a boolean value: `true` to require the plugin to be enabled, or `false` to require it to be disabled. See [AUTOTITLE](/copilot/concepts/agents/about-enterprise-plugin-standards). + +## `extraKnownMarketplaces` + +Defines additional plugin marketplaces available to users. Each entry is a named marketplace object containing a `source` property. The following source types are supported: + +* `"github"` — requires `repo` in `OWNER/REPO` format; optional `ref` (branch, tag, or SHA) and `path` (subdirectory) +* `"git"` — requires `url`; optional `ref` and `path` +* `"directory"` — requires `path` + +See [AUTOTITLE](/copilot/concepts/agents/about-enterprise-plugin-standards). + +## `strictKnownMarketplaces` + +Restricts plugin installation to only the marketplaces explicitly defined by the enterprise. An empty array means complete lockdown. Each entry is a marketplace object with a `source` property indicating the source type. The following source types are supported: + +* `"github"` — requires `repo` in `OWNER/REPO` format; optional `ref` and `path` +* `"git"` — requires `url`; optional `ref` and `path` +* `"url"` — requires `url`; optional `headers` object +* `"npm"` — requires `package` +* `"file"` — requires `path` +* `"directory"` — requires `path` +* `"hostPattern"` — requires `hostPattern` (regex matching marketplace hosts) +* `"pathPattern"` — requires `pathPattern` (regex matching marketplace paths) + +## `permissions` + +### `disableBypassPermissionsMode` + +Prevents users from enabling bypass mode (also known as "YOLO mode") in {% data variables.copilot.copilot_cli_short %} and {% data variables.product.prodname_vscode_shortname %}. Bypass mode lets an agent run commands, access files, and fetch URLs without asking for approval. + +When you set `disableBypassPermissionsMode` to `"disable"`, users cannot turn on bypass mode in either client: + +* In {% data variables.copilot.copilot_cli_short %}, the `--yolo` and `--allow-all` command-line options and the `/yolo` and `/allow-all` slash commands are blocked. Individual flags such as `--allow-all-tools` and `--allow-all-paths` are not blocked. +* In {% data variables.product.prodname_vscode_shortname %}, the global auto-approve setting (`chat.tools.global.autoApprove`), also known as "YOLO mode," is turned off and cannot be re-enabled. + +### `model` + +Sets auto model selection as the default for new conversations in {% data variables.copilot.copilot_cli_short %}. See [AUTOTITLE](/copilot/concepts/models/auto-model-selection). + +When you set `permissions.model` to `"auto"`, new sessions use Auto model unless the user specifies a different model on a per-conversation basis. + +## `telemetry` + +Configures OpenTelemetry export, routing {% data variables.product.prodname_copilot_short %} usage data to a collector of your choice. + +When you set the `telemetry` property, {% data variables.product.prodname_copilot_short %} telemetry is sent to the endpoint you specify. The following sub-properties are supported: + +* `enabled`: Set to `true` to turn on telemetry export, or `false` to turn it off. +* `endpoint`: The URL of your OTLP collector (for example, `https://otel-collector.example.com`). +* `protocol`: The transport protocol for telemetry export. Accepted values are `"http/json"` and `"http/protobuf"`. +* `captureContent`: Set to `true` to include prompt and response content in the telemetry payload, or `false` to exclude it. +* `lockCaptureContent`: Set to `true` to prevent users from changing the `captureContent` setting. +* `serviceName`: A label for the telemetry service name (for example, `"copilot"`). +* `resourceAttributes`: An object of OpenTelemetry resource attributes to attach to all exported telemetry (for example, `{"deployment.environment": "production"}`). +* `headers`: An object of HTTP headers to include with each telemetry request (for example, an `Authorization` header for your collector). diff --git a/content/enterprise-onboarding/github-apps/install-enterprise-apps.md b/content/enterprise-onboarding/github-apps/install-enterprise-apps.md index 1e6cf760e788..ef266ea27245 100644 --- a/content/enterprise-onboarding/github-apps/install-enterprise-apps.md +++ b/content/enterprise-onboarding/github-apps/install-enterprise-apps.md @@ -10,7 +10,3 @@ docsTeamMetrics: --- {% data reusables.enterprise-onboarding.install-enterprise-apps %} - -## Next steps - -Now that you're automating processes with {% data variables.product.prodname_github_apps %}, learn about {% data variables.contact.github_support %} so you can get help when you need it. See [AUTOTITLE](/enterprise-onboarding/support-for-your-enterprise/understanding-support). diff --git a/content/enterprise-onboarding/govern-people-and-repositories/about-enterprise-security.md b/content/enterprise-onboarding/govern-people-and-repositories/about-enterprise-security.md deleted file mode 100644 index f8540c2c9a86..000000000000 --- a/content/enterprise-onboarding/govern-people-and-repositories/about-enterprise-security.md +++ /dev/null @@ -1,24 +0,0 @@ ---- -title: About enterprise security -shortTitle: Security features -intro: Discover the security features available to your enterprise. -versions: - ghec: '*' -allowTitleToDifferFromFilename: true -redirect_from: - - /enterprise-onboarding/feature-enhancements/about-code-security-for-your-enterprise - - /enterprise-onboarding/feature-enhancements/about-enterprise-security -contentType: concepts -docsTeamMetrics: - - enterprise-onboarding ---- - -{% data variables.product.prodname_dotcom %} has many features that help you improve and maintain the quality of your code. Some of these are included in all plans, such as dependency graph and {% data variables.product.prodname_dependabot_alerts %}. Other security features require an {% data variables.product.prodname_AS %} license to run on repositories apart from public repositories on {% data variables.product.prodname_dotcom_the_website %}. - -To learn about the security features available to your enterprise, see [AUTOTITLE](/code-security). - -To learn about the extra security features available with an {% data variables.product.prodname_AS %} license, see [AUTOTITLE](/get-started/learning-about-github/about-github-advanced-security). - -## Next steps - -Now that you've set up effective governance for your enterprise's users and resources, learn how to automate processes securely with apps. See [AUTOTITLE](/enterprise-onboarding/github-apps/create-enterprise-apps). diff --git a/content/enterprise-onboarding/govern-people-and-repositories/index.md b/content/enterprise-onboarding/govern-people-and-repositories/index.md index 262902a4a014..ea8c8ec6661b 100644 --- a/content/enterprise-onboarding/govern-people-and-repositories/index.md +++ b/content/enterprise-onboarding/govern-people-and-repositories/index.md @@ -10,7 +10,6 @@ children: - /create-repository-policies - /protect-branches - /using-the-audit-log-for-your-enterprise - - /about-enterprise-security contentType: concepts docsTeamMetrics: - enterprise-onboarding diff --git a/content/enterprise-onboarding/govern-people-and-repositories/using-the-audit-log-for-your-enterprise.md b/content/enterprise-onboarding/govern-people-and-repositories/using-the-audit-log-for-your-enterprise.md index f797ace84ae0..624e857eb724 100644 --- a/content/enterprise-onboarding/govern-people-and-repositories/using-the-audit-log-for-your-enterprise.md +++ b/content/enterprise-onboarding/govern-people-and-repositories/using-the-audit-log-for-your-enterprise.md @@ -12,7 +12,3 @@ docsTeamMetrics: --- {% data reusables.enterprise-onboarding.about-audit-logs %} - -## Next steps - -Learn about {% data variables.product.github %}'s features for further hardening security in your enterprise. See [AUTOTITLE](/enterprise-onboarding/govern-people-and-repositories/about-enterprise-security). diff --git a/content/enterprise-onboarding/index.md b/content/enterprise-onboarding/index.md index bf1acfc82c70..0c17233ff213 100644 --- a/content/enterprise-onboarding/index.md +++ b/content/enterprise-onboarding/index.md @@ -34,7 +34,6 @@ journeyTracks: - href: '/enterprise-onboarding/govern-people-and-repositories/create-repository-policies' - href: '/enterprise-onboarding/govern-people-and-repositories/protect-branches' - href: '/enterprise-onboarding/govern-people-and-repositories/using-the-audit-log-for-your-enterprise' - - href: '/enterprise-onboarding/govern-people-and-repositories/about-enterprise-security' - id: 'github_apps' title: 'Automating processes with GitHub Apps' description: 'Create and install apps to automate processes securely in your enterprise and organizations.' @@ -42,13 +41,6 @@ journeyTracks: - href: '/enterprise-onboarding/github-apps/automations-in-your-enterprise' - href: '/enterprise-onboarding/github-apps/create-enterprise-apps' - href: '/enterprise-onboarding/github-apps/install-enterprise-apps' - - id: 'support_for_your_enterprise' - title: 'Creating a support model for your enterprise' - description: 'Find out how to get help and choose who will be able to contact {% data variables.contact.github_support %}.' - guides: - - href: '/enterprise-onboarding/support-for-your-enterprise/understanding-support' - - href: '/enterprise-onboarding/support-for-your-enterprise/using-the-support-portal' - - href: '/enterprise-onboarding/support-for-your-enterprise/managing-support-entitlements' versions: ghec: '*' children: @@ -56,7 +48,6 @@ children: - /setting-up-organizations-and-teams - /govern-people-and-repositories - /github-apps - - /support-for-your-enterprise redirect_from: - /enterprise-onboarding/feature-enhancements docsTeamMetrics: diff --git a/content/enterprise-onboarding/support-for-your-enterprise/index.md b/content/enterprise-onboarding/support-for-your-enterprise/index.md deleted file mode 100644 index 9d66156b07f4..000000000000 --- a/content/enterprise-onboarding/support-for-your-enterprise/index.md +++ /dev/null @@ -1,14 +0,0 @@ ---- -title: Creating a support model for your enterprise -intro: 'Discover {% data variables.product.github %} support and set up a support model for your enterprise.' -allowTitleToDifferFromFilename: true -versions: - ghec: '*' -shortTitle: Create a support model -children: - - /understanding-support - - /using-the-support-portal - - /managing-support-entitlements -docsTeamMetrics: - - enterprise-onboarding ---- diff --git a/content/enterprise-onboarding/support-for-your-enterprise/managing-support-entitlements.md b/content/enterprise-onboarding/support-for-your-enterprise/managing-support-entitlements.md deleted file mode 100644 index 572ac392848d..000000000000 --- a/content/enterprise-onboarding/support-for-your-enterprise/managing-support-entitlements.md +++ /dev/null @@ -1,37 +0,0 @@ ---- -title: Managing support entitlements -intro: Manage support entitlements for your enterprise. -versions: - ghec: '*' -allowTitleToDifferFromFilename: true -shortTitle: Manage support entitlements -contentType: how-tos -docsTeamMetrics: - - enterprise-onboarding ---- - -## About support entitlements - -People with support entitlements for your enterprise account can use the support portal to open, view, and comment on support tickets associated with the enterprise account. - -Enterprise owners and billing managers automatically have a support entitlement. Enterprise owners can add support entitlements to a limited number of enterprise members. -* **{% data variables.product.premium_support_plan %}:** Up to 20 members -* **{% data variables.product.premium_plus_support_plan %} / {% data variables.product.microsoft_premium_plus_support_plan %}:** Up to 40 members - -## Adding support entitlements - -To add a support entitlement to a user, the user must already be a member of an organization that is owned by your enterprise. - ->[!NOTE] After you add a support entitlement, the enterprise member may need to sign out from {% data variables.contact.contact_landing_page_portal %}, then sign in again, before they can manage tickets. - -{% data reusables.enterprise-accounts.access-enterprise %} -{% data reusables.enterprise-accounts.settings-tab %} -1. Under "Settings", click **Support**. -1. In the search bar, start typing the name or username of the person you want to give a support entitlement. Click their name in the list of matches. -1. Click **Add support entitlement**. - -## Removing entitlements - -You can manually remove support entitlements for enterprise members provided they are not enterprise owners or billing managers. - -To learn how to remove support entitlements, see [Removing a support entitlement from an enterprise member](/enterprise-cloud@latest/admin/managing-accounts-and-repositories/managing-users-in-your-enterprise/managing-support-entitlements-for-your-enterprise#removing-a-support-entitlement-from-an-enterprise-member). diff --git a/content/enterprise-onboarding/support-for-your-enterprise/understanding-support.md b/content/enterprise-onboarding/support-for-your-enterprise/understanding-support.md deleted file mode 100644 index 5dddad7265e7..000000000000 --- a/content/enterprise-onboarding/support-for-your-enterprise/understanding-support.md +++ /dev/null @@ -1,47 +0,0 @@ ---- -title: Understanding enterprise support -shortTitle: Understand enterprise support -intro: Explore the various {% data variables.contact.github_support %} offerings available to you. -versions: - ghec: '*' -allowTitleToDifferFromFilename: true -contentType: concepts -docsTeamMetrics: - - enterprise-onboarding ---- - -## About {% data variables.contact.github_support %} - -Standard {% data variables.contact.github_support %} is provided as part of your {% data variables.product.prodname_enterprise %} subscription and offers a comprehensive set of support and management features tailored for large businesses and teams. See [AUTOTITLE](/support/learning-about-github-support/about-github-support). - -{% data variables.product.prodname_enterprise %} customers can also purchase {% data variables.contact.premium_support %}. - -### About {% data variables.contact.premium_support %} - -{% data variables.contact.premium_support %} is a **paid**, supplemental support offering that is ideal for organizations requiring higher priority support, faster response times, dedicated account management, and 24/7 comprehensive support. In addition to all of the benefits of standard {% data variables.contact.enterprise_support %}, {% data variables.contact.premium_support %} offers: - -* 24/7 availability: Ensures that support is available at any time, day or night, including holidays, which is crucial for organizations operating globally or with mission-critical applications. - -* Faster response and resolution times: Accelerated response times for support requests mean that critical issues are addressed and resolved more quickly, minimizing downtime and disruption. - -* Escalation management: Dedicated escalation management ensures that complex issues are addressed promptly and efficiently, with a clear path for escalating critical incidents. - -* Early access to new features: Participation in {% data variables.release-phases.preview %} programs and early access to new features allows you to stay ahead of the curve with the latest {% data variables.product.github %} innovations. - -There are two support plans available with {% data variables.contact.premium_support %}: - -* **{% data variables.product.premium_support_plan %}**: Includes priority ticket handling, access to premium content, and more. - -* **{% data variables.product.premium_plus_support_plan %}/{% data variables.product.microsoft_premium_plus_support_plan %}**: Includes all Premium Plan benefits plus additional features such as named Customer Reliability Engineer (CRE), quarterly enhanced health checks, technical advisory hours, and application upgrade assistance. - -For detailed information about {% data variables.contact.premium_support %} and the two support plans, see [AUTOTITLE](/support/learning-about-github-support/about-github-premium-support). - -## Contacting {% data variables.contact.github_support %} - -To contact {% data variables.contact.github_support %}, visit the {% data variables.contact.contact_landing_page_portal %}. For more information, see [AUTOTITLE](/support/contacting-github-support/creating-a-support-ticket). - -Anyone can use the {% data variables.contact.contact_landing_page_portal %} to view and manage support tickets about {% data variables.product.prodname_dotcom %}, but there are special steps to follow before using the {% data variables.contact.contact_landing_page_portal %} to create tickets about an enterprise account. See [AUTOTITLE](/support/contacting-github-support/getting-your-enterprise-started-with-the-github-support-portal). - -## Next steps - -Next, learn how to get started with the support portal. See [AUTOTITLE](/enterprise-onboarding/support-for-your-enterprise/using-the-support-portal). diff --git a/content/enterprise-onboarding/support-for-your-enterprise/using-the-support-portal.md b/content/enterprise-onboarding/support-for-your-enterprise/using-the-support-portal.md deleted file mode 100644 index 61278e74cea0..000000000000 --- a/content/enterprise-onboarding/support-for-your-enterprise/using-the-support-portal.md +++ /dev/null @@ -1,29 +0,0 @@ ---- -title: Using the support portal -shortTitle: Support portal -intro: Access the support portal for your enterprise. -allowTitleToDifferFromFilename: true -versions: - ghec: '*' -contentType: how-tos -docsTeamMetrics: - - enterprise-onboarding ---- - -## About the {% data variables.contact.enterprise_portal %} for enterprises - -Anyone can use the {% data variables.contact.contact_landing_page_portal %} to view and manage support tickets about {% data variables.product.prodname_dotcom %}, but there are special steps to follow before using the {% data variables.contact.contact_landing_page_portal %} to create tickets about an enterprise account. - -The {% data variables.contact.enterprise_portal %} offers single sign-on (SSO) connected to your {% data variables.product.prodname_dotcom %} account. - -## Getting started with the {% data variables.contact.enterprise_portal %} - -Before you start creating tickets associated with your enterprise account on {% data variables.product.prodname_dotcom_the_website %}, we recommend completing the following steps. - -1. Identify the user on {% data variables.product.prodname_dotcom_the_website %} who is an owner of your enterprise account. -1. Configure a verified domain. For more information, see [AUTOTITLE](/enterprise-cloud@latest/admin/configuring-settings/configuring-user-applications-for-your-enterprise/verifying-or-approving-a-domain-for-your-enterprise). -1. Add owners, billing managers, or support-entitled members to your enterprise account. For more information, see [AUTOTITLE](/enterprise-cloud@latest/admin/managing-accounts-and-repositories/managing-users-in-your-enterprise/inviting-people-to-manage-your-enterprise) and [AUTOTITLE](/enterprise-cloud@latest/admin/managing-accounts-and-repositories/managing-users-in-your-enterprise/managing-support-entitlements-for-your-enterprise). - -## Next steps - -Next, learn how to manage support entitlements for your enterprise. See [AUTOTITLE](/enterprise-onboarding/support-for-your-enterprise/managing-support-entitlements). diff --git a/content/support/contacting-github-support/getting-your-enterprise-started-with-the-github-support-portal.md b/content/support/contacting-github-support/getting-your-enterprise-started-with-the-github-support-portal.md index 0893a42af896..55631a233235 100644 --- a/content/support/contacting-github-support/getting-your-enterprise-started-with-the-github-support-portal.md +++ b/content/support/contacting-github-support/getting-your-enterprise-started-with-the-github-support-portal.md @@ -7,6 +7,7 @@ versions: ghes: '*' redirect_from: - /support/contacting-github-support/getting-started-with-the-github-support-portal + - /enterprise-onboarding/support-for-your-enterprise/using-the-support-portal category: - Contact GitHub --- diff --git a/content/support/index.md b/content/support/index.md index 6975849a269b..759333fd3bcc 100644 --- a/content/support/index.md +++ b/content/support/index.md @@ -13,6 +13,7 @@ redirect_from: - /categories/working-with-github-support - /forum - /github/working-with-github-support + - /enterprise-onboarding/support-for-your-enterprise children: - learning-about-github-support - contacting-github-support diff --git a/content/support/learning-about-github-support/about-github-support.md b/content/support/learning-about-github-support/about-github-support.md index 946dbee6e9d5..b930645167c6 100644 --- a/content/support/learning-about-github-support/about-github-support.md +++ b/content/support/learning-about-github-support/about-github-support.md @@ -18,6 +18,7 @@ redirect_from: - /articles/github-business-cloud-support - /admin/enterprise-support/about-support-for-advanced-security - /enterprise-server/admin/enterprise-support/about-support-for-advanced-security + - /enterprise-onboarding/support-for-your-enterprise/understanding-support category: - Understand your support options --- diff --git a/src/audit-logs/data/fpt/organization.json b/src/audit-logs/data/fpt/organization.json index ac65d0a9d043..f14ceed58ce6 100644 --- a/src/audit-logs/data/fpt/organization.json +++ b/src/audit-logs/data/fpt/organization.json @@ -2146,7 +2146,8 @@ "created_at", "operation_type", "owner", - "owner_type" + "owner_type", + "user_programmatic_access_name" ] }, { diff --git a/src/audit-logs/data/fpt/user.json b/src/audit-logs/data/fpt/user.json index 1bba85b515f9..dc05e832c4dd 100644 --- a/src/audit-logs/data/fpt/user.json +++ b/src/audit-logs/data/fpt/user.json @@ -1904,7 +1904,8 @@ "created_at", "operation_type", "owner", - "owner_type" + "owner_type", + "user_programmatic_access_name" ] }, { diff --git a/src/audit-logs/data/ghec/enterprise.json b/src/audit-logs/data/ghec/enterprise.json index d6dc907de4f4..9072fe303928 100644 --- a/src/audit-logs/data/ghec/enterprise.json +++ b/src/audit-logs/data/ghec/enterprise.json @@ -7419,7 +7419,8 @@ "created_at", "operation_type", "owner", - "owner_type" + "owner_type", + "user_programmatic_access_name" ] }, { diff --git a/src/audit-logs/data/ghec/organization.json b/src/audit-logs/data/ghec/organization.json index ac65d0a9d043..f14ceed58ce6 100644 --- a/src/audit-logs/data/ghec/organization.json +++ b/src/audit-logs/data/ghec/organization.json @@ -2146,7 +2146,8 @@ "created_at", "operation_type", "owner", - "owner_type" + "owner_type", + "user_programmatic_access_name" ] }, { diff --git a/src/audit-logs/data/ghec/user.json b/src/audit-logs/data/ghec/user.json index 1bba85b515f9..dc05e832c4dd 100644 --- a/src/audit-logs/data/ghec/user.json +++ b/src/audit-logs/data/ghec/user.json @@ -1904,7 +1904,8 @@ "created_at", "operation_type", "owner", - "owner_type" + "owner_type", + "user_programmatic_access_name" ] }, { diff --git a/src/audit-logs/data/ghes-3.17/enterprise.json b/src/audit-logs/data/ghes-3.17/enterprise.json index c03074ec4e97..fae7b7c6ff3c 100644 --- a/src/audit-logs/data/ghes-3.17/enterprise.json +++ b/src/audit-logs/data/ghes-3.17/enterprise.json @@ -3986,7 +3986,8 @@ "created_at", "operation_type", "owner", - "owner_type" + "owner_type", + "user_programmatic_access_name" ] }, { diff --git a/src/audit-logs/data/ghes-3.17/organization.json b/src/audit-logs/data/ghes-3.17/organization.json index 9795df9b6480..6f96203aa9a7 100644 --- a/src/audit-logs/data/ghes-3.17/organization.json +++ b/src/audit-logs/data/ghes-3.17/organization.json @@ -1735,7 +1735,8 @@ "created_at", "operation_type", "owner", - "owner_type" + "owner_type", + "user_programmatic_access_name" ] }, { diff --git a/src/audit-logs/data/ghes-3.17/user.json b/src/audit-logs/data/ghes-3.17/user.json index 8b861fd9be45..1a4923449495 100644 --- a/src/audit-logs/data/ghes-3.17/user.json +++ b/src/audit-logs/data/ghes-3.17/user.json @@ -1348,7 +1348,8 @@ "created_at", "operation_type", "owner", - "owner_type" + "owner_type", + "user_programmatic_access_name" ] }, { diff --git a/src/audit-logs/data/ghes-3.18/enterprise.json b/src/audit-logs/data/ghes-3.18/enterprise.json index e1a701853ede..6da3334a64b7 100644 --- a/src/audit-logs/data/ghes-3.18/enterprise.json +++ b/src/audit-logs/data/ghes-3.18/enterprise.json @@ -3986,7 +3986,8 @@ "created_at", "operation_type", "owner", - "owner_type" + "owner_type", + "user_programmatic_access_name" ] }, { diff --git a/src/audit-logs/data/ghes-3.18/organization.json b/src/audit-logs/data/ghes-3.18/organization.json index 054372867217..85be6f23cfcf 100644 --- a/src/audit-logs/data/ghes-3.18/organization.json +++ b/src/audit-logs/data/ghes-3.18/organization.json @@ -1735,7 +1735,8 @@ "created_at", "operation_type", "owner", - "owner_type" + "owner_type", + "user_programmatic_access_name" ] }, { diff --git a/src/audit-logs/data/ghes-3.18/user.json b/src/audit-logs/data/ghes-3.18/user.json index 71a13b7f6bf7..e3d4a23fdb66 100644 --- a/src/audit-logs/data/ghes-3.18/user.json +++ b/src/audit-logs/data/ghes-3.18/user.json @@ -1348,7 +1348,8 @@ "created_at", "operation_type", "owner", - "owner_type" + "owner_type", + "user_programmatic_access_name" ] }, { diff --git a/src/audit-logs/data/ghes-3.19/enterprise.json b/src/audit-logs/data/ghes-3.19/enterprise.json index 4dbc22e44120..14d9cc595682 100644 --- a/src/audit-logs/data/ghes-3.19/enterprise.json +++ b/src/audit-logs/data/ghes-3.19/enterprise.json @@ -4326,7 +4326,8 @@ "created_at", "operation_type", "owner", - "owner_type" + "owner_type", + "user_programmatic_access_name" ] }, { diff --git a/src/audit-logs/data/ghes-3.19/organization.json b/src/audit-logs/data/ghes-3.19/organization.json index c3e06f607c64..3d6bd65a2a4a 100644 --- a/src/audit-logs/data/ghes-3.19/organization.json +++ b/src/audit-logs/data/ghes-3.19/organization.json @@ -1941,7 +1941,8 @@ "created_at", "operation_type", "owner", - "owner_type" + "owner_type", + "user_programmatic_access_name" ] }, { diff --git a/src/audit-logs/data/ghes-3.19/user.json b/src/audit-logs/data/ghes-3.19/user.json index 21659962a97e..2a5930619dd7 100644 --- a/src/audit-logs/data/ghes-3.19/user.json +++ b/src/audit-logs/data/ghes-3.19/user.json @@ -1623,7 +1623,8 @@ "created_at", "operation_type", "owner", - "owner_type" + "owner_type", + "user_programmatic_access_name" ] }, { diff --git a/src/audit-logs/data/ghes-3.20/enterprise.json b/src/audit-logs/data/ghes-3.20/enterprise.json index e9bfd88e295d..964a01100582 100644 --- a/src/audit-logs/data/ghes-3.20/enterprise.json +++ b/src/audit-logs/data/ghes-3.20/enterprise.json @@ -4359,7 +4359,8 @@ "created_at", "operation_type", "owner", - "owner_type" + "owner_type", + "user_programmatic_access_name" ] }, { diff --git a/src/audit-logs/data/ghes-3.20/organization.json b/src/audit-logs/data/ghes-3.20/organization.json index 38b2920abb0b..fbd37a44e96b 100644 --- a/src/audit-logs/data/ghes-3.20/organization.json +++ b/src/audit-logs/data/ghes-3.20/organization.json @@ -1974,7 +1974,8 @@ "created_at", "operation_type", "owner", - "owner_type" + "owner_type", + "user_programmatic_access_name" ] }, { diff --git a/src/audit-logs/data/ghes-3.20/user.json b/src/audit-logs/data/ghes-3.20/user.json index a45d97d5771c..1f696b1846d4 100644 --- a/src/audit-logs/data/ghes-3.20/user.json +++ b/src/audit-logs/data/ghes-3.20/user.json @@ -1656,7 +1656,8 @@ "created_at", "operation_type", "owner", - "owner_type" + "owner_type", + "user_programmatic_access_name" ] }, { diff --git a/src/audit-logs/data/ghes-3.21/enterprise.json b/src/audit-logs/data/ghes-3.21/enterprise.json index 0ebd1eaf4b41..f343d9eca277 100644 --- a/src/audit-logs/data/ghes-3.21/enterprise.json +++ b/src/audit-logs/data/ghes-3.21/enterprise.json @@ -4778,7 +4778,8 @@ "created_at", "operation_type", "owner", - "owner_type" + "owner_type", + "user_programmatic_access_name" ] }, { diff --git a/src/audit-logs/data/ghes-3.21/organization.json b/src/audit-logs/data/ghes-3.21/organization.json index a827a9671766..3900d9784f49 100644 --- a/src/audit-logs/data/ghes-3.21/organization.json +++ b/src/audit-logs/data/ghes-3.21/organization.json @@ -2146,7 +2146,8 @@ "created_at", "operation_type", "owner", - "owner_type" + "owner_type", + "user_programmatic_access_name" ] }, { diff --git a/src/audit-logs/data/ghes-3.21/user.json b/src/audit-logs/data/ghes-3.21/user.json index 5cab9db5e9ef..6042997e05e7 100644 --- a/src/audit-logs/data/ghes-3.21/user.json +++ b/src/audit-logs/data/ghes-3.21/user.json @@ -1904,7 +1904,8 @@ "created_at", "operation_type", "owner", - "owner_type" + "owner_type", + "user_programmatic_access_name" ] }, { diff --git a/src/audit-logs/data/shared/entries.json b/src/audit-logs/data/shared/entries.json index 0b40888e37e6..b05448984a2f 100644 --- a/src/audit-logs/data/shared/entries.json +++ b/src/audit-logs/data/shared/entries.json @@ -1 +1 @@ -[{"action":"account.billing_date_change","description":"N/A","docs_reference_links":"N/A","fieldsIndex":0},{"action":"account.plan_change","description":"The account's plan changed.","docs_reference_links":"/billing/managing-the-plan-for-your-github-account/about-billing-for-plans","docs_reference_titles":"How GitHub billing works","fieldsIndex":1},{"action":"actions_cache.delete","description":"A GitHub Actions cache was deleted using the REST API.","docs_reference_links":"N/A","fieldsIndex":2},{"action":"advisory_credit.accept","description":"Credit was accepted for a security advisory.","docs_reference_links":"/code-security/security-advisories/working-with-repository-security-advisories/editing-a-repository-security-advisory","docs_reference_titles":"Editing a repository security advisory","fieldsIndex":3},{"action":"advisory_credit.create","description":"Someone was added to the credit section of a security advisory.","docs_reference_links":"N/A","fieldsIndex":4},{"action":"advisory_credit.decline","description":"Credit was declined for a security advisory.","docs_reference_links":"N/A","fieldsIndex":5},{"action":"advisory_credit.destroy","description":"Someone was removed from the credit section of a security advisory.","docs_reference_links":"N/A","fieldsIndex":6},{"action":"artifact.destroy","description":"A workflow run artifact was manually deleted.","docs_reference_links":"N/A","fieldsIndex":7},{"action":"auto_approve_personal_access_token_requests.disable","description":"Triggered when the organization must approve fine-grained personal access tokens before the tokens can access organization resources. See also: personal_access_token.auto_approve_grant_requests_disabled","docs_reference_links":"/organizations/managing-programmatic-access-to-your-organization/setting-a-personal-access-token-policy-for-your-organization","docs_reference_titles":"/organizations/managing-programmatic-access-to-your-organization/setting-a-personal-access-token-policy-for-your-organization","fieldsIndex":0},{"action":"auto_approve_personal_access_token_requests.enable","description":"Triggered when fine-grained personal access tokens can access organization resources without prior approval. See also: personal_access_token.auto_approve_grant_requests_enabled","docs_reference_links":"/organizations/managing-programmatic-access-to-your-organization/setting-a-personal-access-token-policy-for-your-organization","docs_reference_titles":"/organizations/managing-programmatic-access-to-your-organization/setting-a-personal-access-token-policy-for-your-organization","fieldsIndex":0},{"action":"billing.budget_create","description":"A billing budget was created for a business or organization. Includes details about the budget limit, alerting preferences, and recipients.","docs_reference_links":"N/A","fieldsIndex":8},{"action":"billing.budget_delete","description":"A billing budget was deleted for a business or organization. Includes details about the removed budget and any alerting settings.","docs_reference_links":"N/A","fieldsIndex":9},{"action":"billing.budget_update","description":"A billing budget was updated for a business or organization. Includes details about the updated limit and alerting settings.","docs_reference_links":"N/A","fieldsIndex":10},{"action":"billing.change_billing_type","description":"The way the account pays for GitHub was changed.","docs_reference_links":"/billing/managing-your-github-billing-settings/adding-or-editing-a-payment-method","docs_reference_titles":"Managing your payment and billing information","fieldsIndex":11},{"action":"billing.change_email","description":"The billing email address changed.","docs_reference_links":"/billing/managing-your-github-billing-settings/setting-your-billing-email","docs_reference_titles":"Managing your payment and billing information","fieldsIndex":12},{"action":"billing.cost_center_create","description":"A cost center was created for a business or organization.","docs_reference_links":"N/A","fieldsIndex":13},{"action":"billing.cost_center_delete","description":"A cost center was deleted from a business or organization.","docs_reference_links":"N/A","fieldsIndex":13},{"action":"billing.cost_center_resource_added","description":"A resource was added to a cost center for a business or organization.","docs_reference_links":"N/A","fieldsIndex":14},{"action":"billing.cost_center_resource_removed","description":"A resource was removed from a cost center for a business or organization.","docs_reference_links":"N/A","fieldsIndex":14},{"action":"billing.cost_center_update","description":"A cost center was updated for a business or organization.","docs_reference_links":"N/A","fieldsIndex":13},{"action":"billing_customer.azure_subscription_linked","description":"Azure subscription has been linked on this account.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"billing_customer.azure_subscription_unlinked","description":"Azure subscription has been unlinked on this account.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"billing.lock","description":"N/A","docs_reference_links":"N/A","fieldsIndex":1},{"action":"billing.overage_policy_updated","description":"The premium request paid usage policy for your GitHub account was changed.","docs_reference_links":"/copilot/how-tos/manage-and-track-spending/manage-request-allowances#setting-a-policy-for-paid-usage","docs_reference_titles":"Optimizing your budget configuration","fieldsIndex":15},{"action":"billing.unlock","description":"N/A","docs_reference_links":"N/A","fieldsIndex":16},{"action":"checks.auto_trigger_disabled","description":"Automatic creation of check suites was disabled on a repository in the organization or enterprise.","docs_reference_links":"/rest/checks#update-repository-preferences-for-check-suites","docs_reference_titles":"/rest/checks#update-repository-preferences-for-check-suites","fieldsIndex":17},{"action":"checks.auto_trigger_enabled","description":"Automatic creation of check suites was enabled on a repository in the organization or enterprise.","docs_reference_links":"/rest/checks#update-repository-preferences-for-check-suites","docs_reference_titles":"/rest/checks#update-repository-preferences-for-check-suites","fieldsIndex":17},{"action":"checks.delete_logs","description":"Logs in a check suite were deleted.","docs_reference_links":"N/A","fieldsIndex":18},{"action":"code_scanning.alert_appeared_in_branch","description":"Existing code scanning alerts appeared in a branch.","docs_reference_links":"/code-security/code-scanning/introduction-to-code-scanning/about-code-scanning","docs_reference_titles":"Code scanning","fieldsIndex":19},{"action":"code_scanning.alert_closed_became_fixed","description":"Code scanning alerts were fixed.","docs_reference_links":"/code-security/code-scanning/introduction-to-code-scanning/about-code-scanning","docs_reference_titles":"Code scanning","fieldsIndex":19},{"action":"code_scanning.alert_closed_became_outdated","description":"Code scanning alerts were closed as outdated (all configurations they were detected in were deleted).","docs_reference_links":"/code-security/code-scanning/introduction-to-code-scanning/about-code-scanning","docs_reference_titles":"Code scanning","fieldsIndex":20},{"action":"code_scanning.alert_closed_by_user","description":"Code scanning alerts were manually dismissed.","docs_reference_links":"/code-security/code-scanning/introduction-to-code-scanning/about-code-scanning","docs_reference_titles":"Code scanning","fieldsIndex":21},{"action":"code_scanning.alert_closure_approved","description":"Dismissal of code scanning alerts was approved.","docs_reference_links":"/code-security/code-scanning/introduction-to-code-scanning/about-code-scanning","docs_reference_titles":"Code scanning","fieldsIndex":22},{"action":"code_scanning.alert_closure_denied","description":"Dismissal of code scanning alerts was denied.","docs_reference_links":"/code-security/code-scanning/introduction-to-code-scanning/about-code-scanning","docs_reference_titles":"Code scanning","fieldsIndex":22},{"action":"code_scanning.alert_closure_requested","description":"Dismissal of code scanning alerts was requested.","docs_reference_links":"/code-security/code-scanning/introduction-to-code-scanning/about-code-scanning","docs_reference_titles":"Code scanning","fieldsIndex":22},{"action":"code_scanning.alert_created","description":"Code scanning alerts were seen for the first time.","docs_reference_links":"/code-security/code-scanning/introduction-to-code-scanning/about-code-scanning","docs_reference_titles":"Code scanning","fieldsIndex":19},{"action":"code_scanning.alert_reappeared","description":"Code scanning alerts that were previously fixed reappeared.","docs_reference_links":"/code-security/code-scanning/introduction-to-code-scanning/about-code-scanning","docs_reference_titles":"Code scanning","fieldsIndex":19},{"action":"code_scanning.alert_reopened_by_user","description":"Code scanning alerts that were previously dismissed were reopened.","docs_reference_links":"/code-security/code-scanning/introduction-to-code-scanning/about-code-scanning","docs_reference_titles":"Code scanning","fieldsIndex":23},{"action":"codespaces.allow_permissions","description":"A codespace using custom permissions from its devcontainer.json file was launched.","docs_reference_links":"N/A","fieldsIndex":24},{"action":"codespaces.attempted_to_create_from_prebuild","description":"An attempt to create a codespace from a prebuild was made.","docs_reference_links":"N/A","fieldsIndex":25},{"action":"codespaces.business_enablement_updated","description":"Enterprise setting for Codespaces ownership was updated.","docs_reference_links":"/codespaces/managing-codespaces-for-your-organization/choosing-who-owns-and-pays-for-codespaces-in-your-organization","docs_reference_titles":"/codespaces/managing-codespaces-for-your-organization/choosing-who-owns-and-pays-for-codespaces-in-your-organization","fieldsIndex":26},{"action":"codespaces.connect","description":"Credentials for a codespace were refreshed.","docs_reference_links":"N/A","fieldsIndex":27},{"action":"codespaces.create","description":"A codespace was created","docs_reference_links":"/codespaces/developing-in-codespaces/creating-a-codespace-for-a-repository","docs_reference_titles":"Creating a codespace for a repository","fieldsIndex":27},{"action":"codespaces.destroy","description":"A user deleted a codespace.","docs_reference_links":"/codespaces/developing-in-codespaces/deleting-a-codespace","docs_reference_titles":"Deleting a codespace","fieldsIndex":28},{"action":"codespaces.export_environment","description":"A codespace was exported to a branch on GitHub.","docs_reference_links":"N/A","fieldsIndex":29},{"action":"codespaces.policy_group_created","description":"Policies were applied to codespaces in an organization or enterprise.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"codespaces.policy_group_deleted","description":"Policies were removed from codespaces in an organization or enterprise.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"codespaces.policy_group_updated","description":"Policies were updated for codespaces in an organization or enterprise.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"codespaces.restore","description":"A codespace was restored.","docs_reference_links":"N/A","fieldsIndex":30},{"action":"codespaces.start_environment","description":"A codespace was started.","docs_reference_links":"N/A","fieldsIndex":27},{"action":"codespaces.suspend_environment","description":"A codespace was stopped.","docs_reference_links":"N/A","fieldsIndex":31},{"action":"codespaces.trusted_repositories_access_update","description":"A personal account's access and security setting for Codespaces were updated.","docs_reference_links":"/codespaces/managing-codespaces-for-your-organization/managing-repository-access-for-your-organizations-codespaces","docs_reference_titles":"Managing access to other repositories within your codespace","fieldsIndex":11},{"action":"commit_comment.destroy","description":"A commit comment was deleted.","docs_reference_links":"N/A","fieldsIndex":32},{"action":"commit_comment.update","description":"A commit comment was updated.","docs_reference_links":"N/A","fieldsIndex":32},{"action":"copilot.access_revoked","description":"Copilot access was revoked for the organization or enterprise due to its Copilot subscription ending, an issue with billing the entity, the entity being marked spammy, or the entity being suspended.","docs_reference_links":"N/A","fieldsIndex":33},{"action":"copilot.cfb_org_settings_changed","description":"Copilot feature settings were changed at the organization level.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"copilot.cfb_seat_added","description":"A Copilot Business or Copilot Enterprise seat was added for a user and they have received access to GitHub Copilot. This can occur as the result of directly assigning a seat for a user, assigning a seat for a team, or setting the organization to allow access for all members.","docs_reference_links":"N/A","fieldsIndex":34},{"action":"copilot.cfb_seat_assignment_created","description":"A Copilot Business or Copilot Enterprise seat assignment was newly created for a user or a team, and seats are being created.","docs_reference_links":"/copilot/overview-of-github-copilot/about-github-copilot-for-business","docs_reference_titles":"What is GitHub Copilot?","fieldsIndex":34},{"action":"copilot.cfb_seat_assignment_refreshed","description":"A seat assignment that was previously pending cancellation was re-assigned and the user will retain access to Copilot.","docs_reference_links":"N/A","fieldsIndex":34},{"action":"copilot.cfb_seat_assignment_reused","description":"A Copilot Business or Copilot Enterprise seat assignment was re-created for a user who already had a seat with no pending cancellation date, and the user will retain access to Copilot.","docs_reference_links":"N/A","fieldsIndex":35},{"action":"copilot.cfb_seat_assignment_unassigned","description":"A user or team's Copilot Business or Copilot Enterprise seat assignment was unassigned, and the user(s) will lose access to Copilot at the end of the current billing cycle.","docs_reference_links":"N/A","fieldsIndex":34},{"action":"copilot.cfb_seat_cancelled","description":"A user's Copilot Business or Copilot Enterprise seat was canceled, and the user no longer has access to Copilot.","docs_reference_links":"N/A","fieldsIndex":36},{"action":"copilot.cfb_seat_cancelled_by_staff","description":"A user's Copilot Business or Copilot Enterprise seat was canceled manually by GitHub staff, and the user no longer has access to Copilot.","docs_reference_links":"N/A","fieldsIndex":37},{"action":"copilot.cfb_seat_management_changed","description":"The seat management setting was changed at the organization level to either enable or disable Copilot access for all members of the organization, or to enable Copilot access for selected members or teams.","docs_reference_links":"N/A","fieldsIndex":38},{"action":"copilot.code_review_repository_settings_updated","description":"Copilot code review settings were updated for a repository.","docs_reference_links":"N/A","fieldsIndex":39},{"action":"copilot.content_exclusion_changed","description":"The excluded paths for GitHub Copilot were updated.","docs_reference_links":"N/A","fieldsIndex":40},{"action":"copilot.custom_instructions_created","description":"Copilot custom instructions were created for the organization.","docs_reference_links":"N/A","fieldsIndex":41},{"action":"copilot.custom_instructions_updated","description":"Copilot custom instructions were updated for the organization.","docs_reference_links":"N/A","fieldsIndex":41},{"action":"copilot.memory_user_opt_out","description":"A user opted out of Copilot Memory.","docs_reference_links":"N/A","fieldsIndex":35},{"action":"copilot.plan_changed","description":"The plan for GitHub Copilot was updated.","docs_reference_links":"/billing/managing-billing-for-github-copilot/about-billing-for-github-copilot","docs_reference_titles":"GitHub Copilot licenses","fieldsIndex":42},{"action":"copilot.plan_downgrade_scheduled","description":"The plan for GitHub Copilot was scheduled to be downgraded.","docs_reference_links":"N/A","fieldsIndex":43},{"action":"copilot.swe_agent_firewall_allowlist_updated","description":"Firewall allowlist for Copilot coding agent was updated for an organization.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"copilot.swe_agent_mcp_config_updated","description":"MCP Configuration for Copilot coding agent was updated for a specific repository.","docs_reference_links":"N/A","fieldsIndex":44},{"action":"copilot.swe_agent_repo_disabled","description":"Specific repositories were disabled from using Copilot coding agent.","docs_reference_links":"N/A","fieldsIndex":45},{"action":"copilot.swe_agent_repo_enabled","description":"Specific repositories were enabled to use Copilot coding agent.","docs_reference_links":"N/A","fieldsIndex":45},{"action":"copilot.swe_agent_repo_enablement_updated","description":"Copilot coding agent access was updated for the organization's or user's repositories.","docs_reference_links":"N/A","fieldsIndex":46},{"action":"custom_hosted_runner.create","description":"N/A","docs_reference_links":"N/A","fieldsIndex":47},{"action":"custom_hosted_runner.destroy","description":"N/A","docs_reference_links":"N/A","fieldsIndex":0},{"action":"custom_hosted_runner.update","description":"N/A","docs_reference_links":"N/A","fieldsIndex":47},{"action":"custom_property_definition.create","description":"A new custom property definition was created.","docs_reference_links":"/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization","docs_reference_titles":"/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization","fieldsIndex":48},{"action":"custom_property_definition.destroy","description":"A custom property definition was deleted.","docs_reference_links":"/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization","docs_reference_titles":"/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization","fieldsIndex":48},{"action":"custom_property_definition.update","description":"A custom property definition was updated.","docs_reference_links":"/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization","docs_reference_titles":"/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization","fieldsIndex":49},{"action":"custom_property_value.create","description":"A repository's custom property value was manually set for the first time.","docs_reference_links":"/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization","docs_reference_titles":"/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization","fieldsIndex":50},{"action":"custom_property_value.destroy","description":"A repository's custom property value was deleted.","docs_reference_links":"/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization","docs_reference_titles":"/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization","fieldsIndex":50},{"action":"custom_property_value.update","description":"A repository's custom property value was updated.","docs_reference_links":"/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization","docs_reference_titles":"/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization","fieldsIndex":51},{"action":"dependabot_alerts.disable","description":"Dependabot alerts were disabled for all existing repositories.","docs_reference_links":"/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization#enabling-or-disabling-a-feature-for-all-existing-repositories","docs_reference_titles":"/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization#enabling-or-disabling-a-feature-for-all-existing-repositories","fieldsIndex":11},{"action":"dependabot_alerts.enable","description":"Dependabot alerts were enabled for all existing repositories.","docs_reference_links":"/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization#enabling-or-disabling-a-feature-for-all-existing-repositories","docs_reference_titles":"/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization#enabling-or-disabling-a-feature-for-all-existing-repositories","fieldsIndex":52},{"action":"dependabot_alerts_new_repos.disable","description":"Dependabot alerts were disabled for all new repositories.","docs_reference_links":"/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization#enabling-or-disabling-a-feature-automatically-when-new-repositories-are-added","docs_reference_titles":"/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization#enabling-or-disabling-a-feature-automatically-when-new-repositories-are-added","fieldsIndex":52},{"action":"dependabot_alerts_new_repos.enable","description":"Dependabot alerts were enabled for all new repositories.","docs_reference_links":"/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization#enabling-or-disabling-a-feature-automatically-when-new-repositories-are-added","docs_reference_titles":"/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization#enabling-or-disabling-a-feature-automatically-when-new-repositories-are-added","fieldsIndex":52},{"action":"dependabot_closure_request.approve","description":"Dismissal of Dependabot alerts was approved.","docs_reference_links":"/code-security/dependabot/dependabot-alerts/about-dependabot-alerts","docs_reference_titles":"Dependabot alerts","fieldsIndex":53},{"action":"dependabot_closure_request.cancel","description":"Dismissal request for Dependabot alerts was canceled.","docs_reference_links":"/code-security/dependabot/dependabot-alerts/about-dependabot-alerts","docs_reference_titles":"Dependabot alerts","fieldsIndex":54},{"action":"dependabot_closure_request.create","description":"Dismissal of Dependabot alerts was requested.","docs_reference_links":"/code-security/dependabot/dependabot-alerts/about-dependabot-alerts","docs_reference_titles":"Dependabot alerts","fieldsIndex":55},{"action":"dependabot_closure_request.deny","description":"Dismissal of Dependabot alerts was denied.","docs_reference_links":"/code-security/dependabot/dependabot-alerts/about-dependabot-alerts","docs_reference_titles":"Dependabot alerts","fieldsIndex":56},{"action":"dependabot_repository_access.default_access_level_updated","description":"The default repository access for Dependabot was updated.","docs_reference_links":"N/A","fieldsIndex":57},{"action":"dependabot_repository_access.repositories_updated","description":"The repositories that Dependabot can access were updated.","docs_reference_links":"N/A","fieldsIndex":52},{"action":"dependabot_security_updates.disable","description":"Dependabot security updates were disabled for all existing repositories.","docs_reference_links":"/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization","docs_reference_titles":"/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization","fieldsIndex":11},{"action":"dependabot_security_updates.enable","description":"Dependabot security updates were enabled for all existing repositories.","docs_reference_links":"N/A","fieldsIndex":52},{"action":"dependabot_security_updates_new_repos.disable","description":" Dependabot security updates were disabled for all new repositories.","docs_reference_links":"/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization","docs_reference_titles":"/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization","fieldsIndex":52},{"action":"dependabot_security_updates_new_repos.enable","description":"Dependabot security updates were enabled for all new repositories.","docs_reference_links":"N/A","fieldsIndex":52},{"action":"dependency_graph.disable","description":"The dependency graph was disabled for all existing repositories.","docs_reference_links":"/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization","docs_reference_titles":"/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization","fieldsIndex":11},{"action":"dependency_graph.enable","description":"The dependency graph was enabled for all existing repositories.","docs_reference_links":"N/A","fieldsIndex":52},{"action":"dependency_graph_new_repos.disable","description":"The dependency graph was disabled for all new repositories.","docs_reference_links":"/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization","docs_reference_titles":"/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization","fieldsIndex":52},{"action":"dependency_graph_new_repos.enable","description":"The dependency graph was enabled for all new repositories.","docs_reference_links":"N/A","fieldsIndex":52},{"action":"discussion_comment.destroy","description":"N/A","docs_reference_links":"N/A","fieldsIndex":32},{"action":"discussion_comment.update","description":"N/A","docs_reference_links":"N/A","fieldsIndex":32},{"action":"discussion.destroy","description":"N/A","docs_reference_links":"N/A","fieldsIndex":58},{"action":"enterprise_announcement.create","description":"A global announcement banner was created for the enterprise.","docs_reference_links":"/admin/managing-accounts-and-repositories/communicating-information-to-users-in-your-enterprise/customizing-user-messages-for-your-enterprise#creating-a-global-announcement-banner","docs_reference_titles":"Customizing user messages for your enterprise","fieldsIndex":59},{"action":"enterprise_announcement.destroy","description":"A global announcement banner was removed from the enterprise.","docs_reference_links":"/admin/managing-accounts-and-repositories/communicating-information-to-users-in-your-enterprise/customizing-user-messages-for-your-enterprise","docs_reference_titles":"Customizing user messages for your enterprise","fieldsIndex":60},{"action":"enterprise_announcement.update","description":"A global announcement banner was updated for the enterprise.","docs_reference_links":"/admin/managing-accounts-and-repositories/communicating-information-to-users-in-your-enterprise/customizing-user-messages-for-your-enterprise","docs_reference_titles":"Customizing user messages for your enterprise","fieldsIndex":61},{"action":"enterprise_installation.create","description":"The GitHub App associated with a GitHub Connect connection was created.","docs_reference_links":"/admin/configuration/configuring-github-connect/managing-github-connect","docs_reference_titles":"Enabling GitHub Connect for GitHub.com","fieldsIndex":15},{"action":"enterprise_installation.destroy","description":"The GitHub App associated with a GitHub Connect connection was deleted.","docs_reference_links":"/admin/configuration/configuring-github-connect/managing-github-connect","docs_reference_titles":"Enabling GitHub Connect for GitHub.com","fieldsIndex":62},{"action":"environment.add_protection_rule","description":"A GitHub Actions deployment protection rule was created via the API.","docs_reference_links":"/actions/deployment/targeting-different-environments/using-environments-for-deployment#deployment-protection-rules","docs_reference_titles":"Managing environments for deployment","fieldsIndex":63},{"action":"environment.create","description":"N/A","docs_reference_links":"N/A","fieldsIndex":64},{"action":"environment.create_actions_secret","description":"A secret was created for a GitHub Actions environment.","docs_reference_links":"/actions/deployment/targeting-different-environments/using-environments-for-deployment#environment-secrets","docs_reference_titles":"Managing environments for deployment","fieldsIndex":65},{"action":"environment.create_actions_variable","description":"A variable was created for a GitHub Actions environment.","docs_reference_links":"/actions/learn-github-actions/variables#creating-configuration-variables-for-an-environment","docs_reference_titles":"Store information in variables","fieldsIndex":65},{"action":"environment.delete","description":"An environment was deleted.","docs_reference_links":"/actions/deployment/targeting-different-environments/using-environments-for-deployment#deleting-an-environment","docs_reference_titles":"Managing environments for deployment","fieldsIndex":66},{"action":"environment.remove_actions_secret","description":"A secret was deleted for a GitHub Actions environment.","docs_reference_links":"/actions/deployment/targeting-different-environments/using-environments-for-deployment#environment-secrets","docs_reference_titles":"Managing environments for deployment","fieldsIndex":67},{"action":"environment.remove_actions_variable","description":"A variable was deleted for a GitHub Actions environment.","docs_reference_links":"/actions/learn-github-actions/variables#creating-configuration-variables-for-an-environment","docs_reference_titles":"Store information in variables","fieldsIndex":67},{"action":"environment.remove_protection_rule","description":"A GitHub Actions deployment protection rule was deleted via the API.","docs_reference_links":"/actions/deployment/targeting-different-environments/using-environments-for-deployment#deployment-protection-rules","docs_reference_titles":"Managing environments for deployment","fieldsIndex":68},{"action":"environment.update_actions_secret","description":"A secret was updated for a GitHub Actions environment.","docs_reference_links":"/actions/deployment/targeting-different-environments/using-environments-for-deployment#environment-secrets","docs_reference_titles":"Managing environments for deployment","fieldsIndex":65},{"action":"environment.update_actions_variable","description":"A variable was updated for a GitHub Actions environment.","docs_reference_links":"/actions/learn-github-actions/variables#creating-configuration-variables-for-an-environment","docs_reference_titles":"Store information in variables","fieldsIndex":65},{"action":"environment.update_protection_rule","description":"A GitHub Actions deployment protection rule was updated via the API.","docs_reference_links":"/actions/deployment/targeting-different-environments/using-environments-for-deployment#deployment-protection-rules","docs_reference_titles":"Managing environments for deployment","fieldsIndex":69},{"action":"git.clone","description":"A repository was cloned. This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports.","docs_reference_links":"N/A","fieldsIndex":70},{"action":"git.fetch","description":"Changes were fetched from a repository. This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports.","docs_reference_links":"N/A","fieldsIndex":70},{"action":"git.push","description":"Changes were pushed to a repository. This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports.","docs_reference_links":"N/A","fieldsIndex":70},{"action":"github_hosted_runner.create","description":"N/A","docs_reference_links":"N/A","fieldsIndex":71},{"action":"github_hosted_runner.destroy","description":"N/A","docs_reference_links":"N/A","fieldsIndex":16},{"action":"github_hosted_runner.update","description":"N/A","docs_reference_links":"N/A","fieldsIndex":71},{"action":"hook.active_changed","description":"A hook's active status was updated.","docs_reference_links":"N/A","fieldsIndex":72},{"action":"hook.config_changed","description":"A hook's configuration was changed.","docs_reference_links":"N/A","fieldsIndex":73},{"action":"hook.create","description":"A new hook was added.","docs_reference_links":"/get-started/exploring-integrations/about-webhooks","docs_reference_titles":"About webhooks","fieldsIndex":74},{"action":"hook.destroy","description":"A hook was deleted.","docs_reference_links":"N/A","fieldsIndex":73},{"action":"hook.events_changed","description":"A hook's configured events were changed.","docs_reference_links":"N/A","fieldsIndex":75},{"action":"integration.create","description":"A GitHub App was created.","docs_reference_links":"N/A","fieldsIndex":76},{"action":"integration.destroy","description":"A GitHub App was deleted.","docs_reference_links":"N/A","fieldsIndex":77},{"action":"integration.generate_client_secret","description":"N/A","docs_reference_links":"N/A","fieldsIndex":78},{"action":"integration_installation.create","description":"A GitHub App was installed.","docs_reference_links":"/apps/using-github-apps/authorizing-github-apps","docs_reference_titles":"/apps/using-github-apps/authorizing-github-apps","fieldsIndex":79},{"action":"integration_installation.destroy","description":"A GitHub App was uninstalled.","docs_reference_links":"/apps/using-github-apps/reviewing-and-modifying-installed-github-apps#blocking-access","docs_reference_titles":"/apps/using-github-apps/reviewing-and-modifying-installed-github-apps#blocking-access","fieldsIndex":80},{"action":"integration_installation.repositories_added","description":"Repositories were added to a GitHub App.","docs_reference_links":"/apps/using-github-apps/reviewing-and-modifying-installed-github-apps#modifying-repository-access","docs_reference_titles":"/apps/using-github-apps/reviewing-and-modifying-installed-github-apps#modifying-repository-access","fieldsIndex":81},{"action":"integration_installation.repositories_removed","description":"Repositories were removed from a GitHub App.","docs_reference_links":"/apps/using-github-apps/reviewing-and-modifying-installed-github-apps#modifying-repository-access","docs_reference_titles":"/apps/using-github-apps/reviewing-and-modifying-installed-github-apps#modifying-repository-access","fieldsIndex":82},{"action":"integration_installation_request.close","description":"A request to install a GitHub App was either approved or denied by an owner, or canceled by the member who opened the request.","docs_reference_links":"/apps/using-github-apps/requesting-a-github-app-from-your-organization-owner","docs_reference_titles":"/apps/using-github-apps/requesting-a-github-app-from-your-organization-owner","fieldsIndex":83},{"action":"integration_installation_request.create","description":"A member requested that an owner install a GitHub App.","docs_reference_links":"/apps/using-github-apps/requesting-a-github-app-from-your-organization-owner","docs_reference_titles":"/apps/using-github-apps/requesting-a-github-app-from-your-organization-owner","fieldsIndex":84},{"action":"integration_installation.suspend","description":"A GitHub App was suspended.","docs_reference_links":"/apps/using-github-apps/reviewing-and-modifying-installed-github-apps#blocking-access","docs_reference_titles":"/apps/using-github-apps/reviewing-and-modifying-installed-github-apps#blocking-access","fieldsIndex":85},{"action":"integration_installation.unsuspend","description":"A GitHub App was unsuspended.","docs_reference_links":"/apps/using-github-apps/reviewing-and-modifying-installed-github-apps#blocking-access","docs_reference_titles":"/apps/using-github-apps/reviewing-and-modifying-installed-github-apps#blocking-access","fieldsIndex":85},{"action":"integration_installation.version_updated","description":"Permissions for a GitHub App were updated.","docs_reference_links":"/apps/using-github-apps/approving-updated-permissions-for-a-github-app","docs_reference_titles":"/apps/using-github-apps/approving-updated-permissions-for-a-github-app","fieldsIndex":85},{"action":"integration.manager_added","description":"A member of an enterprise or organization was added as a GitHub App manager.","docs_reference_links":"/organizations/managing-programmatic-access-to-your-organization/adding-and-removing-github-app-managers-in-your-organization#giving-someone-the-ability-to-manage-all-github-apps-owned-by-the-organization","docs_reference_titles":"/organizations/managing-programmatic-access-to-your-organization/adding-and-removing-github-app-managers-in-your-organization#giving-someone-the-ability-to-manage-all-github-apps-owned-by-the-organization","fieldsIndex":86},{"action":"integration.manager_removed","description":"A member of an enterprise or organization was removed from being a GitHub App manager.","docs_reference_links":"/organizations/managing-programmatic-access-to-your-organization/adding-and-removing-github-app-managers-in-your-organization#removing-a-github-app-managers-permissions-for-the-entire-organization","docs_reference_titles":"/organizations/managing-programmatic-access-to-your-organization/adding-and-removing-github-app-managers-in-your-organization#removing-a-github-app-managers-permissions-for-the-entire-organization","fieldsIndex":86},{"action":"integration.remove_client_secret","description":"A client secret for a GitHub App was removed.","docs_reference_links":"N/A","fieldsIndex":77},{"action":"integration.revoke_all_tokens","description":"All user tokens for a GitHub App were requested to be revoked.","docs_reference_links":"N/A","fieldsIndex":87},{"action":"integration.revoke_tokens","description":"Token(s) for a GitHub App were revoked.","docs_reference_links":"N/A","fieldsIndex":87},{"action":"integration.suspend","description":"A GitHub App was suspended.","docs_reference_links":"/apps/maintaining-github-apps/suspending-a-github-app-installation","docs_reference_titles":"/apps/maintaining-github-apps/suspending-a-github-app-installation","fieldsIndex":78},{"action":"integration.transfer","description":"Ownership of a GitHub App was transferred to another user or organization.","docs_reference_links":"/apps/maintaining-github-apps/transferring-ownership-of-a-github-app","docs_reference_titles":"/apps/maintaining-github-apps/transferring-ownership-of-a-github-app","fieldsIndex":88},{"action":"integration.unsuspend","description":"A GitHub App was unsuspended.","docs_reference_links":"/apps/maintaining-github-apps/suspending-a-github-app-installation","docs_reference_titles":"/apps/maintaining-github-apps/suspending-a-github-app-installation","fieldsIndex":87},{"action":"ip_allow_list.disable","description":"An IP allow list was disabled.","docs_reference_links":"N/A","fieldsIndex":11},{"action":"ip_allow_list.disable_for_installed_apps","description":"An IP allow list was disabled for installed GitHub Apps.","docs_reference_links":"N/A","fieldsIndex":11},{"action":"ip_allow_list.enable","description":"An IP allow list was enabled.","docs_reference_links":"N/A","fieldsIndex":11},{"action":"ip_allow_list.enable_for_installed_apps","description":"An IP allow list was enabled for installed GitHub Apps.","docs_reference_links":"N/A","fieldsIndex":11},{"action":"ip_allow_list_entry.create","description":"An IP address was added to an IP allow list.","docs_reference_links":"N/A","fieldsIndex":89},{"action":"ip_allow_list_entry.destroy","description":"An IP address was deleted from an IP allow list.","docs_reference_links":"N/A","fieldsIndex":89},{"action":"ip_allow_list_entry.update","description":"An IP address or its description was changed.","docs_reference_links":"N/A","fieldsIndex":89},{"action":"issue_comment.destroy","description":"A comment on an issue was deleted from the repository.","docs_reference_links":"N/A","fieldsIndex":32},{"action":"issue_comment.pinned","description":"A comment on an issue was pinned to a repository.","docs_reference_links":"N/A","fieldsIndex":32},{"action":"issue_comment.unpinned","description":"A comment on an issue was unpinned from a repository.","docs_reference_links":"N/A","fieldsIndex":32},{"action":"issue_comment.update","description":"A comment on an issue (other than the initial one) changed.","docs_reference_links":"N/A","fieldsIndex":32},{"action":"issue_dependencies.blocked_by_add","description":"An issue was marked as blocked by another issue.","docs_reference_links":"N/A","fieldsIndex":90},{"action":"issue_dependencies.blocked_by_remove","description":"The blocked by relationship between an issue and another issue was removed.","docs_reference_links":"N/A","fieldsIndex":90},{"action":"issue_dependencies.blocking_add","description":"An issue was marked as blocking another issue.","docs_reference_links":"N/A","fieldsIndex":90},{"action":"issue_dependencies.blocking_remove","description":"The blocking relationship between an issue and another issue was removed.","docs_reference_links":"N/A","fieldsIndex":90},{"action":"issue.destroy","description":"An issue was deleted from the repository.","docs_reference_links":"/issues/tracking-your-work-with-issues/deleting-an-issue","docs_reference_titles":"Deleting an issue","fieldsIndex":91},{"action":"issue.pinned","description":"An issue was pinned to a repository.","docs_reference_links":"/issues/tracking-your-work-with-issues/pinning-an-issue-to-your-repository","docs_reference_titles":"Pinning an issue to your repository","fieldsIndex":92},{"action":"issue.transfer","description":"An issue was transferred to another repository.","docs_reference_links":"/issues/tracking-your-work-with-issues/transferring-an-issue-to-another-repository","docs_reference_titles":"Transferring an issue to another repository","fieldsIndex":93},{"action":"issue_type.create","description":"An issue type was created.","docs_reference_links":"N/A","fieldsIndex":94},{"action":"issue_type.destroy","description":"An issue type was deleted.","docs_reference_links":"N/A","fieldsIndex":95},{"action":"issue_type.update","description":"An issue type was updated.","docs_reference_links":"N/A","fieldsIndex":96},{"action":"issue.unpinned","description":"An issue was unpinned from a repository.","docs_reference_links":"/issues/tracking-your-work-with-issues/pinning-an-issue-to-your-repository","docs_reference_titles":"Pinning an issue to your repository","fieldsIndex":92},{"action":"issues.deletes_disabled","description":"The ability for enterprise members to delete issues was disabled Members cannot delete issues in any organizations in an enterprise.","docs_reference_links":"/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-deleting-issues","docs_reference_titles":"Enforcing repository management policies in your enterprise","fieldsIndex":11},{"action":"issues.deletes_enabled","description":"The ability for enterprise members to delete issues was enabled Members can delete issues in any organizations in an enterprise.","docs_reference_links":"/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-deleting-issues","docs_reference_titles":"Enforcing repository management policies in your enterprise","fieldsIndex":15},{"action":"issues.deletes_policy_cleared","description":"An enterprise owner cleared the policy setting for allowing members to delete issues in an enterprise.","docs_reference_links":"/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-deleting-issues","docs_reference_titles":"Enforcing repository management policies in your enterprise","fieldsIndex":15},{"action":"marketplace_agreement_signature.create","description":"The GitHub Marketplace Developer Agreement was signed.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"marketplace_listing.approve","description":"A listing was approved for inclusion in GitHub Marketplace.","docs_reference_links":"N/A","fieldsIndex":97},{"action":"marketplace_listing.change_category","description":"A category for a listing for an app in GitHub Marketplace was changed.","docs_reference_links":"N/A","fieldsIndex":98},{"action":"marketplace_listing.create","description":"A listing for an app in GitHub Marketplace was created.","docs_reference_links":"N/A","fieldsIndex":97},{"action":"marketplace_listing.delist","description":"A listing was removed from GitHub Marketplace.","docs_reference_links":"N/A","fieldsIndex":99},{"action":"marketplace_listing.redraft","description":"A listing was sent back to draft state.","docs_reference_links":"N/A","fieldsIndex":97},{"action":"marketplace_listing.reject","description":"A listing was not accepted for inclusion in GitHub Marketplace.","docs_reference_links":"N/A","fieldsIndex":97},{"action":"mcp_registry.allowlist_assign","description":"An MCP registry allowlist was assigned to an organization or enterprise.","docs_reference_links":"N/A","fieldsIndex":100},{"action":"mcp_registry.allowlist_remove_assignment","description":"An MCP registry allowlist assignment was removed from an organization or enterprise.","docs_reference_links":"N/A","fieldsIndex":100},{"action":"members_can_create_pages.disable","description":"The ability for members to publish GitHub Pages sites was disabled.","docs_reference_links":"/organizations/managing-organization-settings/managing-the-publication-of-github-pages-sites-for-your-organization","docs_reference_titles":"/organizations/managing-organization-settings/managing-the-publication-of-github-pages-sites-for-your-organization","fieldsIndex":52},{"action":"members_can_create_pages.enable","description":"The ability for members to publish GitHub Pages sites was enabled.","docs_reference_links":"/organizations/managing-organization-settings/managing-the-publication-of-github-pages-sites-for-your-organization","docs_reference_titles":"/organizations/managing-organization-settings/managing-the-publication-of-github-pages-sites-for-your-organization","fieldsIndex":52},{"action":"members_can_create_private_pages.disable","description":"The ability for members to publish private GitHub Pages was disabled Members cannot publish private GitHub Pages in an organization.","docs_reference_links":"/organizations/managing-organization-settings/managing-the-publication-of-github-pages-sites-for-your-organization","docs_reference_titles":"/organizations/managing-organization-settings/managing-the-publication-of-github-pages-sites-for-your-organization","fieldsIndex":52},{"action":"members_can_create_private_pages.enable","description":"The ability for members to publish private GitHub Pages was enabled Members can publish private GitHub Pages in an organization.","docs_reference_links":"/organizations/managing-organization-settings/managing-the-publication-of-github-pages-sites-for-your-organization","docs_reference_titles":"/organizations/managing-organization-settings/managing-the-publication-of-github-pages-sites-for-your-organization","fieldsIndex":1},{"action":"members_can_create_public_pages.disable","description":"The ability for members to publish public GitHub Pages was disabled Members cannot publish public GitHub Pages in an organization.","docs_reference_links":"/organizations/managing-organization-settings/managing-the-publication-of-github-pages-sites-for-your-organization","docs_reference_titles":"/organizations/managing-organization-settings/managing-the-publication-of-github-pages-sites-for-your-organization","fieldsIndex":52},{"action":"members_can_create_public_pages.enable","description":"The ability for members to publish public GitHub Pages was enabled Members can publish public GitHub Pages in an organization.","docs_reference_links":"/organizations/managing-organization-settings/managing-the-publication-of-github-pages-sites-for-your-organization","docs_reference_titles":"/organizations/managing-organization-settings/managing-the-publication-of-github-pages-sites-for-your-organization","fieldsIndex":52},{"action":"members_can_delete_repos.clear","description":"An enterprise owner cleared the policy setting for deleting or transferring repositories in any organizations in an enterprise.","docs_reference_links":"/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-repository-deletion-and-transfer","docs_reference_titles":"Enforcing repository management policies in your enterprise","fieldsIndex":11},{"action":"members_can_delete_repos.disable","description":"The ability for enterprise members to delete repositories was disabled Members cannot delete or transfer repositories in any organizations in an enterprise.","docs_reference_links":"/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-repository-deletion-and-transfer","docs_reference_titles":"Enforcing repository management policies in your enterprise","fieldsIndex":11},{"action":"members_can_delete_repos.enable","description":"The ability for enterprise members to delete repositories was enabled Members can delete or transfer repositories in any organizations in an enterprise.","docs_reference_links":"/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-repository-deletion-and-transfer","docs_reference_titles":"Enforcing repository management policies in your enterprise","fieldsIndex":15},{"action":"members_can_view_dependency_insights.clear","description":"An enterprise owner cleared the policy setting for viewing dependency insights in any organizations in an enterprise.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"members_can_view_dependency_insights.disable","description":"The ability for enterprise members to view dependency insights was disabled. Members cannot view dependency insights in any organizations in an enterprise.","docs_reference_links":"/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-dependency-insights-in-your-enterprise","docs_reference_titles":"Enforcing policies for code security and analysis for your enterprise","fieldsIndex":15},{"action":"members_can_view_dependency_insights.enable","description":"The ability for enterprise members to view dependency insights was enabled. Members can view dependency insights in any organizations in an enterprise.","docs_reference_links":"/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-dependency-insights-in-your-enterprise","docs_reference_titles":"Enforcing policies for code security and analysis for your enterprise","fieldsIndex":11},{"action":"merge_queue.pull_request_dequeued","description":"A pull request was removed from a merge queue.","docs_reference_links":"N/A","fieldsIndex":32},{"action":"merge_queue.pull_request_queue_jump","description":"A pull request was moved ahead in a merge queue.","docs_reference_links":"N/A","fieldsIndex":32},{"action":"merge_queue.queue_cleared","description":"A merge queue was cleared.","docs_reference_links":"N/A","fieldsIndex":101},{"action":"merge_queue.update_settings","description":"The settings for a merge queue were updated.","docs_reference_links":"N/A","fieldsIndex":102},{"action":"metered_billing_configuration.create","description":"N/A","docs_reference_links":"N/A","fieldsIndex":15},{"action":"metered_billing_configuration.destroy","description":"N/A","docs_reference_links":"N/A","fieldsIndex":15},{"action":"metered_billing_configuration.update","description":"N/A","docs_reference_links":"N/A","fieldsIndex":0},{"action":"migration.create","description":"A migration file was created for transferring data from a source location (such as a GitHub.com organization or a GitHub Enterprise Server instance) to a target GitHub Enterprise Server instance.","docs_reference_links":"N/A","fieldsIndex":103},{"action":"migration.destroy_file","description":"A migration file for transferring data from a source location (such as a GitHub.com organization or a GitHub Enterprise Server instance) to a target GitHub Enterprise Server instance was deleted.","docs_reference_links":"N/A","fieldsIndex":103},{"action":"migration.download","description":"A migration file for transferring data from a source location (such as a GitHub.com organization or a GitHub Enterprise Server instance) to a target GitHub Enterprise Server instance was downloaded.","docs_reference_links":"N/A","fieldsIndex":103},{"action":"network_configuration.create","description":"A network configuration for a hosted compute service was created.","docs_reference_links":"/admin/configuration/configuring-private-networking-for-hosted-compute-products/about-networking-for-hosted-compute-products","docs_reference_titles":"About networking for hosted compute products in your enterprise","fieldsIndex":104},{"action":"network_configuration.delete","description":"A network configuration for a hosted compute service was deleted.","docs_reference_links":"/admin/configuration/configuring-private-networking-for-hosted-compute-products/about-networking-for-hosted-compute-products","docs_reference_titles":"About networking for hosted compute products in your enterprise","fieldsIndex":105},{"action":"network_configuration.update","description":"A network configuration for a hosted compute service was updated.","docs_reference_links":"/admin/configuration/configuring-private-networking-for-hosted-compute-products/about-networking-for-hosted-compute-products","docs_reference_titles":"About networking for hosted compute products in your enterprise","fieldsIndex":106},{"action":"oauth_application.create","description":"An OAuth application was created.","docs_reference_links":"/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app","docs_reference_titles":"/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app","fieldsIndex":107},{"action":"oauth_application.destroy","description":"An OAuth application was deleted.","docs_reference_links":"/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app","docs_reference_titles":"/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app","fieldsIndex":107},{"action":"oauth_application.generate_client_secret","description":"An OAuth application's secret key was generated.","docs_reference_links":"/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app","docs_reference_titles":"/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app","fieldsIndex":107},{"action":"oauth_application.remove_client_secret","description":"An OAuth application's secret key was deleted.","docs_reference_links":"/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app","docs_reference_titles":"/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app","fieldsIndex":107},{"action":"oauth_application.reset_secret","description":"The secret key for an OAuth application was reset.","docs_reference_links":"/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app","docs_reference_titles":"/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app","fieldsIndex":108},{"action":"oauth_application.revoke_all_tokens","description":"All user tokens for an OAuth application were requested to be revoked.","docs_reference_links":"/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app","docs_reference_titles":"/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app","fieldsIndex":107},{"action":"oauth_application.revoke_tokens","description":"Token(s) for an OAuth application were revoked.","docs_reference_links":"/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app","docs_reference_titles":"/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app","fieldsIndex":107},{"action":"oauth_application.transfer","description":"An OAuth application was transferred from one account to another.","docs_reference_links":"/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app","docs_reference_titles":"/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app","fieldsIndex":107},{"action":"org.accept_business_invitation","description":"An invitation sent to an organization to join an enterprise was accepted.","docs_reference_links":"/admin/user-management/managing-organizations-in-your-enterprise/adding-organizations-to-your-enterprise#inviting-an-organization-to-join-your-enterprise-account","docs_reference_titles":"Adding organizations to your enterprise","fieldsIndex":15},{"action":"org.add_billing_manager","description":"A billing manager was added to an organization.","docs_reference_links":"/organizations/managing-peoples-access-to-your-organization-with-roles/adding-a-billing-manager-to-your-organization","docs_reference_titles":"/organizations/managing-peoples-access-to-your-organization-with-roles/adding-a-billing-manager-to-your-organization","fieldsIndex":15},{"action":"org.add_disallowed_two_factor_method","description":"An organization prevented access to resources by users with the given two-factor method.","docs_reference_links":"N/A","fieldsIndex":109},{"action":"org.add_member","description":"A user joined an organization.","docs_reference_links":"N/A","fieldsIndex":110},{"action":"org.add_outside_collaborator","description":"An outside collaborator was added to a repository.","docs_reference_links":"N/A","fieldsIndex":111},{"action":"org.add_security_manager","description":"N/A","docs_reference_links":"N/A","fieldsIndex":112},{"action":"org.advanced_security_disabled_for_new_repos","description":"GitHub Advanced Security was disabled for new repositories in an organization.","docs_reference_links":"N/A","fieldsIndex":52},{"action":"org.advanced_security_disabled_on_all_repos","description":"GitHub Advanced Security was disabled for all repositories in an organization.","docs_reference_links":"N/A","fieldsIndex":11},{"action":"org.advanced_security_enabled_for_new_repos","description":"GitHub Advanced Security was enabled for new repositories in an organization.","docs_reference_links":"N/A","fieldsIndex":52},{"action":"org.advanced_security_enabled_on_all_repos","description":"GitHub Advanced Security was enabled for all repositories in an organization.","docs_reference_links":"N/A","fieldsIndex":1},{"action":"org.advanced_security_entity_policy_update","description":"An enterprise owner updated the GitHub Advanced Security access policy for repositories owned by the organization.","docs_reference_links":"/admin/policies/enforcing-policies-for-advanced-security-in-your-enterprise","docs_reference_titles":"Enforcing policies for code security and analysis for your enterprise","fieldsIndex":113},{"action":"org.advanced_security_policy_selected_member_disabled","description":"An enterprise owner prevented GitHub Advanced Security features from being enabled for repositories owned by the organization.","docs_reference_links":"/admin/policies/enforcing-policies-for-advanced-security-in-your-enterprise","docs_reference_titles":"Enforcing policies for code security and analysis for your enterprise","fieldsIndex":15},{"action":"org.advanced_security_policy_selected_member_enabled","description":"An enterprise owner allowed GitHub Advanced Security features to be enabled for repositories owned by the organization.","docs_reference_links":"/admin/policies/enforcing-policies-for-advanced-security-in-your-enterprise","docs_reference_titles":"Enforcing policies for code security and analysis for your enterprise","fieldsIndex":15},{"action":"org.allow_third_party_access_requests_from_outside_collaborators_disabled","description":"Third-party application access for outside collaborators was disabled for the organization.","docs_reference_links":"/organizations/managing-programmatic-access-to-your-organization/limiting-oauth-app-and-github-app-access-requests#enabling-or-disabling-integration-access-requests","docs_reference_titles":"Limiting OAuth app and GitHub App access requests and installations","fieldsIndex":0},{"action":"org.allow_third_party_access_requests_from_outside_collaborators_enabled","description":"Third-party application access for outside collaborators was enabled for the organization.","docs_reference_links":"/organizations/managing-programmatic-access-to-your-organization/limiting-oauth-app-and-github-app-access-requests-and-installations#enabling-or-disabling-app-access-requests","docs_reference_titles":"/organizations/managing-programmatic-access-to-your-organization/limiting-oauth-app-and-github-app-access-requests-and-installations#enabling-or-disabling-app-access-requests","fieldsIndex":0},{"action":"org.archive","description":"The organization was archived.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"org.audit_log_export","description":"An export of the organization audit log was created. If the export included a query, the log will list the query used and the number of audit log entries matching that query.","docs_reference_links":"/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization#exporting-the-audit-log","docs_reference_titles":"/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization#exporting-the-audit-log","fieldsIndex":114},{"action":"org.audit_log_git_event_export","description":"An export of the organization's Git events was created.","docs_reference_links":"/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/audit-log-events-for-your-organization","docs_reference_titles":"/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/audit-log-events-for-your-organization","fieldsIndex":115},{"action":"org.billing_signup_error","description":"N/A","docs_reference_links":"N/A","fieldsIndex":15},{"action":"org.block_user","description":"An organization owner blocked a user from accessing the organization's repositories.","docs_reference_links":"/communities/maintaining-your-safety-on-github/blocking-a-user-from-your-organization","docs_reference_titles":"/communities/maintaining-your-safety-on-github/blocking-a-user-from-your-organization","fieldsIndex":116},{"action":"org.cancel_business_invitation","description":"An invitation for an organization to join an enterprise was revoked","docs_reference_links":"/admin/user-management/managing-organizations-in-your-enterprise/adding-organizations-to-your-enterprise#inviting-an-organization-to-join-your-enterprise-account","docs_reference_titles":"Adding organizations to your enterprise","fieldsIndex":117},{"action":"org.cancel_invitation","description":"An invitation sent to a user to join an organization was revoked.","docs_reference_links":"N/A","fieldsIndex":118},{"action":"org.clear_custom_invitation_rate_limit","description":"N/A","docs_reference_links":"N/A","fieldsIndex":0},{"action":"org.clear_disallowed_two_factor_methods","description":"Cleared two-factor authentication restrictions for an organization.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"org.code_quality_entity_policy_update","description":"An organization owner updated the Code Quality entity policy for repositories owned by the organization.","docs_reference_links":"N/A","fieldsIndex":113},{"action":"org.code_scanning_ai_findings_disabled","description":"AI-powered findings for code scanning were disabled for an organization.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"org.code_scanning_ai_findings_enabled","description":"AI-powered findings for code scanning were enabled for an organization.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"org.code_scanning_autofix_disabled","description":"Autofix for code scanning alerts was disabled for an organization.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"org.code_scanning_autofix_enabled","description":"Autofix for code scanning alerts was enabled for an organization.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"org.code_scanning_autofix_third_party_tools_disabled","description":"Autofix for third party tools for code scanning alerts was disabled for an organization.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"org.code_scanning_autofix_third_party_tools_enabled","description":"Autofix for third party tools for code scanning alerts was enabled for an organization.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"org.code_scanning_scan_inactive_repos_disabled","description":"Scanning inactive repositories was disabled for an organization.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"org.code_scanning_scan_inactive_repos_enabled","description":"Scanning inactive repositories was enabled for an organization.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"org.code_security_metered_usage_lock","description":"Enablement for Code Security features on new repositories has been locked for this organization.","docs_reference_links":"N/A","fieldsIndex":119},{"action":"org.code_security_metered_usage_unlock","description":"Enablement for Code Security features on new repositories has been unlocked for this organization.","docs_reference_links":"N/A","fieldsIndex":120},{"action":"org.codeql_disabled","description":"Code scanning using the default setup was disabled for an organization.","docs_reference_links":"/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning-at-scale","docs_reference_titles":"Configuring default setup for code scanning at scale","fieldsIndex":11},{"action":"org.codeql_enabled","description":"Code scanning using the default setup was enabled for an organization.","docs_reference_links":"/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning-at-scale","docs_reference_titles":"Configuring default setup for code scanning at scale","fieldsIndex":1},{"action":"org.codespaces_access_updated","description":"Access to use Codespaces on internal and private repositories was updated for an organization.","docs_reference_links":"/codespaces/managing-codespaces-for-your-organization/enabling-or-disabling-github-codespaces-for-your-organization","docs_reference_titles":"/codespaces/managing-codespaces-for-your-organization/enabling-or-disabling-github-codespaces-for-your-organization","fieldsIndex":121},{"action":"org.codespaces_ownership_updated","description":"Ownership and payment for codespaces was updated for an organization.","docs_reference_links":"/codespaces/managing-codespaces-for-your-organization/choosing-who-owns-and-pays-for-codespaces-in-your-organization","docs_reference_titles":"/codespaces/managing-codespaces-for-your-organization/choosing-who-owns-and-pays-for-codespaces-in-your-organization","fieldsIndex":122},{"action":"org.codespaces_team_access_allowed","description":"A team has been allowed to use Codespaces for an organization.","docs_reference_links":"N/A","fieldsIndex":123},{"action":"org.codespaces_team_access_revoked","description":"A team has been prevented from using Codespaces for an organization.","docs_reference_links":"N/A","fieldsIndex":123},{"action":"org.codespaces_trusted_repo_access_granted","description":"GitHub Codespaces was granted trusted repository access to all other repositories in an organization.","docs_reference_links":"/codespaces/managing-codespaces-for-your-organization/managing-repository-access-for-your-organizations-codespaces","docs_reference_titles":"Managing access to other repositories within your codespace","fieldsIndex":32},{"action":"org.codespaces_trusted_repo_access_revoked","description":"GitHub Codespaces trusted repository access to all other repositories in an organization was revoked.","docs_reference_links":"/codespaces/managing-codespaces-for-your-organization/managing-repository-access-for-your-organizations-codespaces","docs_reference_titles":"Managing access to other repositories within your codespace","fieldsIndex":120},{"action":"org.codespaces_user_access_allowed","description":"A user has been allowed to use Codespaces for an organization.","docs_reference_links":"N/A","fieldsIndex":11},{"action":"org.codespaces_user_access_revoked","description":"A user has been prevented from using Codespaces for an organization.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"org.config.disable_collaborators_only","description":"The interaction limit for collaborators only for an organization was disabled.","docs_reference_links":"/communities/moderating-comments-and-conversations/limiting-interactions-in-your-organization#limiting-interactions-in-your-organization","docs_reference_titles":"/communities/moderating-comments-and-conversations/limiting-interactions-in-your-organization#limiting-interactions-in-your-organization","fieldsIndex":11},{"action":"org.config.disable_contributors_only","description":"The interaction limit for prior contributors only for an organization was disabled.","docs_reference_links":"/communities/moderating-comments-and-conversations/limiting-interactions-in-your-organization#limiting-interactions-in-your-organization","docs_reference_titles":"/communities/moderating-comments-and-conversations/limiting-interactions-in-your-organization#limiting-interactions-in-your-organization","fieldsIndex":15},{"action":"org.config.disable_sockpuppet_disallowed","description":"The interaction limit for existing users only for an organization was disabled.","docs_reference_links":"/communities/moderating-comments-and-conversations/limiting-interactions-in-your-organization#limiting-interactions-in-your-organization","docs_reference_titles":"/communities/moderating-comments-and-conversations/limiting-interactions-in-your-organization#limiting-interactions-in-your-organization","fieldsIndex":15},{"action":"org.config.enable_collaborators_only","description":"The interaction limit for collaborators only for an organization was enabled.","docs_reference_links":"/communities/moderating-comments-and-conversations/limiting-interactions-in-your-organization#limiting-interactions-in-your-organization","docs_reference_titles":"/communities/moderating-comments-and-conversations/limiting-interactions-in-your-organization#limiting-interactions-in-your-organization","fieldsIndex":16},{"action":"org.config.enable_contributors_only","description":"The interaction limit for prior contributors only for an organization was enabled.","docs_reference_links":"/communities/moderating-comments-and-conversations/limiting-interactions-in-your-organization#limiting-interactions-in-your-organization","docs_reference_titles":"/communities/moderating-comments-and-conversations/limiting-interactions-in-your-organization#limiting-interactions-in-your-organization","fieldsIndex":15},{"action":"org.config.enable_sockpuppet_disallowed","description":"The interaction limit for existing users only for an organization was enabled.","docs_reference_links":"/communities/moderating-comments-and-conversations/limiting-interactions-in-your-organization#limiting-interactions-in-your-organization","docs_reference_titles":"/communities/moderating-comments-and-conversations/limiting-interactions-in-your-organization#limiting-interactions-in-your-organization","fieldsIndex":16},{"action":"org.configure_self_hosted_jit_runner","description":"A new just-in-time GitHub Actions self-hosted runner was configured","docs_reference_links":"/rest/actions/self-hosted-runners#create-configuration-for-a-just-in-time-runner-for-an-organization","docs_reference_titles":"/rest/actions/self-hosted-runners#create-configuration-for-a-just-in-time-runner-for-an-organization","fieldsIndex":52},{"action":"org.confirm_business_invitation","description":"An invitation for an organization to join an enterprise was confirmed.","docs_reference_links":"/admin/user-management/managing-organizations-in-your-enterprise/adding-organizations-to-your-enterprise#inviting-an-organization-to-join-your-enterprise-account","docs_reference_titles":"Adding organizations to your enterprise","fieldsIndex":124},{"action":"org.connect_usage_metrics_export","description":"Server statistics were exported for the organization.","docs_reference_links":"/admin/monitoring-activity-in-your-enterprise/analyzing-how-your-team-works-with-server-statistics/exporting-server-statistics","docs_reference_titles":"Exporting Server Statistics","fieldsIndex":0},{"action":"org.create","description":"An organization was created.","docs_reference_links":"/organizations/collaborating-with-groups-in-organizations/creating-a-new-organization-from-scratch","docs_reference_titles":"/organizations/collaborating-with-groups-in-organizations/creating-a-new-organization-from-scratch","fieldsIndex":1},{"action":"org.create_actions_secret","description":"A GitHub Actions secret was created for an organization.","docs_reference_links":"/actions/security-guides/using-secrets-in-github-actions#creating-secrets-for-an-organization","docs_reference_titles":"Using secrets in GitHub Actions","fieldsIndex":125},{"action":"org.create_actions_variable","description":"A GitHub Actions variable was created for an organization.","docs_reference_links":"/actions/learn-github-actions/variables#creating-configuration-variables-for-an-organization","docs_reference_titles":"Store information in variables","fieldsIndex":125},{"action":"org.create_integration_secret","description":"A Codespaces or Dependabot secret was created for an organization.","docs_reference_links":"N/A","fieldsIndex":126},{"action":"org_credential_authorization.deauthorize","description":"A member removed the SSO (SAML or OIDC) authorization from a credential that had access to your organization.","docs_reference_links":"/authentication/authenticating-with-saml-single-sign-on/authorizing-a-personal-access-token-for-use-with-saml-single-sign-on","docs_reference_titles":"Authorizing a personal access token for use with single sign-on","fieldsIndex":127},{"action":"org_credential_authorization.grant","description":"A member authorized credentials for use with SAML or OIDC single sign-on.","docs_reference_links":"/authentication/authenticating-with-saml-single-sign-on","docs_reference_titles":"Authenticating with single sign-on","fieldsIndex":127},{"action":"org_credential_authorization.revoke","description":"An owner revoked authorized credentials.","docs_reference_links":"/organizations/granting-access-to-your-organization-with-saml-single-sign-on/viewing-and-managing-a-members-saml-access-to-your-organization","docs_reference_titles":"Viewing and managing a member's SAML access to your organization","fieldsIndex":128},{"action":"org.delete","description":"An organization was deleted by a user or staff.","docs_reference_links":"N/A","fieldsIndex":52},{"action":"org.delete_custom_image","description":"A custom image was deleted for an organization.","docs_reference_links":"/actions/how-tos/manage-runners/larger-runners/use-custom-images","docs_reference_titles":"/actions/how-tos/manage-runners/larger-runners/use-custom-images","fieldsIndex":16},{"action":"org.delete_custom_image_version","description":"A custom image version was deleted for an organization.","docs_reference_links":"/actions/how-tos/manage-runners/larger-runners/use-custom-images","docs_reference_titles":"/actions/how-tos/manage-runners/larger-runners/use-custom-images","fieldsIndex":52},{"action":"org.disable_member_team_creation_permission","description":"Team creation was limited to owners.","docs_reference_links":"/organizations/managing-organization-settings/setting-team-creation-permissions-in-your-organization","docs_reference_titles":"/organizations/managing-organization-settings/setting-team-creation-permissions-in-your-organization","fieldsIndex":52},{"action":"org.disable_oauth_app_restrictions","description":"Third-party application access restrictions for an organization were disabled.","docs_reference_links":"/organizations/managing-oauth-access-to-your-organizations-data/disabling-oauth-app-access-restrictions-for-your-organization","docs_reference_titles":"/organizations/managing-oauth-access-to-your-organizations-data/disabling-oauth-app-access-restrictions-for-your-organization","fieldsIndex":15},{"action":"org.disable_reader_discussion_creation_permission","description":"An organization owner limited discussion creation to users with at least triage permission in an organization.","docs_reference_links":"/organizations/managing-organization-settings/managing-discussion-creation-for-repositories-in-your-organization","docs_reference_titles":"/organizations/managing-organization-settings/managing-discussion-creation-for-repositories-in-your-organization","fieldsIndex":15},{"action":"org.disable_saml","description":"SAML single sign-on was disabled for an organization.","docs_reference_links":"N/A","fieldsIndex":129},{"action":"org.disable_source_ip_disclosure","description":"Display of IP addresses within audit log events for the organization was disabled.","docs_reference_links":"/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/displaying-ip-addresses-in-the-audit-log-for-your-organization","docs_reference_titles":"/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/displaying-ip-addresses-in-the-audit-log-for-your-organization","fieldsIndex":15},{"action":"org.disable_two_factor_requirement","description":"A two-factor authentication requirement was disabled for the organization.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"org.display_commenter_full_name_disabled","description":"An organization owner disabled the display of a commenter's full name in an organization. Members cannot see a comment author's full name.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"org.display_commenter_full_name_enabled","description":"An organization owner enabled the display of a commenter's full name in an organization. Members can see a comment author's full name.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"org.enable_member_team_creation_permission","description":"Team creation by members was allowed.","docs_reference_links":"/organizations/managing-organization-settings/setting-team-creation-permissions-in-your-organization","docs_reference_titles":"/organizations/managing-organization-settings/setting-team-creation-permissions-in-your-organization","fieldsIndex":11},{"action":"org.enable_oauth_app_restrictions","description":"Third-party application access restrictions for an organization were enabled.","docs_reference_links":"/organizations/managing-oauth-access-to-your-organizations-data/enabling-oauth-app-access-restrictions-for-your-organization","docs_reference_titles":"/organizations/managing-oauth-access-to-your-organizations-data/enabling-oauth-app-access-restrictions-for-your-organization","fieldsIndex":15},{"action":"org.enable_reader_discussion_creation_permission","description":"An organization owner allowed users with read access to create discussions in an organization","docs_reference_links":"/organizations/managing-organization-settings/managing-discussion-creation-for-repositories-in-your-organization","docs_reference_titles":"/organizations/managing-organization-settings/managing-discussion-creation-for-repositories-in-your-organization","fieldsIndex":15},{"action":"org.enable_saml","description":"SAML single sign-on was enabled for the organization.","docs_reference_links":"/organizations/managing-saml-single-sign-on-for-your-organization/enabling-and-testing-saml-single-sign-on-for-your-organization","docs_reference_titles":"Enabling and testing SAML single sign-on for your organization","fieldsIndex":129},{"action":"org.enable_source_ip_disclosure","description":"Display of IP addresses within audit log events for the organization was enabled.","docs_reference_links":"/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/displaying-ip-addresses-in-the-audit-log-for-your-organization","docs_reference_titles":"/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/displaying-ip-addresses-in-the-audit-log-for-your-organization","fieldsIndex":15},{"action":"org.enable_two_factor_requirement","description":"Two-factor authentication is now required for the organization.","docs_reference_links":"/organizations/keeping-your-organization-secure/managing-two-factor-authentication-for-your-organization/requiring-two-factor-authentication-in-your-organization","docs_reference_titles":"/organizations/keeping-your-organization-secure/managing-two-factor-authentication-for-your-organization/requiring-two-factor-authentication-in-your-organization","fieldsIndex":11},{"action":"org.integration_manager_added","description":"An organization owner granted a member access to manage all GitHub Apps owned by an organization.","docs_reference_links":"N/A","fieldsIndex":130},{"action":"org.integration_manager_removed","description":"An organization owner removed access to manage all GitHub Apps owned by an organization from an organization member.","docs_reference_links":"N/A","fieldsIndex":130},{"action":"org.invite_member","description":"A new user was invited to join an organization.","docs_reference_links":"/organizations/managing-membership-in-your-organization/inviting-users-to-join-your-organization","docs_reference_titles":"/organizations/managing-membership-in-your-organization/inviting-users-to-join-your-organization","fieldsIndex":118},{"action":"org.invite_to_business","description":"An organization was invited to join an enterprise.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"org.members_can_update_protected_branches.disable","description":"The ability for enterprise members to update protected branches was disabled. Only enterprise owners can update protected branches.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"org.members_can_update_protected_branches.enable","description":"The ability for enterprise members to update protected branches was enabled. Members of an organization can update protected branches.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"org.members_limit_warning","description":"An organization is approaching its members limit.","docs_reference_links":"N/A","fieldsIndex":131},{"action":"org.oauth_app_access_approved","description":"Access to an organization was granted for an OAuth App.","docs_reference_links":"/organizations/managing-oauth-access-to-your-organizations-data/approving-oauth-apps-for-your-organization","docs_reference_titles":"/organizations/managing-oauth-access-to-your-organizations-data/approving-oauth-apps-for-your-organization","fieldsIndex":132},{"action":"org.oauth_app_access_blocked","description":"N/A","docs_reference_links":"N/A","fieldsIndex":132},{"action":"org.oauth_app_access_denied","description":"Access was disabled for an OAuth App that was previously approved.","docs_reference_links":"/organizations/managing-oauth-access-to-your-organizations-data/denying-access-to-a-previously-approved-oauth-app-for-your-organization","docs_reference_titles":"/organizations/managing-oauth-access-to-your-organizations-data/denying-access-to-a-previously-approved-oauth-app-for-your-organization","fieldsIndex":132},{"action":"org.oauth_app_access_requested","description":"An organization member requested that an owner grant an OAuth App access to an organization.","docs_reference_links":"N/A","fieldsIndex":132},{"action":"org.oauth_app_access_unblocked","description":"N/A","docs_reference_links":"N/A","fieldsIndex":132},{"action":"org.rate_limited_invites","description":"N/A","docs_reference_links":"N/A","fieldsIndex":15},{"action":"org.recovery_code_failed","description":"An organization owner failed to sign into a organization with an external identity provider (IdP) using a recovery code.","docs_reference_links":"/organizations/managing-saml-single-sign-on-for-your-organization/accessing-your-organization-if-your-identity-provider-is-unavailable","docs_reference_titles":"Accessing your organization if your identity provider is unavailable","fieldsIndex":133},{"action":"org.recovery_code_used","description":"An organization owner successfully signed into an organization with an external identity provider (IdP) using a recovery code.","docs_reference_links":"/organizations/managing-saml-single-sign-on-for-your-organization/accessing-your-organization-if-your-identity-provider-is-unavailable","docs_reference_titles":"Accessing your organization if your identity provider is unavailable","fieldsIndex":15},{"action":"org.recovery_codes_downloaded","description":"An organization owner downloaded the organization's SSO recovery codes.","docs_reference_links":"/organizations/managing-saml-single-sign-on-for-your-organization/downloading-your-organizations-saml-single-sign-on-recovery-codes","docs_reference_titles":"Downloading your organization's SAML single sign-on recovery codes","fieldsIndex":15},{"action":"org.recovery_codes_generated","description":"An organization owner generated the organization's SSO recovery codes.","docs_reference_links":"/organizations/managing-saml-single-sign-on-for-your-organization/downloading-your-organizations-saml-single-sign-on-recovery-codes","docs_reference_titles":"Downloading your organization's SAML single sign-on recovery codes","fieldsIndex":15},{"action":"org.recovery_codes_printed","description":"An organization owner printed the organization's SSO recovery codes.","docs_reference_links":"/organizations/managing-saml-single-sign-on-for-your-organization/downloading-your-organizations-saml-single-sign-on-recovery-codes","docs_reference_titles":"Downloading your organization's SAML single sign-on recovery codes","fieldsIndex":15},{"action":"org.recovery_codes_viewed","description":"An organization owner viewed the organization's SSO recovery codes.","docs_reference_links":"/organizations/managing-saml-single-sign-on-for-your-organization/downloading-your-organizations-saml-single-sign-on-recovery-codes","docs_reference_titles":"Downloading your organization's SAML single sign-on recovery codes","fieldsIndex":15},{"action":"org.register_self_hosted_runner","description":"A new self-hosted runner was registered.","docs_reference_links":"/actions/hosting-your-own-runners/managing-self-hosted-runners/adding-self-hosted-runners#adding-a-self-hosted-runner-to-an-organization","docs_reference_titles":"Adding self-hosted runners","fieldsIndex":62},{"action":"org.remove_actions_secret","description":"A GitHub Actions secret was removed from an organization.","docs_reference_links":"/actions/security-guides/using-secrets-in-github-actions#creating-secrets-for-an-organization","docs_reference_titles":"Using secrets in GitHub Actions","fieldsIndex":134},{"action":"org.remove_actions_variable","description":"A GitHub Actions variable was removed from an organization.","docs_reference_links":"/actions/learn-github-actions/variables#creating-configuration-variables-for-an-organization","docs_reference_titles":"Store information in variables","fieldsIndex":134},{"action":"org.remove_billing_manager","description":"A billing manager was removed from an organization, either manually or due to a two-factor authentication requirement.","docs_reference_links":"/organizations/managing-peoples-access-to-your-organization-with-roles/removing-a-billing-manager-from-your-organization, /organizations/keeping-your-organization-secure/managing-two-factor-authentication-for-your-organization/requiring-two-factor-authentication-in-your-organization","docs_reference_titles":"/organizations/managing-peoples-access-to-your-organization-with-roles/removing-a-billing-manager-from-your-organization, /organizations/keeping-your-organization-secure/managing-two-factor-authentication-for-your-organization/requiring-two-factor-authentication-in-your-organization","fieldsIndex":52},{"action":"org.remove_disallowed_two_factor_method","description":"Removed a two-factor authentication method restriction for an organization.","docs_reference_links":"N/A","fieldsIndex":109},{"action":"org.remove_integration_secret","description":"A Codespaces or Dependabot secret was removed from an organization.","docs_reference_links":"N/A","fieldsIndex":135},{"action":"org.remove_member","description":"A member was removed from an organization, either manually or due to a two-factor authentication requirement.","docs_reference_links":"N/A","fieldsIndex":52},{"action":"org.remove_outside_collaborator","description":"An outside collaborator was removed from an organization, either manually or due to a two-factor authentication requirement.","docs_reference_links":"N/A","fieldsIndex":52},{"action":"org.remove_security_manager","description":"N/A","docs_reference_links":"N/A","fieldsIndex":136},{"action":"org.remove_self_hosted_runner","description":"A self-hosted runner was removed.","docs_reference_links":"/actions/hosting-your-own-runners/managing-self-hosted-runners/removing-self-hosted-runners#removing-a-runner-from-an-organization","docs_reference_titles":"Removing self-hosted runners","fieldsIndex":52},{"action":"org.rename","description":"An organization was renamed.","docs_reference_links":"N/A","fieldsIndex":137},{"action":"org.required_workflow_create","description":"Triggered when a required workflow is created.","docs_reference_links":"/actions/using-workflows/required-workflows","docs_reference_titles":"/actions/using-workflows/required-workflows","fieldsIndex":0},{"action":"org.required_workflow_delete","description":"Triggered when a required workflow is deleted.","docs_reference_links":"/actions/using-workflows/required-workflows","docs_reference_titles":"/actions/using-workflows/required-workflows","fieldsIndex":0},{"action":"org.required_workflow_update","description":"Triggered when a required workflow is updated.","docs_reference_links":"/actions/using-workflows/required-workflows","docs_reference_titles":"/actions/using-workflows/required-workflows","fieldsIndex":0},{"action":"org.restore_member","description":"An organization member was restored.","docs_reference_links":"/organizations/managing-membership-in-your-organization/reinstating-a-former-member-of-your-organization","docs_reference_titles":"/organizations/managing-membership-in-your-organization/reinstating-a-former-member-of-your-organization","fieldsIndex":1},{"action":"org.revoke_external_identity","description":"A member's linked identity was revoked.","docs_reference_links":"/organizations/granting-access-to-your-organization-with-saml-single-sign-on/viewing-and-managing-a-members-saml-access-to-your-organization#viewing-and-revoking-a-linked-identity","docs_reference_titles":"Viewing and managing a member's SAML access to your organization","fieldsIndex":15},{"action":"org.revoke_sso_session","description":"A member's SAML session was revoked.","docs_reference_links":"/organizations/granting-access-to-your-organization-with-saml-single-sign-on/viewing-and-managing-a-members-saml-access-to-your-organization#viewing-and-revoking-a-linked-identity","docs_reference_titles":"Viewing and managing a member's SAML access to your organization","fieldsIndex":15},{"action":"org.runner_group_created","description":"A self-hosted runner group was created.","docs_reference_links":"/actions/hosting-your-own-runners/managing-self-hosted-runners/managing-access-to-self-hosted-runners-using-groups#creating-a-self-hosted-runner-group-for-an-organization","docs_reference_titles":"Managing access to self-hosted runners using groups","fieldsIndex":138},{"action":"org.runner_group_removed","description":"A self-hosted runner group was removed.","docs_reference_links":"/actions/hosting-your-own-runners/managing-self-hosted-runners/managing-access-to-self-hosted-runners-using-groups#removing-a-self-hosted-runner-group","docs_reference_titles":"Managing access to self-hosted runners using groups","fieldsIndex":139},{"action":"org.runner_group_renamed","description":"A self-hosted runner group was renamed.","docs_reference_links":"/actions/hosting-your-own-runners/managing-self-hosted-runners/managing-access-to-self-hosted-runners-using-groups#changing-the-access-policy-of-a-self-hosted-runner-group","docs_reference_titles":"Managing access to self-hosted runners using groups","fieldsIndex":140},{"action":"org.runner_group_runner_removed","description":"The REST API was used to remove a self-hosted runner from a group.","docs_reference_links":"/rest/actions#remove-a-self-hosted-runner-from-a-group-for-an-organization","docs_reference_titles":"/rest/actions#remove-a-self-hosted-runner-from-a-group-for-an-organization","fieldsIndex":141},{"action":"org.runner_group_runners_added","description":"A self-hosted runner was added to a group.","docs_reference_links":"/actions/hosting-your-own-runners/managing-self-hosted-runners/managing-access-to-self-hosted-runners-using-groups#moving-a-self-hosted-runner-to-a-group","docs_reference_titles":"Managing access to self-hosted runners using groups","fieldsIndex":139},{"action":"org.runner_group_runners_updated","description":"A runner group's list of members was updated.","docs_reference_links":"/rest/actions#set-self-hosted-runners-in-a-group-for-an-organization","docs_reference_titles":"/rest/actions#set-self-hosted-runners-in-a-group-for-an-organization","fieldsIndex":139},{"action":"org.runner_group_updated","description":"The configuration of a self-hosted runner group was changed.","docs_reference_links":"/actions/hosting-your-own-runners/managing-self-hosted-runners/managing-access-to-self-hosted-runners-using-groups#changing-the-access-policy-of-a-self-hosted-runner-group","docs_reference_titles":"Managing access to self-hosted runners using groups","fieldsIndex":138},{"action":"org.runner_group_visiblity_updated","description":"The visibility of a self-hosted runner group was updated via the REST API.","docs_reference_links":"/rest/actions#update-a-self-hosted-runner-group-for-an-organization","docs_reference_titles":"/rest/actions#update-a-self-hosted-runner-group-for-an-organization","fieldsIndex":142},{"action":"org.secret_protection_metered_usage_lock","description":"Enablement for Secret Protection features on new repositories has been locked for this organization.","docs_reference_links":"N/A","fieldsIndex":119},{"action":"org.secret_protection_metered_usage_unlock","description":"Enablement for Secret Protection features on new repositories has been unlocked for this organization.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"org_secret_scanning_automatic_validity_checks.disabled","description":"Automatic partner validation checks have been disabled at the organization level","docs_reference_links":"/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization#allowing-validity-checks-for-partner-patterns-in-an-organization","docs_reference_titles":"/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization#allowing-validity-checks-for-partner-patterns-in-an-organization","fieldsIndex":11},{"action":"org_secret_scanning_automatic_validity_checks.enabled","description":"Automatic partner validation checks have been enabled at the organization level","docs_reference_links":"/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization#allowing-validity-checks-for-partner-patterns-in-an-organization","docs_reference_titles":"/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization#allowing-validity-checks-for-partner-patterns-in-an-organization","fieldsIndex":16},{"action":"org_secret_scanning_custom_pattern.create","description":"A custom pattern was created for secret scanning in an organization.","docs_reference_links":"/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning#defining-a-custom-pattern-for-an-organization","docs_reference_titles":"Defining custom patterns for secret scanning","fieldsIndex":11},{"action":"org_secret_scanning_custom_pattern.delete","description":"A custom pattern was removed from secret scanning in an organization.","docs_reference_links":"/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning#removing-a-custom-pattern","docs_reference_titles":"Defining custom patterns for secret scanning","fieldsIndex":15},{"action":"org_secret_scanning_custom_pattern.publish","description":"A custom pattern was published for secret scanning in an organization.","docs_reference_links":"/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning#defining-a-custom-pattern-for-an-organization","docs_reference_titles":"Defining custom patterns for secret scanning","fieldsIndex":15},{"action":"org.secret_scanning_custom_pattern_push_protection_disabled","description":"Push protection for a custom pattern for secret scanning was disabled for an organization.","docs_reference_links":"/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning#defining-a-custom-pattern-for-an-organization","docs_reference_titles":"Defining custom patterns for secret scanning","fieldsIndex":0},{"action":"org.secret_scanning_custom_pattern_push_protection_enabled","description":"Push protection for a custom pattern for secret scanning was enabled for an organization.","docs_reference_links":"/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning#defining-a-custom-pattern-for-an-organization","docs_reference_titles":"Defining custom patterns for secret scanning","fieldsIndex":0},{"action":"org_secret_scanning_custom_pattern.update","description":"Changes to a custom pattern were saved and a dry run was executed for secret scanning in an organization.","docs_reference_links":"/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning#editing-a-custom-pattern","docs_reference_titles":"Defining custom patterns for secret scanning","fieldsIndex":15},{"action":"org_secret_scanning_generic_secrets.disabled","description":"Generic secrets have been disabled at the organization level","docs_reference_links":"N/A","fieldsIndex":0},{"action":"org_secret_scanning_generic_secrets.enabled","description":"Generic secrets have been enabled at the organization level","docs_reference_links":"N/A","fieldsIndex":0},{"action":"org_secret_scanning_non_provider_patterns.disabled","description":"Secret scanning for non-provider patterns was disabled at the organization level.","docs_reference_links":"/code-security/secret-scanning/secret-scanning-patterns#non-provider-patterns","docs_reference_titles":"Supported secret scanning patterns","fieldsIndex":15},{"action":"org_secret_scanning_non_provider_patterns.enabled","description":"Secret scanning for non-provider patterns was enabled at the organization level.","docs_reference_links":"/code-security/secret-scanning/secret-scanning-patterns#non-provider-patterns","docs_reference_titles":"Supported secret scanning patterns","fieldsIndex":15},{"action":"org_secret_scanning_push_protection_bypass_list.add","description":"A role or team was added to the push protection bypass list at the organization level.","docs_reference_links":"/code-security/secret-scanning/push-protection-for-repositories-and-organizations#enabling-delegated-bypass-for-push-protection","docs_reference_titles":"Push protection","fieldsIndex":52},{"action":"org_secret_scanning_push_protection_bypass_list.disable","description":"Push protection settings for \"Users who can bypass push protection for secret scanning\" changed from \"Specific roles or teams\" to \"Anyone with write access\" at the organization level.","docs_reference_links":"/code-security/secret-scanning/push-protection-for-repositories-and-organizations#enabling-delegated-bypass-for-push-protection","docs_reference_titles":"Push protection","fieldsIndex":15},{"action":"org_secret_scanning_push_protection_bypass_list.enable","description":"Push protection settings for \"Users who can bypass push protection for secret scanning\" changed from \"Anyone with write access\" to \"Specific roles or teams\" at the organization level.","docs_reference_links":"/code-security/secret-scanning/push-protection-for-repositories-and-organizations#enabling-delegated-bypass-for-push-protection","docs_reference_titles":"Push protection","fieldsIndex":15},{"action":"org_secret_scanning_push_protection_bypass_list.remove","description":"A role or team was removed from the push protection bypass list at the organization level.","docs_reference_links":"/code-security/secret-scanning/push-protection-for-repositories-and-organizations#enabling-delegated-bypass-for-push-protection","docs_reference_titles":"Push protection","fieldsIndex":52},{"action":"org.secret_scanning_push_protection_custom_message_disabled","description":"The custom message triggered by an attempted push to a push-protected repository was disabled for an organization.","docs_reference_links":"/code-security/secret-scanning/protecting-pushes-with-secret-scanning#enabling-secret-scanning-as-a-push-protection-for-an-organization","docs_reference_titles":"Push protection","fieldsIndex":1},{"action":"org.secret_scanning_push_protection_custom_message_enabled","description":"The custom message triggered by an attempted push to a push-protected repository was enabled for an organization.","docs_reference_links":"/code-security/secret-scanning/protecting-pushes-with-secret-scanning#enabling-secret-scanning-as-a-push-protection-for-an-organization","docs_reference_titles":"Push protection","fieldsIndex":1},{"action":"org.secret_scanning_push_protection_custom_message_updated","description":"The custom message triggered by an attempted push to a push-protected repository was updated for an organization.","docs_reference_links":"/code-security/secret-scanning/protecting-pushes-with-secret-scanning#enabling-secret-scanning-as-a-push-protection-for-an-organization","docs_reference_titles":"Push protection","fieldsIndex":1},{"action":"org.secret_scanning_push_protection_disable","description":"Push protection for secret scanning was disabled.","docs_reference_links":"/code-security/secret-scanning/protecting-pushes-with-secret-scanning","docs_reference_titles":"Push protection","fieldsIndex":11},{"action":"org.secret_scanning_push_protection_enable","description":"Push protection for secret scanning was enabled.","docs_reference_links":"/code-security/secret-scanning/push-protection-for-repositories-and-organizations","docs_reference_titles":"Push protection","fieldsIndex":52},{"action":"org.secret_scanning_push_protection_new_repos_disable","description":"Push protection for secret scanning was disabled for all new repositories in the organization.","docs_reference_links":"/code-security/secret-scanning/push-protection-for-repositories-and-organizations","docs_reference_titles":"Push protection","fieldsIndex":52},{"action":"org.secret_scanning_push_protection_new_repos_enable","description":"Push protection for secret scanning was enabled for all new repositories in the organization.","docs_reference_links":"/code-security/secret-scanning/push-protection-for-repositories-and-organizations","docs_reference_titles":"Push protection","fieldsIndex":52},{"action":"org_secret_scanning_push_protection_pattern_configuration.push_protection_setting_changed","description":"The push protection setting was updated for a secret type for your organization.","docs_reference_links":"/code-security/secret-scanning/push-protection-for-repositories-and-organizations","docs_reference_titles":"Push protection","fieldsIndex":143},{"action":"org_secret_scanning_push_protection_pattern_configuration.updated","description":"The push protection pattern configuration was updated for your organization.","docs_reference_links":"/code-security/secret-scanning/push-protection-for-repositories-and-organizations","docs_reference_titles":"Push protection","fieldsIndex":144},{"action":"org.security_center_export_code_scanning_metrics","description":"A CSV export was requested on the CodeQL pull request alerts page.","docs_reference_links":"N/A","fieldsIndex":145},{"action":"org.security_center_export_coverage","description":"A CSV export was requested on the Coverage page.","docs_reference_links":"N/A","fieldsIndex":146},{"action":"org.security_center_export_overview_dashboard","description":"A CSV export was requested on the Overview Dashboard page.","docs_reference_links":"N/A","fieldsIndex":145},{"action":"org.security_center_export_risk","description":"A CSV export was requested on the Risk page.","docs_reference_links":"N/A","fieldsIndex":146},{"action":"org.self_hosted_runner_offline","description":"The runner application was stopped. This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports.","docs_reference_links":"/actions/hosting-your-own-runners/managing-self-hosted-runners/monitoring-and-troubleshooting-self-hosted-runners#checking-the-status-of-a-self-hosted-runner","docs_reference_titles":"Monitoring and troubleshooting self-hosted runners","fieldsIndex":147},{"action":"org.self_hosted_runner_online","description":"The runner application was started. This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports.","docs_reference_links":"/actions/hosting-your-own-runners/managing-self-hosted-runners/monitoring-and-troubleshooting-self-hosted-runners#checking-the-status-of-a-self-hosted-runner","docs_reference_titles":"Monitoring and troubleshooting self-hosted runners","fieldsIndex":147},{"action":"org.self_hosted_runner_updated","description":"The runner application was updated. This event is not included in the JSON/CSV export.","docs_reference_links":"/actions/hosting-your-own-runners/managing-self-hosted-runners/about-self-hosted-runners#about-self-hosted-runners","docs_reference_titles":"Self-hosted runners","fieldsIndex":148},{"action":"org.set_actions_cache_retention_policy","description":"The cache retention policy for GitHub Actions was set for an organization.","docs_reference_links":"/organizations/managing-organization-settings/managing-github-actions-settings-for-your-organization","docs_reference_titles":"/organizations/managing-organization-settings/managing-github-actions-settings-for-your-organization","fieldsIndex":16},{"action":"org.set_actions_cache_storage_policy","description":"The cache storage policy for GitHub Actions was set for an organization.","docs_reference_links":"/organizations/managing-organization-settings/managing-github-actions-settings-for-your-organization","docs_reference_titles":"/organizations/managing-organization-settings/managing-github-actions-settings-for-your-organization","fieldsIndex":11},{"action":"org.set_actions_fork_pr_approvals_policy","description":"The setting for requiring approvals for workflows from public forks was changed for an organization.","docs_reference_links":"/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization#requiring-approval-for-workflows-from-public-forks","docs_reference_titles":"/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization#requiring-approval-for-workflows-from-public-forks","fieldsIndex":149},{"action":"org.set_actions_private_fork_pr_approvals_policy","description":"The policy for requiring approval for fork pull request workflows from collaborators without write access to private repos was changed for an organization.","docs_reference_links":"/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization#enabling-workflows-for-private-repository-forks","docs_reference_titles":"/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization#enabling-workflows-for-private-repository-forks","fieldsIndex":150},{"action":"org.set_actions_retention_limit","description":"The retention period for GitHub Actions artifacts and logs in an organization was changed.","docs_reference_links":"/organizations/managing-organization-settings/configuring-the-retention-period-for-github-actions-artifacts-and-logs-in-your-organization","docs_reference_titles":"/organizations/managing-organization-settings/configuring-the-retention-period-for-github-actions-artifacts-and-logs-in-your-organization","fieldsIndex":151},{"action":"org.set_custom_invitation_rate_limit","description":"N/A","docs_reference_links":"N/A","fieldsIndex":15},{"action":"org.set_default_workflow_permissions","description":"The default permissions granted to the GITHUB_TOKEN when running workflows were changed for an organization.","docs_reference_links":"/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization#setting-the-permissions-of-the-github_token-for-your-organization","docs_reference_titles":"/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization#setting-the-permissions-of-the-github_token-for-your-organization","fieldsIndex":52},{"action":"org.set_fork_pr_workflows_policy","description":"The policy for workflows on private repository forks was changed.","docs_reference_links":"/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization#enabling-workflows-for-private-repository-forks","docs_reference_titles":"/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization#enabling-workflows-for-private-repository-forks","fieldsIndex":149},{"action":"org.set_workflow_permission_can_approve_pr","description":"The policy for allowing GitHub Actions to create and approve pull requests was changed for an organization.","docs_reference_links":"/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization#preventing-github-actions-from-creating-or-approving-pull-requests","docs_reference_titles":"/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization#preventing-github-actions-from-creating-or-approving-pull-requests","fieldsIndex":52},{"action":"org.sso_response","description":"A SAML single sign-on (SSO) response was generated when a member attempted to authenticate with your organization. This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports.","docs_reference_links":"N/A","fieldsIndex":152},{"action":"org.transfer","description":"An organization was transferred between enterprise accounts.","docs_reference_links":"/admin/user-management/managing-organizations-in-your-enterprise/adding-organizations-to-your-enterprise#transferring-an-organization-between-enterprise-accounts","docs_reference_titles":"Adding organizations to your enterprise","fieldsIndex":153},{"action":"org.transfer_outgoing","description":"An organization was transferred between enterprise accounts.","docs_reference_links":"/admin/managing-accounts-and-repositories/managing-organizations-in-your-enterprise/adding-organizations-to-your-enterprise#transferring-an-organization-between-enterprise-accounts","docs_reference_titles":"Adding organizations to your enterprise","fieldsIndex":153},{"action":"org.unarchive","description":"The organization was unarchived.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"org.unblock_user","description":"A user was unblocked from an organization.","docs_reference_links":"/communities/maintaining-your-safety-on-github/unblocking-a-user-from-your-organization","docs_reference_titles":"/communities/maintaining-your-safety-on-github/unblocking-a-user-from-your-organization","fieldsIndex":116},{"action":"org.update_actions_secret","description":"A GitHub Actions secret was updated for an organization.","docs_reference_links":"/actions/security-guides/using-secrets-in-github-actions#creating-secrets-for-an-organization","docs_reference_titles":"Using secrets in GitHub Actions","fieldsIndex":125},{"action":"org.update_actions_settings","description":"An organization owner or site administrator updated GitHub Actions policy settings for an organization.","docs_reference_links":"/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization","docs_reference_titles":"/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization","fieldsIndex":154},{"action":"org.update_actions_variable","description":"A GitHub Actions variable was updated for an organization.","docs_reference_links":"/actions/learn-github-actions/variables#creating-configuration-variables-for-an-organization","docs_reference_titles":"Store information in variables","fieldsIndex":125},{"action":"org.update_custom_images_policy","description":"The enterprise updated GitHub Actions custom image policy settings for an organization.","docs_reference_links":"/actions/how-tos/manage-runners/larger-runners/use-custom-images","docs_reference_titles":"/actions/how-tos/manage-runners/larger-runners/use-custom-images","fieldsIndex":155},{"action":"org.update_default_repository_permission","description":"The default repository permission level for organization members was changed.","docs_reference_links":"N/A","fieldsIndex":156},{"action":"org.update_immutable_releases_settings_policy","description":"The settings policy for immutable releases was updated for an organization.","docs_reference_links":"N/A","fieldsIndex":157},{"action":"org.update_integration_secret","description":"A Codespaces or Dependabot secret was updated for an organization.","docs_reference_links":"N/A","fieldsIndex":126},{"action":"org.update_member","description":"A person's role was changed from owner to member or member to owner.","docs_reference_links":"N/A","fieldsIndex":156},{"action":"org.update_member_repository_creation_permission","description":"The create repository permission for organization members was changed.","docs_reference_links":"N/A","fieldsIndex":158},{"action":"org.update_member_repository_invitation_permission","description":"An organization owner changed the policy setting for organization members inviting outside collaborators to repositories.","docs_reference_links":"/organizations/managing-organization-settings/setting-permissions-for-adding-outside-collaborators","docs_reference_titles":"Setting permissions for adding outside collaborators","fieldsIndex":159},{"action":"org.update_new_repository_default_branch_setting","description":"The name of the default branch was changed for new repositories in the organization.","docs_reference_links":"/organizations/managing-organization-settings/managing-the-default-branch-name-for-repositories-in-your-organization","docs_reference_titles":"/organizations/managing-organization-settings/managing-the-default-branch-name-for-repositories-in-your-organization","fieldsIndex":15},{"action":"org.update_repo_self_hosted_runners_policy","description":"The repository self-hosted runners policy was updated","docs_reference_links":"/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization#limiting-the-use-of-self-hosted-runners","docs_reference_titles":"/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization#limiting-the-use-of-self-hosted-runners","fieldsIndex":160},{"action":"org.update_saml_provider_settings","description":"An organization's SAML provider settings were updated.","docs_reference_links":"N/A","fieldsIndex":129},{"action":"org.update_terms_of_service","description":"An organization changed between the Standard Terms of Service and the GitHub Customer Agreement.","docs_reference_links":"/organizations/managing-organization-settings/upgrading-to-the-github-customer-agreement","docs_reference_titles":"/organizations/managing-organization-settings/upgrading-to-the-github-customer-agreement","fieldsIndex":11},{"action":"organization_custom_property_value.create","description":"An organization's custom property value was manually set for the first time.","docs_reference_links":"/admin/managing-accounts-and-repositories/managing-organizations-in-your-enterprise/managing-custom-properties-for-organization-in-your-enterprise","docs_reference_titles":"/admin/managing-accounts-and-repositories/managing-organizations-in-your-enterprise/managing-custom-properties-for-organization-in-your-enterprise","fieldsIndex":161},{"action":"organization_custom_property_value.destroy","description":"An organization's custom property value was deleted.","docs_reference_links":"/admin/managing-accounts-and-repositories/managing-organizations-in-your-enterprise/managing-custom-properties-for-organization-in-your-enterprise","docs_reference_titles":"/admin/managing-accounts-and-repositories/managing-organizations-in-your-enterprise/managing-custom-properties-for-organization-in-your-enterprise","fieldsIndex":161},{"action":"organization_default_label.create","description":"A default label was created for repositories in an organization.","docs_reference_links":"/organizations/managing-organization-settings/managing-default-labels-for-repositories-in-your-organization#creating-a-default-label","docs_reference_titles":"/organizations/managing-organization-settings/managing-default-labels-for-repositories-in-your-organization#creating-a-default-label","fieldsIndex":1},{"action":"organization_default_label.destroy","description":"A default label was deleted for repositories in an organization.","docs_reference_links":"/organizations/managing-organization-settings/managing-default-labels-for-repositories-in-your-organization#deleting-a-default-label","docs_reference_titles":"/organizations/managing-organization-settings/managing-default-labels-for-repositories-in-your-organization#deleting-a-default-label","fieldsIndex":15},{"action":"organization_default_label.update","description":"A default label was edited for repositories in an organization.","docs_reference_links":"/organizations/managing-organization-settings/managing-default-labels-for-repositories-in-your-organization#editing-a-default-label","docs_reference_titles":"/organizations/managing-organization-settings/managing-default-labels-for-repositories-in-your-organization#editing-a-default-label","fieldsIndex":15},{"action":"organization_domain.approve","description":"A domain was approved for an organization.","docs_reference_links":"/organizations/managing-organization-settings/verifying-or-approving-a-domain-for-your-organization#approving-a-domain-for-your-organization","docs_reference_titles":"/organizations/managing-organization-settings/verifying-or-approving-a-domain-for-your-organization#approving-a-domain-for-your-organization","fieldsIndex":162},{"action":"organization_domain.create","description":"A domain was added to an organization.","docs_reference_links":"/organizations/managing-organization-settings/verifying-or-approving-a-domain-for-your-organization#verifying-a-domain-for-your-organization","docs_reference_titles":"/organizations/managing-organization-settings/verifying-or-approving-a-domain-for-your-organization#verifying-a-domain-for-your-organization","fieldsIndex":162},{"action":"organization_domain.destroy","description":"A domain was removed from an organization.","docs_reference_links":"/organizations/managing-organization-settings/verifying-or-approving-a-domain-for-your-organization#removing-an-approved-or-verified-domain","docs_reference_titles":"/organizations/managing-organization-settings/verifying-or-approving-a-domain-for-your-organization#removing-an-approved-or-verified-domain","fieldsIndex":162},{"action":"organization_domain.verify","description":"A domain was verified for an organization.","docs_reference_links":"/organizations/managing-organization-settings/verifying-or-approving-a-domain-for-your-organization#verifying-a-domain-for-your-organization","docs_reference_titles":"/organizations/managing-organization-settings/verifying-or-approving-a-domain-for-your-organization#verifying-a-domain-for-your-organization","fieldsIndex":162},{"action":"organization_moderators.add_team","description":"N/A","docs_reference_links":"N/A","fieldsIndex":123},{"action":"organization_moderators.add_user","description":"N/A","docs_reference_links":"N/A","fieldsIndex":15},{"action":"organization_moderators.remove_team","description":"N/A","docs_reference_links":"N/A","fieldsIndex":123},{"action":"organization_moderators.remove_user","description":"N/A","docs_reference_links":"N/A","fieldsIndex":52},{"action":"organization_projects_change.clear","description":"An enterprise owner cleared the policy setting for organization-wide project boards in an enterprise.","docs_reference_links":"/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-projects-in-your-enterprise#enforcing-a-policy-for-organization-wide-project-boards","docs_reference_titles":"Enforcing policies for projects in your enterprise","fieldsIndex":11},{"action":"organization_projects_change.disable","description":"Organization projects were disabled for all organizations in an enterprise.","docs_reference_links":"/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-projects-in-your-enterprise#enforcing-a-policy-for-organization-wide-project-boards","docs_reference_titles":"Enforcing policies for projects in your enterprise","fieldsIndex":52},{"action":"organization_projects_change.enable","description":"Organization projects were enabled for all organizations in an enterprise.","docs_reference_links":"/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-projects-in-your-enterprise#enforcing-a-policy-for-organization-wide-project-boards","docs_reference_titles":"Enforcing policies for projects in your enterprise","fieldsIndex":52},{"action":"organization_role.assign","description":"An organization role was assigned to a user or team.","docs_reference_links":"/organizations/managing-peoples-access-to-your-organization-with-roles/about-custom-organization-roles","docs_reference_titles":"Permissions of custom organization roles","fieldsIndex":163},{"action":"organization_role.create","description":"A custom organization role was created in an organization.","docs_reference_links":"/organizations/managing-peoples-access-to-your-organization-with-roles/about-custom-organization-roles","docs_reference_titles":"Permissions of custom organization roles","fieldsIndex":164},{"action":"organization_role.destroy","description":"A custom organization role was deleted in an organization.","docs_reference_links":"/organizations/managing-peoples-access-to-your-organization-with-roles/about-custom-organization-roles","docs_reference_titles":"Permissions of custom organization roles","fieldsIndex":165},{"action":"organization_role.revoke","description":"A user or team was unassigned an organization role.","docs_reference_links":"/organizations/managing-peoples-access-to-your-organization-with-roles/about-custom-organization-roles","docs_reference_titles":"Permissions of custom organization roles","fieldsIndex":163},{"action":"organization_role.update","description":"A custom organization role was edited in an organization.","docs_reference_links":"/organizations/managing-peoples-access-to-your-organization-with-roles/about-custom-organization-roles","docs_reference_titles":"Permissions of custom organization roles","fieldsIndex":166},{"action":"organization_wide_project_base_role.update","description":"An organization's default project base role was updated.","docs_reference_links":"N/A","fieldsIndex":167},{"action":"packages.package_deleted","description":"An entire package was deleted.","docs_reference_links":"/packages/learn-github-packages/deleting-and-restoring-a-package","docs_reference_titles":"/packages/learn-github-packages/deleting-and-restoring-a-package","fieldsIndex":168},{"action":"packages.package_published","description":"A package was published or republished to an organization.","docs_reference_links":"N/A","fieldsIndex":169},{"action":"packages.package_version_deleted","description":"A specific package version was deleted.","docs_reference_links":"/packages/learn-github-packages/deleting-and-restoring-a-package","docs_reference_titles":"/packages/learn-github-packages/deleting-and-restoring-a-package","fieldsIndex":170},{"action":"packages.package_version_published","description":"A specific package version was published or republished to a package.","docs_reference_links":"N/A","fieldsIndex":171},{"action":"pages_protected_domain.create","description":"A GitHub Pages verified domain was created for an organization or enterprise.","docs_reference_links":"/pages/configuring-a-custom-domain-for-your-github-pages-site/verifying-your-custom-domain-for-github-pages","docs_reference_titles":"/pages/configuring-a-custom-domain-for-your-github-pages-site/verifying-your-custom-domain-for-github-pages","fieldsIndex":172},{"action":"pages_protected_domain.delete","description":"A GitHub Pages verified domain was deleted from an organization or enterprise.","docs_reference_links":"/pages/configuring-a-custom-domain-for-your-github-pages-site/verifying-your-custom-domain-for-github-pages","docs_reference_titles":"/pages/configuring-a-custom-domain-for-your-github-pages-site/verifying-your-custom-domain-for-github-pages","fieldsIndex":172},{"action":"pages_protected_domain.verify","description":"A GitHub Pages domain was verified for an organization or enterprise.","docs_reference_links":"/pages/configuring-a-custom-domain-for-your-github-pages-site/verifying-your-custom-domain-for-github-pages","docs_reference_titles":"/pages/configuring-a-custom-domain-for-your-github-pages-site/verifying-your-custom-domain-for-github-pages","fieldsIndex":172},{"action":"payment_method.create","description":"A new payment method was added, such as a new credit card or PayPal account.","docs_reference_links":"N/A","fieldsIndex":11},{"action":"payment_method.remove","description":"A payment method was removed.","docs_reference_links":"N/A","fieldsIndex":11},{"action":"payment_method.update","description":"An existing payment method was updated.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"personal_access_token.access_granted","description":"A fine-grained personal access token was granted access to resources.","docs_reference_links":"/organizations/managing-programmatic-access-to-your-organization/managing-requests-for-personal-access-tokens-in-your-organization","docs_reference_titles":"/organizations/managing-programmatic-access-to-your-organization/managing-requests-for-personal-access-tokens-in-your-organization","fieldsIndex":173},{"action":"personal_access_token.access_restriction_disabled","description":"The configured restriction for access to resources via personal access tokens was disabled.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"personal_access_token.access_restriction_enabled","description":"The configured restriction for access to resources via personal access tokens was enabled.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"personal_access_token.access_revoked","description":"A fine-grained personal access token was revoked. The token can still read public organization resources.","docs_reference_links":"/organizations/managing-programmatic-access-to-your-organization/reviewing-and-revoking-personal-access-tokens-in-your-organization","docs_reference_titles":"/organizations/managing-programmatic-access-to-your-organization/reviewing-and-revoking-personal-access-tokens-in-your-organization","fieldsIndex":174},{"action":"personal_access_token.auto_approve_grant_requests_disabled","description":"Triggered when fine-grained personal access tokens can access organization resources without prior approval.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"personal_access_token.auto_approve_grant_requests_enabled","description":"Triggered when the organization must approve fine-grained personal access tokens before the tokens can access organization resources.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"personal_access_token.expiration_limit_set","description":"A personal access token expiration limit was set.","docs_reference_links":"N/A","fieldsIndex":175},{"action":"personal_access_token.expiration_limit_unset","description":"A personal access token expiration limit was unset.","docs_reference_links":"N/A","fieldsIndex":176},{"action":"personal_access_token.request_cancelled","description":"A pending request for a fine-grained personal access token to access organization resources was canceled.","docs_reference_links":"N/A","fieldsIndex":177},{"action":"personal_access_token.request_created","description":"Triggered when a fine-grained personal access token was created to access organization resources and the organization requires approval before the token can access organization resources.","docs_reference_links":"/organizations/managing-programmatic-access-to-your-organization/managing-requests-for-personal-access-tokens-in-your-organization","docs_reference_titles":"/organizations/managing-programmatic-access-to-your-organization/managing-requests-for-personal-access-tokens-in-your-organization","fieldsIndex":178},{"action":"personal_access_token.request_denied","description":"A request for a fine-grained personal access token to access organization resources was denied.","docs_reference_links":"/organizations/managing-programmatic-access-to-your-organization/managing-requests-for-personal-access-tokens-in-your-organization","docs_reference_titles":"/organizations/managing-programmatic-access-to-your-organization/managing-requests-for-personal-access-tokens-in-your-organization","fieldsIndex":179},{"action":"prebuild_configuration.create","description":"A GitHub Codespaces prebuild configuration for a repository was created.","docs_reference_links":"/codespaces/prebuilding-your-codespaces/about-github-codespaces-prebuilds","docs_reference_titles":"/codespaces/prebuilding-your-codespaces/about-github-codespaces-prebuilds","fieldsIndex":180},{"action":"prebuild_configuration.destroy","description":"A GitHub Codespaces prebuild configuration for a repository was deleted.","docs_reference_links":"/codespaces/prebuilding-your-codespaces/about-github-codespaces-prebuilds","docs_reference_titles":"/codespaces/prebuilding-your-codespaces/about-github-codespaces-prebuilds","fieldsIndex":180},{"action":"prebuild_configuration.run_triggered","description":"A user initiated a run of a GitHub Codespaces prebuild configuration for a repository branch.","docs_reference_links":"/codespaces/prebuilding-your-codespaces/about-github-codespaces-prebuilds","docs_reference_titles":"/codespaces/prebuilding-your-codespaces/about-github-codespaces-prebuilds","fieldsIndex":180},{"action":"prebuild_configuration.update","description":"A GitHub Codespaces prebuild configuration for a repository was edited.","docs_reference_links":"/codespaces/prebuilding-your-codespaces/about-github-codespaces-prebuilds","docs_reference_titles":"/codespaces/prebuilding-your-codespaces/about-github-codespaces-prebuilds","fieldsIndex":180},{"action":"premium_runner.create","description":"N/A","docs_reference_links":"N/A","fieldsIndex":47},{"action":"premium_runner.destroy","description":"N/A","docs_reference_links":"N/A","fieldsIndex":0},{"action":"premium_runner.update","description":"N/A","docs_reference_links":"N/A","fieldsIndex":47},{"action":"private_repository_forking.clear","description":"An enterprise owner cleared the policy setting for allowing forks of private and internal repositories, for a repository, organization or enterprise.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"private_repository_forking.disable","description":"An enterprise owner disabled the policy setting for allowing forks of private and internal repositories, for a repository, organization or enterprise. Private and internal repositories are never allowed to be forked.","docs_reference_links":"N/A","fieldsIndex":32},{"action":"private_repository_forking.enable","description":"An enterprise owner enabled the policy setting for allowing forks of private and internal repositories, for a repository, organization or enterprise. Private and internal repositories are always allowed to be forked.","docs_reference_links":"N/A","fieldsIndex":181},{"action":"private_vulnerability_reporting.disable","description":"N/A","docs_reference_links":"N/A","fieldsIndex":0},{"action":"private_vulnerability_reporting.enable","description":"N/A","docs_reference_links":"N/A","fieldsIndex":0},{"action":"private_vulnerability_reporting_new_repos.disable","description":"N/A","docs_reference_links":"N/A","fieldsIndex":0},{"action":"private_vulnerability_reporting_new_repos.enable","description":"N/A","docs_reference_links":"N/A","fieldsIndex":0},{"action":"profile_picture.update","description":"A profile picture was updated.","docs_reference_links":"/account-and-profile/setting-up-and-managing-your-github-profile/customizing-your-profile/personalizing-your-profile","docs_reference_titles":"Personalize your profile","fieldsIndex":182},{"action":"project.access","description":"A project board visibility was changed.","docs_reference_links":"N/A","fieldsIndex":0},{"action":"project_base_role.update","description":"A project's base role was updated.","docs_reference_links":"N/A","fieldsIndex":183},{"action":"project.close","description":"A project board was closed.","docs_reference_links":"/issues/organizing-your-work-with-project-boards/managing-project-boards/closing-a-project-board","docs_reference_titles":"Planning and tracking with Projects","fieldsIndex":184},{"action":"project_collaborator.add","description":"A collaborator was added to a project.","docs_reference_links":"N/A","fieldsIndex":185},{"action":"project_collaborator.remove","description":"A collaborator was removed from a project.","docs_reference_links":"N/A","fieldsIndex":185},{"action":"project_collaborator.update","description":"A project collaborator's permission level was changed.","docs_reference_links":"N/A","fieldsIndex":185},{"action":"project.create","description":"A project board was created.","docs_reference_links":"N/A","fieldsIndex":52},{"action":"project.delete","description":"A project board was deleted.","docs_reference_links":"N/A","fieldsIndex":186},{"action":"project_field.create","description":"A field was created in a project board.","docs_reference_links":"/issues/planning-and-tracking-with-projects/understanding-fields","docs_reference_titles":"/issues/planning-and-tracking-with-projects/understanding-fields","fieldsIndex":52},{"action":"project_field.delete","description":"A field was deleted in a project board.","docs_reference_links":"/issues/planning-and-tracking-with-projects/understanding-fields/deleting-custom-fields","docs_reference_titles":"/issues/planning-and-tracking-with-projects/understanding-fields/deleting-custom-fields","fieldsIndex":187},{"action":"project.link","description":"A repository was linked to a project board.","docs_reference_links":"N/A","fieldsIndex":0},{"action":"project.open","description":"A project board was reopened.","docs_reference_links":"/issues/organizing-your-work-with-project-boards/managing-project-boards/reopening-a-closed-project-board","docs_reference_titles":"Planning and tracking with Projects","fieldsIndex":184},{"action":"project.rename","description":"A project board was renamed.","docs_reference_links":"N/A","fieldsIndex":188},{"action":"project.unlink","description":"A repository was unlinked from a project board.","docs_reference_links":"N/A","fieldsIndex":0},{"action":"project.update_org_permission","description":"The project's base-level permission for all organization members was changed or removed.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"project.update_team_permission","description":"A team's project board permission level was changed or when a team was added or removed from a project board.","docs_reference_links":"N/A","fieldsIndex":189},{"action":"project.update_user_permission","description":"A user was added to or removed from a project board or had their permission level changed.","docs_reference_links":"N/A","fieldsIndex":52},{"action":"project_view.create","description":"A view was created in a project board.","docs_reference_links":"/issues/planning-and-tracking-with-projects/customizing-views-in-your-project/managing-your-views","docs_reference_titles":"/issues/planning-and-tracking-with-projects/customizing-views-in-your-project/managing-your-views","fieldsIndex":52},{"action":"project_view.delete","description":"A view was deleted in a project board.","docs_reference_links":"/issues/planning-and-tracking-with-projects/customizing-views-in-your-project/managing-your-views","docs_reference_titles":"/issues/planning-and-tracking-with-projects/customizing-views-in-your-project/managing-your-views","fieldsIndex":11},{"action":"project.visibility_private","description":"A project's visibility was changed from public to private.","docs_reference_links":"N/A","fieldsIndex":190},{"action":"project.visibility_public","description":"A project's visibility was changed from private to public.","docs_reference_links":"N/A","fieldsIndex":191},{"action":"protected_branch.authorized_users_teams","description":"The users, teams, or integrations allowed to bypass a branch protection were changed.","docs_reference_links":"/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches","docs_reference_titles":"/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches","fieldsIndex":192},{"action":"protected_branch.branch_allowances","description":"A protected branch allowance was given to a specific user, team or integration.","docs_reference_links":"N/A","fieldsIndex":193},{"action":"protected_branch.create","description":"Branch protection was enabled on a branch.","docs_reference_links":"N/A","fieldsIndex":194},{"action":"protected_branch.destroy","description":"Branch protection was disabled on a branch.","docs_reference_links":"N/A","fieldsIndex":194},{"action":"protected_branch.dismiss_stale_reviews","description":"Enforcement of dismissing stale pull requests was updated on a branch.","docs_reference_links":"N/A","fieldsIndex":195},{"action":"protected_branch.dismissal_restricted_users_teams","description":"Enforcement of restricting users and/or teams who can dismiss reviews was updated on a branch.","docs_reference_links":"N/A","fieldsIndex":196},{"action":"protected_branch.policy_override","description":"A branch protection requirement was overridden by a repository administrator.","docs_reference_links":"N/A","fieldsIndex":197},{"action":"protected_branch.rejected_ref_update","description":"A branch update attempt was rejected.","docs_reference_links":"N/A","fieldsIndex":197},{"action":"protected_branch.update_admin_enforced","description":"Branch protection was enforced for repository administrators.","docs_reference_links":"N/A","fieldsIndex":198},{"action":"protected_branch.update_allow_deletions_enforcement_level","description":"Branch deletion was enabled or disabled for a protected branch.","docs_reference_links":"N/A","fieldsIndex":199},{"action":"protected_branch.update_allow_force_pushes_enforcement_level","description":"Force pushes were enabled or disabled for a branch.","docs_reference_links":"N/A","fieldsIndex":200},{"action":"protected_branch.update_ignore_approvals_from_contributors","description":"Ignoring of approvals from contributors to a pull request was enabled or disabled for a branch.","docs_reference_links":"/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/managing-a-branch-protection-rule","docs_reference_titles":"/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/managing-a-branch-protection-rule","fieldsIndex":201},{"action":"protected_branch.update_linear_history_requirement_enforcement_level","description":"Required linear commit history was enabled or disabled for a branch.","docs_reference_links":"N/A","fieldsIndex":202},{"action":"protected_branch.update_lock_allows_fetch_and_merge","description":"Fork syncing was enabled or disabled for a read-only branch","docs_reference_links":"repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches#lock-branch","docs_reference_titles":"repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches#lock-branch","fieldsIndex":203},{"action":"protected_branch.update_lock_branch_enforcement_level","description":"The enforcement of a branch lock was updated.","docs_reference_links":"/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches#lock-branch","docs_reference_titles":"/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches#lock-branch","fieldsIndex":204},{"action":"protected_branch.update_merge_queue_enforcement_level","description":"Enforcement of the merge queue was modified for a branch.","docs_reference_links":"/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches#require-merge-queue","docs_reference_titles":"/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches#require-merge-queue","fieldsIndex":205},{"action":"protected_branch.update_name","description":"A branch name pattern was updated for a branch.","docs_reference_links":"N/A","fieldsIndex":206},{"action":"protected_branch.update_pull_request_reviews_enforcement_level","description":"Enforcement of required pull request reviews was updated for a branch. Can be 0 (deactivated), 1 (non-admins), or 2 (everyone).","docs_reference_links":"N/A","fieldsIndex":207},{"action":"protected_branch.update_require_code_owner_review","description":"Enforcement of required code owner review was updated for a branch.","docs_reference_links":"N/A","fieldsIndex":208},{"action":"protected_branch.update_require_last_push_approval","description":"Someone other than the person who pushed the last code-modifying commit to the branch must approve pull requests for the branch.","docs_reference_links":"/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches#require-pull-request-reviews-before-merging","docs_reference_titles":"/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches#require-pull-request-reviews-before-merging","fieldsIndex":209},{"action":"protected_branch.update_required_approving_review_count","description":"Enforcement of the required number of approvals before merging was updated on a branch.","docs_reference_links":"N/A","fieldsIndex":210},{"action":"protected_branch.update_required_status_checks_enforcement_level","description":"Enforcement of required status checks was updated for a branch.","docs_reference_links":"N/A","fieldsIndex":211},{"action":"protected_branch.update_signature_requirement_enforcement_level","description":"Enforcement of required commit signing was updated for a branch.","docs_reference_links":"N/A","fieldsIndex":212},{"action":"protected_branch.update_strict_required_status_checks_policy","description":"Enforcement of required status checks was updated for a branch.","docs_reference_links":"N/A","fieldsIndex":213},{"action":"public_key.create","description":"An SSH key was added to a user account or a deploy key was added to a repository.","docs_reference_links":"/authentication/connecting-to-github-with-ssh/adding-a-new-ssh-key-to-your-github-account","docs_reference_titles":"/authentication/connecting-to-github-with-ssh/adding-a-new-ssh-key-to-your-github-account","fieldsIndex":214},{"action":"public_key.delete","description":"An SSH key was removed from a user account or a deploy key was removed from a repository.","docs_reference_links":"/authentication/keeping-your-account-and-data-secure/reviewing-your-ssh-keys","docs_reference_titles":"/authentication/keeping-your-account-and-data-secure/reviewing-your-ssh-keys","fieldsIndex":215},{"action":"public_key.unverification_failure","description":"A user account's SSH key or a repository's deploy key was unable to be unverified.","docs_reference_links":"/authentication/connecting-to-github-with-ssh/managing-deploy-keys#deploy-keys","docs_reference_titles":"/authentication/connecting-to-github-with-ssh/managing-deploy-keys#deploy-keys","fieldsIndex":216},{"action":"public_key.unverify","description":"A user account's SSH key or a repository's deploy key was unverified.","docs_reference_links":"/authentication/connecting-to-github-with-ssh/managing-deploy-keys#deploy-keys","docs_reference_titles":"/authentication/connecting-to-github-with-ssh/managing-deploy-keys#deploy-keys","fieldsIndex":217},{"action":"public_key.update","description":"A user account's SSH key or a repository's deploy key was updated.","docs_reference_links":"/authentication/connecting-to-github-with-ssh/managing-deploy-keys#deploy-keys","docs_reference_titles":"/authentication/connecting-to-github-with-ssh/managing-deploy-keys#deploy-keys","fieldsIndex":214},{"action":"public_key.verification_failure","description":"A user account's SSH key or a repository's deploy key was unable to be verified.","docs_reference_links":"/authentication/connecting-to-github-with-ssh/managing-deploy-keys#deploy-keys","docs_reference_titles":"/authentication/connecting-to-github-with-ssh/managing-deploy-keys#deploy-keys","fieldsIndex":214},{"action":"public_key.verify","description":"A user account's SSH key or a repository's deploy key was verified.","docs_reference_links":"/authentication/connecting-to-github-with-ssh/managing-deploy-keys#deploy-keys","docs_reference_titles":"/authentication/connecting-to-github-with-ssh/managing-deploy-keys#deploy-keys","fieldsIndex":214},{"action":"pull_request.close","description":"A pull request was closed without being merged.","docs_reference_links":"/pull-requests/collaborating-with-pull-requests/incorporating-changes-from-a-pull-request/closing-a-pull-request","docs_reference_titles":"/pull-requests/collaborating-with-pull-requests/incorporating-changes-from-a-pull-request/closing-a-pull-request","fieldsIndex":218},{"action":"pull_request.converted_to_draft","description":"A pull request was converted to a draft.","docs_reference_links":"/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/changing-the-stage-of-a-pull-request#converting-a-pull-request-to-a-draft","docs_reference_titles":"/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/changing-the-stage-of-a-pull-request#converting-a-pull-request-to-a-draft","fieldsIndex":219},{"action":"pull_request.create","description":"A pull request was created.","docs_reference_links":"/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/creating-a-pull-request","docs_reference_titles":"/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/creating-a-pull-request","fieldsIndex":220},{"action":"pull_request.create_review_request","description":"A review was requested on a pull request.","docs_reference_links":"/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/about-pull-request-reviews","docs_reference_titles":"/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/about-pull-request-reviews","fieldsIndex":221},{"action":"pull_request.in_progress","description":"A pull request was marked as in progress.","docs_reference_links":"N/A","fieldsIndex":222},{"action":"pull_request.indirect_merge","description":"A pull request was considered merged because the pull request's commits were merged into the target branch.","docs_reference_links":"N/A","fieldsIndex":218},{"action":"pull_request.merge","description":"A pull request was merged.","docs_reference_links":"/pull-requests/collaborating-with-pull-requests/incorporating-changes-from-a-pull-request/merging-a-pull-request","docs_reference_titles":"/pull-requests/collaborating-with-pull-requests/incorporating-changes-from-a-pull-request/merging-a-pull-request","fieldsIndex":218},{"action":"pull_request.ready_for_review","description":"A pull request was marked as ready for review.","docs_reference_links":"/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/changing-the-stage-of-a-pull-request#marking-a-pull-request-as-ready-for-review","docs_reference_titles":"/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/changing-the-stage-of-a-pull-request#marking-a-pull-request-as-ready-for-review","fieldsIndex":219},{"action":"pull_request.rebase","description":"A pull request was rebased.","docs_reference_links":"N/A","fieldsIndex":219},{"action":"pull_request.remove_review_request","description":"A review request was removed from a pull request.","docs_reference_links":"/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/about-pull-request-reviews","docs_reference_titles":"/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/about-pull-request-reviews","fieldsIndex":221},{"action":"pull_request.reopen","description":"A pull request was reopened after previously being closed.","docs_reference_links":"N/A","fieldsIndex":219},{"action":"pull_request_review_comment.create","description":"A review comment was added to a pull request.","docs_reference_links":"/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/about-pull-request-reviews","docs_reference_titles":"/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/about-pull-request-reviews","fieldsIndex":223},{"action":"pull_request_review_comment.delete","description":"A review comment on a pull request was deleted.","docs_reference_links":"N/A","fieldsIndex":224},{"action":"pull_request_review_comment.update","description":"A review comment on a pull request was changed.","docs_reference_links":"N/A","fieldsIndex":225},{"action":"pull_request_review.delete","description":"A review on a pull request was deleted.","docs_reference_links":"N/A","fieldsIndex":226},{"action":"pull_request_review.dismiss","description":"A review on a pull request was dismissed.","docs_reference_links":"/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/dismissing-a-pull-request-review","docs_reference_titles":"/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/dismissing-a-pull-request-review","fieldsIndex":226},{"action":"pull_request_review.submit","description":"A review on a pull request was submitted.","docs_reference_links":"/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/reviewing-proposed-changes-in-a-pull-request#submitting-your-review","docs_reference_titles":"/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/reviewing-proposed-changes-in-a-pull-request#submitting-your-review","fieldsIndex":226},{"action":"repo.access","description":"The visibility of a repository changed.","docs_reference_links":"/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/setting-repository-visibility","docs_reference_titles":"/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/setting-repository-visibility","fieldsIndex":227},{"action":"repo.actions_enabled","description":"GitHub Actions was enabled for a repository.","docs_reference_links":"organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization#using-the-audit-log-api","docs_reference_titles":"organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization#using-the-audit-log-api","fieldsIndex":228},{"action":"repo.add_member","description":"A collaborator was added to a repository.","docs_reference_links":"/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-access-to-your-personal-repositories/inviting-collaborators-to-a-personal-repository","docs_reference_titles":"Inviting collaborators to a personal repository","fieldsIndex":229},{"action":"repo.add_topic","description":"A topic was added to a repository.","docs_reference_links":"/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/classifying-your-repository-with-topics","docs_reference_titles":"/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/classifying-your-repository-with-topics","fieldsIndex":230},{"action":"repo.advanced_security_disabled","description":"GitHub Advanced Security was disabled for a repository.","docs_reference_links":"/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository","docs_reference_titles":"/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository","fieldsIndex":231},{"action":"repo.advanced_security_enabled","description":"GitHub Advanced Security was enabled for a repository.","docs_reference_links":"/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository","docs_reference_titles":"/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository","fieldsIndex":231},{"action":"repo.archived","description":"A repository was archived.","docs_reference_links":"/repositories/archiving-a-github-repository","docs_reference_titles":"/repositories/archiving-a-github-repository","fieldsIndex":232},{"action":"repo.change_merge_setting","description":"Pull request merge options were changed for a repository.","docs_reference_links":"N/A","fieldsIndex":232},{"action":"repo.code_scanning_ai_findings_disabled","description":"AI-powered findings for code scanning were disabled for a repository.","docs_reference_links":"N/A","fieldsIndex":233},{"action":"repo.code_scanning_ai_findings_enabled","description":"AI-powered findings for code scanning were enabled for a repository.","docs_reference_links":"N/A","fieldsIndex":233},{"action":"repo.code_scanning_analysis_deleted","description":"Code scanning analysis for a repository was deleted.","docs_reference_links":"/rest/code-scanning#delete-a-code-scanning-analysis-from-a-repository","docs_reference_titles":"/rest/code-scanning#delete-a-code-scanning-analysis-from-a-repository","fieldsIndex":234},{"action":"repo.code_scanning_autofix_disabled","description":"Autofix for code scanning alerts was disabled for a repository.","docs_reference_links":"N/A","fieldsIndex":233},{"action":"repo.code_scanning_autofix_enabled","description":"Autofix for code scanning alerts was enabled for a repository.","docs_reference_links":"N/A","fieldsIndex":233},{"action":"repo.code_scanning_autofix_third_party_tools_disabled","description":"Autofix for third party tools for code scanning alerts was disabled for a repository.","docs_reference_links":"N/A","fieldsIndex":233},{"action":"repo.code_scanning_autofix_third_party_tools_enabled","description":"Autofix for third party tools for code scanning alerts was enabled for a repository.","docs_reference_links":"N/A","fieldsIndex":233},{"action":"repo.code_scanning_configuration_for_branch_deleted","description":"A code scanning configuration for a branch of a repository was deleted.","docs_reference_links":"/code-security/code-scanning/managing-code-scanning-alerts/managing-code-scanning-alerts-for-your-repository#removing-stale-configurations-and-alerts-from-a-branch","docs_reference_titles":"Resolving code scanning alerts","fieldsIndex":235},{"action":"repo.code_scanning_delegated_alert_dismissal_disabled","description":"Prevention of direct alert dismissal for code scanning was disabled for a repository.","docs_reference_links":"N/A","fieldsIndex":233},{"action":"repo.code_scanning_delegated_alert_dismissal_enabled","description":"Prevention of direct alert dismissal for code scanning was enabled for a repository.","docs_reference_links":"N/A","fieldsIndex":233},{"action":"repo.codeql_disabled","description":"Code scanning using the default setup was disabled for a repository.","docs_reference_links":"/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning","docs_reference_titles":"Configuring default setup for code scanning","fieldsIndex":230},{"action":"repo.codeql_enabled","description":"Code scanning using the default setup was enabled for a repository.","docs_reference_links":"/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning","docs_reference_titles":"Configuring default setup for code scanning","fieldsIndex":236},{"action":"repo.codeql_updated","description":"Code scanning using the default setup was updated for a repository.","docs_reference_links":"/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning","docs_reference_titles":"Configuring default setup for code scanning","fieldsIndex":236},{"action":"repo.codespaces_trusted_repo_access_granted","description":"GitHub Codespaces was granted trusted repository access to this repository.","docs_reference_links":"N/A","fieldsIndex":233},{"action":"repo.codespaces_trusted_repo_access_revoked","description":"GitHub Codespaces trusted repository access to this repository was revoked.","docs_reference_links":"N/A","fieldsIndex":0},{"action":"repo.config.disable_collaborators_only","description":"The interaction limit for collaborators only was disabled.","docs_reference_links":"/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository","docs_reference_titles":"/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository","fieldsIndex":237},{"action":"repo.config.disable_contributors_only","description":"The interaction limit for prior contributors only was disabled in a repository.","docs_reference_links":"/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository","docs_reference_titles":"/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository","fieldsIndex":238},{"action":"repo.config.disable_sockpuppet_disallowed","description":"The interaction limit for existing users only was disabled in a repository.","docs_reference_links":"/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository","docs_reference_titles":"/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository","fieldsIndex":237},{"action":"repo.config.enable_collaborators_only","description":"The interaction limit for collaborators only was enabled in a repository Users that are not collaborators or organization members were unable to interact with a repository for a set duration.","docs_reference_links":"/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository","docs_reference_titles":"/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository","fieldsIndex":32},{"action":"repo.config.enable_contributors_only","description":"The interaction limit for prior contributors only was enabled in a repository Users that are not prior contributors, collaborators or organization members were unable to interact with a repository for a set duration.","docs_reference_links":"/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository","docs_reference_titles":"/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository","fieldsIndex":103},{"action":"repo.config.enable_sockpuppet_disallowed","description":"The interaction limit for existing users was enabled in a repository New users aren't able to interact with a repository for a set duration Existing users of the repository, contributors, collaborators or organization members are able to interact with a repository.","docs_reference_links":"/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository","docs_reference_titles":"/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository","fieldsIndex":18},{"action":"repo.configure_self_hosted_jit_runner","description":"A new just-in-time GitHub Actions self-hosted runner was configured","docs_reference_links":"/rest/actions/self-hosted-runners#create-configuration-for-a-just-in-time-runner-for-a-repository","docs_reference_titles":"/rest/actions/self-hosted-runners#create-configuration-for-a-just-in-time-runner-for-a-repository","fieldsIndex":32},{"action":"repo.create","description":"A repository was created.","docs_reference_links":"/repositories/creating-and-managing-repositories/creating-a-new-repository","docs_reference_titles":"/repositories/creating-and-managing-repositories/creating-a-new-repository","fieldsIndex":239},{"action":"repo.create_actions_secret","description":"A GitHub Actions secret was created for a repository.","docs_reference_links":"/actions/security-guides/using-secrets-in-github-actions#creating-secrets-for-a-repository","docs_reference_titles":"Using secrets in GitHub Actions","fieldsIndex":240},{"action":"repo.create_actions_variable","description":"A GitHub Actions variable was created for a repository.","docs_reference_links":"/actions/learn-github-actions/variables#creating-configuration-variables-for-a-repository","docs_reference_titles":"Store information in variables","fieldsIndex":240},{"action":"repo.create_integration_secret","description":"A Codespaces or Dependabot secret was created for a repository.","docs_reference_links":"N/A","fieldsIndex":241},{"action":"repo.destroy","description":"A repository was deleted.","docs_reference_links":"/repositories/creating-and-managing-repositories/deleting-a-repository","docs_reference_titles":"/repositories/creating-and-managing-repositories/deleting-a-repository","fieldsIndex":239},{"action":"repo.download_zip","description":"A source code archive of a repository was downloaded as a ZIP file.","docs_reference_links":"/repositories/working-with-files/using-files/downloading-source-code-archives","docs_reference_titles":"/repositories/working-with-files/using-files/downloading-source-code-archives","fieldsIndex":232},{"action":"repo.immutable_releases_settings_disabled","description":"The setting for immutable releases was disabled for a repository.","docs_reference_links":"N/A","fieldsIndex":232},{"action":"repo.immutable_releases_settings_enabled","description":"The setting for immutable releases was enabled for a repository.","docs_reference_links":"N/A","fieldsIndex":232},{"action":"repo.pages_cname","description":"A GitHub Pages custom domain was modified in a repository.","docs_reference_links":"N/A","fieldsIndex":242},{"action":"repo.pages_create","description":"A GitHub Pages site was created.","docs_reference_links":"N/A","fieldsIndex":231},{"action":"repo.pages_destroy","description":"A GitHub Pages site was deleted.","docs_reference_links":"N/A","fieldsIndex":231},{"action":"repo.pages_https_redirect_disabled","description":"HTTPS redirects were disabled for a GitHub Pages site.","docs_reference_links":"N/A","fieldsIndex":231},{"action":"repo.pages_https_redirect_enabled","description":"HTTPS redirects were enabled for a GitHub Pages site.","docs_reference_links":"N/A","fieldsIndex":231},{"action":"repo.pages_private","description":"A GitHub Pages site visibility was changed to private.","docs_reference_links":"N/A","fieldsIndex":231},{"action":"repo.pages_public","description":"A GitHub Pages site visibility was changed to public.","docs_reference_links":"N/A","fieldsIndex":231},{"action":"repo.pages_soft_delete","description":"A GitHub Pages site was soft-deleted because its owner's plan changed.","docs_reference_links":"N/A","fieldsIndex":243},{"action":"repo.pages_soft_delete_restore","description":"A GitHub Pages site that was previously soft-deleted was restored.","docs_reference_links":"N/A","fieldsIndex":232},{"action":"repo.pages_source","description":"A GitHub Pages source was modified.","docs_reference_links":"N/A","fieldsIndex":231},{"action":"repo.register_self_hosted_runner","description":"A new self-hosted runner was registered.","docs_reference_links":"/actions/hosting-your-own-runners/managing-self-hosted-runners/adding-self-hosted-runners#adding-a-self-hosted-runner-to-a-repository","docs_reference_titles":"Adding self-hosted runners","fieldsIndex":244},{"action":"repo.remove_actions_secret","description":"A GitHub Actions secret was deleted for a repository.","docs_reference_links":"/actions/security-guides/using-secrets-in-github-actions#creating-secrets-for-a-repository","docs_reference_titles":"Using secrets in GitHub Actions","fieldsIndex":245},{"action":"repo.remove_actions_variable","description":"A GitHub Actions variable was deleted for a repository.","docs_reference_links":"/actions/learn-github-actions/variables#creating-configuration-variables-for-a-repository","docs_reference_titles":"Store information in variables","fieldsIndex":245},{"action":"repo.remove_integration_secret","description":"A Codespaces or Dependabot secret was deleted for a repository.","docs_reference_links":"N/A","fieldsIndex":246},{"action":"repo.remove_member","description":"A collaborator was removed from a repository.","docs_reference_links":"/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-access-to-your-personal-repositories/removing-a-collaborator-from-a-personal-repository","docs_reference_titles":"Removing a collaborator from a personal repository","fieldsIndex":232},{"action":"repo.remove_self_hosted_runner","description":"A self-hosted runner was removed.","docs_reference_links":"/actions/hosting-your-own-runners/managing-self-hosted-runners/removing-self-hosted-runners#removing-a-runner-from-a-repository","docs_reference_titles":"Removing self-hosted runners","fieldsIndex":32},{"action":"repo.remove_topic","description":"A topic was removed from a repository.","docs_reference_links":"N/A","fieldsIndex":230},{"action":"repo.rename","description":"A repository was renamed.","docs_reference_links":"/repositories/creating-and-managing-repositories/renaming-a-repository","docs_reference_titles":"/repositories/creating-and-managing-repositories/renaming-a-repository","fieldsIndex":247},{"action":"repo.rename_branch","description":"A branch was renamed.","docs_reference_links":"/repositories/configuring-branches-and-merges-in-your-repository/managing-branches-in-your-repository/renaming-a-branch","docs_reference_titles":"/repositories/configuring-branches-and-merges-in-your-repository/managing-branches-in-your-repository/renaming-a-branch","fieldsIndex":248},{"action":"repo.restore","description":"N/A","docs_reference_links":"N/A","fieldsIndex":233},{"action":"repo.self_hosted_runner_offline","description":"The runner application was stopped. This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports.","docs_reference_links":"/actions/hosting-your-own-runners/managing-self-hosted-runners/monitoring-and-troubleshooting-self-hosted-runners#checking-the-status-of-a-self-hosted-runner","docs_reference_titles":"Monitoring and troubleshooting self-hosted runners","fieldsIndex":147},{"action":"repo.self_hosted_runner_online","description":"The runner application was started. This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports.","docs_reference_links":"/actions/hosting-your-own-runners/managing-self-hosted-runners/monitoring-and-troubleshooting-self-hosted-runners#checking-the-status-of-a-self-hosted-runner","docs_reference_titles":"Monitoring and troubleshooting self-hosted runners","fieldsIndex":147},{"action":"repo.self_hosted_runner_updated","description":"The runner application was updated. This event is not included in the JSON/CSV export.","docs_reference_links":"/actions/hosting-your-own-runners/managing-self-hosted-runners/about-self-hosted-runners#about-self-hosted-runners","docs_reference_titles":"Self-hosted runners","fieldsIndex":148},{"action":"repo.set_actions_cache_retention_policy","description":"The cache retention policy for GitHub Actions was set for a repository.","docs_reference_links":"/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository","docs_reference_titles":"/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository","fieldsIndex":249},{"action":"repo.set_actions_cache_storage_policy","description":"The cache storage policy for GitHub Actions was set for a repository.","docs_reference_links":"/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository","docs_reference_titles":"/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository","fieldsIndex":250},{"action":"repo.set_actions_fork_pr_approvals_policy","description":"The setting for requiring approvals for workflows from public forks was changed for a repository.","docs_reference_links":"/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#configuring-required-approval-for-workflows-from-public-forks","docs_reference_titles":"/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#configuring-required-approval-for-workflows-from-public-forks","fieldsIndex":251},{"action":"repo.set_actions_private_fork_pr_approvals_policy","description":"The policy for requiring approval for fork pull request workflows from collaborators without write access to private repos was changed for a repository.","docs_reference_links":"/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#enabling-workflows-for-forks-of-private-repositories","docs_reference_titles":"/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#enabling-workflows-for-forks-of-private-repositories","fieldsIndex":251},{"action":"repo.set_actions_retention_limit","description":"The retention period for GitHub Actions artifacts and logs in a repository was changed.","docs_reference_links":"/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#configuring-the-retention-period-for-github-actions-artifacts-and-logs-in-your-repository","docs_reference_titles":"/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#configuring-the-retention-period-for-github-actions-artifacts-and-logs-in-your-repository","fieldsIndex":252},{"action":"repo.set_default_workflow_permissions","description":"The default permissions granted to the GITHUB_TOKEN when running workflows were changed for a repository.","docs_reference_links":"/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#setting-the-permissions-of-the-github_token-for-your-repository","docs_reference_titles":"/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#setting-the-permissions-of-the-github_token-for-your-repository","fieldsIndex":232},{"action":"repo.set_fork_pr_workflows_policy","description":"Triggered when the policy for workflows on private repository forks is changed.","docs_reference_links":"/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#enabling-workflows-for-private-repository-forks","docs_reference_titles":"/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#enabling-workflows-for-private-repository-forks","fieldsIndex":251},{"action":"repo.set_workflow_permission_can_approve_pr","description":"The policy for allowing GitHub Actions to create and approve pull requests was changed for a repository.","docs_reference_links":"/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#preventing-github-actions-from-creating-or-approving-pull-requests","docs_reference_titles":"/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#preventing-github-actions-from-creating-or-approving-pull-requests","fieldsIndex":232},{"action":"repo.staff_unlock","description":"An enterprise owner or GitHub staff (with permission from a repository administrator) temporarily unlocked the repository.","docs_reference_links":"N/A","fieldsIndex":233},{"action":"repo.transfer","description":"A user accepted a request to receive a transferred repository.","docs_reference_links":"/repositories/creating-and-managing-repositories/transferring-a-repository","docs_reference_titles":"/repositories/creating-and-managing-repositories/transferring-a-repository","fieldsIndex":253},{"action":"repo.transfer_outgoing","description":"A repository was transferred to another repository network.","docs_reference_links":"N/A","fieldsIndex":254},{"action":"repo.transfer_start","description":"A user sent a request to transfer a repository to another user or organization.","docs_reference_links":"N/A","fieldsIndex":243},{"action":"repo.unarchived","description":"A repository was unarchived.","docs_reference_links":"/repositories/archiving-a-github-repository","docs_reference_titles":"/repositories/archiving-a-github-repository","fieldsIndex":232},{"action":"repo.update_actions_access_settings","description":"The setting to control how a repository was used by GitHub Actions workflows in other repositories was changed.","docs_reference_links":"N/A","fieldsIndex":255},{"action":"repo.update_actions_secret","description":"A GitHub Actions secret was updated for a repository.","docs_reference_links":"/actions/security-guides/using-secrets-in-github-actions#creating-secrets-for-a-repository","docs_reference_titles":"Using secrets in GitHub Actions","fieldsIndex":240},{"action":"repo.update_actions_settings","description":"A repository administrator changed GitHub Actions policy settings for a repository.","docs_reference_links":"N/A","fieldsIndex":256},{"action":"repo.update_actions_variable","description":"A GitHub Actions variable was updated for a repository.","docs_reference_links":"/actions/learn-github-actions/variables#creating-configuration-variables-for-a-repository","docs_reference_titles":"Store information in variables","fieldsIndex":240},{"action":"repo.update_default_branch","description":"The default branch for a repository was changed.","docs_reference_links":"N/A","fieldsIndex":231},{"action":"repo.update_integration_secret","description":"A Codespaces or Dependabot secret was updated for a repository.","docs_reference_links":"N/A","fieldsIndex":241},{"action":"repo.update_member","description":"A user's permission to a repository was changed.","docs_reference_links":"N/A","fieldsIndex":257},{"action":"repository_advisory.close","description":"Someone closed a security advisory.","docs_reference_links":"/code-security/security-advisories/working-with-repository-security-advisories/about-repository-security-advisories","docs_reference_titles":"Repository security advisories","fieldsIndex":32},{"action":"repository_advisory.cve_request","description":"Someone requested a CVE (Common Vulnerabilities and Exposures) number from GitHub for a draft security advisory.","docs_reference_links":"N/A","fieldsIndex":32},{"action":"repository_advisory.github_broadcast","description":"GitHub made a security advisory public in the GitHub Advisory Database.","docs_reference_links":"N/A","fieldsIndex":186},{"action":"repository_advisory.github_withdraw","description":"GitHub withdrew a security advisory that was published in error.","docs_reference_links":"N/A","fieldsIndex":186},{"action":"repository_advisory.open","description":"Someone opened a draft security advisory.","docs_reference_links":"N/A","fieldsIndex":32},{"action":"repository_advisory.publish","description":"Someone published a security advisory.","docs_reference_links":"N/A","fieldsIndex":32},{"action":"repository_advisory.reopen","description":"Someone reopened as draft security advisory.","docs_reference_links":"N/A","fieldsIndex":258},{"action":"repository_advisory.update","description":"Someone edited a draft or published security advisory.","docs_reference_links":"N/A","fieldsIndex":90},{"action":"repository_branch_protection_evaluation.disable","description":"Branch protections were disabled for the repository.","docs_reference_links":"/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/managing-a-branch-protection-rule","docs_reference_titles":"/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/managing-a-branch-protection-rule","fieldsIndex":15},{"action":"repository_branch_protection_evaluation.enable","description":"Branch protections were enabled for this repository.","docs_reference_links":"/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/managing-a-branch-protection-rule","docs_reference_titles":"/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/managing-a-branch-protection-rule","fieldsIndex":15},{"action":"repository_code_security.disable","description":"Code security was disabled for a repository.","docs_reference_links":"N/A","fieldsIndex":230},{"action":"repository_code_security.enable","description":"Code security was enabled for a repository.","docs_reference_links":"N/A","fieldsIndex":230},{"action":"repository_content_analysis.disable","description":"Data use settings were disabled for a private repository.","docs_reference_links":"/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository#enabling-or-disabling-security-and-analysis-features-for-private-repositories","docs_reference_titles":"/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository#enabling-or-disabling-security-and-analysis-features-for-private-repositories","fieldsIndex":0},{"action":"repository_content_analysis.enable","description":"Data use settings were enabled for a private repository.","docs_reference_links":"/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository#enabling-or-disabling-security-and-analysis-features-for-private-repositories","docs_reference_titles":"/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository#enabling-or-disabling-security-and-analysis-features-for-private-repositories","fieldsIndex":0},{"action":"repository_dependency_graph_autosubmit.disable","description":"Automatic dependency submission was disabled for a repository.","docs_reference_links":"N/A","fieldsIndex":230},{"action":"repository_dependency_graph_autosubmit.enable","description":"Automatic dependency submission was enabled for a repository.","docs_reference_links":"N/A","fieldsIndex":230},{"action":"repository_dependency_graph.disable","description":"The dependency graph was disabled for a private repository.","docs_reference_links":"/repositories/managing-your-repositorys-settings-and-features/enabling-fea tures-for-your-repository/managing-security-and-analysis-settings-for-your-repository#enabling-or-disabling-security-and-analysis-features-for-private-repositories","docs_reference_titles":"/repositories/managing-your-repositorys-settings-and-features/enabling-fea, tures-for-your-repository/managing-security-and-analysis-settings-for-your-repository#enabling-or-disabling-security-and-analysis-features-for-private-repositories","fieldsIndex":230},{"action":"repository_dependency_graph.enable","description":"The dependency graph was enabled for a private repository.","docs_reference_links":"N/A","fieldsIndex":230},{"action":"repository_dependency_updates_self_hosted.disabled","description":"Dependency updates on self-hosted runners was disabled.","docs_reference_links":"code-security/how-tos/secure-your-supply-chain/manage-your-dependency-security/managing-dependabot-on-self-hosted-runners","docs_reference_titles":"Configuring Dependabot on self-hosted runners","fieldsIndex":237},{"action":"repository_dependency_updates_self_hosted.enabled","description":"Dependency updates on self-hosted runners was enabled.","docs_reference_links":"code-security/how-tos/secure-your-supply-chain/manage-your-dependency-security/managing-dependabot-on-self-hosted-runners","docs_reference_titles":"Configuring Dependabot on self-hosted runners","fieldsIndex":230},{"action":"repository_image.create","description":"An image to represent a repository was uploaded.","docs_reference_links":"N/A","fieldsIndex":259},{"action":"repository_image.destroy","description":"An image to represent a repository was deleted.","docs_reference_links":"N/A","fieldsIndex":259},{"action":"repository_invitation.accept","description":"An invitation to join a repository was accepted.","docs_reference_links":"N/A","fieldsIndex":260},{"action":"repository_invitation.cancel","description":"An invitation to join a repository was canceled.","docs_reference_links":"N/A","fieldsIndex":261},{"action":"repository_invitation.create","description":"An invitation to join a repository was sent.","docs_reference_links":"N/A","fieldsIndex":261},{"action":"repository_invitation.reject","description":"An invitation to join a repository was declined.","docs_reference_links":"N/A","fieldsIndex":260},{"action":"repository_limit.reached","description":"An organization has reached their repository limit.","docs_reference_links":"repositories/creating-and-managing-repositories/repository-limits","docs_reference_titles":"repositories/creating-and-managing-repositories/repository-limits","fieldsIndex":262},{"action":"repository_limit.warning","description":"An organization is approaching their repository limit.","docs_reference_links":"repositories/creating-and-managing-repositories/repository-limits","docs_reference_titles":"repositories/creating-and-managing-repositories/repository-limits","fieldsIndex":263},{"action":"repository_malware_alerts.disable","description":"Dependabot malware alerts was disabled.","docs_reference_links":"N/A","fieldsIndex":230},{"action":"repository_malware_alerts.enable","description":"Dependabot malware alerts was enabled.","docs_reference_links":"N/A","fieldsIndex":230},{"action":"repository_projects_change.clear","description":"The repository projects policy was removed for an organization, or all organizations in the enterprise Organization owners can now control their repository projects settings.","docs_reference_links":"/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-projects-in-your-enterprise","docs_reference_titles":"Enforcing policies for projects in your enterprise","fieldsIndex":0},{"action":"repository_projects_change.disable","description":"Repository projects were disabled for a repository, all repositories in an organization, or all organizations in an enterprise.","docs_reference_links":"N/A","fieldsIndex":32},{"action":"repository_projects_change.enable","description":"Repository projects were enabled for a repository, all repositories in an organization, or all organizations in an enterprise.","docs_reference_links":"N/A","fieldsIndex":32},{"action":"repository_ruleset.create","description":"A repository ruleset was created.","docs_reference_links":"/repositories/configuring-branches-and-merges-in-your-repository/managing-rulesets/creating-rulesets-for-a-repository","docs_reference_titles":"/repositories/configuring-branches-and-merges-in-your-repository/managing-rulesets/creating-rulesets-for-a-repository","fieldsIndex":264},{"action":"repository_ruleset.destroy","description":"A repository ruleset was deleted.","docs_reference_links":"/repositories/configuring-branches-and-merges-in-your-repository/managing-rulesets/managing-rulesets-for-a-repository#deleting-a-ruleset","docs_reference_titles":"/repositories/configuring-branches-and-merges-in-your-repository/managing-rulesets/managing-rulesets-for-a-repository#deleting-a-ruleset","fieldsIndex":264},{"action":"repository_ruleset.update","description":"A repository ruleset was edited.","docs_reference_links":"/repositories/configuring-branches-and-merges-in-your-repository/managing-rulesets/managing-rulesets-for-a-repository#editing-a-ruleset","docs_reference_titles":"/repositories/configuring-branches-and-merges-in-your-repository/managing-rulesets/managing-rulesets-for-a-repository#editing-a-ruleset","fieldsIndex":265},{"action":"repository_secret_scanning_automatic_validity_checks.disabled","description":"Automatic partner validation checks have been disabled at the repository level","docs_reference_links":"/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository#allowing-validity-checks-for-partner-patterns-in-a-repository","docs_reference_titles":"/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository#allowing-validity-checks-for-partner-patterns-in-a-repository","fieldsIndex":230},{"action":"repository_secret_scanning_automatic_validity_checks.enabled","description":"Automatic partner validation checks have been enabled at the repository level","docs_reference_links":"/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository#allowing-validity-checks-for-partner-patterns-in-a-repository","docs_reference_titles":"/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository#allowing-validity-checks-for-partner-patterns-in-a-repository","fieldsIndex":230},{"action":"repository_secret_scanning_custom_pattern.create","description":"A custom pattern was created for secret scanning in a repository.","docs_reference_links":"/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning#defining-a-custom-pattern-for-a-repository","docs_reference_titles":"Defining custom patterns for secret scanning","fieldsIndex":103},{"action":"repository_secret_scanning_custom_pattern.delete","description":"A custom pattern was removed from secret scanning in a repository.","docs_reference_links":"/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning#removing-a-custom-pattern","docs_reference_titles":"Defining custom patterns for secret scanning","fieldsIndex":233},{"action":"repository_secret_scanning_custom_pattern.publish","description":"A custom pattern was published for secret scanning in a repository.","docs_reference_links":"/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning#defining-a-custom-pattern-for-a-repository","docs_reference_titles":"Defining custom patterns for secret scanning","fieldsIndex":233},{"action":"repository_secret_scanning_custom_pattern_push_protection.disabled","description":"Push protection for a custom pattern for secret scanning was disabled for your repository.","docs_reference_links":"/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning#defining-a-custom-pattern-for-a-repository","docs_reference_titles":"Defining custom patterns for secret scanning","fieldsIndex":233},{"action":"repository_secret_scanning_custom_pattern_push_protection.enabled","description":"Push protection for a custom pattern for secret scanning was enabled for your repository.","docs_reference_links":"/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning#defining-a-custom-pattern-for-a-repository","docs_reference_titles":"Defining custom patterns for secret scanning","fieldsIndex":233},{"action":"repository_secret_scanning_custom_pattern.update","description":"Changes to a custom pattern were saved and a dry run was executed for secret scanning in a repository.","docs_reference_links":"/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning#editing-a-custom-pattern","docs_reference_titles":"Defining custom patterns for secret scanning","fieldsIndex":103},{"action":"repository_secret_scanning.disable","description":"Secret scanning was disabled for a repository.","docs_reference_links":"/code-security/secret-scanning/about-secret-scanning","docs_reference_titles":"Secret scanning","fieldsIndex":230},{"action":"repository_secret_scanning.enable","description":"Secret scanning was enabled for a repository.","docs_reference_links":"N/A","fieldsIndex":230},{"action":"repository_secret_scanning_extended_metadata.disabled","description":"Metadata for secret scanning alerts has been disabled at the repository level","docs_reference_links":"/code-security/secret-scanning/enabling-secret-scanning-features/enabling-extended-metadata-checks-for-your-repository","docs_reference_titles":"Enabling extended metadata checks for your repository","fieldsIndex":230},{"action":"repository_secret_scanning_extended_metadata.enabled","description":"Metadata for secret scanning alerts has been enabled at the repository level","docs_reference_links":"/code-security/secret-scanning/enabling-secret-scanning-features/enabling-extended-metadata-checks-for-your-repository","docs_reference_titles":"Enabling extended metadata checks for your repository","fieldsIndex":230},{"action":"repository_secret_scanning_generic_secrets.disabled","description":"Generic secrets have been disabled at the repository level","docs_reference_links":"N/A","fieldsIndex":230},{"action":"repository_secret_scanning_generic_secrets.enabled","description":"Generic secrets have been enabled at the repository level","docs_reference_links":"N/A","fieldsIndex":230},{"action":"repository_secret_scanning_non_provider_patterns.disabled","description":"Secret scanning for non-provider patterns was disabled at the repository level.","docs_reference_links":"/code-security/secret-scanning/secret-scanning-patterns#non-provider-patterns","docs_reference_titles":"Supported secret scanning patterns","fieldsIndex":230},{"action":"repository_secret_scanning_non_provider_patterns.enabled","description":"Secret scanning for non-provider patterns was enabled at the repository level.","docs_reference_links":"/code-security/secret-scanning/secret-scanning-patterns#non-provider-patterns","docs_reference_titles":"Supported secret scanning patterns","fieldsIndex":230},{"action":"repository_secret_scanning_push_protection_bypass_list.add","description":"A role or team was added to the push protection bypass list at the repository level.","docs_reference_links":"/code-security/secret-scanning/push-protection-for-repositories-and-organizations#enabling-delegated-bypass-for-push-protection","docs_reference_titles":"Push protection","fieldsIndex":103},{"action":"repository_secret_scanning_push_protection_bypass_list.disable","description":"Push protection settings for \"Users who can bypass push protection for secret scanning\" changed from \"Specific roles or teams\" to \"Anyone with write access\" at the repository level.","docs_reference_links":"/code-security/secret-scanning/push-protection-for-repositories-and-organizations#enabling-delegated-bypass-for-push-protection","docs_reference_titles":"Push protection","fieldsIndex":230},{"action":"repository_secret_scanning_push_protection_bypass_list.enable","description":"Push protection settings for \"Users who can bypass push protection for secret scanning\" changed from \"Anyone with write access\" to \"Specific roles or teams\" at the repository level.","docs_reference_links":"/code-security/secret-scanning/push-protection-for-repositories-and-organizations#enabling-delegated-bypass-for-push-protection","docs_reference_titles":"Push protection","fieldsIndex":101},{"action":"repository_secret_scanning_push_protection_bypass_list.remove","description":"A role or team was removed from the push protection bypass list at the repository level.","docs_reference_links":"/code-security/secret-scanning/push-protection-for-repositories-and-organizations#enabling-delegated-bypass-for-push-protection","docs_reference_titles":"Push protection","fieldsIndex":233},{"action":"repository_secret_scanning_push_protection.disable","description":"Secret scanning push protection was disabled for a repository.","docs_reference_links":"/code-security/secret-scanning/protecting-pushes-with-secret-scanning","docs_reference_titles":"Push protection","fieldsIndex":230},{"action":"repository_secret_scanning_push_protection.enable","description":"Secret scanning push protection was enabled for a repository.","docs_reference_links":"/code-security/secret-scanning/protecting-pushes-with-secret-scanning","docs_reference_titles":"Push protection","fieldsIndex":230},{"action":"repository_security_configuration.applied","description":"A code security configuration was applied to a repository.","docs_reference_links":"N/A","fieldsIndex":266},{"action":"repository_security_configuration.failed","description":"A code security configuration failed to attach to the repository.","docs_reference_links":"N/A","fieldsIndex":266},{"action":"repository_security_configuration.removed","description":"A code security configuration was removed from a repository.","docs_reference_links":"N/A","fieldsIndex":266},{"action":"repository_security_configuration.removed_by_settings_change","description":"A code security configuration was removed due to a change in repository or enterprise settings.","docs_reference_links":"N/A","fieldsIndex":266},{"action":"repository_security_updates.disable","description":"Dependabot security updates was disabled.","docs_reference_links":"/code-security/dependabot/dependabot-security-updates/configuring-dependabot-security-updates","docs_reference_titles":"Configuring Dependabot security updates","fieldsIndex":230},{"action":"repository_security_updates.enable","description":"Dependabot security updates was enabled.","docs_reference_links":"/code-security/dependabot/dependabot-security-updates/configuring-dependabot-security-updates","docs_reference_titles":"Configuring Dependabot security updates","fieldsIndex":230},{"action":"repository_visibility_change.clear","description":"The repository visibility change setting was cleared for an organization or enterprise.","docs_reference_links":"/organizations/managing-organization-settings/restricting-repository-visibility-changes-in-your-organization, /admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-changes-to-repository-visibility","docs_reference_titles":"/organizations/managing-organization-settings/restricting-repository-visibility-changes-in-your-organization, Enforcing repository management policies in your enterprise","fieldsIndex":15},{"action":"repository_visibility_change.disable","description":"The ability for enterprise members to update a repository's visibility was disabled. Members are unable to change repository visibilities in an organization, or all organizations in an enterprise.","docs_reference_links":"N/A","fieldsIndex":11},{"action":"repository_visibility_change.enable","description":"The ability for enterprise members to update a repository's visibility was enabled. Members are able to change repository visibilities in an organization, or all organizations in an enterprise.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"repository_vulnerability_alert.assign","description":"A user was assigned to a Dependabot alert.","docs_reference_links":"N/A","fieldsIndex":267},{"action":"repository_vulnerability_alert.auto_dismiss","description":"A Dependabot alert was automatically dismissed because its metadata matches an enabled Dependabot rule.","docs_reference_links":"/code-security/dependabot/dependabot-alerts/using-alert-rules-to-prioritize-dependabot-alerts","docs_reference_titles":"Dependabot auto-triage rules","fieldsIndex":268},{"action":"repository_vulnerability_alert.auto_reopen","description":"A previously auto-dismissed Dependabot alert was automatically reopened because its metadata no longer matches an enabled Dependabot rule.","docs_reference_links":"/code-security/dependabot/dependabot-alerts/using-alert-rules-to-prioritize-dependabot-alerts","docs_reference_titles":"Dependabot auto-triage rules","fieldsIndex":268},{"action":"repository_vulnerability_alert.create","description":"GitHub created a Dependabot alert because the repository uses a vulnerable dependency.","docs_reference_links":"/code-security/dependabot/dependabot-alerts/about-dependabot-alerts","docs_reference_titles":"Dependabot alerts","fieldsIndex":269},{"action":"repository_vulnerability_alert.dismiss","description":"A Dependabot alert was manually dismissed.","docs_reference_links":"N/A","fieldsIndex":270},{"action":"repository_vulnerability_alert.reintroduce","description":"A Dependabot alert was automatically reopened because the repository resumed use of a vulnerable dependency.","docs_reference_links":"N/A","fieldsIndex":269},{"action":"repository_vulnerability_alert.reopen","description":"A Dependabot alert was manually reopened.","docs_reference_links":"N/A","fieldsIndex":267},{"action":"repository_vulnerability_alert.resolve","description":"Changes were pushed to update and resolve a Dependabot alert in a project dependency.","docs_reference_links":"N/A","fieldsIndex":269},{"action":"repository_vulnerability_alert.unassign","description":"A user was unassigned to a Dependabot alert.","docs_reference_links":"N/A","fieldsIndex":271},{"action":"repository_vulnerability_alert.withdraw","description":"A Dependabot alert was withdrawn.","docs_reference_links":"N/A","fieldsIndex":272},{"action":"repository_vulnerability_alerts.authorized_users_teams","description":"The list of people or teams authorized to receive Dependabot alerts for the repository was updated.","docs_reference_links":"/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository#granting-access-to-security-alerts","docs_reference_titles":"/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository#granting-access-to-security-alerts","fieldsIndex":233},{"action":"repository_vulnerability_alerts_auto_dismissal.disable","description":"Automatic dismissal of low-impact Dependabot alerts was disabled for the repository.","docs_reference_links":"N/A","fieldsIndex":186},{"action":"repository_vulnerability_alerts_auto_dismissal.enable","description":"Automatic dismissal of low-impact Dependabot alerts was enabled for the repository.","docs_reference_links":"N/A","fieldsIndex":230},{"action":"repository_vulnerability_alerts.disable","description":"Dependabot alerts was disabled.","docs_reference_links":"N/A","fieldsIndex":230},{"action":"repository_vulnerability_alerts.enable","description":"Dependabot alerts was enabled.","docs_reference_links":"N/A","fieldsIndex":230},{"action":"required_status_check.create","description":"A status check was marked as required for a protected branch.","docs_reference_links":"/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches#require-status-checks-before-merging","docs_reference_titles":"/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches#require-status-checks-before-merging","fieldsIndex":273},{"action":"required_status_check.destroy","description":"A status check was no longer marked as required for a protected branch.","docs_reference_links":"/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches#require-status-checks-before-merging","docs_reference_titles":"/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches#require-status-checks-before-merging","fieldsIndex":273},{"action":"restrict_notification_delivery.disable","description":"Email notification restrictions for an organization or enterprise were disabled.","docs_reference_links":"/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/restricting-email-notifications-for-your-organization, /admin/policies/enforcing-policies-for-your-enterprise/restricting-email-notifications-for-your-enterprise","docs_reference_titles":"Restricting email notifications for your organization, Restricting email notifications for your enterprise","fieldsIndex":274},{"action":"restrict_notification_delivery.enable","description":"Email notification restrictions for an organization or enterprise were enabled.","docs_reference_links":"/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/restricting-email-notifications-for-your-organization, /admin/policies/enforcing-policies-for-your-enterprise/restricting-email-notifications-for-your-enterprise","docs_reference_titles":"Restricting email notifications for your organization, Restricting email notifications for your enterprise","fieldsIndex":275},{"action":"role.create","description":"A new custom repository role was created.","docs_reference_links":"/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/managing-custom-repository-roles-for-an-organization","docs_reference_titles":"Managing custom repository roles for an organization","fieldsIndex":276},{"action":"role.destroy","description":"A custom repository role was deleted.","docs_reference_links":"/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/managing-custom-repository-roles-for-an-organization","docs_reference_titles":"Managing custom repository roles for an organization","fieldsIndex":277},{"action":"role.update","description":"A custom repository role was edited.","docs_reference_links":"/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/managing-custom-repository-roles-for-an-organization","docs_reference_titles":"Managing custom repository roles for an organization","fieldsIndex":278},{"action":"secret_scanning_alert.assign","description":"A user was assigned to a secret scanning alert.","docs_reference_links":"/code-security/secret-scanning/managing-alerts-from-secret-scanning","docs_reference_titles":"Manage secret scanning alerts","fieldsIndex":279},{"action":"secret_scanning_alert.create","description":"GitHub detected a secret and created a secret scanning alert.","docs_reference_links":"/code-security/secret-scanning/managing-alerts-from-secret-scanning","docs_reference_titles":"Manage secret scanning alerts","fieldsIndex":279},{"action":"secret_scanning_alert.delete","description":"A secret scanning alert was deleted by GitHub. Note that deletions from custom patterns are not logged.","docs_reference_links":"/code-security/secret-scanning/managing-alerts-from-secret-scanning","docs_reference_titles":"Manage secret scanning alerts","fieldsIndex":280},{"action":"secret_scanning_alert.public_leak","description":"A secret scanning alert was leaked in a public repo.","docs_reference_links":"/code-security/secret-scanning/managing-alerts-from-secret-scanning","docs_reference_titles":"Manage secret scanning alerts","fieldsIndex":279},{"action":"secret_scanning_alert.reopen","description":"A secret scanning alert was reopened.","docs_reference_links":"N/A","fieldsIndex":281},{"action":"secret_scanning_alert.report","description":"A leaked secret was reported to the secret's provider by secret scanning.","docs_reference_links":"/code-security/secret-scanning/managing-alerts-from-secret-scanning/resolving-alerts","docs_reference_titles":"Resolving alerts from secret scanning","fieldsIndex":282},{"action":"secret_scanning_alert.resolve","description":"A secret scanning alert was resolved.","docs_reference_links":"N/A","fieldsIndex":281},{"action":"secret_scanning_alert.revoke","description":"A secret scanning alert was revoked.","docs_reference_links":"N/A","fieldsIndex":283},{"action":"secret_scanning_alert.unassign","description":"A user was unassigned from a secret scanning alert.","docs_reference_links":"/code-security/secret-scanning/managing-alerts-from-secret-scanning","docs_reference_titles":"Manage secret scanning alerts","fieldsIndex":279},{"action":"secret_scanning_alert.validate","description":"A secret scanning alert was validated.","docs_reference_links":"/code-security/secret-scanning/managing-alerts-from-secret-scanning","docs_reference_titles":"Manage secret scanning alerts","fieldsIndex":284},{"action":"secret_scanning_closure_request.approve","description":"A request to close a secret scanning alert was approved by a user.","docs_reference_links":"N/A","fieldsIndex":285},{"action":"secret_scanning_closure_request.cancel","description":"N/A","docs_reference_links":"A reqeust to close a secret scanning alert was canceled by a user.","docs_reference_titles":"A, reqeust, to, close, a, secret, scanning, alert, was, canceled, by, a, user.","fieldsIndex":55},{"action":"secret_scanning_closure_request.create","description":"N/A","docs_reference_links":"A user requested to close a secret scanning alert.","docs_reference_titles":"A, user, requested, to, close, a, secret, scanning, alert.","fieldsIndex":286},{"action":"secret_scanning_closure_request.deny","description":"A request to close a secret scanning alert was denied by a user.","docs_reference_links":"N/A","fieldsIndex":285},{"action":"secret_scanning.disable","description":"Secret scanning was disabled for all existing repositories.","docs_reference_links":"/code-security/secret-scanning/about-secret-scanning","docs_reference_titles":"Secret scanning","fieldsIndex":11},{"action":"secret_scanning.enable","description":"Secret scanning was enabled for all existing repositories.","docs_reference_links":"/code-security/secret-scanning/about-secret-scanning","docs_reference_titles":"Secret scanning","fieldsIndex":52},{"action":"secret_scanning_new_repos.disable","description":"Secret scanning was disabled for all new repositories.","docs_reference_links":"/code-security/secret-scanning/about-secret-scanning","docs_reference_titles":"Secret scanning","fieldsIndex":52},{"action":"secret_scanning_new_repos.enable","description":"Secret scanning was enabled for all new repositories.","docs_reference_links":"/code-security/secret-scanning/about-secret-scanning","docs_reference_titles":"Secret scanning","fieldsIndex":52},{"action":"secret_scanning_push_protection.bypass","description":"Triggered when a user bypasses the push protection on a secret detected by secret scanning.","docs_reference_links":"/code-security/secret-scanning/protecting-pushes-with-secret-scanning#bypassing-push-protection-for-a-secret","docs_reference_titles":"Push protection","fieldsIndex":287},{"action":"secret_scanning_push_protection_request.approve","description":"A request to bypass secret scanning push protection was approved by a user.","docs_reference_links":"/code-security/secret-scanning/push-protection-for-repositories-and-organizations#managing-requests-to-bypass-push-protection","docs_reference_titles":"Push protection","fieldsIndex":288},{"action":"secret_scanning_push_protection_request.cancel","description":"A user canceled a request to bypass secret scanning push protection.","docs_reference_links":"/code-security/secret-scanning/working-with-push-protection#requesting-bypass-privileges-when-working-with-the-command-line","docs_reference_titles":"/code-security/secret-scanning/working-with-push-protection#requesting-bypass-privileges-when-working-with-the-command-line","fieldsIndex":289},{"action":"secret_scanning_push_protection_request.complete","description":"A user pushed a commit containing a secret for which there is an approved secret scanning push protection bypass request.","docs_reference_links":"/code-security/secret-scanning/working-with-push-protection#requesting-bypass-privileges-when-working-with-the-command-line","docs_reference_titles":"/code-security/secret-scanning/working-with-push-protection#requesting-bypass-privileges-when-working-with-the-command-line","fieldsIndex":289},{"action":"secret_scanning_push_protection_request.deny","description":"A request to bypass secret scanning push protection was denied by a user.","docs_reference_links":"/code-security/secret-scanning/push-protection-for-repositories-and-organizations#managing-requests-to-bypass-push-protection","docs_reference_titles":"Push protection","fieldsIndex":290},{"action":"secret_scanning_push_protection_request.request","description":"A user requested to bypass secret scanning push protection.","docs_reference_links":"/code-security/secret-scanning/working-with-push-protection#requesting-bypass-privileges-when-working-with-the-command-line","docs_reference_titles":"/code-security/secret-scanning/working-with-push-protection#requesting-bypass-privileges-when-working-with-the-command-line","fieldsIndex":291},{"action":"secret_scanning_scan.completed","description":"A secret scanning scan has completed on this repository.","docs_reference_links":"/code-security/secret-scanning/about-secret-scanning","docs_reference_titles":"Secret scanning","fieldsIndex":292},{"action":"security_configuration.create","description":"A security configuration was created","docs_reference_links":"N/A","fieldsIndex":293},{"action":"security_configuration_default.delete","description":"A default security configuration setting for new repositories was removed.","docs_reference_links":"N/A","fieldsIndex":294},{"action":"security_configuration_default.update","description":"A default security configuration setting for new repositories was updated.","docs_reference_links":"N/A","fieldsIndex":294},{"action":"security_configuration.delete","description":"A security configuration was deleted","docs_reference_links":"N/A","fieldsIndex":293},{"action":"security_configuration_policy.update","description":"A security configuration policy was updated","docs_reference_links":"N/A","fieldsIndex":295},{"action":"security_configuration.update","description":"A security configuration was updated","docs_reference_links":"N/A","fieldsIndex":296},{"action":"sponsors.agreement_sign","description":"A GitHub Sponsors agreement was signed on behalf of an organization.","docs_reference_links":"N/A","fieldsIndex":297},{"action":"sponsors.custom_amount_settings_change","description":"Custom amounts for GitHub Sponsors were enabled or disabled, or the suggested custom amount was changed.","docs_reference_links":"/sponsors/receiving-sponsorships-through-github-sponsors/managing-your-sponsorship-tiers","docs_reference_titles":"/sponsors/receiving-sponsorships-through-github-sponsors/managing-your-sponsorship-tiers","fieldsIndex":297},{"action":"sponsors.fiscal_host_change","description":"The fiscal host for a GitHub Sponsors listing was updated.","docs_reference_links":"N/A","fieldsIndex":298},{"action":"sponsors.invoiced_agreement_sign","description":"An agreement for invoiced billing for GitHub Sponsors was signed.","docs_reference_links":"/sponsors/sponsoring-open-source-contributors/paying-for-github-sponsors-by-invoice","docs_reference_titles":"/sponsors/sponsoring-open-source-contributors/paying-for-github-sponsors-by-invoice","fieldsIndex":0},{"action":"sponsors.repo_funding_links_file_action","description":"The FUNDING file in a repository was changed.","docs_reference_links":"/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/displaying-a-sponsor-button-in-your-repository","docs_reference_titles":"/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/displaying-a-sponsor-button-in-your-repository","fieldsIndex":299},{"action":"sponsors.sponsor_sponsorship_cancel","description":"A sponsorship was canceled.","docs_reference_links":"/billing/managing-billing-for-github-sponsors/downgrading-a-sponsorship","docs_reference_titles":"Downgrading a sponsorship","fieldsIndex":300},{"action":"sponsors.sponsor_sponsorship_create","description":"A sponsorship was created, by sponsoring an account.","docs_reference_links":"/sponsors/sponsoring-open-source-contributors/about-sponsorships-fees-and-taxes","docs_reference_titles":"/sponsors/sponsoring-open-source-contributors/about-sponsorships-fees-and-taxes","fieldsIndex":301},{"action":"sponsors.sponsor_sponsorship_payment_complete","description":"After you sponsor an account and a payment has been processed, the sponsorship payment was marked as complete.","docs_reference_links":"/sponsors/sponsoring-open-source-contributors/about-sponsorships-fees-and-taxes","docs_reference_titles":"/sponsors/sponsoring-open-source-contributors/about-sponsorships-fees-and-taxes","fieldsIndex":301},{"action":"sponsors.sponsor_sponsorship_preference_change","description":"The option to receive email updates from a sponsored account was changed.","docs_reference_links":"/sponsors/sponsoring-open-source-contributors/managing-your-sponsorship","docs_reference_titles":"/sponsors/sponsoring-open-source-contributors/managing-your-sponsorship","fieldsIndex":300},{"action":"sponsors.sponsor_sponsorship_tier_change","description":"A sponsorship was upgraded or downgraded.","docs_reference_links":"/billing/managing-billing-for-github-sponsors/upgrading-a-sponsorship, /billing/managing-billing-for-github-sponsors/downgrading-a-sponsorship","docs_reference_titles":"Upgrading a sponsorship, Downgrading a sponsorship","fieldsIndex":301},{"action":"sponsors.sponsored_developer_approve","description":"A GitHub Sponsors account was approved.","docs_reference_links":"/sponsors/receiving-sponsorships-through-github-sponsors/setting-up-github-sponsors-for-your-personal-account","docs_reference_titles":"/sponsors/receiving-sponsorships-through-github-sponsors/setting-up-github-sponsors-for-your-personal-account","fieldsIndex":298},{"action":"sponsors.sponsored_developer_create","description":"A GitHub Sponsors account was created.","docs_reference_links":"/sponsors/receiving-sponsorships-through-github-sponsors/setting-up-github-sponsors-for-your-personal-account","docs_reference_titles":"/sponsors/receiving-sponsorships-through-github-sponsors/setting-up-github-sponsors-for-your-personal-account","fieldsIndex":302},{"action":"sponsors.sponsored_developer_disable","description":"A GitHub Sponsors account was disabled.","docs_reference_links":"N/A","fieldsIndex":298},{"action":"sponsors.sponsored_developer_profile_update","description":"The profile for GitHub Sponsors account was edited.","docs_reference_links":"/sponsors/receiving-sponsorships-through-github-sponsors/editing-your-profile-details-for-github-sponsors","docs_reference_titles":"/sponsors/receiving-sponsorships-through-github-sponsors/editing-your-profile-details-for-github-sponsors","fieldsIndex":302},{"action":"sponsors.sponsored_developer_redraft","description":"A GitHub Sponsors account was returned to draft state from approved state.","docs_reference_links":"N/A","fieldsIndex":298},{"action":"sponsors.sponsored_developer_request_approval","description":"An application for GitHub Sponsors was submitted for approval.","docs_reference_links":"/sponsors/receiving-sponsorships-through-github-sponsors/setting-up-github-sponsors-for-your-personal-account","docs_reference_titles":"/sponsors/receiving-sponsorships-through-github-sponsors/setting-up-github-sponsors-for-your-personal-account","fieldsIndex":298},{"action":"sponsors.sponsored_developer_tier_description_update","description":"The description for a sponsorship tier was changed.","docs_reference_links":"/sponsors/receiving-sponsorships-through-github-sponsors/managing-your-sponsorship-tiers","docs_reference_titles":"/sponsors/receiving-sponsorships-through-github-sponsors/managing-your-sponsorship-tiers","fieldsIndex":303},{"action":"sponsors.sponsors_patreon_user_create","description":"A Patreon account was linked to a user account for use with GitHub Sponsors.","docs_reference_links":"/sponsors/receiving-sponsorships-through-github-sponsors/enabling-sponsorships-through-patreon#linking-your-patreon-account-to-your-github-account","docs_reference_titles":"/sponsors/receiving-sponsorships-through-github-sponsors/enabling-sponsorships-through-patreon#linking-your-patreon-account-to-your-github-account","fieldsIndex":304},{"action":"sponsors.sponsors_patreon_user_destroy","description":"A Patreon account for use with GitHub Sponsors was unlinked from a user account.","docs_reference_links":"/sponsors/sponsoring-open-source-contributors/unlinking-your-patreon-account-from-your-github-account","docs_reference_titles":"Unlinking your Patreon account from GitHub","fieldsIndex":304},{"action":"sponsors.update_tier_repository","description":"A GitHub Sponsors tier changed access for a repository.","docs_reference_links":"N/A","fieldsIndex":303},{"action":"sponsors.update_tier_welcome_message","description":"The welcome message for a GitHub Sponsors tier for an organization was updated.","docs_reference_links":"N/A","fieldsIndex":303},{"action":"sponsors.withdraw_agreement_signature","description":"A signature was withdrawn from a GitHub Sponsors agreement that applies to an organization.","docs_reference_links":"N/A","fieldsIndex":297},{"action":"ssh_certificate_authority.create","description":"An SSH certificate authority for an organization or enterprise was created.","docs_reference_links":"/organizations/managing-git-access-to-your-organizations-repositories/managing-your-organizations-ssh-certificate-authorities, /admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-security-settings-in-your-enterprise#managing-ssh-certificate-authorities-for-your-enterprise","docs_reference_titles":"Managing your organization's SSH certificate authorities, Enforcing policies for security settings in your enterprise","fieldsIndex":305},{"action":"ssh_certificate_authority.destroy","description":"An SSH certificate authority for an organization or enterprise was deleted.","docs_reference_links":"/organizations/managing-git-access-to-your-organizations-repositories/managing-your-organizations-ssh-certificate-authorities, /admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-security-settings-in-your-enterprise#managing-ssh-certificate-authorities-for-your-enterprise","docs_reference_titles":"Managing your organization's SSH certificate authorities, Enforcing policies for security settings in your enterprise","fieldsIndex":305},{"action":"ssh_certificate_requirement.disable","description":"The requirement for members to use SSH certificates to access an organization resources was disabled.","docs_reference_links":"/organizations/managing-git-access-to-your-organizations-repositories/managing-your-organizations-ssh-certificate-authorities, /admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-security-settings-in-your-enterprise#managing-ssh-certificate-authorities-for-your-enterprise","docs_reference_titles":"Managing your organization's SSH certificate authorities, Enforcing policies for security settings in your enterprise","fieldsIndex":15},{"action":"ssh_certificate_requirement.enable","description":"The requirement for members to use SSH certificates to access an organization resources was enabled.","docs_reference_links":"/organizations/managing-git-access-to-your-organizations-repositories/managing-your-organizations-ssh-certificate-authorities, /admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-security-settings-in-your-enterprise#managing-ssh-certificate-authorities-for-your-enterprise","docs_reference_titles":"Managing your organization's SSH certificate authorities, Enforcing policies for security settings in your enterprise","fieldsIndex":15},{"action":"staff.dependabot_debug_credentials_generated","description":"Dependabot encrypted config was read.","docs_reference_links":"N/A","fieldsIndex":186},{"action":"staff.set_domain_token_expiration","description":"The verification code expiry time for an organization or enterprise domain was set.","docs_reference_links":"N/A","fieldsIndex":306},{"action":"staff.unverify_domain","description":"An organization or enterprise domain was unverified.","docs_reference_links":"N/A","fieldsIndex":307},{"action":"staff.verify_domain","description":"An organization or enterprise domain was verified.","docs_reference_links":"N/A","fieldsIndex":308},{"action":"sub_issues.parent_issue_add","description":"A parent issue was added to an issue.","docs_reference_links":"N/A","fieldsIndex":90},{"action":"sub_issues.parent_issue_remove","description":"A parent issue was removed from an issue.","docs_reference_links":"N/A","fieldsIndex":90},{"action":"sub_issues.sub_issue_add","description":"A sub-issue was added to an issue.","docs_reference_links":"N/A","fieldsIndex":90},{"action":"sub_issues.sub_issue_remove","description":"A sub-issue was removed from an issue.","docs_reference_links":"N/A","fieldsIndex":90},{"action":"team.add_member","description":"A member of an organization was added to a team.","docs_reference_links":"/organizations/organizing-members-into-teams/adding-organization-members-to-a-team","docs_reference_titles":"/organizations/organizing-members-into-teams/adding-organization-members-to-a-team","fieldsIndex":309},{"action":"team.add_repository","description":"A team was given access and permissions to a repository.","docs_reference_links":"N/A","fieldsIndex":310},{"action":"team.add_to_organization","description":"A team was added to an organization.","docs_reference_links":"N/A","fieldsIndex":311},{"action":"team.change_parent_team","description":"A child team was created or a child team's parent was changed.","docs_reference_links":"/organizations/organizing-members-into-teams/moving-a-team-in-your-organizations-hierarchy","docs_reference_titles":"/organizations/organizing-members-into-teams/moving-a-team-in-your-organizations-hierarchy","fieldsIndex":309},{"action":"team.change_privacy","description":"A team's privacy level was changed.","docs_reference_links":"/organizations/organizing-members-into-teams/changing-team-visibility","docs_reference_titles":"/organizations/organizing-members-into-teams/changing-team-visibility","fieldsIndex":309},{"action":"team.create","description":"A new team is created.","docs_reference_links":"N/A","fieldsIndex":309},{"action":"team.demote_maintainer","description":"A user was demoted from a team maintainer to a team member.","docs_reference_links":"/organizations/organizing-members-into-teams/assigning-the-team-maintainer-role-to-a-team-member","docs_reference_titles":"/organizations/organizing-members-into-teams/assigning-the-team-maintainer-role-to-a-team-member","fieldsIndex":309},{"action":"team.destroy","description":"A team was deleted.","docs_reference_links":"N/A","fieldsIndex":309},{"action":"team_group_mapping.create","description":"N/A","docs_reference_links":"N/A","fieldsIndex":312},{"action":"team_group_mapping.destroy","description":"N/A","docs_reference_links":"N/A","fieldsIndex":312},{"action":"team_group_mapping.update","description":"N/A","docs_reference_links":"N/A","fieldsIndex":312},{"action":"team.members_limit_warning","description":"A team is approaching its members limit.","docs_reference_links":"N/A","fieldsIndex":313},{"action":"team.organization_assignments_limit_reached","description":"A team has reached its organization assignments limit.","docs_reference_links":"N/A","fieldsIndex":313},{"action":"team.organization_assignments_limit_warning","description":"A team is approaching its organization assignments limit.","docs_reference_links":"N/A","fieldsIndex":313},{"action":"team.promote_maintainer","description":"A user was promoted from a team member to a team maintainer.","docs_reference_links":"/organizations/organizing-members-into-teams/assigning-the-team-maintainer-role-to-a-team-member#promoting-an-organization-member-to-team-maintainer","docs_reference_titles":"/organizations/organizing-members-into-teams/assigning-the-team-maintainer-role-to-a-team-member#promoting-an-organization-member-to-team-maintainer","fieldsIndex":309},{"action":"team.remove_from_organization","description":"A team was removed from an organization.","docs_reference_links":"N/A","fieldsIndex":311},{"action":"team.remove_member","description":"An organization member was removed from a team.","docs_reference_links":"/organizations/organizing-members-into-teams/removing-organization-members-from-a-team","docs_reference_titles":"/organizations/organizing-members-into-teams/removing-organization-members-from-a-team","fieldsIndex":309},{"action":"team.remove_repository","description":"A repository was removed from a team's control.","docs_reference_links":"N/A","fieldsIndex":314},{"action":"team.rename","description":"A team's name was changed.","docs_reference_links":"N/A","fieldsIndex":315},{"action":"team_sync_tenant.disabled","description":"Team synchronization with a tenant was disabled.","docs_reference_links":"/organizations/managing-saml-single-sign-on-for-your-organization/managing-team-synchronization-for-your-organization, /admin/identity-and-access-management/using-saml-for-enterprise-iam/managing-team-synchronization-for-organizations-in-your-enterprise","docs_reference_titles":"Managing team synchronization for your organization, Managing team synchronization for organizations in your enterprise","fieldsIndex":15},{"action":"team_sync_tenant.enabled","description":"Team synchronization with a tenant was enabled.","docs_reference_links":"/organizations/managing-saml-single-sign-on-for-your-organization/managing-team-synchronization-for-your-organization, /admin/identity-and-access-management/using-saml-for-enterprise-iam/managing-team-synchronization-for-organizations-in-your-enterprise","docs_reference_titles":"Managing team synchronization for your organization, Managing team synchronization for organizations in your enterprise","fieldsIndex":15},{"action":"team_sync_tenant.update_okta_credentials","description":"The Okta credentials for team synchronization with a tenant were changed.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"team.update_repository_permission","description":"A team's permission to a repository was changed.","docs_reference_links":"N/A","fieldsIndex":316},{"action":"user_content_edit.delete","description":"Triggered when a user content edit is deleted.","docs_reference_links":"N/A","fieldsIndex":317},{"action":"vulnerability_alert_rule.create","description":"A Dependabot rule was created.","docs_reference_links":"N/A","fieldsIndex":318},{"action":"vulnerability_alert_rule.delete","description":"A Dependabot rule was deleted.","docs_reference_links":"N/A","fieldsIndex":319},{"action":"vulnerability_alert_rule.disable","description":"A Dependabot rule was disabled for a single repository or disabled by default for an organization.","docs_reference_links":"N/A","fieldsIndex":318},{"action":"vulnerability_alert_rule.enable","description":"A Dependabot rule was enabled for a single repository or enabled by default for an organization.","docs_reference_links":"N/A","fieldsIndex":320},{"action":"vulnerability_alert_rule.force_disable","description":"A Dependabot rule was enabled for an organization and cannot be disabled for its repositories.","docs_reference_links":"N/A","fieldsIndex":321},{"action":"vulnerability_alert_rule.force_enable","description":"A Dependabot rule was disabled for an organization and cannot be enabled for its repositories.","docs_reference_links":"N/A","fieldsIndex":321},{"action":"vulnerability_alert_rule.update","description":"A Dependabot rule's conditions, actions, or metadata changed.","docs_reference_links":"N/A","fieldsIndex":318},{"action":"workflows.actions_policy_violation","description":"A workflow run produced one or more workflow execution protection policy violations.","docs_reference_links":"N/A","fieldsIndex":322},{"action":"workflows.approve_workflow_job","description":"A workflow job was approved.","docs_reference_links":"/actions/managing-workflow-runs/reviewing-deployments","docs_reference_titles":"Reviewing deployments","fieldsIndex":323},{"action":"workflows.bypass_protection_rules","description":"N/A","docs_reference_links":"N/A","fieldsIndex":324},{"action":"workflows.cancel_workflow_run","description":"A workflow run was cancelled.","docs_reference_links":"/actions/managing-workflow-runs/canceling-a-workflow","docs_reference_titles":"Canceling a workflow run","fieldsIndex":325},{"action":"workflows.comment_workflow_job","description":"N/A","docs_reference_links":"N/A","fieldsIndex":326},{"action":"workflows.completed_workflow_run","description":"A workflow status changed to completed. This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports.","docs_reference_links":"/actions/monitoring-and-troubleshooting-workflows/viewing-workflow-run-history","docs_reference_titles":"Viewing workflow run history","fieldsIndex":327},{"action":"workflows.created_workflow_run","description":"A workflow run was create. This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports.","docs_reference_links":"/actions/learn-github-actions/understanding-github-actions#create-an-example-workflow","docs_reference_titles":"Understanding GitHub Actions","fieldsIndex":328},{"action":"workflows.delete_workflow_run","description":"A workflow run was deleted.","docs_reference_links":"/actions/managing-workflow-runs/deleting-a-workflow-run","docs_reference_titles":"Deleting a workflow run","fieldsIndex":329},{"action":"workflows.disable_workflow","description":"A workflow was disabled.","docs_reference_links":"N/A","fieldsIndex":330},{"action":"workflows.enable_workflow","description":"A workflow was enabled, after previously being disabled by disable_workflow.","docs_reference_links":"N/A","fieldsIndex":330},{"action":"workflows.pin_workflow","description":"A workflow was pinned.","docs_reference_links":"N/A","fieldsIndex":331},{"action":"workflows.prepared_workflow_job","description":"A workflow job was started. Includes the list of secrets that were provided to the job. This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports.","docs_reference_links":"/actions/using-workflows/events-that-trigger-workflows","docs_reference_titles":"Events that trigger workflows","fieldsIndex":332},{"action":"workflows.reject_workflow_job","description":"A workflow job was rejected.","docs_reference_links":"/actions/managing-workflow-runs/reviewing-deployments","docs_reference_titles":"Reviewing deployments","fieldsIndex":333},{"action":"workflows.rerun_workflow_run","description":"A workflow run was re-run.","docs_reference_links":"/actions/managing-workflow-runs/re-running-workflows-and-jobs","docs_reference_titles":"Re-running workflows and jobs","fieldsIndex":334},{"action":"workflows.unpin_workflow","description":"A workflow was unpinned after previously being pinned.","docs_reference_links":"N/A","fieldsIndex":331},{"action":"account_recovery_token.confirm","description":"N/A","docs_reference_links":"N/A","fieldsIndex":0},{"action":"account_recovery_token.destroy","description":"N/A","docs_reference_links":"N/A","fieldsIndex":0},{"action":"account_recovery_token.recover","description":"N/A","docs_reference_links":"N/A","fieldsIndex":0},{"action":"billing.update_bill_cycle_day","description":"N/A","docs_reference_links":"N/A","fieldsIndex":15},{"action":"business.add_admin","description":"An enterprise owner was added to an enterprise.","docs_reference_links":"/admin/user-management/managing-users-in-your-enterprise/inviting-people-to-manage-your-enterprise","docs_reference_titles":"Inviting people to manage your enterprise","fieldsIndex":335},{"action":"business.add_billing_manager","description":"A billing manager was added to an enterprise.","docs_reference_links":"N/A","fieldsIndex":335},{"action":"business.add_support_entitlee","description":"A support entitlement was added to a member of an enterprise.","docs_reference_links":"/admin/user-management/managing-users-in-your-enterprise/managing-support-entitlements-for-your-enterprise","docs_reference_titles":"Managing support entitlements for your enterprise","fieldsIndex":336},{"action":"business.remove_admin","description":"An enterprise owner was removed from an enterprise.","docs_reference_links":"/admin/user-management/managing-users-in-your-enterprise/inviting-people-to-manage-your-enterprise","docs_reference_titles":"Inviting people to manage your enterprise","fieldsIndex":335},{"action":"business.remove_billing_manager","description":"A billing manager was removed from an enterprise.","docs_reference_links":"N/A","fieldsIndex":335},{"action":"business.remove_member","description":"A member was removed from an enterprise.","docs_reference_links":"N/A","fieldsIndex":337},{"action":"business.remove_support_entitlee","description":"A support entitlement was removed from a member of an enterprise.","docs_reference_links":"/admin/user-management/managing-users-in-your-enterprise/managing-support-entitlements-for-your-enterprise","docs_reference_titles":"Managing support entitlements for your enterprise","fieldsIndex":335},{"action":"business.security_center_export_code_scanning_metrics","description":"A CSV export was requested on the \"CodeQL pull request alerts\" page.","docs_reference_links":"N/A","fieldsIndex":145},{"action":"business.security_center_export_coverage","description":"A CSV export was requested on the \"Coverage\" page.","docs_reference_links":"N/A","fieldsIndex":146},{"action":"business.security_center_export_overview_dashboard","description":"A CSV export was requested on the \"Overview Dashboard\" page.","docs_reference_links":"N/A","fieldsIndex":145},{"action":"business.security_center_export_risk","description":"A CSV export was requested on the \"Risk\" page.","docs_reference_links":"N/A","fieldsIndex":146},{"action":"business.set_actions_cache_retention_policy","description":"The cache retention policy for GitHub Actions was set for an enterprise.","docs_reference_links":"/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise","docs_reference_titles":"Enforcing policies for GitHub Actions in your enterprise","fieldsIndex":336},{"action":"business.set_actions_cache_storage_policy","description":"The cache storage policy for GitHub Actions was set for an enterprise.","docs_reference_links":"/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise","docs_reference_titles":"Enforcing policies for GitHub Actions in your enterprise","fieldsIndex":13},{"action":"business.set_actions_fork_pr_approvals_policy","description":"The policy for requiring approvals for workflows from public forks was changed for an enterprise.","docs_reference_links":"/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise#enforcing-a-policy-for-fork-pull-requests-in-your-enterprise","docs_reference_titles":"Enforcing policies for GitHub Actions in your enterprise","fieldsIndex":338},{"action":"business.set_actions_private_fork_pr_approvals_policy","description":"The policy for requiring approval for fork pull request workflows from collaborators without write access to private repos was changed for an enterprise.","docs_reference_links":"/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise#enforcing-a-policy-for-fork-pull-requests-in-private-repositories","docs_reference_titles":"Enforcing policies for GitHub Actions in your enterprise","fieldsIndex":339},{"action":"business.set_actions_retention_limit","description":"The retention period for GitHub Actions artifacts and logs was changed for an enterprise.","docs_reference_links":"/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise#enforcing-a-policy-for-artifact-and-log-retention-in-your-enterprise","docs_reference_titles":"Enforcing policies for GitHub Actions in your enterprise","fieldsIndex":340},{"action":"business.set_default_workflow_permissions","description":"The default permissions granted to the GITHUB_TOKEN when running workflows were changed for an enterprise.","docs_reference_links":"/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise#enforcing-a-policy-for-workflow-permissions-in-your-enterprise","docs_reference_titles":"Enforcing policies for GitHub Actions in your enterprise","fieldsIndex":13},{"action":"business.set_fork_pr_workflows_policy","description":"The policy for fork pull request workflows was changed for an enterprise.","docs_reference_links":"/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise#enforcing-a-policy-for-fork-pull-requests-in-your-enterprise","docs_reference_titles":"Enforcing policies for GitHub Actions in your enterprise","fieldsIndex":339},{"action":"business.set_workflow_permission_can_approve_pr","description":"The policy for allowing GitHub Actions to create and approve pull requests was changed for an enterprise.","docs_reference_links":"/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise#preventing-github-actions-from-creating-or-approving-pull-requests","docs_reference_titles":"Enforcing policies for GitHub Actions in your enterprise","fieldsIndex":13},{"action":"gist.create","description":"A gist was created.","docs_reference_links":"N/A","fieldsIndex":341},{"action":"gist.destroy","description":"A gist was deleted.","docs_reference_links":"N/A","fieldsIndex":341},{"action":"gist.visibility_change","description":"The visibility of a gist was updated.","docs_reference_links":"N/A","fieldsIndex":341},{"action":"git_signing_ssh_public_key.create","description":"An SSH key was added to a user account as a Git commit signing key.","docs_reference_links":"/authentication/managing-commit-signature-verification/telling-git-about-your-signing-key","docs_reference_titles":"/authentication/managing-commit-signature-verification/telling-git-about-your-signing-key","fieldsIndex":342},{"action":"git_signing_ssh_public_key.delete","description":"An SSH key was removed from a user account as a Git commit signing key.","docs_reference_links":"/authentication/managing-commit-signature-verification/telling-git-about-your-signing-key","docs_reference_titles":"/authentication/managing-commit-signature-verification/telling-git-about-your-signing-key","fieldsIndex":343},{"action":"gpg_key.create","description":"N/A","docs_reference_links":"N/A","fieldsIndex":344},{"action":"gpg_key.destroy","description":"N/A","docs_reference_links":"N/A","fieldsIndex":344},{"action":"marketplace_listing_plan.create","description":"N/A","docs_reference_links":"N/A","fieldsIndex":345},{"action":"marketplace_listing_plan.publish","description":"N/A","docs_reference_links":"N/A","fieldsIndex":345},{"action":"marketplace_listing_plan.retire","description":"N/A","docs_reference_links":"N/A","fieldsIndex":345},{"action":"marketplace_listing_plan.update","description":"N/A","docs_reference_links":"N/A","fieldsIndex":345},{"action":"mcp_registry.allowlist_add_server","description":"A server was added to an MCP registry allowlist.","docs_reference_links":"N/A","fieldsIndex":346},{"action":"mcp_registry.allowlist_create","description":"An MCP registry allowlist was created.","docs_reference_links":"N/A","fieldsIndex":347},{"action":"mcp_registry.allowlist_delete","description":"An MCP registry allowlist was deleted.","docs_reference_links":"N/A","fieldsIndex":348},{"action":"mcp_registry.allowlist_remove_server","description":"A server was removed from an MCP registry allowlist.","docs_reference_links":"N/A","fieldsIndex":346},{"action":"mcp_registry.allowlist_set_server_entries","description":"Entries were set for a server in an MCP registry allowlist.","docs_reference_links":"N/A","fieldsIndex":349},{"action":"mcp_registry.allowlist_update","description":"An MCP registry allowlist was updated.","docs_reference_links":"N/A","fieldsIndex":350},{"action":"mcp_registry.settings_update","description":"An MCP policy setting for the business was updated.","docs_reference_links":"N/A","fieldsIndex":351},{"action":"oauth_access.create","description":"An OAuth access token was generated.","docs_reference_links":"/apps/oauth-apps/building-oauth-apps/authorizing-oauth-apps, /authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token","docs_reference_titles":"/apps/oauth-apps/building-oauth-apps/authorizing-oauth-apps, Managing your personal access tokens","fieldsIndex":352},{"action":"oauth_access.destroy","description":"An OAuth access token was deleted.","docs_reference_links":"/apps/oauth-apps/building-oauth-apps/authorizing-oauth-apps","docs_reference_titles":"/apps/oauth-apps/building-oauth-apps/authorizing-oauth-apps","fieldsIndex":353},{"action":"oauth_access.regenerate","description":"An OAuth access token was regenerated.","docs_reference_links":"N/A","fieldsIndex":352},{"action":"oauth_access.revoke","description":"An OAuth access token was revoked.","docs_reference_links":"N/A","fieldsIndex":354},{"action":"oauth_access.update","description":"An OAuth access token was updated.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"oauth_authorization.create","description":"An authorization for an OAuth application was created.","docs_reference_links":"/apps/oauth-apps/using-oauth-apps/authorizing-oauth-apps","docs_reference_titles":"/apps/oauth-apps/using-oauth-apps/authorizing-oauth-apps","fieldsIndex":352},{"action":"oauth_authorization.destroy","description":"An authorization for an OAuth application was deleted.","docs_reference_links":"/apps/using-github-apps/reviewing-your-authorized-integrations","docs_reference_titles":"Reviewing and revoking authorization of GitHub Apps","fieldsIndex":355},{"action":"oauth_authorization.update","description":"An authorization for an OAuth application was updated.","docs_reference_links":"/apps/oauth-apps/using-oauth-apps/authorizing-oauth-apps","docs_reference_titles":"/apps/oauth-apps/using-oauth-apps/authorizing-oauth-apps","fieldsIndex":356},{"action":"passkey.register","description":"A new passkey was added.","docs_reference_links":"N/A","fieldsIndex":357},{"action":"passkey.remove","description":"A new passkey was removed.","docs_reference_links":"N/A","fieldsIndex":357},{"action":"personal_access_token.create","description":"Triggered when you create a fine-grained personal access token.","docs_reference_links":"N/A","fieldsIndex":358},{"action":"personal_access_token.credential_regenerated","description":"Triggered when you regenerate a fine-grained personal access token.","docs_reference_links":"N/A","fieldsIndex":359},{"action":"personal_access_token.credential_revoked","description":"A fine-grained personal access token was revoked by GitHub Advanced Security.","docs_reference_links":"/code-security/getting-started/github-security-features#secret-scanning-alerts-for-users","docs_reference_titles":"/code-security/getting-started/github-security-features#secret-scanning-alerts-for-users","fieldsIndex":360},{"action":"personal_access_token.destroy","description":"Triggered when you delete a fine-grained personal access token.","docs_reference_links":"N/A","fieldsIndex":361},{"action":"personal_access_token.update","description":"A fine-grained personal access token was updated.","docs_reference_links":"/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens#fine-grained-personal-access-tokens","docs_reference_titles":"/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens#fine-grained-personal-access-tokens","fieldsIndex":362},{"action":"repo.temporary_access_granted","description":"Temporary access was enabled for a repository.","docs_reference_links":"/admin/user-management/managing-repositories-in-your-enterprise/accessing-user-owned-repositories-in-your-enterprise","docs_reference_titles":"Accessing user-owned repositories in your enterprise","fieldsIndex":103},{"action":"sandbox.add_port","description":"A forwarded port was added to a sandbox.","docs_reference_links":"N/A","fieldsIndex":0},{"action":"sandbox.create","description":"A sandbox was created.","docs_reference_links":"N/A","fieldsIndex":0},{"action":"sandbox.delete","description":"A sandbox was deleted.","docs_reference_links":"N/A","fieldsIndex":0},{"action":"sandbox.generate_token","description":"A token was generated for a sandbox.","docs_reference_links":"N/A","fieldsIndex":0},{"action":"sandbox.remove_port","description":"A forwarded port was removed from a sandbox.","docs_reference_links":"N/A","fieldsIndex":0},{"action":"sandbox.resume","description":"A sandbox was resumed.","docs_reference_links":"N/A","fieldsIndex":0},{"action":"sandbox.stop","description":"A sandbox was stopped.","docs_reference_links":"N/A","fieldsIndex":0},{"action":"security_key.register","description":"A security key was registered for an account.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"security_key.remove","description":"A security key was removed from an account.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"social_identity.linked","description":"A user linked a social identity to their account.","docs_reference_links":"N/A","fieldsIndex":0},{"action":"social_identity.unlinked","description":"A user unlinked a social identity from their account.","docs_reference_links":"N/A","fieldsIndex":16},{"action":"social_identity.unlinked_all","description":"A user unlinked all social identities from their account.","docs_reference_links":"N/A","fieldsIndex":0},{"action":"sponsors.sponsored_developer_update_newsletter_send","description":"Triggered when you send an email update to your sponsors.","docs_reference_links":"/sponsors/receiving-sponsorships-through-github-sponsors/contacting-your-sponsors","docs_reference_titles":"/sponsors/receiving-sponsorships-through-github-sponsors/contacting-your-sponsors","fieldsIndex":15},{"action":"sponsors.waitlist_join","description":"You join the waitlist to join GitHub Sponsors.","docs_reference_links":"/sponsors/receiving-sponsorships-through-github-sponsors/setting-up-github-sponsors-for-your-personal-account","docs_reference_titles":"/sponsors/receiving-sponsorships-through-github-sponsors/setting-up-github-sponsors-for-your-personal-account","fieldsIndex":302},{"action":"successor_invitation.accept","description":"Triggered when you accept a succession invitation.","docs_reference_links":"/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-access-to-your-personal-repositories/maintaining-ownership-continuity-of-your-personal-accounts-repositories","docs_reference_titles":"Maintaining ownership continuity of your personal account's repositories","fieldsIndex":0},{"action":"successor_invitation.cancel","description":"Triggered when you cancel a succession invitation.","docs_reference_links":"/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-access-to-your-personal-repositories/maintaining-ownership-continuity-of-your-personal-accounts-repositories","docs_reference_titles":"Maintaining ownership continuity of your personal account's repositories","fieldsIndex":0},{"action":"successor_invitation.create","description":"Triggered when you create a succession invitation.","docs_reference_links":"/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-access-to-your-personal-repositories/maintaining-ownership-continuity-of-your-personal-accounts-repositories","docs_reference_titles":"Maintaining ownership continuity of your personal account's repositories","fieldsIndex":0},{"action":"successor_invitation.decline","description":"Triggered when you decline a succession invitation.","docs_reference_links":"/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-access-to-your-personal-repositories/maintaining-ownership-continuity-of-your-personal-accounts-repositories","docs_reference_titles":"Maintaining ownership continuity of your personal account's repositories","fieldsIndex":0},{"action":"successor_invitation.destroy","description":"N/A","docs_reference_links":"N/A","fieldsIndex":0},{"action":"successor_invitation.revoke","description":"Triggered when you revoke a succession invitation.","docs_reference_links":"/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-access-to-your-personal-repositories/maintaining-ownership-continuity-of-your-personal-accounts-repositories","docs_reference_titles":"Maintaining ownership continuity of your personal account's repositories","fieldsIndex":363},{"action":"trusted_device.register","description":"A new trusted device was added.","docs_reference_links":"N/A","fieldsIndex":0},{"action":"trusted_device.remove","description":"A trusted device was removed.","docs_reference_links":"N/A","fieldsIndex":0},{"action":"two_factor_account_recovery.abort","description":"N/A","docs_reference_links":"N/A","fieldsIndex":0},{"action":"two_factor_account_recovery.complete","description":"N/A","docs_reference_links":"N/A","fieldsIndex":0},{"action":"two_factor_account_recovery.ignore","description":"N/A","docs_reference_links":"N/A","fieldsIndex":0},{"action":"two_factor_account_recovery.staff_approve","description":"N/A","docs_reference_links":"N/A","fieldsIndex":0},{"action":"two_factor_account_recovery.staff_decline","description":"N/A","docs_reference_links":"N/A","fieldsIndex":0},{"action":"two_factor_account_recovery.start","description":"N/A","docs_reference_links":"N/A","fieldsIndex":15},{"action":"two_factor_account_recovery.two_factor_destroy","description":"N/A","docs_reference_links":"N/A","fieldsIndex":0},{"action":"two_factor_authentication.add_factor","description":"A secondary authentication factor was added to a user account.","docs_reference_links":"/authentication/securing-your-account-with-two-factor-authentication-2fa/configuring-two-factor-authentication","docs_reference_titles":"/authentication/securing-your-account-with-two-factor-authentication-2fa/configuring-two-factor-authentication","fieldsIndex":15},{"action":"two_factor_authentication.disabled","description":"Two-factor authentication was disabled for a user account.","docs_reference_links":"https://docs.github.com/en/authentication/securing-your-account-with-two-factor-authentication-2fa/disabling-two-factor-authentication-for-your-personal-account","docs_reference_titles":"Disabling two-factor authentication for your personal account","fieldsIndex":15},{"action":"two_factor_authentication.enabled","description":"Two-factor authentication was enabled for a user account.","docs_reference_links":"https://docs.github.com/en/authentication/securing-your-account-with-two-factor-authentication-2fa/configuring-two-factor-authentication","docs_reference_titles":"Configuring two-factor authentication","fieldsIndex":15},{"action":"two_factor_authentication.password_reset_fallback_sms","description":"A one-time password code was sent to a user account fallback phone number.","docs_reference_links":"N/A","fieldsIndex":0},{"action":"two_factor_authentication.recovery_codes_regenerated","description":"Two factor recovery codes were regenerated for a user account.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"two_factor_authentication.remove_factor","description":"A secondary authentication factor was removed from a user account.","docs_reference_links":"/authentication/securing-your-account-with-two-factor-authentication-2fa/configuring-two-factor-authentication","docs_reference_titles":"/authentication/securing-your-account-with-two-factor-authentication-2fa/configuring-two-factor-authentication","fieldsIndex":15},{"action":"two_factor_authentication.sign_in_fallback_sms","description":"A one-time password code was sent to a user account fallback phone number.","docs_reference_links":"N/A","fieldsIndex":0},{"action":"two_factor_authentication.update_fallback","description":"The two-factor authentication fallback for a user account was changed.","docs_reference_links":"N/A","fieldsIndex":0},{"action":"user.add_email","description":"An email address was added to a user account.","docs_reference_links":"/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-email-preferences/adding-an-email-address-to-your-github-account","docs_reference_titles":"Adding an email address to your GitHub account","fieldsIndex":364},{"action":"user.async_delete","description":"An asynchronous job was started to destroy a user account, eventually triggering a user.delete event.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"user.audit_log_export","description":"Audit log entries were exported.","docs_reference_links":"N/A","fieldsIndex":114},{"action":"user.block_user","description":"A user was blocked by another user.","docs_reference_links":"N/A","fieldsIndex":116},{"action":"user.change_password","description":"A user changed their password.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"user.codespaces_trusted_repo_access_granted","description":"Triggered when you allow the codespaces you create for a repository to access other repositories owned by your personal account.","docs_reference_links":"/codespaces/managing-codespaces-for-your-organization/managing-repository-access-for-your-organizations-codespaces","docs_reference_titles":"Managing access to other repositories within your codespace","fieldsIndex":365},{"action":"user.codespaces_trusted_repo_access_revoked","description":"Triggered when you disallow the codespaces you create for a repository to access other repositories owned by your personal account.","docs_reference_links":"/codespaces/managing-codespaces-for-your-organization/managing-repository-access-for-your-organizations-codespaces","docs_reference_titles":"Managing access to other repositories within your codespace","fieldsIndex":119},{"action":"user.create","description":"A new user account was created.","docs_reference_links":"N/A","fieldsIndex":366},{"action":"user.create_integration_secret","description":"A user secret for Codespaces was created.","docs_reference_links":"N/A","fieldsIndex":367},{"action":"user.creation_rate_limit_exceeded","description":"The rate of creation of user accounts, applications, issues, pull requests or other resources exceeded the configured rate limits, or too many users were followed too quickly.","docs_reference_links":"N/A","fieldsIndex":16},{"action":"user.delete","description":"A user account was destroyed by an asynchronous job.","docs_reference_links":"N/A","fieldsIndex":0},{"action":"user.demote","description":"A site administrator was demoted to an ordinary user account.","docs_reference_links":"N/A","fieldsIndex":363},{"action":"user.destroy","description":"A user deleted his or her account, triggering user.async_delete.","docs_reference_links":"N/A","fieldsIndex":0},{"action":"user.device_verification_failure","description":"N/A","docs_reference_links":"N/A","fieldsIndex":15},{"action":"user.device_verification_requested","description":"N/A","docs_reference_links":"N/A","fieldsIndex":15},{"action":"user.device_verification_success","description":"N/A","docs_reference_links":"N/A","fieldsIndex":15},{"action":"user.disable_collaborators_only","description":"N/A","docs_reference_links":"N/A","fieldsIndex":363},{"action":"user.disable_contributors_only","description":"N/A","docs_reference_links":"N/A","fieldsIndex":0},{"action":"user.disable_sockpuppet_disallowed","description":"N/A","docs_reference_links":"N/A","fieldsIndex":368},{"action":"user_email.confirm_claim","description":"An enterprise managed user claimed an email address.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"user_email.mark_as_unclaimed","description":"N/A","docs_reference_links":"An enterprise managed user unclaimed an email address.","docs_reference_titles":"An, GitHub Help Documentation, managed, user, unclaimed, an, email, address.","fieldsIndex":15},{"action":"user.enable_collaborators_only","description":"N/A","docs_reference_links":"N/A","fieldsIndex":363},{"action":"user.enable_contributors_only","description":"N/A","docs_reference_links":"N/A","fieldsIndex":368},{"action":"user.enable_sockpuppet_disallowed","description":"N/A","docs_reference_links":"N/A","fieldsIndex":368},{"action":"user.failed_login","description":"A user tried to sign in with an incorrect username, password, or two-factor authentication code.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"user.forgot_password","description":"A user requested a password reset.","docs_reference_links":"/authentication/keeping-your-account-and-data-secure/updating-your-github-access-credentials","docs_reference_titles":"/authentication/keeping-your-account-and-data-secure/updating-your-github-access-credentials","fieldsIndex":369},{"action":"user.grant_github_developer","description":"N/A","docs_reference_links":"N/A","fieldsIndex":0},{"action":"user.hide_private_contributions_count","description":"A user changed the visibility of their private contributions. The number of contributions to private repositories on the user's profile are now hidden.","docs_reference_links":"/account-and-profile/setting-up-and-managing-your-github-profile/managing-contribution-settings-on-your-profile/showing-your-private-contributions-and-achievements-on-your-profile","docs_reference_titles":"Manage visibility settings for private contributions","fieldsIndex":15},{"action":"user.login","description":"A user signed in.","docs_reference_links":"N/A","fieldsIndex":370},{"action":"user.logout","description":"A user signed out.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"user.new_device_used","description":"A user signed in from a new device.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"user.promote","description":"An ordinary user account was promoted to a site administrator.","docs_reference_links":"N/A","fieldsIndex":363},{"action":"user.recreate","description":"A user's account was restored.","docs_reference_links":"N/A","fieldsIndex":0},{"action":"user.remove_email","description":"An email address was removed from a user account.","docs_reference_links":"N/A","fieldsIndex":364},{"action":"user.remove_integration_secret","description":"A user secret for Codespaces was deleted.","docs_reference_links":"N/A","fieldsIndex":371},{"action":"user.rename","description":"A username was changed.","docs_reference_links":"N/A","fieldsIndex":372},{"action":"user.reset_password","description":"A user reset their account password.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"user_session.country_change","description":"N/A","docs_reference_links":"N/A","fieldsIndex":15},{"action":"user.show_private_contributions_count","description":"A user changed the visibility of their private contributions. The number of contributions to private repositories on the user's profile are now shown.","docs_reference_links":"/account-and-profile/setting-up-and-managing-your-github-profile/managing-contribution-settings-on-your-profile/showing-your-private-contributions-and-achievements-on-your-profile","docs_reference_titles":"Manage visibility settings for private contributions","fieldsIndex":15},{"action":"user.sign_in_from_unrecognized_device","description":"A user signed in from an unrecognized device.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"user.sign_in_from_unrecognized_device_and_location","description":"A user signed in from an unrecognized device and location.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"user_status.destroy","description":"Triggered when you clear the status on your profile.","docs_reference_links":"N/A","fieldsIndex":373},{"action":"user_status.update","description":"Triggered when you set or change the status on your profile.","docs_reference_links":"/account-and-profile/setting-up-and-managing-your-github-profile/customizing-your-profile/personalizing-your-profile#setting-a-status","docs_reference_titles":"Personalize your profile","fieldsIndex":374},{"action":"user.suspend","description":"A user account was suspended.","docs_reference_links":"N/A","fieldsIndex":11},{"action":"user.toggle_warn_private_email","description":"N/A","docs_reference_links":"N/A","fieldsIndex":0},{"action":"user.two_factor_challenge_failure","description":"A 2FA challenge issued for a user account failed.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"user.two_factor_challenge_success","description":"A 2FA challenge issued for a user account succeeded.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"user.two_factor_recover","description":"A user used their 2FA recovery codes.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"user.two_factor_recovery_codes_downloaded","description":"A user downloaded 2FA recovery codes for their account.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"user.two_factor_recovery_codes_printed","description":"A user printed 2FA recovery codes for their account.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"user.two_factor_recovery_codes_viewed","description":"A user viewed 2FA recovery codes for their account.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"user.two_factor_requested","description":"A user was prompted for a two-factor authentication code.","docs_reference_links":"/authentication/securing-your-account-with-two-factor-authentication-2fa/accessing-github-using-two-factor-authentication","docs_reference_titles":"/authentication/securing-your-account-with-two-factor-authentication-2fa/accessing-github-using-two-factor-authentication","fieldsIndex":15},{"action":"user.unblock_user","description":"A user was unblocked by another user.","docs_reference_links":"N/A","fieldsIndex":375},{"action":"user.unsuspend","description":"A user account was unsuspended.","docs_reference_links":"N/A","fieldsIndex":11},{"action":"user.update_integration_secret","description":"A user secret for Codespaces was updated.","docs_reference_links":"N/A","fieldsIndex":367},{"action":"user.update_new_repository_default_branch_setting","description":"N/A","docs_reference_links":"N/A","fieldsIndex":15},{"action":"api.request","description":"An API request was made to an endpoint for the enterprise, or an enterprise owned resource. This event is only included if API Request Events is enabled in the enterprise's audit log settings. This event is only available via audit log streaming.","docs_reference_links":"/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/streaming-the-audit-log-for-your-enterprise#enabling-audit-log-streaming-of-api-requests","docs_reference_titles":"Streaming the audit log for your enterprise","fieldsIndex":376},{"action":"audit_log_streaming.check","description":"A manual check of the endpoint configured for audit log streaming was performed.","docs_reference_links":"N/A","fieldsIndex":377},{"action":"audit_log_streaming.create","description":"An endpoint was added for audit log streaming.","docs_reference_links":"N/A","fieldsIndex":378},{"action":"audit_log_streaming.destroy","description":"An audit log streaming endpoint was deleted.","docs_reference_links":"N/A","fieldsIndex":379},{"action":"audit_log_streaming.update","description":"An endpoint configuration was updated for audit log streaming, such as the stream was paused, enabled, or disabled.","docs_reference_links":"N/A","fieldsIndex":380},{"action":"business.add_disallowed_two_factor_method","description":"An enterprise prevented access to resources by users with the given two-factor method.","docs_reference_links":"N/A","fieldsIndex":381},{"action":"business.add_organization","description":"An organization was added to an enterprise.","docs_reference_links":"N/A","fieldsIndex":382},{"action":"business_advanced_security.disabled","description":"GitHub Advanced Security was disabled for your enterprise.","docs_reference_links":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise","docs_reference_titles":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise","fieldsIndex":11},{"action":"business_advanced_security.disabled_for_new_repos","description":"GitHub Advanced Security was disabled for new repositories in your enterprise.","docs_reference_links":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise","docs_reference_titles":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise","fieldsIndex":15},{"action":"business_advanced_security.disabled_for_new_user_namespace_repos","description":"GitHub Advanced Security was disabled for new user namespace repositories in your enterprise.","docs_reference_links":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise","docs_reference_titles":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise","fieldsIndex":15},{"action":"business_advanced_security.enabled","description":"GitHub Advanced Security was enabled for your enterprise.","docs_reference_links":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise","docs_reference_titles":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise","fieldsIndex":11},{"action":"business_advanced_security.enabled_for_new_repos","description":"GitHub Advanced Security was enabled for new repositories in your enterprise.","docs_reference_links":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise","docs_reference_titles":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise","fieldsIndex":11},{"action":"business_advanced_security.enabled_for_new_user_namespace_repos","description":"GitHub Advanced Security was enabled for new user namespace repositories in your enterprise.","docs_reference_links":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise","docs_reference_titles":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise","fieldsIndex":15},{"action":"business.advanced_security_metered_usage_lock","description":"Enablement for Advanced Security features on new repositories has been locked for this enterprise.","docs_reference_links":"N/A","fieldsIndex":120},{"action":"business.advanced_security_metered_usage_unlock","description":"Enablement for Advanced Security features on new repositories has been unlocked for this enterprise.","docs_reference_links":"N/A","fieldsIndex":120},{"action":"business.advanced_security_policy_update","description":"An enterprise owner created, updated, or removed a policy for GitHub Advanced Security.","docs_reference_links":"/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-code-security-and-analysis-for-your-enterprise","docs_reference_titles":"Enforcing policies for code security and analysis for your enterprise","fieldsIndex":383},{"action":"business.advanced_security_repo_admin_enablement_policy_update","description":"N/A","docs_reference_links":"N/A","fieldsIndex":383},{"action":"business_advanced_security.user_namespace_repos_disabled","description":"GitHub Advanced Security was disabled for user namespace repositories in your enterprise.","docs_reference_links":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise","docs_reference_titles":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise","fieldsIndex":15},{"action":"business_advanced_security.user_namespace_repos_enabled","description":"GitHub Advanced Security was enabled for user namespace repositories in your enterprise.","docs_reference_links":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise","docs_reference_titles":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise","fieldsIndex":15},{"action":"business.audit_log_export","description":"An export of the enterprise audit log was created. If the export included a query, the log will list the query used and the number of audit log entries matching that query.","docs_reference_links":"admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/exporting-audit-log-activity-for-your-enterprise","docs_reference_titles":"Exporting audit log activity for your enterprise","fieldsIndex":114},{"action":"business.audit_log_git_event_export","description":"An export of the enterprise's Git events was created.","docs_reference_links":"admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/exporting-audit-log-activity-for-your-enterprise","docs_reference_titles":"Exporting audit log activity for your enterprise","fieldsIndex":115},{"action":"business.cancel_admin_invitation","description":"An invitation for someone to be an owner of an enterprise was canceled.","docs_reference_links":"N/A","fieldsIndex":384},{"action":"business.cancel_billing_manager_invitation","description":"An invitation for someone to be an billing manager of an enterprise was canceled.","docs_reference_links":"N/A","fieldsIndex":385},{"action":"business.cancel_trial","description":"The trial of GitHub Enterprise Cloud was canceled.","docs_reference_links":"/admin/overview/setting-up-a-trial-of-github-enterprise-cloud","docs_reference_titles":"Setting up a trial of GitHub Enterprise Cloud","fieldsIndex":336},{"action":"business.change_seats_plan_type","description":"The seats plan type was changed for an enterprise.","docs_reference_links":"N/A","fieldsIndex":386},{"action":"business.clear_actions_settings","description":"An enterprise owner or site administrator cleared GitHub Actions policy settings for an enterprise.","docs_reference_links":"/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise","docs_reference_titles":"Enforcing policies for GitHub Actions in your enterprise","fieldsIndex":387},{"action":"business.clear_default_repository_permission","description":"An enterprise owner cleared the base repository permission policy setting for an enterprise.","docs_reference_links":"/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-base-repository-permissions","docs_reference_titles":"Enforcing repository management policies in your enterprise","fieldsIndex":13},{"action":"business.clear_disallowed_two_factor_methods","description":"Cleared two-factor authentication restrictions for an enterprise.","docs_reference_links":"N/A","fieldsIndex":13},{"action":"business.clear_members_can_create_repos","description":"An enterprise owner cleared a restriction on repository creation in organizations in the enterprise.","docs_reference_links":"/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#setting-a-policy-for-repository-creation","docs_reference_titles":"Enforcing repository management policies in your enterprise","fieldsIndex":388},{"action":"business.code_quality_access_policy_update","description":"The policy for Code Quality access was updated for an enterprise.","docs_reference_links":"N/A","fieldsIndex":383},{"action":"business.code_quality_enablement_policy_update","description":"The policy for Code Quality enablement was updated for an enterprise.","docs_reference_links":"N/A","fieldsIndex":383},{"action":"business.code_scanning_ai_findings_policy_update","description":"The policy for Code scanning AI findings was updated for an enterprise.","docs_reference_links":"N/A","fieldsIndex":383},{"action":"business.code_scanning_autofix_policy_update","description":"The policy for Code scanning autofix was updated for an enterprise.","docs_reference_links":"N/A","fieldsIndex":383},{"action":"business.code_scanning_autofix_third_party_tools_policy_update","description":"The policy for Code scanning autofix third party tools was updated for an enterprise.","docs_reference_links":"/code-security/getting-started/github-security-features#available-with-github-code-security","docs_reference_titles":"/code-security/getting-started/github-security-features#available-with-github-code-security","fieldsIndex":383},{"action":"business.code_security_enablement_policy_update","description":"The policy for Code Security enablement was updated for an enterprise.","docs_reference_links":"/code-security/getting-started/github-security-features#available-with-github-code-security","docs_reference_titles":"/code-security/getting-started/github-security-features#available-with-github-code-security","fieldsIndex":383},{"action":"business.code_security_metered_usage_lock","description":"Enablement for Code Security features on new repositories has been locked for this enterprise.","docs_reference_links":"N/A","fieldsIndex":120},{"action":"business.code_security_metered_usage_unlock","description":"Enablement for Code Security features on new repositories has been unlocked for this enterprise.","docs_reference_links":"N/A","fieldsIndex":120},{"action":"business.connect_usage_metrics_export","description":"Server statistics were exported for the enterprise.","docs_reference_links":"/admin/monitoring-activity-in-your-enterprise/analyzing-how-your-team-works-with-server-statistics/exporting-server-statistics","docs_reference_titles":"Exporting Server Statistics","fieldsIndex":336},{"action":"business.convert_trial","description":"The enterprise account on a trial of GitHub Enterprise Cloud was upgraded to a paid enterprise account.","docs_reference_links":"/admin/overview/setting-up-a-trial-of-github-enterprise-cloud","docs_reference_titles":"Setting up a trial of GitHub Enterprise Cloud","fieldsIndex":336},{"action":"business.create","description":"An enterprise was created.","docs_reference_links":"N/A","fieldsIndex":336},{"action":"business.create_trial","description":"A trial of GitHub Enterprise Cloud began.","docs_reference_links":"/admin/overview/setting-up-a-trial-of-github-enterprise-cloud","docs_reference_titles":"Setting up a trial of GitHub Enterprise Cloud","fieldsIndex":336},{"action":"business.delete","description":"The enterprise was deleted.","docs_reference_links":"/admin/overview/deleting-an-enterprise-account","docs_reference_titles":"Deleting an enterprise account","fieldsIndex":336},{"action":"business.delete_custom_image","description":"A custom image was deleted for an enterprise.","docs_reference_links":"/actions/how-tos/manage-runners/larger-runners/use-custom-images","docs_reference_titles":"/actions/how-tos/manage-runners/larger-runners/use-custom-images","fieldsIndex":13},{"action":"business.delete_custom_image_version","description":"A custom image version was deleted for an enterprise.","docs_reference_links":"/actions/how-tos/manage-runners/larger-runners/use-custom-images","docs_reference_titles":"/actions/how-tos/manage-runners/larger-runners/use-custom-images","fieldsIndex":13},{"action":"business_dependabot_alerts.disable","description":"Dependabot alerts were disabled for your enterprise.","docs_reference_links":"N/A","fieldsIndex":11},{"action":"business_dependabot_alerts.enable","description":"Dependabot alerts were enabled for your enterprise.","docs_reference_links":"N/A","fieldsIndex":11},{"action":"business_dependabot_alerts_new_repos.disable","description":"Dependabot alerts were disabled for new repositories in your enterprise.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"business_dependabot_alerts_new_repos.enable","description":"Dependabot alerts were enabled for new repositories in your enterprise.","docs_reference_links":"N/A","fieldsIndex":11},{"action":"business.dependabot_alerts_repo_admin_enablement_policy_update","description":"N/A","docs_reference_links":"N/A","fieldsIndex":383},{"action":"business.disable_oidc","description":"OIDC single sign-on was disabled for an enterprise.","docs_reference_links":"/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/configuring-oidc-for-enterprise-managed-users","docs_reference_titles":"Configuring OIDC for Enterprise Managed Users","fieldsIndex":15},{"action":"business.disable_open_scim","description":"SCIM provisioning for custom integrations that use the REST API was disabled for the enterprise.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"business.disable_saml","description":"SAML single sign-on was disabled for an enterprise.","docs_reference_links":"N/A","fieldsIndex":389},{"action":"business.disable_source_ip_disclosure","description":"Display of IP addresses within audit log events for the enterprise was disabled.","docs_reference_links":"/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/displaying-ip-addresses-in-the-audit-log-for-your-enterprise","docs_reference_titles":"Displaying IP addresses in the audit log for your enterprise","fieldsIndex":15},{"action":"business.disable_two_factor_requirement","description":"The requirement for members to have two-factor authentication enabled to access an enterprise was disabled.","docs_reference_links":"N/A","fieldsIndex":336},{"action":"business.enable_oidc","description":"OIDC single sign-on was enabled for an enterprise.","docs_reference_links":"/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/configuring-oidc-for-enterprise-managed-users","docs_reference_titles":"Configuring OIDC for Enterprise Managed Users","fieldsIndex":15},{"action":"business.enable_open_scim","description":"SCIM provisioning for custom integrations that use the REST API was enabled for the enterprise.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"business.enable_saml","description":"SAML single sign-on was enabled for an enterprise.","docs_reference_links":"N/A","fieldsIndex":389},{"action":"business.enable_source_ip_disclosure","description":"Display of IP addresses within audit log events for the enterprise was enabled.","docs_reference_links":"/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/displaying-ip-addresses-in-the-audit-log-for-your-enterprise","docs_reference_titles":"Displaying IP addresses in the audit log for your enterprise","fieldsIndex":15},{"action":"business.enable_two_factor_requirement","description":"The requirement for members to have two-factor authentication enabled to access an enterprise was enabled.","docs_reference_links":"N/A","fieldsIndex":13},{"action":"business.enterprise_server_license_download","description":"A GitHub Enterprise Server license was downloaded.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"business.enterprise_teams_limit_reached","description":"An enterprise has reached its enterprise teams limit.","docs_reference_links":"N/A","fieldsIndex":390},{"action":"business.enterprise_teams_limit_warning","description":"An enterprise is approaching its enterprise teams limit.","docs_reference_links":"N/A","fieldsIndex":390},{"action":"business.expire_trial","description":"The trial of GitHub Enterprise Cloud expired.","docs_reference_links":"/admin/overview/setting-up-a-trial-of-github-enterprise-cloud","docs_reference_titles":"Setting up a trial of GitHub Enterprise Cloud","fieldsIndex":336},{"action":"business.github_models_billing_disabled","description":"GitHub Models billing was disabled for the business.","docs_reference_links":"N/A","fieldsIndex":336},{"action":"business.github_models_billing_enabled","description":"GitHub Models billing was enabled for the business.","docs_reference_links":"N/A","fieldsIndex":336},{"action":"business.import_license_usage","description":"License usage information was imported from a GitHub Enterprise Server instance to an enterprise account on GitHub.com.","docs_reference_links":"/billing/managing-your-license-for-github-enterprise/syncing-license-usage-between-github-enterprise-server-and-github-enterprise-cloud#manually-uploading-github-enterprise-server-license-usage","docs_reference_titles":"Syncing license usage from GitHub Enterprise Server to Cloud","fieldsIndex":391},{"action":"business.invite_admin","description":"An invitation for someone to be an enterprise owner of an enterprise was sent.","docs_reference_links":"N/A","fieldsIndex":384},{"action":"business.invite_billing_manager","description":"An invitation for someone to be a billing manager of an enterprise was sent.","docs_reference_links":"N/A","fieldsIndex":384},{"action":"business.invite_unaffiliated_member","description":"An invitation for someone to join an enterprise was sent.","docs_reference_links":"N/A","fieldsIndex":384},{"action":"business.members_can_update_protected_branches.clear","description":"An enterprise owner unset a policy for whether members of an enterprise can update protected branches on repositories for individual organizations. Organization owners can choose whether to allow updating protected branches settings.","docs_reference_links":"N/A","fieldsIndex":336},{"action":"business.members_can_update_protected_branches.disable","description":"The ability for enterprise members to update branch protection rules was disabled. Only enterprise owners can update protected branches.","docs_reference_links":"N/A","fieldsIndex":13},{"action":"business.members_can_update_protected_branches.enable","description":"The ability for enterprise members to update branch protection rules was enabled. Enterprise owners and members can update protected branches.","docs_reference_links":"N/A","fieldsIndex":387},{"action":"business.members_limit_reached","description":"An enterprise has reached its members limit.","docs_reference_links":"N/A","fieldsIndex":390},{"action":"business.organizations_limit_reached","description":"An enterprise has reached its organizations limit.","docs_reference_links":"N/A","fieldsIndex":390},{"action":"business.organizations_limit_warning","description":"An enterprise is approaching its organizations limit.","docs_reference_links":"N/A","fieldsIndex":390},{"action":"business.proxy_security_header_disabled","description":"The proxy security header was disabled for an enterprise. All users on the network can now access GitHub, unless blocked by other means.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"business.proxy_security_header_enabled","description":"The proxy security header was enabled for an enterprise. When the header is provided in requests, only Enterprise Managed Users matching the header will be able to access GitHub.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"business.proxy_security_header_unsatisfied","description":"A user outside the enterprise tried to access GitHub while the proxy security header was enabled and provided in the request.","docs_reference_links":"N/A","fieldsIndex":13},{"action":"business.recovery_code_failed","description":"An enterprise owner failed to sign into a enterprise with an external identity provider (IdP) using a recovery code.","docs_reference_links":"/admin/identity-and-access-management/managing-recovery-codes-for-your-enterprise/accessing-your-enterprise-account-if-your-identity-provider-is-unavailable","docs_reference_titles":"Accessing your enterprise account if your identity provider is unavailable","fieldsIndex":392},{"action":"business.recovery_code_used","description":"An enterprise owner successfully signed into an enterprise with an external identity provider (IdP) using a recovery code.","docs_reference_links":"/admin/identity-and-access-management/managing-recovery-codes-for-your-enterprise/accessing-your-enterprise-account-if-your-identity-provider-is-unavailable","docs_reference_titles":"Accessing your enterprise account if your identity provider is unavailable","fieldsIndex":336},{"action":"business.recovery_codes_downloaded","description":"An enterprise owner downloaded the enterprise's SSO recovery codes.","docs_reference_links":"/admin/identity-and-access-management/managing-recovery-codes-for-your-enterprise/downloading-your-enterprise-accounts-single-sign-on-recovery-codes","docs_reference_titles":"Downloading your enterprise account's single sign-on recovery codes","fieldsIndex":336},{"action":"business.recovery_codes_generated","description":"An enterprise owner generated the enterprise's SSO recovery codes.","docs_reference_links":"/admin/identity-and-access-management/managing-recovery-codes-for-your-enterprise/downloading-your-enterprise-accounts-single-sign-on-recovery-codes","docs_reference_titles":"Downloading your enterprise account's single sign-on recovery codes","fieldsIndex":336},{"action":"business.recovery_codes_printed","description":"An enterprise owner printed the enterprise's SSO recovery codes.","docs_reference_links":"/admin/identity-and-access-management/managing-recovery-codes-for-your-enterprise/downloading-your-enterprise-accounts-single-sign-on-recovery-codes","docs_reference_titles":"Downloading your enterprise account's single sign-on recovery codes","fieldsIndex":336},{"action":"business.recovery_codes_viewed","description":"An enterprise owner viewed the enterprise's SSO recovery codes.","docs_reference_links":"/admin/identity-and-access-management/managing-recovery-codes-for-your-enterprise/downloading-your-enterprise-accounts-single-sign-on-recovery-codes","docs_reference_titles":"Downloading your enterprise account's single sign-on recovery codes","fieldsIndex":336},{"action":"business.remove_disallowed_two_factor_method","description":"Removed a two-factor authentication method restriction for an enterprise.","docs_reference_links":"N/A","fieldsIndex":393},{"action":"business.remove_organization","description":"An organization was removed from an enterprise.","docs_reference_links":"N/A","fieldsIndex":335},{"action":"business.rename_slug","description":"The slug for the enterprise URL was renamed.","docs_reference_links":"N/A","fieldsIndex":336},{"action":"business.restore","description":"The deleted enterprise was restored.","docs_reference_links":"N/A","fieldsIndex":336},{"action":"business.revoke_external_identity","description":"The external identity for a member in an enterprise was revoked.","docs_reference_links":"N/A","fieldsIndex":336},{"action":"business.revoke_sso_session","description":"The SAML single sign-on session for a member in an enterprise was revoked.","docs_reference_links":"N/A","fieldsIndex":336},{"action":"business.secret_protection_metered_usage_lock","description":"Enablement for Secret Protection features on new repositories has been locked for this enterprise.","docs_reference_links":"N/A","fieldsIndex":120},{"action":"business.secret_protection_metered_usage_unlock","description":"Enablement for Secret Protection features on new repositories has been unlocked for this enterprise.","docs_reference_links":"N/A","fieldsIndex":120},{"action":"business_secret_scanning_automatic_validity_checks.disabled","description":"Automatic partner validation checks have been disabled at the business level","docs_reference_links":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise#managing-advanced-security-features","docs_reference_titles":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise#managing-advanced-security-features","fieldsIndex":0},{"action":"business_secret_scanning_automatic_validity_checks.enabled","description":"Automatic partner validation checks have been enabled at the business level","docs_reference_links":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise#managing-advanced-security-features","docs_reference_titles":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise#managing-advanced-security-features","fieldsIndex":0},{"action":"business_secret_scanning_custom_pattern.create","description":"An enterprise-level custom pattern was created for secret scanning.","docs_reference_links":"/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning#defining-a-custom-pattern-for-an-enterprise-account","docs_reference_titles":"Defining custom patterns for secret scanning","fieldsIndex":11},{"action":"business_secret_scanning_custom_pattern.delete","description":"An enterprise-level custom pattern was removed from secret scanning.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"business_secret_scanning_custom_pattern.publish","description":"An enterprise-level custom pattern was published for secret scanning.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"business_secret_scanning_custom_pattern_push_protection.disabled","description":"Push protection for a custom pattern for secret scanning was disabled for your enterprise.","docs_reference_links":"/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning#defining-a-custom-pattern-for-an-enterprise-account","docs_reference_titles":"Defining custom patterns for secret scanning","fieldsIndex":0},{"action":"business_secret_scanning_custom_pattern_push_protection.enabled","description":"Push protection for a custom pattern for secret scanning was enabled for your enterprise.","docs_reference_links":"/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning#defining-a-custom-pattern-for-an-enterprise-account","docs_reference_titles":"Defining custom patterns for secret scanning","fieldsIndex":0},{"action":"business_secret_scanning_custom_pattern.update","description":"Changes to an enterprise-level custom pattern were saved and a dry run was executed for secret scanning.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"business_secret_scanning.disable","description":"Secret scanning was disabled for your enterprise.","docs_reference_links":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise","docs_reference_titles":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise","fieldsIndex":15},{"action":"business_secret_scanning.disabled_for_new_repos","description":"Secret scanning was disabled for new repositories in your enterprise.","docs_reference_links":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise","docs_reference_titles":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise","fieldsIndex":15},{"action":"business_secret_scanning.enable","description":"Secret scanning was enabled for your enterprise.","docs_reference_links":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise","docs_reference_titles":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise","fieldsIndex":15},{"action":"business_secret_scanning.enabled_for_new_repos","description":"Secret scanning was enabled for new repositories in your enterprise.","docs_reference_links":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise","docs_reference_titles":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise","fieldsIndex":11},{"action":"business_secret_scanning_generic_secrets.disabled","description":"Generic secrets have been disabled at the business level","docs_reference_links":"N/A","fieldsIndex":15},{"action":"business_secret_scanning_generic_secrets.enabled","description":"Generic secrets have been enabled at the business level","docs_reference_links":"N/A","fieldsIndex":15},{"action":"business_secret_scanning_non_provider_patterns.disabled","description":"Secret scanning for non-provider patterns was disabled at the enterprise level.","docs_reference_links":"/code-security/secret-scanning/secret-scanning-patterns#non-provider-patterns","docs_reference_titles":"Supported secret scanning patterns","fieldsIndex":15},{"action":"business_secret_scanning_non_provider_patterns.enabled","description":"Secret scanning for non-provider patterns was enabled at the enterprise level.","docs_reference_links":"/code-security/secret-scanning/secret-scanning-patterns#non-provider-patterns","docs_reference_titles":"Supported secret scanning patterns","fieldsIndex":15},{"action":"business_secret_scanning_push_protection_custom_message.disable","description":"The custom message triggered by an attempted push to a push-protected repository was disabled for your enterprise.","docs_reference_links":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise","docs_reference_titles":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise","fieldsIndex":15},{"action":"business_secret_scanning_push_protection_custom_message.enable","description":"The custom message triggered by an attempted push to a push-protected repository was enabled for your enterprise.","docs_reference_links":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise","docs_reference_titles":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise","fieldsIndex":15},{"action":"business_secret_scanning_push_protection_custom_message.update","description":"The custom message triggered by an attempted push to a push-protected repository was updated for your enterprise.","docs_reference_links":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise","docs_reference_titles":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise","fieldsIndex":15},{"action":"business_secret_scanning_push_protection.disable","description":"Push protection for secret scanning was disabled for your enterprise.","docs_reference_links":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise","docs_reference_titles":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise","fieldsIndex":0},{"action":"business_secret_scanning_push_protection.disabled_for_new_repos","description":"Push protection for secret scanning was disabled for new repositories in your enterprise.","docs_reference_links":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise","docs_reference_titles":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise","fieldsIndex":15},{"action":"business_secret_scanning_push_protection.enable","description":"Push protection for secret scanning was enabled for your enterprise.","docs_reference_links":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise","docs_reference_titles":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise","fieldsIndex":15},{"action":"business_secret_scanning_push_protection.enabled_for_new_repos","description":"Push protection for secret scanning was enabled for new repositories in your enterprise.","docs_reference_links":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise","docs_reference_titles":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise","fieldsIndex":11},{"action":"business_secret_scanning_push_protection_pattern_configuration.push_protection_setting_changed","description":"The push protection setting was updated for a secret type for your enterprise.","docs_reference_links":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise","docs_reference_titles":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise","fieldsIndex":143},{"action":"business_secret_scanning_push_protection_pattern_configuration.updated","description":"The push protection pattern configuration was updated for your enterprise.","docs_reference_links":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise","docs_reference_titles":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise","fieldsIndex":144},{"action":"business.secret_scanning_repo_admin_settings_policy_update","description":"N/A","docs_reference_links":"N/A","fieldsIndex":383},{"action":"business.sso_response","description":"A SAML single sign-on (SSO) response was generated when a member attempted to authenticate with your enterprise. This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports.","docs_reference_links":"N/A","fieldsIndex":394},{"action":"business.trial_email_verification_failed","description":"A trial email verification attempt failed for a GitHub Enterprise Cloud trial.","docs_reference_links":"/admin/overview/setting-up-a-trial-of-github-enterprise-cloud","docs_reference_titles":"Setting up a trial of GitHub Enterprise Cloud","fieldsIndex":336},{"action":"business.trial_email_verification_requested","description":"A trial email verification resend was requested for a GitHub Enterprise Cloud trial.","docs_reference_links":"/admin/overview/setting-up-a-trial-of-github-enterprise-cloud","docs_reference_titles":"Setting up a trial of GitHub Enterprise Cloud","fieldsIndex":336},{"action":"business.trial_email_verification_sent","description":"A trial email verification was sent for a GitHub Enterprise Cloud trial.","docs_reference_links":"/admin/overview/setting-up-a-trial-of-github-enterprise-cloud","docs_reference_titles":"Setting up a trial of GitHub Enterprise Cloud","fieldsIndex":336},{"action":"business.trial_email_verified","description":"The trial email was successfully verified for a GitHub Enterprise Cloud trial.","docs_reference_links":"/admin/overview/setting-up-a-trial-of-github-enterprise-cloud","docs_reference_titles":"Setting up a trial of GitHub Enterprise Cloud","fieldsIndex":336},{"action":"business.update_actions_settings","description":"An enterprise owner or site administrator updated GitHub Actions policy settings for an enterprise.","docs_reference_links":"/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise","docs_reference_titles":"Enforcing policies for GitHub Actions in your enterprise","fieldsIndex":395},{"action":"business.update_default_repository_permission","description":"The base repository permission setting was updated for all organizations in an enterprise.","docs_reference_links":"/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-base-repository-permissions","docs_reference_titles":"Enforcing repository management policies in your enterprise","fieldsIndex":396},{"action":"business.update_emu_repo_self_hosted_runners_policy","description":"N/A","docs_reference_links":"N/A","fieldsIndex":397},{"action":"business.update_member_repository_creation_permission","description":"The repository creation setting was updated for an enterprise.","docs_reference_links":"/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-repository-creation","docs_reference_titles":"Enforcing repository management policies in your enterprise","fieldsIndex":398},{"action":"business.update_member_repository_invitation_permission","description":"The policy setting for enterprise members inviting outside collaborators to repositories was updated.","docs_reference_links":"/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-inviting-outside-collaborators-to-repositories","docs_reference_titles":"Enforcing repository management policies in your enterprise","fieldsIndex":399},{"action":"business.update_repo_self_hosted_runners_policy","description":"N/A","docs_reference_links":"N/A","fieldsIndex":400},{"action":"business.update_saml_provider_settings","description":"The SAML single sign-on provider settings for an enterprise were updated.","docs_reference_links":"N/A","fieldsIndex":389},{"action":"business.update_unaffiliated_users_policy","description":"The policy for removing user accounts when removing the last organization membership was updated.","docs_reference_links":"/admin/enforcing-policies/enforcing-policies-for-your-enterprise/control-offboarding","docs_reference_titles":"Controlling user offboarding with the unaffiliated users policy","fieldsIndex":401},{"action":"business.upgrade_from_organization","description":"The organization was upgraded to an enterprise account.","docs_reference_links":"/billing/managing-the-plan-for-your-github-account/upgrading-your-accounts-plan#upgrading-your-organizations-plan","docs_reference_titles":"Upgrading your account's plan","fieldsIndex":336},{"action":"copilot.cfb_enterprise_org_enablement_changed","description":"The Copilot enablement policy changed at the enterprise level to either allow or disable access for all organizations, or to allow access for selected organizations.","docs_reference_links":"N/A","fieldsIndex":402},{"action":"copilot.cfb_enterprise_settings_changed","description":"Copilot feature settings were changed at the enterprise level.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"copilot.clickwrap_save_event","description":"The GitHub Copilot Product Terms or Pre-Release Preview Terms were accepted.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"copilot.enterprise_enablement_changed","description":"Copilot access was enabled or disabled at the enterprise level.","docs_reference_links":"N/A","fieldsIndex":402},{"action":"enterprise.configure_self_hosted_jit_runner","description":"A new just-in-time GitHub Actions self-hosted runner was configured","docs_reference_links":"/rest/actions/self-hosted-runners#create-configuration-for-a-just-in-time-runner-for-an-enterprise","docs_reference_titles":"/rest/actions/self-hosted-runners#create-configuration-for-a-just-in-time-runner-for-an-enterprise","fieldsIndex":11},{"action":"enterprise_domain.approve","description":"A domain was approved for an enterprise.","docs_reference_links":"/admin/configuration/configuring-your-enterprise/verifying-or-approving-a-domain-for-your-enterprise#approving-a-domain-for-your-enterprise-account","docs_reference_titles":"Verifying or approving a domain for your enterprise","fieldsIndex":162},{"action":"enterprise_domain.create","description":"A domain was added to an enterprise.","docs_reference_links":"/admin/configuration/configuring-your-enterprise/verifying-or-approving-a-domain-for-your-enterprise#verifying-a-domain-for-your-enterprise-account","docs_reference_titles":"Verifying or approving a domain for your enterprise","fieldsIndex":162},{"action":"enterprise_domain.destroy","description":"A domain was removed from an enterprise.","docs_reference_links":"/admin/configuration/configuring-your-enterprise/verifying-or-approving-a-domain-for-your-enterprise#removing-an-approved-or-verified-domain","docs_reference_titles":"Verifying or approving a domain for your enterprise","fieldsIndex":403},{"action":"enterprise_domain.verify","description":"A domain was verified for an enterprise.","docs_reference_links":"/admin/configuration/configuring-your-enterprise/verifying-or-approving-a-domain-for-your-enterprise#verifying-a-domain-for-your-enterprise-account","docs_reference_titles":"Verifying or approving a domain for your enterprise","fieldsIndex":162},{"action":"enterprise.register_self_hosted_runner","description":"A new GitHub Actions self-hosted runner was registered.","docs_reference_links":"/actions/hosting-your-own-runners/managing-self-hosted-runners/adding-self-hosted-runners#adding-a-self-hosted-runner-to-a-repository","docs_reference_titles":"Adding self-hosted runners","fieldsIndex":15},{"action":"enterprise.remove_self_hosted_runner","description":"A GitHub Actions self-hosted runner was removed.","docs_reference_links":"/actions/hosting-your-own-runners/managing-self-hosted-runners/removing-self-hosted-runners#removing-a-runner-from-a-repository","docs_reference_titles":"Removing self-hosted runners","fieldsIndex":11},{"action":"enterprise_role.assign","description":"An enterprise role was assigned to a user or enterprise team.","docs_reference_links":"/admin/managing-accounts-and-repositories/managing-users-in-your-enterprise/roles-in-an-enterprise","docs_reference_titles":"Abilities of roles in an enterprise","fieldsIndex":404},{"action":"enterprise_role.create","description":"A custom enterprise role was created in an enterprise.","docs_reference_links":"/admin/managing-accounts-and-repositories/managing-users-in-your-enterprise/roles-in-an-enterprise","docs_reference_titles":"Abilities of roles in an enterprise","fieldsIndex":405},{"action":"enterprise_role.destroy","description":"A custom enterprise role was deleted in an enterprise.","docs_reference_links":"/admin/managing-accounts-and-repositories/managing-users-in-your-enterprise/roles-in-an-enterprise","docs_reference_titles":"Abilities of roles in an enterprise","fieldsIndex":405},{"action":"enterprise_role.revoke","description":"A user or enterprise team was unassigned an enterprise role.","docs_reference_links":"/admin/managing-accounts-and-repositories/managing-users-in-your-enterprise/roles-in-an-enterprise","docs_reference_titles":"Abilities of roles in an enterprise","fieldsIndex":406},{"action":"enterprise_role.update","description":"A custom enterprise role was edited in an enterprise.","docs_reference_links":"/admin/managing-accounts-and-repositories/managing-users-in-your-enterprise/roles-in-an-enterprise","docs_reference_titles":"Abilities of roles in an enterprise","fieldsIndex":407},{"action":"enterprise.runner_group_created","description":"A GitHub Actions self-hosted runner group was created.","docs_reference_links":"/actions/hosting-your-own-runners/managing-self-hosted-runners/removing-self-hosted-runners#removing-a-runner-from-a-repository","docs_reference_titles":"Removing self-hosted runners","fieldsIndex":408},{"action":"enterprise.runner_group_removed","description":"A GitHub Actions self-hosted runner group was removed.","docs_reference_links":"/actions/hosting-your-own-runners/managing-self-hosted-runners/managing-access-to-self-hosted-runners-using-groups#removing-a-self-hosted-runner-group","docs_reference_titles":"Managing access to self-hosted runners using groups","fieldsIndex":409},{"action":"enterprise.runner_group_renamed","description":"A GitHub Actions self-hosted runner group was renamed.","docs_reference_links":"/actions/hosting-your-own-runners/managing-self-hosted-runners/managing-access-to-self-hosted-runners-using-groups#changing-the-access-policy-of-a-self-hosted-runner-group","docs_reference_titles":"Managing access to self-hosted runners using groups","fieldsIndex":140},{"action":"enterprise.runner_group_runner_removed","description":"The REST API was used to remove a GitHub Actions self-hosted runner from a group.","docs_reference_links":"/rest/actions#remove-a-self-hosted-runner-from-a-group-for-an-organization","docs_reference_titles":"/rest/actions#remove-a-self-hosted-runner-from-a-group-for-an-organization","fieldsIndex":410},{"action":"enterprise.runner_group_runners_added","description":"A GitHub Actions self-hosted runner was added to a group.","docs_reference_links":"/actions/hosting-your-own-runners/managing-self-hosted-runners/managing-access-to-self-hosted-runners-using-groups#moving-a-self-hosted-runner-to-a-group","docs_reference_titles":"Managing access to self-hosted runners using groups","fieldsIndex":409},{"action":"enterprise.runner_group_runners_updated","description":"A GitHub Actions runner group's list of members was updated.","docs_reference_links":"/rest/actions#set-self-hosted-runners-in-a-group-for-an-organization","docs_reference_titles":"/rest/actions#set-self-hosted-runners-in-a-group-for-an-organization","fieldsIndex":409},{"action":"enterprise.runner_group_updated","description":"The configuration of a GitHub Actions self-hosted runner group was changed.","docs_reference_links":"/actions/hosting-your-own-runners/managing-self-hosted-runners/managing-access-to-self-hosted-runners-using-groups#changing-the-access-policy-of-a-self-hosted-runner-group","docs_reference_titles":"Managing access to self-hosted runners using groups","fieldsIndex":408},{"action":"enterprise.runner_group_visiblity_updated","description":"The visibility of a GitHub Actions self-hosted runner group was updated via the REST API.","docs_reference_links":"/rest/actions#update-a-self-hosted-runner-group-for-an-organization","docs_reference_titles":"/rest/actions#update-a-self-hosted-runner-group-for-an-organization","fieldsIndex":142},{"action":"enterprise.self_hosted_runner_offline","description":"The GitHub Actions runner application was stopped. This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports.","docs_reference_links":"/actions/hosting-your-own-runners/managing-self-hosted-runners/monitoring-and-troubleshooting-self-hosted-runners#checking-the-status-of-a-self-hosted-runner","docs_reference_titles":"Monitoring and troubleshooting self-hosted runners","fieldsIndex":147},{"action":"enterprise.self_hosted_runner_online","description":"The GitHub Actions runner application was started. This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports.","docs_reference_links":"/actions/hosting-your-own-runners/managing-self-hosted-runners/monitoring-and-troubleshooting-self-hosted-runners#checking-the-status-of-a-self-hosted-runner","docs_reference_titles":"Monitoring and troubleshooting self-hosted runners","fieldsIndex":147},{"action":"enterprise.self_hosted_runner_updated","description":"The GitHub Actions runner application was updated. This event is not included in the JSON/CSV export.","docs_reference_links":"/actions/hosting-your-own-runners/managing-self-hosted-runners/about-self-hosted-runners#about-self-hosted-runners","docs_reference_titles":"Self-hosted runners","fieldsIndex":148},{"action":"enterprise_team.add_member","description":"A new member was added to the enterprise team or an IdP group linked to an enterprise team, or an IdP group was linked to an enterprise team.","docs_reference_links":"N/A","fieldsIndex":411},{"action":"enterprise_team.copilot_assignment","description":"A license for GitHub Copilot was assigned to an enterprise team.","docs_reference_links":"N/A","fieldsIndex":412},{"action":"enterprise_team.copilot_unassignment","description":"A license for GitHub Copilot was unassigned from an enterprise team.","docs_reference_links":"N/A","fieldsIndex":412},{"action":"enterprise_team.create","description":"A new enterprise team was created.","docs_reference_links":"N/A","fieldsIndex":411},{"action":"enterprise_team.destroy","description":"An enterprise team was deleted.","docs_reference_links":"N/A","fieldsIndex":412},{"action":"enterprise_team.remove_member","description":"A member was removed from the enterprise team or an IdP group linked to an enterprise team, or an IdP group was unlinked from an enterprise team.","docs_reference_links":"N/A","fieldsIndex":411},{"action":"enterprise_team.rename","description":"The name of an enterprise team was changed.","docs_reference_links":"N/A","fieldsIndex":413},{"action":"external_group.add_member","description":"A user was added to an external group.","docs_reference_links":"N/A","fieldsIndex":414},{"action":"external_group.delete","description":"An external group was deleted.","docs_reference_links":"N/A","fieldsIndex":415},{"action":"external_group.link","description":"An external group was linked to a GitHub team.","docs_reference_links":"N/A","fieldsIndex":416},{"action":"external_group.provision","description":"An external group was created.","docs_reference_links":"N/A","fieldsIndex":415},{"action":"external_group.remove_member","description":"A user was removed from an external group.","docs_reference_links":"N/A","fieldsIndex":414},{"action":"external_group.scim_api_failure","description":"Failed external group SCIM API request.","docs_reference_links":"/rest/scim/scim","docs_reference_titles":"REST API endpoints for SCIM","fieldsIndex":417},{"action":"external_group.scim_api_success","description":"Successful external group SCIM API request. Excludes GET API requests.","docs_reference_links":"/rest/scim/scim","docs_reference_titles":"REST API endpoints for SCIM","fieldsIndex":418},{"action":"external_group.unlink","description":"An external group was unlinked to a GitHub team.","docs_reference_links":"N/A","fieldsIndex":416},{"action":"external_group.update","description":"An external group was updated.","docs_reference_links":"N/A","fieldsIndex":415},{"action":"external_group.update_display_name","description":"An external group's display name was updated.","docs_reference_links":"N/A","fieldsIndex":415},{"action":"external_identity.deprovision","description":"An external identity was deprovisioned, suspending the linked GitHub user.","docs_reference_links":"N/A","fieldsIndex":419},{"action":"external_identity.provision","description":"An external identity was created and linked to a GitHub user.","docs_reference_links":"N/A","fieldsIndex":419},{"action":"external_identity.scim_api_failure","description":"Failed external identity SCIM API request.","docs_reference_links":"/rest/scim/scim","docs_reference_titles":"REST API endpoints for SCIM","fieldsIndex":420},{"action":"external_identity.scim_api_success","description":"Successful external identity SCIM API request. Excludes GET API requests.","docs_reference_links":"/rest/scim/scim","docs_reference_titles":"REST API endpoints for SCIM","fieldsIndex":421},{"action":"external_identity.update","description":"An external identity was updated.","docs_reference_links":"N/A","fieldsIndex":419},{"action":"ip_allow_list.disable_idp_ip_allowlist_for_web","description":"Identity Provider based IP allow list for web interactions was disabled.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"ip_allow_list.disable_skip_idp_ip_allowlist_app_access","description":"N/A","docs_reference_links":"N/A","fieldsIndex":15},{"action":"ip_allow_list.disable_user_level_enforcement","description":"IP allow list user level enforcement was disabled.","docs_reference_links":"N/A","fieldsIndex":11},{"action":"ip_allow_list.enable_idp_ip_allowlist_for_web","description":"Identity Provider based IP allow list for web interactions was enabled.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"ip_allow_list.enable_skip_idp_ip_allowlist_app_access","description":"N/A","docs_reference_links":"N/A","fieldsIndex":15},{"action":"ip_allow_list.enable_user_level_enforcement","description":"IP allow list user level enforcement was enabled.","docs_reference_links":"N/A","fieldsIndex":11},{"action":"ip_allow_list.update_ip_allowlist_configuration","description":"N/A","docs_reference_links":"N/A","fieldsIndex":15},{"action":"organization_custom_property_definition.create","description":"A new organization custom property definition was created.","docs_reference_links":"/admin/managing-accounts-and-repositories/managing-organizations-in-your-enterprise/managing-custom-properties-for-organization-in-your-enterprise","docs_reference_titles":"/admin/managing-accounts-and-repositories/managing-organizations-in-your-enterprise/managing-custom-properties-for-organization-in-your-enterprise","fieldsIndex":422},{"action":"organization_custom_property_definition.destroy","description":"An organization custom property definition was deleted.","docs_reference_links":"/admin/managing-accounts-and-repositories/managing-organizations-in-your-enterprise/managing-custom-properties-for-organization-in-your-enterprise","docs_reference_titles":"/admin/managing-accounts-and-repositories/managing-organizations-in-your-enterprise/managing-custom-properties-for-organization-in-your-enterprise","fieldsIndex":423},{"action":"organization_custom_property_definition.update","description":"An organization custom property definition was updated.","docs_reference_links":"/admin/managing-accounts-and-repositories/managing-organizations-in-your-enterprise/managing-custom-properties-for-organization-in-your-enterprise","docs_reference_titles":"/admin/managing-accounts-and-repositories/managing-organizations-in-your-enterprise/managing-custom-properties-for-organization-in-your-enterprise","fieldsIndex":424},{"action":"personal_access_token.access_restriction_reset","description":"The configured restriction for access to resources via personal access tokens was reset and delegated to organizations.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"personal_access_token.auto_approve_grant_requests_reset","description":"Triggered when the enterprise delegates to the organizations when to require approval for fine-grained personal access tokens before the tokens can access organization resources.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"sso_lockdown.disable","description":"SSO lockdown for users was disabled.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"sso_lockdown.enable","description":"SSO lockdown for users was enabled.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"sso_redirect.disable","description":"Automatic redirects for users to single sign-on (SSO) was disabled.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"sso_redirect.enable","description":"Automatic redirects for users to single sign-on (SSO) was enabled.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"copilot.user_access_reinstated","description":"N/A","docs_reference_links":"N/A","fieldsIndex":425},{"action":"copilot.user_access_revoked","description":"N/A","docs_reference_links":"N/A","fieldsIndex":425},{"action":"discussion_post.destroy","description":"N/A","docs_reference_links":"N/A","fieldsIndex":426},{"action":"discussion_post_reply.destroy","description":"N/A","docs_reference_links":"N/A","fieldsIndex":427},{"action":"discussion_post_reply.update","description":"N/A","docs_reference_links":"N/A","fieldsIndex":428},{"action":"discussion_post.update","description":"N/A","docs_reference_links":"N/A","fieldsIndex":426},{"action":"oauth_application.suspend","description":"N/A","docs_reference_links":"N/A","fieldsIndex":107},{"action":"oauth_application.unsuspend","description":"An OAuth application was unsuspended for a user or organization account.","docs_reference_links":"/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app","docs_reference_titles":"/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app","fieldsIndex":107},{"action":"org.async_delete","description":"A user initiated a background job to delete an organization.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"org.recreate","description":"An organization was restored.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"org.transform","description":"A user account was converted into an organization.","docs_reference_links":"/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-your-personal-account/converting-a-user-into-an-organization","docs_reference_titles":"Converting a user into an organization","fieldsIndex":429},{"action":"repo.collaborators_only","description":"N/A","docs_reference_links":"N/A","fieldsIndex":430},{"action":"repo.disk_archive","description":"A repository was archived on disk.","docs_reference_links":"/repositories/archiving-a-github-repository/archiving-repositories","docs_reference_titles":"/repositories/archiving-a-github-repository/archiving-repositories","fieldsIndex":0},{"action":"repo.hide_from_discovery","description":"N/A","docs_reference_links":"N/A","fieldsIndex":431},{"action":"repo.noindex","description":"N/A","docs_reference_links":"N/A","fieldsIndex":431},{"action":"repo.override_unlock","description":"The repository was unlocked.","docs_reference_links":"N/A","fieldsIndex":0},{"action":"repo.pages_build","description":"N/A","docs_reference_links":"N/A","fieldsIndex":432},{"action":"repo.require_login","description":"N/A","docs_reference_links":"N/A","fieldsIndex":433},{"action":"team_discussions.clear","description":"N/A","docs_reference_links":"N/A","fieldsIndex":0},{"action":"team_discussions.disable","description":"N/A","docs_reference_links":"N/A","fieldsIndex":0},{"action":"team_discussions.enable","description":"N/A","docs_reference_links":"N/A","fieldsIndex":0},{"action":"user.correct_password_from_unrecognized_device","description":"N/A","docs_reference_links":"N/A","fieldsIndex":15},{"action":"user.correct_password_from_unrecognized_device_and_location","description":"N/A","docs_reference_links":"N/A","fieldsIndex":15},{"action":"user.correct_password_from_unrecognized_location","description":"N/A","docs_reference_links":"N/A","fieldsIndex":15},{"action":"user.flag_as_large_scale_contributor","description":"A user account was flagged as a large scale contributor. Only contributions from public repositories the user owns will be shown in their contribution graph, in order to prevent timeouts.","docs_reference_links":"N/A","fieldsIndex":359},{"action":"user.minimize_comment","description":"A comment made by a user was minimized.","docs_reference_links":"N/A","fieldsIndex":52},{"action":"user.partial_two_factor_email_followup","description":"N/A","docs_reference_links":"N/A","fieldsIndex":15},{"action":"user.remove_large_scale_contributor_flag","description":"A user account was no longer flagged as a large scale contributor.","docs_reference_links":"N/A","fieldsIndex":0},{"action":"user.report_abuse","description":"N/A","docs_reference_links":"N/A","fieldsIndex":233},{"action":"user.report_content","description":"Triggered when you report an issue or pull request, or a comment on an issue, pull request, or commit.","docs_reference_links":"/communities/maintaining-your-safety-on-github/reporting-abuse-or-spam","docs_reference_titles":"/communities/maintaining-your-safety-on-github/reporting-abuse-or-spam","fieldsIndex":0},{"action":"user.sign_in_from_unrecognized_location","description":"A user signed in from an unrecognized location.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"user.unminimize_comment","description":"A comment made by a user was unminimized.","docs_reference_links":"N/A","fieldsIndex":52},{"action":"copilot.knowledge_base_created","description":"N/A","docs_reference_links":"N/A","fieldsIndex":15},{"action":"copilot.knowledge_base_deleted","description":"N/A","docs_reference_links":"N/A","fieldsIndex":15},{"action":"copilot.knowledge_base_updated","description":"N/A","docs_reference_links":"N/A","fieldsIndex":15}] \ No newline at end of file +[{"action":"account.billing_date_change","description":"N/A","docs_reference_links":"N/A","fieldsIndex":0},{"action":"account.plan_change","description":"The account's plan changed.","docs_reference_links":"/billing/managing-the-plan-for-your-github-account/about-billing-for-plans","docs_reference_titles":"How GitHub billing works","fieldsIndex":1},{"action":"actions_cache.delete","description":"A GitHub Actions cache was deleted using the REST API.","docs_reference_links":"N/A","fieldsIndex":2},{"action":"advisory_credit.accept","description":"Credit was accepted for a security advisory.","docs_reference_links":"/code-security/security-advisories/working-with-repository-security-advisories/editing-a-repository-security-advisory","docs_reference_titles":"Editing a repository security advisory","fieldsIndex":3},{"action":"advisory_credit.create","description":"Someone was added to the credit section of a security advisory.","docs_reference_links":"N/A","fieldsIndex":4},{"action":"advisory_credit.decline","description":"Credit was declined for a security advisory.","docs_reference_links":"N/A","fieldsIndex":5},{"action":"advisory_credit.destroy","description":"Someone was removed from the credit section of a security advisory.","docs_reference_links":"N/A","fieldsIndex":6},{"action":"artifact.destroy","description":"A workflow run artifact was manually deleted.","docs_reference_links":"N/A","fieldsIndex":7},{"action":"auto_approve_personal_access_token_requests.disable","description":"Triggered when the organization must approve fine-grained personal access tokens before the tokens can access organization resources. See also: personal_access_token.auto_approve_grant_requests_disabled","docs_reference_links":"/organizations/managing-programmatic-access-to-your-organization/setting-a-personal-access-token-policy-for-your-organization","docs_reference_titles":"/organizations/managing-programmatic-access-to-your-organization/setting-a-personal-access-token-policy-for-your-organization","fieldsIndex":0},{"action":"auto_approve_personal_access_token_requests.enable","description":"Triggered when fine-grained personal access tokens can access organization resources without prior approval. See also: personal_access_token.auto_approve_grant_requests_enabled","docs_reference_links":"/organizations/managing-programmatic-access-to-your-organization/setting-a-personal-access-token-policy-for-your-organization","docs_reference_titles":"/organizations/managing-programmatic-access-to-your-organization/setting-a-personal-access-token-policy-for-your-organization","fieldsIndex":0},{"action":"billing.budget_create","description":"A billing budget was created for a business or organization. Includes details about the budget limit, alerting preferences, and recipients.","docs_reference_links":"N/A","fieldsIndex":8},{"action":"billing.budget_delete","description":"A billing budget was deleted for a business or organization. Includes details about the removed budget and any alerting settings.","docs_reference_links":"N/A","fieldsIndex":9},{"action":"billing.budget_update","description":"A billing budget was updated for a business or organization. Includes details about the updated limit and alerting settings.","docs_reference_links":"N/A","fieldsIndex":10},{"action":"billing.change_billing_type","description":"The way the account pays for GitHub was changed.","docs_reference_links":"/billing/managing-your-github-billing-settings/adding-or-editing-a-payment-method","docs_reference_titles":"Managing your payment and billing information","fieldsIndex":11},{"action":"billing.change_email","description":"The billing email address changed.","docs_reference_links":"/billing/managing-your-github-billing-settings/setting-your-billing-email","docs_reference_titles":"Managing your payment and billing information","fieldsIndex":12},{"action":"billing.cost_center_create","description":"A cost center was created for a business or organization.","docs_reference_links":"N/A","fieldsIndex":13},{"action":"billing.cost_center_delete","description":"A cost center was deleted from a business or organization.","docs_reference_links":"N/A","fieldsIndex":13},{"action":"billing.cost_center_resource_added","description":"A resource was added to a cost center for a business or organization.","docs_reference_links":"N/A","fieldsIndex":14},{"action":"billing.cost_center_resource_removed","description":"A resource was removed from a cost center for a business or organization.","docs_reference_links":"N/A","fieldsIndex":14},{"action":"billing.cost_center_update","description":"A cost center was updated for a business or organization.","docs_reference_links":"N/A","fieldsIndex":13},{"action":"billing_customer.azure_subscription_linked","description":"Azure subscription has been linked on this account.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"billing_customer.azure_subscription_unlinked","description":"Azure subscription has been unlinked on this account.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"billing.lock","description":"N/A","docs_reference_links":"N/A","fieldsIndex":1},{"action":"billing.overage_policy_updated","description":"The premium request paid usage policy for your GitHub account was changed.","docs_reference_links":"/copilot/how-tos/manage-and-track-spending/manage-request-allowances#setting-a-policy-for-paid-usage","docs_reference_titles":"Optimizing your budget configuration","fieldsIndex":15},{"action":"billing.unlock","description":"N/A","docs_reference_links":"N/A","fieldsIndex":16},{"action":"checks.auto_trigger_disabled","description":"Automatic creation of check suites was disabled on a repository in the organization or enterprise.","docs_reference_links":"/rest/checks#update-repository-preferences-for-check-suites","docs_reference_titles":"/rest/checks#update-repository-preferences-for-check-suites","fieldsIndex":17},{"action":"checks.auto_trigger_enabled","description":"Automatic creation of check suites was enabled on a repository in the organization or enterprise.","docs_reference_links":"/rest/checks#update-repository-preferences-for-check-suites","docs_reference_titles":"/rest/checks#update-repository-preferences-for-check-suites","fieldsIndex":17},{"action":"checks.delete_logs","description":"Logs in a check suite were deleted.","docs_reference_links":"N/A","fieldsIndex":18},{"action":"code_scanning.alert_appeared_in_branch","description":"Existing code scanning alerts appeared in a branch.","docs_reference_links":"/code-security/code-scanning/introduction-to-code-scanning/about-code-scanning","docs_reference_titles":"Code scanning","fieldsIndex":19},{"action":"code_scanning.alert_closed_became_fixed","description":"Code scanning alerts were fixed.","docs_reference_links":"/code-security/code-scanning/introduction-to-code-scanning/about-code-scanning","docs_reference_titles":"Code scanning","fieldsIndex":19},{"action":"code_scanning.alert_closed_became_outdated","description":"Code scanning alerts were closed as outdated (all configurations they were detected in were deleted).","docs_reference_links":"/code-security/code-scanning/introduction-to-code-scanning/about-code-scanning","docs_reference_titles":"Code scanning","fieldsIndex":20},{"action":"code_scanning.alert_closed_by_user","description":"Code scanning alerts were manually dismissed.","docs_reference_links":"/code-security/code-scanning/introduction-to-code-scanning/about-code-scanning","docs_reference_titles":"Code scanning","fieldsIndex":21},{"action":"code_scanning.alert_closure_approved","description":"Dismissal of code scanning alerts was approved.","docs_reference_links":"/code-security/code-scanning/introduction-to-code-scanning/about-code-scanning","docs_reference_titles":"Code scanning","fieldsIndex":22},{"action":"code_scanning.alert_closure_denied","description":"Dismissal of code scanning alerts was denied.","docs_reference_links":"/code-security/code-scanning/introduction-to-code-scanning/about-code-scanning","docs_reference_titles":"Code scanning","fieldsIndex":22},{"action":"code_scanning.alert_closure_requested","description":"Dismissal of code scanning alerts was requested.","docs_reference_links":"/code-security/code-scanning/introduction-to-code-scanning/about-code-scanning","docs_reference_titles":"Code scanning","fieldsIndex":22},{"action":"code_scanning.alert_created","description":"Code scanning alerts were seen for the first time.","docs_reference_links":"/code-security/code-scanning/introduction-to-code-scanning/about-code-scanning","docs_reference_titles":"Code scanning","fieldsIndex":19},{"action":"code_scanning.alert_reappeared","description":"Code scanning alerts that were previously fixed reappeared.","docs_reference_links":"/code-security/code-scanning/introduction-to-code-scanning/about-code-scanning","docs_reference_titles":"Code scanning","fieldsIndex":19},{"action":"code_scanning.alert_reopened_by_user","description":"Code scanning alerts that were previously dismissed were reopened.","docs_reference_links":"/code-security/code-scanning/introduction-to-code-scanning/about-code-scanning","docs_reference_titles":"Code scanning","fieldsIndex":23},{"action":"codespaces.allow_permissions","description":"A codespace using custom permissions from its devcontainer.json file was launched.","docs_reference_links":"N/A","fieldsIndex":24},{"action":"codespaces.attempted_to_create_from_prebuild","description":"An attempt to create a codespace from a prebuild was made.","docs_reference_links":"N/A","fieldsIndex":25},{"action":"codespaces.business_enablement_updated","description":"Enterprise setting for Codespaces ownership was updated.","docs_reference_links":"/codespaces/managing-codespaces-for-your-organization/choosing-who-owns-and-pays-for-codespaces-in-your-organization","docs_reference_titles":"/codespaces/managing-codespaces-for-your-organization/choosing-who-owns-and-pays-for-codespaces-in-your-organization","fieldsIndex":26},{"action":"codespaces.connect","description":"Credentials for a codespace were refreshed.","docs_reference_links":"N/A","fieldsIndex":27},{"action":"codespaces.create","description":"A codespace was created","docs_reference_links":"/codespaces/developing-in-codespaces/creating-a-codespace-for-a-repository","docs_reference_titles":"Creating a codespace for a repository","fieldsIndex":27},{"action":"codespaces.destroy","description":"A user deleted a codespace.","docs_reference_links":"/codespaces/developing-in-codespaces/deleting-a-codespace","docs_reference_titles":"Deleting a codespace","fieldsIndex":28},{"action":"codespaces.export_environment","description":"A codespace was exported to a branch on GitHub.","docs_reference_links":"N/A","fieldsIndex":29},{"action":"codespaces.policy_group_created","description":"Policies were applied to codespaces in an organization or enterprise.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"codespaces.policy_group_deleted","description":"Policies were removed from codespaces in an organization or enterprise.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"codespaces.policy_group_updated","description":"Policies were updated for codespaces in an organization or enterprise.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"codespaces.restore","description":"A codespace was restored.","docs_reference_links":"N/A","fieldsIndex":30},{"action":"codespaces.start_environment","description":"A codespace was started.","docs_reference_links":"N/A","fieldsIndex":27},{"action":"codespaces.suspend_environment","description":"A codespace was stopped.","docs_reference_links":"N/A","fieldsIndex":31},{"action":"codespaces.trusted_repositories_access_update","description":"A personal account's access and security setting for Codespaces were updated.","docs_reference_links":"/codespaces/managing-codespaces-for-your-organization/managing-repository-access-for-your-organizations-codespaces","docs_reference_titles":"Managing access to other repositories within your codespace","fieldsIndex":11},{"action":"commit_comment.destroy","description":"A commit comment was deleted.","docs_reference_links":"N/A","fieldsIndex":32},{"action":"commit_comment.update","description":"A commit comment was updated.","docs_reference_links":"N/A","fieldsIndex":32},{"action":"copilot.access_revoked","description":"Copilot access was revoked for the organization or enterprise due to its Copilot subscription ending, an issue with billing the entity, the entity being marked spammy, or the entity being suspended.","docs_reference_links":"N/A","fieldsIndex":33},{"action":"copilot.cfb_org_settings_changed","description":"Copilot feature settings were changed at the organization level.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"copilot.cfb_seat_added","description":"A Copilot Business or Copilot Enterprise seat was added for a user and they have received access to GitHub Copilot. This can occur as the result of directly assigning a seat for a user, assigning a seat for a team, or setting the organization to allow access for all members.","docs_reference_links":"N/A","fieldsIndex":34},{"action":"copilot.cfb_seat_assignment_created","description":"A Copilot Business or Copilot Enterprise seat assignment was newly created for a user or a team, and seats are being created.","docs_reference_links":"/copilot/overview-of-github-copilot/about-github-copilot-for-business","docs_reference_titles":"What is GitHub Copilot?","fieldsIndex":34},{"action":"copilot.cfb_seat_assignment_refreshed","description":"A seat assignment that was previously pending cancellation was re-assigned and the user will retain access to Copilot.","docs_reference_links":"N/A","fieldsIndex":34},{"action":"copilot.cfb_seat_assignment_reused","description":"A Copilot Business or Copilot Enterprise seat assignment was re-created for a user who already had a seat with no pending cancellation date, and the user will retain access to Copilot.","docs_reference_links":"N/A","fieldsIndex":35},{"action":"copilot.cfb_seat_assignment_unassigned","description":"A user or team's Copilot Business or Copilot Enterprise seat assignment was unassigned, and the user(s) will lose access to Copilot at the end of the current billing cycle.","docs_reference_links":"N/A","fieldsIndex":34},{"action":"copilot.cfb_seat_cancelled","description":"A user's Copilot Business or Copilot Enterprise seat was canceled, and the user no longer has access to Copilot.","docs_reference_links":"N/A","fieldsIndex":36},{"action":"copilot.cfb_seat_cancelled_by_staff","description":"A user's Copilot Business or Copilot Enterprise seat was canceled manually by GitHub staff, and the user no longer has access to Copilot.","docs_reference_links":"N/A","fieldsIndex":37},{"action":"copilot.cfb_seat_management_changed","description":"The seat management setting was changed at the organization level to either enable or disable Copilot access for all members of the organization, or to enable Copilot access for selected members or teams.","docs_reference_links":"N/A","fieldsIndex":38},{"action":"copilot.code_review_repository_settings_updated","description":"Copilot code review settings were updated for a repository.","docs_reference_links":"N/A","fieldsIndex":39},{"action":"copilot.content_exclusion_changed","description":"The excluded paths for GitHub Copilot were updated.","docs_reference_links":"N/A","fieldsIndex":40},{"action":"copilot.custom_instructions_created","description":"Copilot custom instructions were created for the organization.","docs_reference_links":"N/A","fieldsIndex":41},{"action":"copilot.custom_instructions_updated","description":"Copilot custom instructions were updated for the organization.","docs_reference_links":"N/A","fieldsIndex":41},{"action":"copilot.memory_user_opt_out","description":"A user opted out of Copilot Memory.","docs_reference_links":"N/A","fieldsIndex":42},{"action":"copilot.plan_changed","description":"The plan for GitHub Copilot was updated.","docs_reference_links":"/billing/managing-billing-for-github-copilot/about-billing-for-github-copilot","docs_reference_titles":"GitHub Copilot licenses","fieldsIndex":43},{"action":"copilot.plan_downgrade_scheduled","description":"The plan for GitHub Copilot was scheduled to be downgraded.","docs_reference_links":"N/A","fieldsIndex":44},{"action":"copilot.swe_agent_firewall_allowlist_updated","description":"Firewall allowlist for Copilot coding agent was updated for an organization.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"copilot.swe_agent_mcp_config_updated","description":"MCP Configuration for Copilot coding agent was updated for a specific repository.","docs_reference_links":"N/A","fieldsIndex":45},{"action":"copilot.swe_agent_repo_disabled","description":"Specific repositories were disabled from using Copilot coding agent.","docs_reference_links":"N/A","fieldsIndex":46},{"action":"copilot.swe_agent_repo_enabled","description":"Specific repositories were enabled to use Copilot coding agent.","docs_reference_links":"N/A","fieldsIndex":46},{"action":"copilot.swe_agent_repo_enablement_updated","description":"Copilot coding agent access was updated for the organization's or user's repositories.","docs_reference_links":"N/A","fieldsIndex":47},{"action":"custom_hosted_runner.create","description":"N/A","docs_reference_links":"N/A","fieldsIndex":48},{"action":"custom_hosted_runner.destroy","description":"N/A","docs_reference_links":"N/A","fieldsIndex":0},{"action":"custom_hosted_runner.update","description":"N/A","docs_reference_links":"N/A","fieldsIndex":48},{"action":"custom_property_definition.create","description":"A new custom property definition was created.","docs_reference_links":"/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization","docs_reference_titles":"/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization","fieldsIndex":49},{"action":"custom_property_definition.destroy","description":"A custom property definition was deleted.","docs_reference_links":"/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization","docs_reference_titles":"/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization","fieldsIndex":49},{"action":"custom_property_definition.update","description":"A custom property definition was updated.","docs_reference_links":"/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization","docs_reference_titles":"/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization","fieldsIndex":50},{"action":"custom_property_value.create","description":"A repository's custom property value was manually set for the first time.","docs_reference_links":"/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization","docs_reference_titles":"/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization","fieldsIndex":51},{"action":"custom_property_value.destroy","description":"A repository's custom property value was deleted.","docs_reference_links":"/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization","docs_reference_titles":"/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization","fieldsIndex":51},{"action":"custom_property_value.update","description":"A repository's custom property value was updated.","docs_reference_links":"/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization","docs_reference_titles":"/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization","fieldsIndex":52},{"action":"dependabot_alerts.disable","description":"Dependabot alerts were disabled for all existing repositories.","docs_reference_links":"/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization#enabling-or-disabling-a-feature-for-all-existing-repositories","docs_reference_titles":"/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization#enabling-or-disabling-a-feature-for-all-existing-repositories","fieldsIndex":11},{"action":"dependabot_alerts.enable","description":"Dependabot alerts were enabled for all existing repositories.","docs_reference_links":"/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization#enabling-or-disabling-a-feature-for-all-existing-repositories","docs_reference_titles":"/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization#enabling-or-disabling-a-feature-for-all-existing-repositories","fieldsIndex":53},{"action":"dependabot_alerts_new_repos.disable","description":"Dependabot alerts were disabled for all new repositories.","docs_reference_links":"/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization#enabling-or-disabling-a-feature-automatically-when-new-repositories-are-added","docs_reference_titles":"/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization#enabling-or-disabling-a-feature-automatically-when-new-repositories-are-added","fieldsIndex":53},{"action":"dependabot_alerts_new_repos.enable","description":"Dependabot alerts were enabled for all new repositories.","docs_reference_links":"/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization#enabling-or-disabling-a-feature-automatically-when-new-repositories-are-added","docs_reference_titles":"/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization#enabling-or-disabling-a-feature-automatically-when-new-repositories-are-added","fieldsIndex":53},{"action":"dependabot_closure_request.approve","description":"Dismissal of Dependabot alerts was approved.","docs_reference_links":"/code-security/dependabot/dependabot-alerts/about-dependabot-alerts","docs_reference_titles":"Dependabot alerts","fieldsIndex":54},{"action":"dependabot_closure_request.cancel","description":"Dismissal request for Dependabot alerts was canceled.","docs_reference_links":"/code-security/dependabot/dependabot-alerts/about-dependabot-alerts","docs_reference_titles":"Dependabot alerts","fieldsIndex":55},{"action":"dependabot_closure_request.create","description":"Dismissal of Dependabot alerts was requested.","docs_reference_links":"/code-security/dependabot/dependabot-alerts/about-dependabot-alerts","docs_reference_titles":"Dependabot alerts","fieldsIndex":56},{"action":"dependabot_closure_request.deny","description":"Dismissal of Dependabot alerts was denied.","docs_reference_links":"/code-security/dependabot/dependabot-alerts/about-dependabot-alerts","docs_reference_titles":"Dependabot alerts","fieldsIndex":57},{"action":"dependabot_repository_access.default_access_level_updated","description":"The default repository access for Dependabot was updated.","docs_reference_links":"N/A","fieldsIndex":58},{"action":"dependabot_repository_access.repositories_updated","description":"The repositories that Dependabot can access were updated.","docs_reference_links":"N/A","fieldsIndex":53},{"action":"dependabot_security_updates.disable","description":"Dependabot security updates were disabled for all existing repositories.","docs_reference_links":"/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization","docs_reference_titles":"/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization","fieldsIndex":11},{"action":"dependabot_security_updates.enable","description":"Dependabot security updates were enabled for all existing repositories.","docs_reference_links":"N/A","fieldsIndex":53},{"action":"dependabot_security_updates_new_repos.disable","description":" Dependabot security updates were disabled for all new repositories.","docs_reference_links":"/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization","docs_reference_titles":"/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization","fieldsIndex":53},{"action":"dependabot_security_updates_new_repos.enable","description":"Dependabot security updates were enabled for all new repositories.","docs_reference_links":"N/A","fieldsIndex":53},{"action":"dependency_graph.disable","description":"The dependency graph was disabled for all existing repositories.","docs_reference_links":"/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization","docs_reference_titles":"/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization","fieldsIndex":11},{"action":"dependency_graph.enable","description":"The dependency graph was enabled for all existing repositories.","docs_reference_links":"N/A","fieldsIndex":53},{"action":"dependency_graph_new_repos.disable","description":"The dependency graph was disabled for all new repositories.","docs_reference_links":"/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization","docs_reference_titles":"/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization","fieldsIndex":53},{"action":"dependency_graph_new_repos.enable","description":"The dependency graph was enabled for all new repositories.","docs_reference_links":"N/A","fieldsIndex":53},{"action":"discussion_comment.destroy","description":"N/A","docs_reference_links":"N/A","fieldsIndex":32},{"action":"discussion_comment.update","description":"N/A","docs_reference_links":"N/A","fieldsIndex":32},{"action":"discussion.destroy","description":"N/A","docs_reference_links":"N/A","fieldsIndex":59},{"action":"enterprise_announcement.create","description":"A global announcement banner was created for the enterprise.","docs_reference_links":"/admin/managing-accounts-and-repositories/communicating-information-to-users-in-your-enterprise/customizing-user-messages-for-your-enterprise#creating-a-global-announcement-banner","docs_reference_titles":"Customizing user messages for your enterprise","fieldsIndex":60},{"action":"enterprise_announcement.destroy","description":"A global announcement banner was removed from the enterprise.","docs_reference_links":"/admin/managing-accounts-and-repositories/communicating-information-to-users-in-your-enterprise/customizing-user-messages-for-your-enterprise","docs_reference_titles":"Customizing user messages for your enterprise","fieldsIndex":61},{"action":"enterprise_announcement.update","description":"A global announcement banner was updated for the enterprise.","docs_reference_links":"/admin/managing-accounts-and-repositories/communicating-information-to-users-in-your-enterprise/customizing-user-messages-for-your-enterprise","docs_reference_titles":"Customizing user messages for your enterprise","fieldsIndex":62},{"action":"enterprise_installation.create","description":"The GitHub App associated with a GitHub Connect connection was created.","docs_reference_links":"/admin/configuration/configuring-github-connect/managing-github-connect","docs_reference_titles":"Enabling GitHub Connect for GitHub.com","fieldsIndex":15},{"action":"enterprise_installation.destroy","description":"The GitHub App associated with a GitHub Connect connection was deleted.","docs_reference_links":"/admin/configuration/configuring-github-connect/managing-github-connect","docs_reference_titles":"Enabling GitHub Connect for GitHub.com","fieldsIndex":63},{"action":"environment.add_protection_rule","description":"A GitHub Actions deployment protection rule was created via the API.","docs_reference_links":"/actions/deployment/targeting-different-environments/using-environments-for-deployment#deployment-protection-rules","docs_reference_titles":"Managing environments for deployment","fieldsIndex":64},{"action":"environment.create","description":"N/A","docs_reference_links":"N/A","fieldsIndex":65},{"action":"environment.create_actions_secret","description":"A secret was created for a GitHub Actions environment.","docs_reference_links":"/actions/deployment/targeting-different-environments/using-environments-for-deployment#environment-secrets","docs_reference_titles":"Managing environments for deployment","fieldsIndex":66},{"action":"environment.create_actions_variable","description":"A variable was created for a GitHub Actions environment.","docs_reference_links":"/actions/learn-github-actions/variables#creating-configuration-variables-for-an-environment","docs_reference_titles":"Store information in variables","fieldsIndex":66},{"action":"environment.delete","description":"An environment was deleted.","docs_reference_links":"/actions/deployment/targeting-different-environments/using-environments-for-deployment#deleting-an-environment","docs_reference_titles":"Managing environments for deployment","fieldsIndex":67},{"action":"environment.remove_actions_secret","description":"A secret was deleted for a GitHub Actions environment.","docs_reference_links":"/actions/deployment/targeting-different-environments/using-environments-for-deployment#environment-secrets","docs_reference_titles":"Managing environments for deployment","fieldsIndex":68},{"action":"environment.remove_actions_variable","description":"A variable was deleted for a GitHub Actions environment.","docs_reference_links":"/actions/learn-github-actions/variables#creating-configuration-variables-for-an-environment","docs_reference_titles":"Store information in variables","fieldsIndex":68},{"action":"environment.remove_protection_rule","description":"A GitHub Actions deployment protection rule was deleted via the API.","docs_reference_links":"/actions/deployment/targeting-different-environments/using-environments-for-deployment#deployment-protection-rules","docs_reference_titles":"Managing environments for deployment","fieldsIndex":69},{"action":"environment.update_actions_secret","description":"A secret was updated for a GitHub Actions environment.","docs_reference_links":"/actions/deployment/targeting-different-environments/using-environments-for-deployment#environment-secrets","docs_reference_titles":"Managing environments for deployment","fieldsIndex":66},{"action":"environment.update_actions_variable","description":"A variable was updated for a GitHub Actions environment.","docs_reference_links":"/actions/learn-github-actions/variables#creating-configuration-variables-for-an-environment","docs_reference_titles":"Store information in variables","fieldsIndex":66},{"action":"environment.update_protection_rule","description":"A GitHub Actions deployment protection rule was updated via the API.","docs_reference_links":"/actions/deployment/targeting-different-environments/using-environments-for-deployment#deployment-protection-rules","docs_reference_titles":"Managing environments for deployment","fieldsIndex":70},{"action":"git.clone","description":"A repository was cloned. This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports.","docs_reference_links":"N/A","fieldsIndex":71},{"action":"git.fetch","description":"Changes were fetched from a repository. This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports.","docs_reference_links":"N/A","fieldsIndex":71},{"action":"git.push","description":"Changes were pushed to a repository. This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports.","docs_reference_links":"N/A","fieldsIndex":71},{"action":"github_hosted_runner.create","description":"N/A","docs_reference_links":"N/A","fieldsIndex":72},{"action":"github_hosted_runner.destroy","description":"N/A","docs_reference_links":"N/A","fieldsIndex":16},{"action":"github_hosted_runner.update","description":"N/A","docs_reference_links":"N/A","fieldsIndex":72},{"action":"hook.active_changed","description":"A hook's active status was updated.","docs_reference_links":"N/A","fieldsIndex":73},{"action":"hook.config_changed","description":"A hook's configuration was changed.","docs_reference_links":"N/A","fieldsIndex":74},{"action":"hook.create","description":"A new hook was added.","docs_reference_links":"/get-started/exploring-integrations/about-webhooks","docs_reference_titles":"About webhooks","fieldsIndex":75},{"action":"hook.destroy","description":"A hook was deleted.","docs_reference_links":"N/A","fieldsIndex":74},{"action":"hook.events_changed","description":"A hook's configured events were changed.","docs_reference_links":"N/A","fieldsIndex":76},{"action":"integration.create","description":"A GitHub App was created.","docs_reference_links":"N/A","fieldsIndex":77},{"action":"integration.destroy","description":"A GitHub App was deleted.","docs_reference_links":"N/A","fieldsIndex":78},{"action":"integration.generate_client_secret","description":"N/A","docs_reference_links":"N/A","fieldsIndex":79},{"action":"integration_installation.create","description":"A GitHub App was installed.","docs_reference_links":"/apps/using-github-apps/authorizing-github-apps","docs_reference_titles":"/apps/using-github-apps/authorizing-github-apps","fieldsIndex":80},{"action":"integration_installation.destroy","description":"A GitHub App was uninstalled.","docs_reference_links":"/apps/using-github-apps/reviewing-and-modifying-installed-github-apps#blocking-access","docs_reference_titles":"/apps/using-github-apps/reviewing-and-modifying-installed-github-apps#blocking-access","fieldsIndex":81},{"action":"integration_installation.repositories_added","description":"Repositories were added to a GitHub App.","docs_reference_links":"/apps/using-github-apps/reviewing-and-modifying-installed-github-apps#modifying-repository-access","docs_reference_titles":"/apps/using-github-apps/reviewing-and-modifying-installed-github-apps#modifying-repository-access","fieldsIndex":82},{"action":"integration_installation.repositories_removed","description":"Repositories were removed from a GitHub App.","docs_reference_links":"/apps/using-github-apps/reviewing-and-modifying-installed-github-apps#modifying-repository-access","docs_reference_titles":"/apps/using-github-apps/reviewing-and-modifying-installed-github-apps#modifying-repository-access","fieldsIndex":83},{"action":"integration_installation_request.close","description":"A request to install a GitHub App was either approved or denied by an owner, or canceled by the member who opened the request.","docs_reference_links":"/apps/using-github-apps/requesting-a-github-app-from-your-organization-owner","docs_reference_titles":"/apps/using-github-apps/requesting-a-github-app-from-your-organization-owner","fieldsIndex":84},{"action":"integration_installation_request.create","description":"A member requested that an owner install a GitHub App.","docs_reference_links":"/apps/using-github-apps/requesting-a-github-app-from-your-organization-owner","docs_reference_titles":"/apps/using-github-apps/requesting-a-github-app-from-your-organization-owner","fieldsIndex":85},{"action":"integration_installation.suspend","description":"A GitHub App was suspended.","docs_reference_links":"/apps/using-github-apps/reviewing-and-modifying-installed-github-apps#blocking-access","docs_reference_titles":"/apps/using-github-apps/reviewing-and-modifying-installed-github-apps#blocking-access","fieldsIndex":86},{"action":"integration_installation.unsuspend","description":"A GitHub App was unsuspended.","docs_reference_links":"/apps/using-github-apps/reviewing-and-modifying-installed-github-apps#blocking-access","docs_reference_titles":"/apps/using-github-apps/reviewing-and-modifying-installed-github-apps#blocking-access","fieldsIndex":86},{"action":"integration_installation.version_updated","description":"Permissions for a GitHub App were updated.","docs_reference_links":"/apps/using-github-apps/approving-updated-permissions-for-a-github-app","docs_reference_titles":"/apps/using-github-apps/approving-updated-permissions-for-a-github-app","fieldsIndex":86},{"action":"integration.manager_added","description":"A member of an enterprise or organization was added as a GitHub App manager.","docs_reference_links":"/organizations/managing-programmatic-access-to-your-organization/adding-and-removing-github-app-managers-in-your-organization#giving-someone-the-ability-to-manage-all-github-apps-owned-by-the-organization","docs_reference_titles":"/organizations/managing-programmatic-access-to-your-organization/adding-and-removing-github-app-managers-in-your-organization#giving-someone-the-ability-to-manage-all-github-apps-owned-by-the-organization","fieldsIndex":87},{"action":"integration.manager_removed","description":"A member of an enterprise or organization was removed from being a GitHub App manager.","docs_reference_links":"/organizations/managing-programmatic-access-to-your-organization/adding-and-removing-github-app-managers-in-your-organization#removing-a-github-app-managers-permissions-for-the-entire-organization","docs_reference_titles":"/organizations/managing-programmatic-access-to-your-organization/adding-and-removing-github-app-managers-in-your-organization#removing-a-github-app-managers-permissions-for-the-entire-organization","fieldsIndex":87},{"action":"integration.remove_client_secret","description":"A client secret for a GitHub App was removed.","docs_reference_links":"N/A","fieldsIndex":78},{"action":"integration.revoke_all_tokens","description":"All user tokens for a GitHub App were requested to be revoked.","docs_reference_links":"N/A","fieldsIndex":88},{"action":"integration.revoke_tokens","description":"Token(s) for a GitHub App were revoked.","docs_reference_links":"N/A","fieldsIndex":88},{"action":"integration.suspend","description":"A GitHub App was suspended.","docs_reference_links":"/apps/maintaining-github-apps/suspending-a-github-app-installation","docs_reference_titles":"/apps/maintaining-github-apps/suspending-a-github-app-installation","fieldsIndex":79},{"action":"integration.transfer","description":"Ownership of a GitHub App was transferred to another user or organization.","docs_reference_links":"/apps/maintaining-github-apps/transferring-ownership-of-a-github-app","docs_reference_titles":"/apps/maintaining-github-apps/transferring-ownership-of-a-github-app","fieldsIndex":89},{"action":"integration.unsuspend","description":"A GitHub App was unsuspended.","docs_reference_links":"/apps/maintaining-github-apps/suspending-a-github-app-installation","docs_reference_titles":"/apps/maintaining-github-apps/suspending-a-github-app-installation","fieldsIndex":88},{"action":"ip_allow_list.disable","description":"An IP allow list was disabled.","docs_reference_links":"N/A","fieldsIndex":11},{"action":"ip_allow_list.disable_for_installed_apps","description":"An IP allow list was disabled for installed GitHub Apps.","docs_reference_links":"N/A","fieldsIndex":11},{"action":"ip_allow_list.enable","description":"An IP allow list was enabled.","docs_reference_links":"N/A","fieldsIndex":11},{"action":"ip_allow_list.enable_for_installed_apps","description":"An IP allow list was enabled for installed GitHub Apps.","docs_reference_links":"N/A","fieldsIndex":11},{"action":"ip_allow_list_entry.create","description":"An IP address was added to an IP allow list.","docs_reference_links":"N/A","fieldsIndex":90},{"action":"ip_allow_list_entry.destroy","description":"An IP address was deleted from an IP allow list.","docs_reference_links":"N/A","fieldsIndex":90},{"action":"ip_allow_list_entry.update","description":"An IP address or its description was changed.","docs_reference_links":"N/A","fieldsIndex":90},{"action":"issue_comment.destroy","description":"A comment on an issue was deleted from the repository.","docs_reference_links":"N/A","fieldsIndex":32},{"action":"issue_comment.pinned","description":"A comment on an issue was pinned to a repository.","docs_reference_links":"N/A","fieldsIndex":32},{"action":"issue_comment.unpinned","description":"A comment on an issue was unpinned from a repository.","docs_reference_links":"N/A","fieldsIndex":32},{"action":"issue_comment.update","description":"A comment on an issue (other than the initial one) changed.","docs_reference_links":"N/A","fieldsIndex":32},{"action":"issue_dependencies.blocked_by_add","description":"An issue was marked as blocked by another issue.","docs_reference_links":"N/A","fieldsIndex":91},{"action":"issue_dependencies.blocked_by_remove","description":"The blocked by relationship between an issue and another issue was removed.","docs_reference_links":"N/A","fieldsIndex":91},{"action":"issue_dependencies.blocking_add","description":"An issue was marked as blocking another issue.","docs_reference_links":"N/A","fieldsIndex":91},{"action":"issue_dependencies.blocking_remove","description":"The blocking relationship between an issue and another issue was removed.","docs_reference_links":"N/A","fieldsIndex":91},{"action":"issue.destroy","description":"An issue was deleted from the repository.","docs_reference_links":"/issues/tracking-your-work-with-issues/deleting-an-issue","docs_reference_titles":"Deleting an issue","fieldsIndex":92},{"action":"issue.pinned","description":"An issue was pinned to a repository.","docs_reference_links":"/issues/tracking-your-work-with-issues/pinning-an-issue-to-your-repository","docs_reference_titles":"Pinning an issue to your repository","fieldsIndex":93},{"action":"issue.transfer","description":"An issue was transferred to another repository.","docs_reference_links":"/issues/tracking-your-work-with-issues/transferring-an-issue-to-another-repository","docs_reference_titles":"Transferring an issue to another repository","fieldsIndex":94},{"action":"issue_type.create","description":"An issue type was created.","docs_reference_links":"N/A","fieldsIndex":95},{"action":"issue_type.destroy","description":"An issue type was deleted.","docs_reference_links":"N/A","fieldsIndex":96},{"action":"issue_type.update","description":"An issue type was updated.","docs_reference_links":"N/A","fieldsIndex":97},{"action":"issue.unpinned","description":"An issue was unpinned from a repository.","docs_reference_links":"/issues/tracking-your-work-with-issues/pinning-an-issue-to-your-repository","docs_reference_titles":"Pinning an issue to your repository","fieldsIndex":93},{"action":"issues.deletes_disabled","description":"The ability for enterprise members to delete issues was disabled Members cannot delete issues in any organizations in an enterprise.","docs_reference_links":"/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-deleting-issues","docs_reference_titles":"Enforcing repository management policies in your enterprise","fieldsIndex":11},{"action":"issues.deletes_enabled","description":"The ability for enterprise members to delete issues was enabled Members can delete issues in any organizations in an enterprise.","docs_reference_links":"/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-deleting-issues","docs_reference_titles":"Enforcing repository management policies in your enterprise","fieldsIndex":15},{"action":"issues.deletes_policy_cleared","description":"An enterprise owner cleared the policy setting for allowing members to delete issues in an enterprise.","docs_reference_links":"/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-deleting-issues","docs_reference_titles":"Enforcing repository management policies in your enterprise","fieldsIndex":15},{"action":"marketplace_agreement_signature.create","description":"The GitHub Marketplace Developer Agreement was signed.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"marketplace_listing.approve","description":"A listing was approved for inclusion in GitHub Marketplace.","docs_reference_links":"N/A","fieldsIndex":98},{"action":"marketplace_listing.change_category","description":"A category for a listing for an app in GitHub Marketplace was changed.","docs_reference_links":"N/A","fieldsIndex":99},{"action":"marketplace_listing.create","description":"A listing for an app in GitHub Marketplace was created.","docs_reference_links":"N/A","fieldsIndex":98},{"action":"marketplace_listing.delist","description":"A listing was removed from GitHub Marketplace.","docs_reference_links":"N/A","fieldsIndex":100},{"action":"marketplace_listing.redraft","description":"A listing was sent back to draft state.","docs_reference_links":"N/A","fieldsIndex":98},{"action":"marketplace_listing.reject","description":"A listing was not accepted for inclusion in GitHub Marketplace.","docs_reference_links":"N/A","fieldsIndex":98},{"action":"mcp_registry.allowlist_assign","description":"An MCP registry allowlist was assigned to an organization or enterprise.","docs_reference_links":"N/A","fieldsIndex":101},{"action":"mcp_registry.allowlist_remove_assignment","description":"An MCP registry allowlist assignment was removed from an organization or enterprise.","docs_reference_links":"N/A","fieldsIndex":101},{"action":"members_can_create_pages.disable","description":"The ability for members to publish GitHub Pages sites was disabled.","docs_reference_links":"/organizations/managing-organization-settings/managing-the-publication-of-github-pages-sites-for-your-organization","docs_reference_titles":"/organizations/managing-organization-settings/managing-the-publication-of-github-pages-sites-for-your-organization","fieldsIndex":53},{"action":"members_can_create_pages.enable","description":"The ability for members to publish GitHub Pages sites was enabled.","docs_reference_links":"/organizations/managing-organization-settings/managing-the-publication-of-github-pages-sites-for-your-organization","docs_reference_titles":"/organizations/managing-organization-settings/managing-the-publication-of-github-pages-sites-for-your-organization","fieldsIndex":53},{"action":"members_can_create_private_pages.disable","description":"The ability for members to publish private GitHub Pages was disabled Members cannot publish private GitHub Pages in an organization.","docs_reference_links":"/organizations/managing-organization-settings/managing-the-publication-of-github-pages-sites-for-your-organization","docs_reference_titles":"/organizations/managing-organization-settings/managing-the-publication-of-github-pages-sites-for-your-organization","fieldsIndex":53},{"action":"members_can_create_private_pages.enable","description":"The ability for members to publish private GitHub Pages was enabled Members can publish private GitHub Pages in an organization.","docs_reference_links":"/organizations/managing-organization-settings/managing-the-publication-of-github-pages-sites-for-your-organization","docs_reference_titles":"/organizations/managing-organization-settings/managing-the-publication-of-github-pages-sites-for-your-organization","fieldsIndex":1},{"action":"members_can_create_public_pages.disable","description":"The ability for members to publish public GitHub Pages was disabled Members cannot publish public GitHub Pages in an organization.","docs_reference_links":"/organizations/managing-organization-settings/managing-the-publication-of-github-pages-sites-for-your-organization","docs_reference_titles":"/organizations/managing-organization-settings/managing-the-publication-of-github-pages-sites-for-your-organization","fieldsIndex":53},{"action":"members_can_create_public_pages.enable","description":"The ability for members to publish public GitHub Pages was enabled Members can publish public GitHub Pages in an organization.","docs_reference_links":"/organizations/managing-organization-settings/managing-the-publication-of-github-pages-sites-for-your-organization","docs_reference_titles":"/organizations/managing-organization-settings/managing-the-publication-of-github-pages-sites-for-your-organization","fieldsIndex":53},{"action":"members_can_delete_repos.clear","description":"An enterprise owner cleared the policy setting for deleting or transferring repositories in any organizations in an enterprise.","docs_reference_links":"/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-repository-deletion-and-transfer","docs_reference_titles":"Enforcing repository management policies in your enterprise","fieldsIndex":11},{"action":"members_can_delete_repos.disable","description":"The ability for enterprise members to delete repositories was disabled Members cannot delete or transfer repositories in any organizations in an enterprise.","docs_reference_links":"/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-repository-deletion-and-transfer","docs_reference_titles":"Enforcing repository management policies in your enterprise","fieldsIndex":11},{"action":"members_can_delete_repos.enable","description":"The ability for enterprise members to delete repositories was enabled Members can delete or transfer repositories in any organizations in an enterprise.","docs_reference_links":"/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-repository-deletion-and-transfer","docs_reference_titles":"Enforcing repository management policies in your enterprise","fieldsIndex":15},{"action":"members_can_view_dependency_insights.clear","description":"An enterprise owner cleared the policy setting for viewing dependency insights in any organizations in an enterprise.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"members_can_view_dependency_insights.disable","description":"The ability for enterprise members to view dependency insights was disabled. Members cannot view dependency insights in any organizations in an enterprise.","docs_reference_links":"/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-dependency-insights-in-your-enterprise","docs_reference_titles":"Enforcing policies for code security and analysis for your enterprise","fieldsIndex":15},{"action":"members_can_view_dependency_insights.enable","description":"The ability for enterprise members to view dependency insights was enabled. Members can view dependency insights in any organizations in an enterprise.","docs_reference_links":"/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-dependency-insights-in-your-enterprise","docs_reference_titles":"Enforcing policies for code security and analysis for your enterprise","fieldsIndex":11},{"action":"merge_queue.pull_request_dequeued","description":"A pull request was removed from a merge queue.","docs_reference_links":"N/A","fieldsIndex":32},{"action":"merge_queue.pull_request_queue_jump","description":"A pull request was moved ahead in a merge queue.","docs_reference_links":"N/A","fieldsIndex":32},{"action":"merge_queue.queue_cleared","description":"A merge queue was cleared.","docs_reference_links":"N/A","fieldsIndex":102},{"action":"merge_queue.update_settings","description":"The settings for a merge queue were updated.","docs_reference_links":"N/A","fieldsIndex":103},{"action":"metered_billing_configuration.create","description":"N/A","docs_reference_links":"N/A","fieldsIndex":15},{"action":"metered_billing_configuration.destroy","description":"N/A","docs_reference_links":"N/A","fieldsIndex":15},{"action":"metered_billing_configuration.update","description":"N/A","docs_reference_links":"N/A","fieldsIndex":0},{"action":"migration.create","description":"A migration file was created for transferring data from a source location (such as a GitHub.com organization or a GitHub Enterprise Server instance) to a target GitHub Enterprise Server instance.","docs_reference_links":"N/A","fieldsIndex":104},{"action":"migration.destroy_file","description":"A migration file for transferring data from a source location (such as a GitHub.com organization or a GitHub Enterprise Server instance) to a target GitHub Enterprise Server instance was deleted.","docs_reference_links":"N/A","fieldsIndex":104},{"action":"migration.download","description":"A migration file for transferring data from a source location (such as a GitHub.com organization or a GitHub Enterprise Server instance) to a target GitHub Enterprise Server instance was downloaded.","docs_reference_links":"N/A","fieldsIndex":104},{"action":"network_configuration.create","description":"A network configuration for a hosted compute service was created.","docs_reference_links":"/admin/configuration/configuring-private-networking-for-hosted-compute-products/about-networking-for-hosted-compute-products","docs_reference_titles":"About networking for hosted compute products in your enterprise","fieldsIndex":105},{"action":"network_configuration.delete","description":"A network configuration for a hosted compute service was deleted.","docs_reference_links":"/admin/configuration/configuring-private-networking-for-hosted-compute-products/about-networking-for-hosted-compute-products","docs_reference_titles":"About networking for hosted compute products in your enterprise","fieldsIndex":106},{"action":"network_configuration.update","description":"A network configuration for a hosted compute service was updated.","docs_reference_links":"/admin/configuration/configuring-private-networking-for-hosted-compute-products/about-networking-for-hosted-compute-products","docs_reference_titles":"About networking for hosted compute products in your enterprise","fieldsIndex":107},{"action":"oauth_application.create","description":"An OAuth application was created.","docs_reference_links":"/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app","docs_reference_titles":"/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app","fieldsIndex":108},{"action":"oauth_application.destroy","description":"An OAuth application was deleted.","docs_reference_links":"/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app","docs_reference_titles":"/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app","fieldsIndex":108},{"action":"oauth_application.generate_client_secret","description":"An OAuth application's secret key was generated.","docs_reference_links":"/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app","docs_reference_titles":"/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app","fieldsIndex":108},{"action":"oauth_application.remove_client_secret","description":"An OAuth application's secret key was deleted.","docs_reference_links":"/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app","docs_reference_titles":"/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app","fieldsIndex":108},{"action":"oauth_application.reset_secret","description":"The secret key for an OAuth application was reset.","docs_reference_links":"/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app","docs_reference_titles":"/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app","fieldsIndex":109},{"action":"oauth_application.revoke_all_tokens","description":"All user tokens for an OAuth application were requested to be revoked.","docs_reference_links":"/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app","docs_reference_titles":"/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app","fieldsIndex":108},{"action":"oauth_application.revoke_tokens","description":"Token(s) for an OAuth application were revoked.","docs_reference_links":"/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app","docs_reference_titles":"/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app","fieldsIndex":108},{"action":"oauth_application.transfer","description":"An OAuth application was transferred from one account to another.","docs_reference_links":"/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app","docs_reference_titles":"/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app","fieldsIndex":108},{"action":"org.accept_business_invitation","description":"An invitation sent to an organization to join an enterprise was accepted.","docs_reference_links":"/admin/user-management/managing-organizations-in-your-enterprise/adding-organizations-to-your-enterprise#inviting-an-organization-to-join-your-enterprise-account","docs_reference_titles":"Adding organizations to your enterprise","fieldsIndex":15},{"action":"org.add_billing_manager","description":"A billing manager was added to an organization.","docs_reference_links":"/organizations/managing-peoples-access-to-your-organization-with-roles/adding-a-billing-manager-to-your-organization","docs_reference_titles":"/organizations/managing-peoples-access-to-your-organization-with-roles/adding-a-billing-manager-to-your-organization","fieldsIndex":15},{"action":"org.add_disallowed_two_factor_method","description":"An organization prevented access to resources by users with the given two-factor method.","docs_reference_links":"N/A","fieldsIndex":110},{"action":"org.add_member","description":"A user joined an organization.","docs_reference_links":"N/A","fieldsIndex":111},{"action":"org.add_outside_collaborator","description":"An outside collaborator was added to a repository.","docs_reference_links":"N/A","fieldsIndex":112},{"action":"org.add_security_manager","description":"N/A","docs_reference_links":"N/A","fieldsIndex":113},{"action":"org.advanced_security_disabled_for_new_repos","description":"GitHub Advanced Security was disabled for new repositories in an organization.","docs_reference_links":"N/A","fieldsIndex":53},{"action":"org.advanced_security_disabled_on_all_repos","description":"GitHub Advanced Security was disabled for all repositories in an organization.","docs_reference_links":"N/A","fieldsIndex":11},{"action":"org.advanced_security_enabled_for_new_repos","description":"GitHub Advanced Security was enabled for new repositories in an organization.","docs_reference_links":"N/A","fieldsIndex":53},{"action":"org.advanced_security_enabled_on_all_repos","description":"GitHub Advanced Security was enabled for all repositories in an organization.","docs_reference_links":"N/A","fieldsIndex":1},{"action":"org.advanced_security_entity_policy_update","description":"An enterprise owner updated the GitHub Advanced Security access policy for repositories owned by the organization.","docs_reference_links":"/admin/policies/enforcing-policies-for-advanced-security-in-your-enterprise","docs_reference_titles":"Enforcing policies for code security and analysis for your enterprise","fieldsIndex":114},{"action":"org.advanced_security_policy_selected_member_disabled","description":"An enterprise owner prevented GitHub Advanced Security features from being enabled for repositories owned by the organization.","docs_reference_links":"/admin/policies/enforcing-policies-for-advanced-security-in-your-enterprise","docs_reference_titles":"Enforcing policies for code security and analysis for your enterprise","fieldsIndex":15},{"action":"org.advanced_security_policy_selected_member_enabled","description":"An enterprise owner allowed GitHub Advanced Security features to be enabled for repositories owned by the organization.","docs_reference_links":"/admin/policies/enforcing-policies-for-advanced-security-in-your-enterprise","docs_reference_titles":"Enforcing policies for code security and analysis for your enterprise","fieldsIndex":15},{"action":"org.allow_third_party_access_requests_from_outside_collaborators_disabled","description":"Third-party application access for outside collaborators was disabled for the organization.","docs_reference_links":"/organizations/managing-programmatic-access-to-your-organization/limiting-oauth-app-and-github-app-access-requests#enabling-or-disabling-integration-access-requests","docs_reference_titles":"Limiting OAuth app and GitHub App access requests and installations","fieldsIndex":0},{"action":"org.allow_third_party_access_requests_from_outside_collaborators_enabled","description":"Third-party application access for outside collaborators was enabled for the organization.","docs_reference_links":"/organizations/managing-programmatic-access-to-your-organization/limiting-oauth-app-and-github-app-access-requests-and-installations#enabling-or-disabling-app-access-requests","docs_reference_titles":"/organizations/managing-programmatic-access-to-your-organization/limiting-oauth-app-and-github-app-access-requests-and-installations#enabling-or-disabling-app-access-requests","fieldsIndex":0},{"action":"org.archive","description":"The organization was archived.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"org.audit_log_export","description":"An export of the organization audit log was created. If the export included a query, the log will list the query used and the number of audit log entries matching that query.","docs_reference_links":"/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization#exporting-the-audit-log","docs_reference_titles":"/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization#exporting-the-audit-log","fieldsIndex":115},{"action":"org.audit_log_git_event_export","description":"An export of the organization's Git events was created.","docs_reference_links":"/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/audit-log-events-for-your-organization","docs_reference_titles":"/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/audit-log-events-for-your-organization","fieldsIndex":116},{"action":"org.billing_signup_error","description":"N/A","docs_reference_links":"N/A","fieldsIndex":15},{"action":"org.block_user","description":"An organization owner blocked a user from accessing the organization's repositories.","docs_reference_links":"/communities/maintaining-your-safety-on-github/blocking-a-user-from-your-organization","docs_reference_titles":"/communities/maintaining-your-safety-on-github/blocking-a-user-from-your-organization","fieldsIndex":117},{"action":"org.cancel_business_invitation","description":"An invitation for an organization to join an enterprise was revoked","docs_reference_links":"/admin/user-management/managing-organizations-in-your-enterprise/adding-organizations-to-your-enterprise#inviting-an-organization-to-join-your-enterprise-account","docs_reference_titles":"Adding organizations to your enterprise","fieldsIndex":118},{"action":"org.cancel_invitation","description":"An invitation sent to a user to join an organization was revoked.","docs_reference_links":"N/A","fieldsIndex":119},{"action":"org.clear_custom_invitation_rate_limit","description":"N/A","docs_reference_links":"N/A","fieldsIndex":0},{"action":"org.clear_disallowed_two_factor_methods","description":"Cleared two-factor authentication restrictions for an organization.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"org.code_quality_entity_policy_update","description":"An organization owner updated the Code Quality entity policy for repositories owned by the organization.","docs_reference_links":"N/A","fieldsIndex":114},{"action":"org.code_scanning_ai_findings_disabled","description":"AI-powered findings for code scanning were disabled for an organization.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"org.code_scanning_ai_findings_enabled","description":"AI-powered findings for code scanning were enabled for an organization.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"org.code_scanning_autofix_disabled","description":"Autofix for code scanning alerts was disabled for an organization.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"org.code_scanning_autofix_enabled","description":"Autofix for code scanning alerts was enabled for an organization.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"org.code_scanning_autofix_third_party_tools_disabled","description":"Autofix for third party tools for code scanning alerts was disabled for an organization.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"org.code_scanning_autofix_third_party_tools_enabled","description":"Autofix for third party tools for code scanning alerts was enabled for an organization.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"org.code_scanning_scan_inactive_repos_disabled","description":"Scanning inactive repositories was disabled for an organization.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"org.code_scanning_scan_inactive_repos_enabled","description":"Scanning inactive repositories was enabled for an organization.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"org.code_security_metered_usage_lock","description":"Enablement for Code Security features on new repositories has been locked for this organization.","docs_reference_links":"N/A","fieldsIndex":120},{"action":"org.code_security_metered_usage_unlock","description":"Enablement for Code Security features on new repositories has been unlocked for this organization.","docs_reference_links":"N/A","fieldsIndex":121},{"action":"org.codeql_disabled","description":"Code scanning using the default setup was disabled for an organization.","docs_reference_links":"/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning-at-scale","docs_reference_titles":"Configuring default setup for code scanning at scale","fieldsIndex":11},{"action":"org.codeql_enabled","description":"Code scanning using the default setup was enabled for an organization.","docs_reference_links":"/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning-at-scale","docs_reference_titles":"Configuring default setup for code scanning at scale","fieldsIndex":1},{"action":"org.codespaces_access_updated","description":"Access to use Codespaces on internal and private repositories was updated for an organization.","docs_reference_links":"/codespaces/managing-codespaces-for-your-organization/enabling-or-disabling-github-codespaces-for-your-organization","docs_reference_titles":"/codespaces/managing-codespaces-for-your-organization/enabling-or-disabling-github-codespaces-for-your-organization","fieldsIndex":122},{"action":"org.codespaces_ownership_updated","description":"Ownership and payment for codespaces was updated for an organization.","docs_reference_links":"/codespaces/managing-codespaces-for-your-organization/choosing-who-owns-and-pays-for-codespaces-in-your-organization","docs_reference_titles":"/codespaces/managing-codespaces-for-your-organization/choosing-who-owns-and-pays-for-codespaces-in-your-organization","fieldsIndex":123},{"action":"org.codespaces_team_access_allowed","description":"A team has been allowed to use Codespaces for an organization.","docs_reference_links":"N/A","fieldsIndex":124},{"action":"org.codespaces_team_access_revoked","description":"A team has been prevented from using Codespaces for an organization.","docs_reference_links":"N/A","fieldsIndex":124},{"action":"org.codespaces_trusted_repo_access_granted","description":"GitHub Codespaces was granted trusted repository access to all other repositories in an organization.","docs_reference_links":"/codespaces/managing-codespaces-for-your-organization/managing-repository-access-for-your-organizations-codespaces","docs_reference_titles":"Managing access to other repositories within your codespace","fieldsIndex":32},{"action":"org.codespaces_trusted_repo_access_revoked","description":"GitHub Codespaces trusted repository access to all other repositories in an organization was revoked.","docs_reference_links":"/codespaces/managing-codespaces-for-your-organization/managing-repository-access-for-your-organizations-codespaces","docs_reference_titles":"Managing access to other repositories within your codespace","fieldsIndex":121},{"action":"org.codespaces_user_access_allowed","description":"A user has been allowed to use Codespaces for an organization.","docs_reference_links":"N/A","fieldsIndex":11},{"action":"org.codespaces_user_access_revoked","description":"A user has been prevented from using Codespaces for an organization.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"org.config.disable_collaborators_only","description":"The interaction limit for collaborators only for an organization was disabled.","docs_reference_links":"/communities/moderating-comments-and-conversations/limiting-interactions-in-your-organization#limiting-interactions-in-your-organization","docs_reference_titles":"/communities/moderating-comments-and-conversations/limiting-interactions-in-your-organization#limiting-interactions-in-your-organization","fieldsIndex":11},{"action":"org.config.disable_contributors_only","description":"The interaction limit for prior contributors only for an organization was disabled.","docs_reference_links":"/communities/moderating-comments-and-conversations/limiting-interactions-in-your-organization#limiting-interactions-in-your-organization","docs_reference_titles":"/communities/moderating-comments-and-conversations/limiting-interactions-in-your-organization#limiting-interactions-in-your-organization","fieldsIndex":15},{"action":"org.config.disable_sockpuppet_disallowed","description":"The interaction limit for existing users only for an organization was disabled.","docs_reference_links":"/communities/moderating-comments-and-conversations/limiting-interactions-in-your-organization#limiting-interactions-in-your-organization","docs_reference_titles":"/communities/moderating-comments-and-conversations/limiting-interactions-in-your-organization#limiting-interactions-in-your-organization","fieldsIndex":15},{"action":"org.config.enable_collaborators_only","description":"The interaction limit for collaborators only for an organization was enabled.","docs_reference_links":"/communities/moderating-comments-and-conversations/limiting-interactions-in-your-organization#limiting-interactions-in-your-organization","docs_reference_titles":"/communities/moderating-comments-and-conversations/limiting-interactions-in-your-organization#limiting-interactions-in-your-organization","fieldsIndex":16},{"action":"org.config.enable_contributors_only","description":"The interaction limit for prior contributors only for an organization was enabled.","docs_reference_links":"/communities/moderating-comments-and-conversations/limiting-interactions-in-your-organization#limiting-interactions-in-your-organization","docs_reference_titles":"/communities/moderating-comments-and-conversations/limiting-interactions-in-your-organization#limiting-interactions-in-your-organization","fieldsIndex":15},{"action":"org.config.enable_sockpuppet_disallowed","description":"The interaction limit for existing users only for an organization was enabled.","docs_reference_links":"/communities/moderating-comments-and-conversations/limiting-interactions-in-your-organization#limiting-interactions-in-your-organization","docs_reference_titles":"/communities/moderating-comments-and-conversations/limiting-interactions-in-your-organization#limiting-interactions-in-your-organization","fieldsIndex":16},{"action":"org.configure_self_hosted_jit_runner","description":"A new just-in-time GitHub Actions self-hosted runner was configured","docs_reference_links":"/rest/actions/self-hosted-runners#create-configuration-for-a-just-in-time-runner-for-an-organization","docs_reference_titles":"/rest/actions/self-hosted-runners#create-configuration-for-a-just-in-time-runner-for-an-organization","fieldsIndex":53},{"action":"org.confirm_business_invitation","description":"An invitation for an organization to join an enterprise was confirmed.","docs_reference_links":"/admin/user-management/managing-organizations-in-your-enterprise/adding-organizations-to-your-enterprise#inviting-an-organization-to-join-your-enterprise-account","docs_reference_titles":"Adding organizations to your enterprise","fieldsIndex":125},{"action":"org.connect_usage_metrics_export","description":"Server statistics were exported for the organization.","docs_reference_links":"/admin/monitoring-activity-in-your-enterprise/analyzing-how-your-team-works-with-server-statistics/exporting-server-statistics","docs_reference_titles":"Exporting Server Statistics","fieldsIndex":0},{"action":"org.create","description":"An organization was created.","docs_reference_links":"/organizations/collaborating-with-groups-in-organizations/creating-a-new-organization-from-scratch","docs_reference_titles":"/organizations/collaborating-with-groups-in-organizations/creating-a-new-organization-from-scratch","fieldsIndex":1},{"action":"org.create_actions_secret","description":"A GitHub Actions secret was created for an organization.","docs_reference_links":"/actions/security-guides/using-secrets-in-github-actions#creating-secrets-for-an-organization","docs_reference_titles":"Using secrets in GitHub Actions","fieldsIndex":126},{"action":"org.create_actions_variable","description":"A GitHub Actions variable was created for an organization.","docs_reference_links":"/actions/learn-github-actions/variables#creating-configuration-variables-for-an-organization","docs_reference_titles":"Store information in variables","fieldsIndex":126},{"action":"org.create_integration_secret","description":"A Codespaces or Dependabot secret was created for an organization.","docs_reference_links":"N/A","fieldsIndex":127},{"action":"org_credential_authorization.deauthorize","description":"A member removed the SSO (SAML or OIDC) authorization from a credential that had access to your organization.","docs_reference_links":"/authentication/authenticating-with-saml-single-sign-on/authorizing-a-personal-access-token-for-use-with-saml-single-sign-on","docs_reference_titles":"Authorizing a personal access token for use with single sign-on","fieldsIndex":128},{"action":"org_credential_authorization.grant","description":"A member authorized credentials for use with SAML or OIDC single sign-on.","docs_reference_links":"/authentication/authenticating-with-saml-single-sign-on","docs_reference_titles":"Authenticating with single sign-on","fieldsIndex":128},{"action":"org_credential_authorization.revoke","description":"An owner revoked authorized credentials.","docs_reference_links":"/organizations/granting-access-to-your-organization-with-saml-single-sign-on/viewing-and-managing-a-members-saml-access-to-your-organization","docs_reference_titles":"Viewing and managing a member's SAML access to your organization","fieldsIndex":129},{"action":"org.delete","description":"An organization was deleted by a user or staff.","docs_reference_links":"N/A","fieldsIndex":53},{"action":"org.delete_custom_image","description":"A custom image was deleted for an organization.","docs_reference_links":"/actions/how-tos/manage-runners/larger-runners/use-custom-images","docs_reference_titles":"/actions/how-tos/manage-runners/larger-runners/use-custom-images","fieldsIndex":16},{"action":"org.delete_custom_image_version","description":"A custom image version was deleted for an organization.","docs_reference_links":"/actions/how-tos/manage-runners/larger-runners/use-custom-images","docs_reference_titles":"/actions/how-tos/manage-runners/larger-runners/use-custom-images","fieldsIndex":53},{"action":"org.disable_member_team_creation_permission","description":"Team creation was limited to owners.","docs_reference_links":"/organizations/managing-organization-settings/setting-team-creation-permissions-in-your-organization","docs_reference_titles":"/organizations/managing-organization-settings/setting-team-creation-permissions-in-your-organization","fieldsIndex":53},{"action":"org.disable_oauth_app_restrictions","description":"Third-party application access restrictions for an organization were disabled.","docs_reference_links":"/organizations/managing-oauth-access-to-your-organizations-data/disabling-oauth-app-access-restrictions-for-your-organization","docs_reference_titles":"/organizations/managing-oauth-access-to-your-organizations-data/disabling-oauth-app-access-restrictions-for-your-organization","fieldsIndex":15},{"action":"org.disable_reader_discussion_creation_permission","description":"An organization owner limited discussion creation to users with at least triage permission in an organization.","docs_reference_links":"/organizations/managing-organization-settings/managing-discussion-creation-for-repositories-in-your-organization","docs_reference_titles":"/organizations/managing-organization-settings/managing-discussion-creation-for-repositories-in-your-organization","fieldsIndex":15},{"action":"org.disable_saml","description":"SAML single sign-on was disabled for an organization.","docs_reference_links":"N/A","fieldsIndex":130},{"action":"org.disable_source_ip_disclosure","description":"Display of IP addresses within audit log events for the organization was disabled.","docs_reference_links":"/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/displaying-ip-addresses-in-the-audit-log-for-your-organization","docs_reference_titles":"/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/displaying-ip-addresses-in-the-audit-log-for-your-organization","fieldsIndex":15},{"action":"org.disable_two_factor_requirement","description":"A two-factor authentication requirement was disabled for the organization.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"org.display_commenter_full_name_disabled","description":"An organization owner disabled the display of a commenter's full name in an organization. Members cannot see a comment author's full name.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"org.display_commenter_full_name_enabled","description":"An organization owner enabled the display of a commenter's full name in an organization. Members can see a comment author's full name.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"org.enable_member_team_creation_permission","description":"Team creation by members was allowed.","docs_reference_links":"/organizations/managing-organization-settings/setting-team-creation-permissions-in-your-organization","docs_reference_titles":"/organizations/managing-organization-settings/setting-team-creation-permissions-in-your-organization","fieldsIndex":11},{"action":"org.enable_oauth_app_restrictions","description":"Third-party application access restrictions for an organization were enabled.","docs_reference_links":"/organizations/managing-oauth-access-to-your-organizations-data/enabling-oauth-app-access-restrictions-for-your-organization","docs_reference_titles":"/organizations/managing-oauth-access-to-your-organizations-data/enabling-oauth-app-access-restrictions-for-your-organization","fieldsIndex":15},{"action":"org.enable_reader_discussion_creation_permission","description":"An organization owner allowed users with read access to create discussions in an organization","docs_reference_links":"/organizations/managing-organization-settings/managing-discussion-creation-for-repositories-in-your-organization","docs_reference_titles":"/organizations/managing-organization-settings/managing-discussion-creation-for-repositories-in-your-organization","fieldsIndex":15},{"action":"org.enable_saml","description":"SAML single sign-on was enabled for the organization.","docs_reference_links":"/organizations/managing-saml-single-sign-on-for-your-organization/enabling-and-testing-saml-single-sign-on-for-your-organization","docs_reference_titles":"Enabling and testing SAML single sign-on for your organization","fieldsIndex":130},{"action":"org.enable_source_ip_disclosure","description":"Display of IP addresses within audit log events for the organization was enabled.","docs_reference_links":"/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/displaying-ip-addresses-in-the-audit-log-for-your-organization","docs_reference_titles":"/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/displaying-ip-addresses-in-the-audit-log-for-your-organization","fieldsIndex":15},{"action":"org.enable_two_factor_requirement","description":"Two-factor authentication is now required for the organization.","docs_reference_links":"/organizations/keeping-your-organization-secure/managing-two-factor-authentication-for-your-organization/requiring-two-factor-authentication-in-your-organization","docs_reference_titles":"/organizations/keeping-your-organization-secure/managing-two-factor-authentication-for-your-organization/requiring-two-factor-authentication-in-your-organization","fieldsIndex":11},{"action":"org.integration_manager_added","description":"An organization owner granted a member access to manage all GitHub Apps owned by an organization.","docs_reference_links":"N/A","fieldsIndex":131},{"action":"org.integration_manager_removed","description":"An organization owner removed access to manage all GitHub Apps owned by an organization from an organization member.","docs_reference_links":"N/A","fieldsIndex":131},{"action":"org.invite_member","description":"A new user was invited to join an organization.","docs_reference_links":"/organizations/managing-membership-in-your-organization/inviting-users-to-join-your-organization","docs_reference_titles":"/organizations/managing-membership-in-your-organization/inviting-users-to-join-your-organization","fieldsIndex":119},{"action":"org.invite_to_business","description":"An organization was invited to join an enterprise.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"org.members_can_update_protected_branches.disable","description":"The ability for enterprise members to update protected branches was disabled. Only enterprise owners can update protected branches.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"org.members_can_update_protected_branches.enable","description":"The ability for enterprise members to update protected branches was enabled. Members of an organization can update protected branches.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"org.members_limit_warning","description":"An organization is approaching its members limit.","docs_reference_links":"N/A","fieldsIndex":132},{"action":"org.oauth_app_access_approved","description":"Access to an organization was granted for an OAuth App.","docs_reference_links":"/organizations/managing-oauth-access-to-your-organizations-data/approving-oauth-apps-for-your-organization","docs_reference_titles":"/organizations/managing-oauth-access-to-your-organizations-data/approving-oauth-apps-for-your-organization","fieldsIndex":133},{"action":"org.oauth_app_access_blocked","description":"N/A","docs_reference_links":"N/A","fieldsIndex":133},{"action":"org.oauth_app_access_denied","description":"Access was disabled for an OAuth App that was previously approved.","docs_reference_links":"/organizations/managing-oauth-access-to-your-organizations-data/denying-access-to-a-previously-approved-oauth-app-for-your-organization","docs_reference_titles":"/organizations/managing-oauth-access-to-your-organizations-data/denying-access-to-a-previously-approved-oauth-app-for-your-organization","fieldsIndex":133},{"action":"org.oauth_app_access_requested","description":"An organization member requested that an owner grant an OAuth App access to an organization.","docs_reference_links":"N/A","fieldsIndex":133},{"action":"org.oauth_app_access_unblocked","description":"N/A","docs_reference_links":"N/A","fieldsIndex":133},{"action":"org.rate_limited_invites","description":"N/A","docs_reference_links":"N/A","fieldsIndex":15},{"action":"org.recovery_code_failed","description":"An organization owner failed to sign into a organization with an external identity provider (IdP) using a recovery code.","docs_reference_links":"/organizations/managing-saml-single-sign-on-for-your-organization/accessing-your-organization-if-your-identity-provider-is-unavailable","docs_reference_titles":"Accessing your organization if your identity provider is unavailable","fieldsIndex":134},{"action":"org.recovery_code_used","description":"An organization owner successfully signed into an organization with an external identity provider (IdP) using a recovery code.","docs_reference_links":"/organizations/managing-saml-single-sign-on-for-your-organization/accessing-your-organization-if-your-identity-provider-is-unavailable","docs_reference_titles":"Accessing your organization if your identity provider is unavailable","fieldsIndex":15},{"action":"org.recovery_codes_downloaded","description":"An organization owner downloaded the organization's SSO recovery codes.","docs_reference_links":"/organizations/managing-saml-single-sign-on-for-your-organization/downloading-your-organizations-saml-single-sign-on-recovery-codes","docs_reference_titles":"Downloading your organization's SAML single sign-on recovery codes","fieldsIndex":15},{"action":"org.recovery_codes_generated","description":"An organization owner generated the organization's SSO recovery codes.","docs_reference_links":"/organizations/managing-saml-single-sign-on-for-your-organization/downloading-your-organizations-saml-single-sign-on-recovery-codes","docs_reference_titles":"Downloading your organization's SAML single sign-on recovery codes","fieldsIndex":15},{"action":"org.recovery_codes_printed","description":"An organization owner printed the organization's SSO recovery codes.","docs_reference_links":"/organizations/managing-saml-single-sign-on-for-your-organization/downloading-your-organizations-saml-single-sign-on-recovery-codes","docs_reference_titles":"Downloading your organization's SAML single sign-on recovery codes","fieldsIndex":15},{"action":"org.recovery_codes_viewed","description":"An organization owner viewed the organization's SSO recovery codes.","docs_reference_links":"/organizations/managing-saml-single-sign-on-for-your-organization/downloading-your-organizations-saml-single-sign-on-recovery-codes","docs_reference_titles":"Downloading your organization's SAML single sign-on recovery codes","fieldsIndex":15},{"action":"org.register_self_hosted_runner","description":"A new self-hosted runner was registered.","docs_reference_links":"/actions/hosting-your-own-runners/managing-self-hosted-runners/adding-self-hosted-runners#adding-a-self-hosted-runner-to-an-organization","docs_reference_titles":"Adding self-hosted runners","fieldsIndex":63},{"action":"org.remove_actions_secret","description":"A GitHub Actions secret was removed from an organization.","docs_reference_links":"/actions/security-guides/using-secrets-in-github-actions#creating-secrets-for-an-organization","docs_reference_titles":"Using secrets in GitHub Actions","fieldsIndex":135},{"action":"org.remove_actions_variable","description":"A GitHub Actions variable was removed from an organization.","docs_reference_links":"/actions/learn-github-actions/variables#creating-configuration-variables-for-an-organization","docs_reference_titles":"Store information in variables","fieldsIndex":135},{"action":"org.remove_billing_manager","description":"A billing manager was removed from an organization, either manually or due to a two-factor authentication requirement.","docs_reference_links":"/organizations/managing-peoples-access-to-your-organization-with-roles/removing-a-billing-manager-from-your-organization, /organizations/keeping-your-organization-secure/managing-two-factor-authentication-for-your-organization/requiring-two-factor-authentication-in-your-organization","docs_reference_titles":"/organizations/managing-peoples-access-to-your-organization-with-roles/removing-a-billing-manager-from-your-organization, /organizations/keeping-your-organization-secure/managing-two-factor-authentication-for-your-organization/requiring-two-factor-authentication-in-your-organization","fieldsIndex":53},{"action":"org.remove_disallowed_two_factor_method","description":"Removed a two-factor authentication method restriction for an organization.","docs_reference_links":"N/A","fieldsIndex":110},{"action":"org.remove_integration_secret","description":"A Codespaces or Dependabot secret was removed from an organization.","docs_reference_links":"N/A","fieldsIndex":136},{"action":"org.remove_member","description":"A member was removed from an organization, either manually or due to a two-factor authentication requirement.","docs_reference_links":"N/A","fieldsIndex":53},{"action":"org.remove_outside_collaborator","description":"An outside collaborator was removed from an organization, either manually or due to a two-factor authentication requirement.","docs_reference_links":"N/A","fieldsIndex":53},{"action":"org.remove_security_manager","description":"N/A","docs_reference_links":"N/A","fieldsIndex":137},{"action":"org.remove_self_hosted_runner","description":"A self-hosted runner was removed.","docs_reference_links":"/actions/hosting-your-own-runners/managing-self-hosted-runners/removing-self-hosted-runners#removing-a-runner-from-an-organization","docs_reference_titles":"Removing self-hosted runners","fieldsIndex":53},{"action":"org.rename","description":"An organization was renamed.","docs_reference_links":"N/A","fieldsIndex":138},{"action":"org.required_workflow_create","description":"Triggered when a required workflow is created.","docs_reference_links":"/actions/using-workflows/required-workflows","docs_reference_titles":"/actions/using-workflows/required-workflows","fieldsIndex":0},{"action":"org.required_workflow_delete","description":"Triggered when a required workflow is deleted.","docs_reference_links":"/actions/using-workflows/required-workflows","docs_reference_titles":"/actions/using-workflows/required-workflows","fieldsIndex":0},{"action":"org.required_workflow_update","description":"Triggered when a required workflow is updated.","docs_reference_links":"/actions/using-workflows/required-workflows","docs_reference_titles":"/actions/using-workflows/required-workflows","fieldsIndex":0},{"action":"org.restore_member","description":"An organization member was restored.","docs_reference_links":"/organizations/managing-membership-in-your-organization/reinstating-a-former-member-of-your-organization","docs_reference_titles":"/organizations/managing-membership-in-your-organization/reinstating-a-former-member-of-your-organization","fieldsIndex":1},{"action":"org.revoke_external_identity","description":"A member's linked identity was revoked.","docs_reference_links":"/organizations/granting-access-to-your-organization-with-saml-single-sign-on/viewing-and-managing-a-members-saml-access-to-your-organization#viewing-and-revoking-a-linked-identity","docs_reference_titles":"Viewing and managing a member's SAML access to your organization","fieldsIndex":15},{"action":"org.revoke_sso_session","description":"A member's SAML session was revoked.","docs_reference_links":"/organizations/granting-access-to-your-organization-with-saml-single-sign-on/viewing-and-managing-a-members-saml-access-to-your-organization#viewing-and-revoking-a-linked-identity","docs_reference_titles":"Viewing and managing a member's SAML access to your organization","fieldsIndex":15},{"action":"org.runner_group_created","description":"A self-hosted runner group was created.","docs_reference_links":"/actions/hosting-your-own-runners/managing-self-hosted-runners/managing-access-to-self-hosted-runners-using-groups#creating-a-self-hosted-runner-group-for-an-organization","docs_reference_titles":"Managing access to self-hosted runners using groups","fieldsIndex":139},{"action":"org.runner_group_removed","description":"A self-hosted runner group was removed.","docs_reference_links":"/actions/hosting-your-own-runners/managing-self-hosted-runners/managing-access-to-self-hosted-runners-using-groups#removing-a-self-hosted-runner-group","docs_reference_titles":"Managing access to self-hosted runners using groups","fieldsIndex":140},{"action":"org.runner_group_renamed","description":"A self-hosted runner group was renamed.","docs_reference_links":"/actions/hosting-your-own-runners/managing-self-hosted-runners/managing-access-to-self-hosted-runners-using-groups#changing-the-access-policy-of-a-self-hosted-runner-group","docs_reference_titles":"Managing access to self-hosted runners using groups","fieldsIndex":141},{"action":"org.runner_group_runner_removed","description":"The REST API was used to remove a self-hosted runner from a group.","docs_reference_links":"/rest/actions#remove-a-self-hosted-runner-from-a-group-for-an-organization","docs_reference_titles":"/rest/actions#remove-a-self-hosted-runner-from-a-group-for-an-organization","fieldsIndex":142},{"action":"org.runner_group_runners_added","description":"A self-hosted runner was added to a group.","docs_reference_links":"/actions/hosting-your-own-runners/managing-self-hosted-runners/managing-access-to-self-hosted-runners-using-groups#moving-a-self-hosted-runner-to-a-group","docs_reference_titles":"Managing access to self-hosted runners using groups","fieldsIndex":140},{"action":"org.runner_group_runners_updated","description":"A runner group's list of members was updated.","docs_reference_links":"/rest/actions#set-self-hosted-runners-in-a-group-for-an-organization","docs_reference_titles":"/rest/actions#set-self-hosted-runners-in-a-group-for-an-organization","fieldsIndex":140},{"action":"org.runner_group_updated","description":"The configuration of a self-hosted runner group was changed.","docs_reference_links":"/actions/hosting-your-own-runners/managing-self-hosted-runners/managing-access-to-self-hosted-runners-using-groups#changing-the-access-policy-of-a-self-hosted-runner-group","docs_reference_titles":"Managing access to self-hosted runners using groups","fieldsIndex":139},{"action":"org.runner_group_visiblity_updated","description":"The visibility of a self-hosted runner group was updated via the REST API.","docs_reference_links":"/rest/actions#update-a-self-hosted-runner-group-for-an-organization","docs_reference_titles":"/rest/actions#update-a-self-hosted-runner-group-for-an-organization","fieldsIndex":143},{"action":"org.secret_protection_metered_usage_lock","description":"Enablement for Secret Protection features on new repositories has been locked for this organization.","docs_reference_links":"N/A","fieldsIndex":120},{"action":"org.secret_protection_metered_usage_unlock","description":"Enablement for Secret Protection features on new repositories has been unlocked for this organization.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"org_secret_scanning_automatic_validity_checks.disabled","description":"Automatic partner validation checks have been disabled at the organization level","docs_reference_links":"/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization#allowing-validity-checks-for-partner-patterns-in-an-organization","docs_reference_titles":"/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization#allowing-validity-checks-for-partner-patterns-in-an-organization","fieldsIndex":11},{"action":"org_secret_scanning_automatic_validity_checks.enabled","description":"Automatic partner validation checks have been enabled at the organization level","docs_reference_links":"/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization#allowing-validity-checks-for-partner-patterns-in-an-organization","docs_reference_titles":"/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization#allowing-validity-checks-for-partner-patterns-in-an-organization","fieldsIndex":16},{"action":"org_secret_scanning_custom_pattern.create","description":"A custom pattern was created for secret scanning in an organization.","docs_reference_links":"/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning#defining-a-custom-pattern-for-an-organization","docs_reference_titles":"Defining custom patterns for secret scanning","fieldsIndex":11},{"action":"org_secret_scanning_custom_pattern.delete","description":"A custom pattern was removed from secret scanning in an organization.","docs_reference_links":"/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning#removing-a-custom-pattern","docs_reference_titles":"Defining custom patterns for secret scanning","fieldsIndex":15},{"action":"org_secret_scanning_custom_pattern.publish","description":"A custom pattern was published for secret scanning in an organization.","docs_reference_links":"/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning#defining-a-custom-pattern-for-an-organization","docs_reference_titles":"Defining custom patterns for secret scanning","fieldsIndex":15},{"action":"org.secret_scanning_custom_pattern_push_protection_disabled","description":"Push protection for a custom pattern for secret scanning was disabled for an organization.","docs_reference_links":"/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning#defining-a-custom-pattern-for-an-organization","docs_reference_titles":"Defining custom patterns for secret scanning","fieldsIndex":0},{"action":"org.secret_scanning_custom_pattern_push_protection_enabled","description":"Push protection for a custom pattern for secret scanning was enabled for an organization.","docs_reference_links":"/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning#defining-a-custom-pattern-for-an-organization","docs_reference_titles":"Defining custom patterns for secret scanning","fieldsIndex":0},{"action":"org_secret_scanning_custom_pattern.update","description":"Changes to a custom pattern were saved and a dry run was executed for secret scanning in an organization.","docs_reference_links":"/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning#editing-a-custom-pattern","docs_reference_titles":"Defining custom patterns for secret scanning","fieldsIndex":15},{"action":"org_secret_scanning_generic_secrets.disabled","description":"Generic secrets have been disabled at the organization level","docs_reference_links":"N/A","fieldsIndex":0},{"action":"org_secret_scanning_generic_secrets.enabled","description":"Generic secrets have been enabled at the organization level","docs_reference_links":"N/A","fieldsIndex":0},{"action":"org_secret_scanning_non_provider_patterns.disabled","description":"Secret scanning for non-provider patterns was disabled at the organization level.","docs_reference_links":"/code-security/secret-scanning/secret-scanning-patterns#non-provider-patterns","docs_reference_titles":"Supported secret scanning patterns","fieldsIndex":15},{"action":"org_secret_scanning_non_provider_patterns.enabled","description":"Secret scanning for non-provider patterns was enabled at the organization level.","docs_reference_links":"/code-security/secret-scanning/secret-scanning-patterns#non-provider-patterns","docs_reference_titles":"Supported secret scanning patterns","fieldsIndex":15},{"action":"org_secret_scanning_push_protection_bypass_list.add","description":"A role or team was added to the push protection bypass list at the organization level.","docs_reference_links":"/code-security/secret-scanning/push-protection-for-repositories-and-organizations#enabling-delegated-bypass-for-push-protection","docs_reference_titles":"Push protection","fieldsIndex":53},{"action":"org_secret_scanning_push_protection_bypass_list.disable","description":"Push protection settings for \"Users who can bypass push protection for secret scanning\" changed from \"Specific roles or teams\" to \"Anyone with write access\" at the organization level.","docs_reference_links":"/code-security/secret-scanning/push-protection-for-repositories-and-organizations#enabling-delegated-bypass-for-push-protection","docs_reference_titles":"Push protection","fieldsIndex":15},{"action":"org_secret_scanning_push_protection_bypass_list.enable","description":"Push protection settings for \"Users who can bypass push protection for secret scanning\" changed from \"Anyone with write access\" to \"Specific roles or teams\" at the organization level.","docs_reference_links":"/code-security/secret-scanning/push-protection-for-repositories-and-organizations#enabling-delegated-bypass-for-push-protection","docs_reference_titles":"Push protection","fieldsIndex":15},{"action":"org_secret_scanning_push_protection_bypass_list.remove","description":"A role or team was removed from the push protection bypass list at the organization level.","docs_reference_links":"/code-security/secret-scanning/push-protection-for-repositories-and-organizations#enabling-delegated-bypass-for-push-protection","docs_reference_titles":"Push protection","fieldsIndex":53},{"action":"org.secret_scanning_push_protection_custom_message_disabled","description":"The custom message triggered by an attempted push to a push-protected repository was disabled for an organization.","docs_reference_links":"/code-security/secret-scanning/protecting-pushes-with-secret-scanning#enabling-secret-scanning-as-a-push-protection-for-an-organization","docs_reference_titles":"Push protection","fieldsIndex":1},{"action":"org.secret_scanning_push_protection_custom_message_enabled","description":"The custom message triggered by an attempted push to a push-protected repository was enabled for an organization.","docs_reference_links":"/code-security/secret-scanning/protecting-pushes-with-secret-scanning#enabling-secret-scanning-as-a-push-protection-for-an-organization","docs_reference_titles":"Push protection","fieldsIndex":1},{"action":"org.secret_scanning_push_protection_custom_message_updated","description":"The custom message triggered by an attempted push to a push-protected repository was updated for an organization.","docs_reference_links":"/code-security/secret-scanning/protecting-pushes-with-secret-scanning#enabling-secret-scanning-as-a-push-protection-for-an-organization","docs_reference_titles":"Push protection","fieldsIndex":1},{"action":"org.secret_scanning_push_protection_disable","description":"Push protection for secret scanning was disabled.","docs_reference_links":"/code-security/secret-scanning/protecting-pushes-with-secret-scanning","docs_reference_titles":"Push protection","fieldsIndex":11},{"action":"org.secret_scanning_push_protection_enable","description":"Push protection for secret scanning was enabled.","docs_reference_links":"/code-security/secret-scanning/push-protection-for-repositories-and-organizations","docs_reference_titles":"Push protection","fieldsIndex":53},{"action":"org.secret_scanning_push_protection_new_repos_disable","description":"Push protection for secret scanning was disabled for all new repositories in the organization.","docs_reference_links":"/code-security/secret-scanning/push-protection-for-repositories-and-organizations","docs_reference_titles":"Push protection","fieldsIndex":53},{"action":"org.secret_scanning_push_protection_new_repos_enable","description":"Push protection for secret scanning was enabled for all new repositories in the organization.","docs_reference_links":"/code-security/secret-scanning/push-protection-for-repositories-and-organizations","docs_reference_titles":"Push protection","fieldsIndex":53},{"action":"org_secret_scanning_push_protection_pattern_configuration.push_protection_setting_changed","description":"The push protection setting was updated for a secret type for your organization.","docs_reference_links":"/code-security/secret-scanning/push-protection-for-repositories-and-organizations","docs_reference_titles":"Push protection","fieldsIndex":144},{"action":"org_secret_scanning_push_protection_pattern_configuration.updated","description":"The push protection pattern configuration was updated for your organization.","docs_reference_links":"/code-security/secret-scanning/push-protection-for-repositories-and-organizations","docs_reference_titles":"Push protection","fieldsIndex":145},{"action":"org.security_center_export_code_scanning_metrics","description":"A CSV export was requested on the CodeQL pull request alerts page.","docs_reference_links":"N/A","fieldsIndex":146},{"action":"org.security_center_export_coverage","description":"A CSV export was requested on the Coverage page.","docs_reference_links":"N/A","fieldsIndex":147},{"action":"org.security_center_export_overview_dashboard","description":"A CSV export was requested on the Overview Dashboard page.","docs_reference_links":"N/A","fieldsIndex":146},{"action":"org.security_center_export_risk","description":"A CSV export was requested on the Risk page.","docs_reference_links":"N/A","fieldsIndex":147},{"action":"org.self_hosted_runner_offline","description":"The runner application was stopped. This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports.","docs_reference_links":"/actions/hosting-your-own-runners/managing-self-hosted-runners/monitoring-and-troubleshooting-self-hosted-runners#checking-the-status-of-a-self-hosted-runner","docs_reference_titles":"Monitoring and troubleshooting self-hosted runners","fieldsIndex":148},{"action":"org.self_hosted_runner_online","description":"The runner application was started. This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports.","docs_reference_links":"/actions/hosting-your-own-runners/managing-self-hosted-runners/monitoring-and-troubleshooting-self-hosted-runners#checking-the-status-of-a-self-hosted-runner","docs_reference_titles":"Monitoring and troubleshooting self-hosted runners","fieldsIndex":148},{"action":"org.self_hosted_runner_updated","description":"The runner application was updated. This event is not included in the JSON/CSV export.","docs_reference_links":"/actions/hosting-your-own-runners/managing-self-hosted-runners/about-self-hosted-runners#about-self-hosted-runners","docs_reference_titles":"Self-hosted runners","fieldsIndex":149},{"action":"org.set_actions_cache_retention_policy","description":"The cache retention policy for GitHub Actions was set for an organization.","docs_reference_links":"/organizations/managing-organization-settings/managing-github-actions-settings-for-your-organization","docs_reference_titles":"/organizations/managing-organization-settings/managing-github-actions-settings-for-your-organization","fieldsIndex":16},{"action":"org.set_actions_cache_storage_policy","description":"The cache storage policy for GitHub Actions was set for an organization.","docs_reference_links":"/organizations/managing-organization-settings/managing-github-actions-settings-for-your-organization","docs_reference_titles":"/organizations/managing-organization-settings/managing-github-actions-settings-for-your-organization","fieldsIndex":11},{"action":"org.set_actions_fork_pr_approvals_policy","description":"The setting for requiring approvals for workflows from public forks was changed for an organization.","docs_reference_links":"/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization#requiring-approval-for-workflows-from-public-forks","docs_reference_titles":"/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization#requiring-approval-for-workflows-from-public-forks","fieldsIndex":150},{"action":"org.set_actions_private_fork_pr_approvals_policy","description":"The policy for requiring approval for fork pull request workflows from collaborators without write access to private repos was changed for an organization.","docs_reference_links":"/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization#enabling-workflows-for-private-repository-forks","docs_reference_titles":"/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization#enabling-workflows-for-private-repository-forks","fieldsIndex":151},{"action":"org.set_actions_retention_limit","description":"The retention period for GitHub Actions artifacts and logs in an organization was changed.","docs_reference_links":"/organizations/managing-organization-settings/configuring-the-retention-period-for-github-actions-artifacts-and-logs-in-your-organization","docs_reference_titles":"/organizations/managing-organization-settings/configuring-the-retention-period-for-github-actions-artifacts-and-logs-in-your-organization","fieldsIndex":152},{"action":"org.set_custom_invitation_rate_limit","description":"N/A","docs_reference_links":"N/A","fieldsIndex":15},{"action":"org.set_default_workflow_permissions","description":"The default permissions granted to the GITHUB_TOKEN when running workflows were changed for an organization.","docs_reference_links":"/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization#setting-the-permissions-of-the-github_token-for-your-organization","docs_reference_titles":"/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization#setting-the-permissions-of-the-github_token-for-your-organization","fieldsIndex":53},{"action":"org.set_fork_pr_workflows_policy","description":"The policy for workflows on private repository forks was changed.","docs_reference_links":"/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization#enabling-workflows-for-private-repository-forks","docs_reference_titles":"/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization#enabling-workflows-for-private-repository-forks","fieldsIndex":150},{"action":"org.set_workflow_permission_can_approve_pr","description":"The policy for allowing GitHub Actions to create and approve pull requests was changed for an organization.","docs_reference_links":"/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization#preventing-github-actions-from-creating-or-approving-pull-requests","docs_reference_titles":"/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization#preventing-github-actions-from-creating-or-approving-pull-requests","fieldsIndex":53},{"action":"org.sso_response","description":"A SAML single sign-on (SSO) response was generated when a member attempted to authenticate with your organization. This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports.","docs_reference_links":"N/A","fieldsIndex":153},{"action":"org.transfer","description":"An organization was transferred between enterprise accounts.","docs_reference_links":"/admin/user-management/managing-organizations-in-your-enterprise/adding-organizations-to-your-enterprise#transferring-an-organization-between-enterprise-accounts","docs_reference_titles":"Adding organizations to your enterprise","fieldsIndex":154},{"action":"org.transfer_outgoing","description":"An organization was transferred between enterprise accounts.","docs_reference_links":"/admin/managing-accounts-and-repositories/managing-organizations-in-your-enterprise/adding-organizations-to-your-enterprise#transferring-an-organization-between-enterprise-accounts","docs_reference_titles":"Adding organizations to your enterprise","fieldsIndex":154},{"action":"org.unarchive","description":"The organization was unarchived.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"org.unblock_user","description":"A user was unblocked from an organization.","docs_reference_links":"/communities/maintaining-your-safety-on-github/unblocking-a-user-from-your-organization","docs_reference_titles":"/communities/maintaining-your-safety-on-github/unblocking-a-user-from-your-organization","fieldsIndex":117},{"action":"org.update_actions_secret","description":"A GitHub Actions secret was updated for an organization.","docs_reference_links":"/actions/security-guides/using-secrets-in-github-actions#creating-secrets-for-an-organization","docs_reference_titles":"Using secrets in GitHub Actions","fieldsIndex":126},{"action":"org.update_actions_settings","description":"An organization owner or site administrator updated GitHub Actions policy settings for an organization.","docs_reference_links":"/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization","docs_reference_titles":"/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization","fieldsIndex":155},{"action":"org.update_actions_variable","description":"A GitHub Actions variable was updated for an organization.","docs_reference_links":"/actions/learn-github-actions/variables#creating-configuration-variables-for-an-organization","docs_reference_titles":"Store information in variables","fieldsIndex":126},{"action":"org.update_custom_images_policy","description":"The enterprise updated GitHub Actions custom image policy settings for an organization.","docs_reference_links":"/actions/how-tos/manage-runners/larger-runners/use-custom-images","docs_reference_titles":"/actions/how-tos/manage-runners/larger-runners/use-custom-images","fieldsIndex":156},{"action":"org.update_default_repository_permission","description":"The default repository permission level for organization members was changed.","docs_reference_links":"N/A","fieldsIndex":157},{"action":"org.update_immutable_releases_settings_policy","description":"The settings policy for immutable releases was updated for an organization.","docs_reference_links":"N/A","fieldsIndex":158},{"action":"org.update_integration_secret","description":"A Codespaces or Dependabot secret was updated for an organization.","docs_reference_links":"N/A","fieldsIndex":127},{"action":"org.update_member","description":"A person's role was changed from owner to member or member to owner.","docs_reference_links":"N/A","fieldsIndex":157},{"action":"org.update_member_repository_creation_permission","description":"The create repository permission for organization members was changed.","docs_reference_links":"N/A","fieldsIndex":159},{"action":"org.update_member_repository_invitation_permission","description":"An organization owner changed the policy setting for organization members inviting outside collaborators to repositories.","docs_reference_links":"/organizations/managing-organization-settings/setting-permissions-for-adding-outside-collaborators","docs_reference_titles":"Setting permissions for adding outside collaborators","fieldsIndex":160},{"action":"org.update_new_repository_default_branch_setting","description":"The name of the default branch was changed for new repositories in the organization.","docs_reference_links":"/organizations/managing-organization-settings/managing-the-default-branch-name-for-repositories-in-your-organization","docs_reference_titles":"/organizations/managing-organization-settings/managing-the-default-branch-name-for-repositories-in-your-organization","fieldsIndex":15},{"action":"org.update_repo_self_hosted_runners_policy","description":"The repository self-hosted runners policy was updated","docs_reference_links":"/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization#limiting-the-use-of-self-hosted-runners","docs_reference_titles":"/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization#limiting-the-use-of-self-hosted-runners","fieldsIndex":161},{"action":"org.update_saml_provider_settings","description":"An organization's SAML provider settings were updated.","docs_reference_links":"N/A","fieldsIndex":130},{"action":"org.update_terms_of_service","description":"An organization changed between the Standard Terms of Service and the GitHub Customer Agreement.","docs_reference_links":"/organizations/managing-organization-settings/upgrading-to-the-github-customer-agreement","docs_reference_titles":"/organizations/managing-organization-settings/upgrading-to-the-github-customer-agreement","fieldsIndex":11},{"action":"organization_custom_property_value.create","description":"An organization's custom property value was manually set for the first time.","docs_reference_links":"/admin/managing-accounts-and-repositories/managing-organizations-in-your-enterprise/managing-custom-properties-for-organization-in-your-enterprise","docs_reference_titles":"/admin/managing-accounts-and-repositories/managing-organizations-in-your-enterprise/managing-custom-properties-for-organization-in-your-enterprise","fieldsIndex":162},{"action":"organization_custom_property_value.destroy","description":"An organization's custom property value was deleted.","docs_reference_links":"/admin/managing-accounts-and-repositories/managing-organizations-in-your-enterprise/managing-custom-properties-for-organization-in-your-enterprise","docs_reference_titles":"/admin/managing-accounts-and-repositories/managing-organizations-in-your-enterprise/managing-custom-properties-for-organization-in-your-enterprise","fieldsIndex":162},{"action":"organization_default_label.create","description":"A default label was created for repositories in an organization.","docs_reference_links":"/organizations/managing-organization-settings/managing-default-labels-for-repositories-in-your-organization#creating-a-default-label","docs_reference_titles":"/organizations/managing-organization-settings/managing-default-labels-for-repositories-in-your-organization#creating-a-default-label","fieldsIndex":1},{"action":"organization_default_label.destroy","description":"A default label was deleted for repositories in an organization.","docs_reference_links":"/organizations/managing-organization-settings/managing-default-labels-for-repositories-in-your-organization#deleting-a-default-label","docs_reference_titles":"/organizations/managing-organization-settings/managing-default-labels-for-repositories-in-your-organization#deleting-a-default-label","fieldsIndex":15},{"action":"organization_default_label.update","description":"A default label was edited for repositories in an organization.","docs_reference_links":"/organizations/managing-organization-settings/managing-default-labels-for-repositories-in-your-organization#editing-a-default-label","docs_reference_titles":"/organizations/managing-organization-settings/managing-default-labels-for-repositories-in-your-organization#editing-a-default-label","fieldsIndex":15},{"action":"organization_domain.approve","description":"A domain was approved for an organization.","docs_reference_links":"/organizations/managing-organization-settings/verifying-or-approving-a-domain-for-your-organization#approving-a-domain-for-your-organization","docs_reference_titles":"/organizations/managing-organization-settings/verifying-or-approving-a-domain-for-your-organization#approving-a-domain-for-your-organization","fieldsIndex":163},{"action":"organization_domain.create","description":"A domain was added to an organization.","docs_reference_links":"/organizations/managing-organization-settings/verifying-or-approving-a-domain-for-your-organization#verifying-a-domain-for-your-organization","docs_reference_titles":"/organizations/managing-organization-settings/verifying-or-approving-a-domain-for-your-organization#verifying-a-domain-for-your-organization","fieldsIndex":163},{"action":"organization_domain.destroy","description":"A domain was removed from an organization.","docs_reference_links":"/organizations/managing-organization-settings/verifying-or-approving-a-domain-for-your-organization#removing-an-approved-or-verified-domain","docs_reference_titles":"/organizations/managing-organization-settings/verifying-or-approving-a-domain-for-your-organization#removing-an-approved-or-verified-domain","fieldsIndex":163},{"action":"organization_domain.verify","description":"A domain was verified for an organization.","docs_reference_links":"/organizations/managing-organization-settings/verifying-or-approving-a-domain-for-your-organization#verifying-a-domain-for-your-organization","docs_reference_titles":"/organizations/managing-organization-settings/verifying-or-approving-a-domain-for-your-organization#verifying-a-domain-for-your-organization","fieldsIndex":163},{"action":"organization_moderators.add_team","description":"N/A","docs_reference_links":"N/A","fieldsIndex":124},{"action":"organization_moderators.add_user","description":"N/A","docs_reference_links":"N/A","fieldsIndex":15},{"action":"organization_moderators.remove_team","description":"N/A","docs_reference_links":"N/A","fieldsIndex":124},{"action":"organization_moderators.remove_user","description":"N/A","docs_reference_links":"N/A","fieldsIndex":53},{"action":"organization_projects_change.clear","description":"An enterprise owner cleared the policy setting for organization-wide project boards in an enterprise.","docs_reference_links":"/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-projects-in-your-enterprise#enforcing-a-policy-for-organization-wide-project-boards","docs_reference_titles":"Enforcing policies for projects in your enterprise","fieldsIndex":11},{"action":"organization_projects_change.disable","description":"Organization projects were disabled for all organizations in an enterprise.","docs_reference_links":"/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-projects-in-your-enterprise#enforcing-a-policy-for-organization-wide-project-boards","docs_reference_titles":"Enforcing policies for projects in your enterprise","fieldsIndex":53},{"action":"organization_projects_change.enable","description":"Organization projects were enabled for all organizations in an enterprise.","docs_reference_links":"/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-projects-in-your-enterprise#enforcing-a-policy-for-organization-wide-project-boards","docs_reference_titles":"Enforcing policies for projects in your enterprise","fieldsIndex":53},{"action":"organization_role.assign","description":"An organization role was assigned to a user or team.","docs_reference_links":"/organizations/managing-peoples-access-to-your-organization-with-roles/about-custom-organization-roles","docs_reference_titles":"Permissions of custom organization roles","fieldsIndex":164},{"action":"organization_role.create","description":"A custom organization role was created in an organization.","docs_reference_links":"/organizations/managing-peoples-access-to-your-organization-with-roles/about-custom-organization-roles","docs_reference_titles":"Permissions of custom organization roles","fieldsIndex":165},{"action":"organization_role.destroy","description":"A custom organization role was deleted in an organization.","docs_reference_links":"/organizations/managing-peoples-access-to-your-organization-with-roles/about-custom-organization-roles","docs_reference_titles":"Permissions of custom organization roles","fieldsIndex":166},{"action":"organization_role.revoke","description":"A user or team was unassigned an organization role.","docs_reference_links":"/organizations/managing-peoples-access-to-your-organization-with-roles/about-custom-organization-roles","docs_reference_titles":"Permissions of custom organization roles","fieldsIndex":164},{"action":"organization_role.update","description":"A custom organization role was edited in an organization.","docs_reference_links":"/organizations/managing-peoples-access-to-your-organization-with-roles/about-custom-organization-roles","docs_reference_titles":"Permissions of custom organization roles","fieldsIndex":167},{"action":"organization_wide_project_base_role.update","description":"An organization's default project base role was updated.","docs_reference_links":"N/A","fieldsIndex":168},{"action":"packages.package_deleted","description":"An entire package was deleted.","docs_reference_links":"/packages/learn-github-packages/deleting-and-restoring-a-package","docs_reference_titles":"/packages/learn-github-packages/deleting-and-restoring-a-package","fieldsIndex":169},{"action":"packages.package_published","description":"A package was published or republished to an organization.","docs_reference_links":"N/A","fieldsIndex":170},{"action":"packages.package_version_deleted","description":"A specific package version was deleted.","docs_reference_links":"/packages/learn-github-packages/deleting-and-restoring-a-package","docs_reference_titles":"/packages/learn-github-packages/deleting-and-restoring-a-package","fieldsIndex":171},{"action":"packages.package_version_published","description":"A specific package version was published or republished to a package.","docs_reference_links":"N/A","fieldsIndex":172},{"action":"pages_protected_domain.create","description":"A GitHub Pages verified domain was created for an organization or enterprise.","docs_reference_links":"/pages/configuring-a-custom-domain-for-your-github-pages-site/verifying-your-custom-domain-for-github-pages","docs_reference_titles":"/pages/configuring-a-custom-domain-for-your-github-pages-site/verifying-your-custom-domain-for-github-pages","fieldsIndex":173},{"action":"pages_protected_domain.delete","description":"A GitHub Pages verified domain was deleted from an organization or enterprise.","docs_reference_links":"/pages/configuring-a-custom-domain-for-your-github-pages-site/verifying-your-custom-domain-for-github-pages","docs_reference_titles":"/pages/configuring-a-custom-domain-for-your-github-pages-site/verifying-your-custom-domain-for-github-pages","fieldsIndex":173},{"action":"pages_protected_domain.verify","description":"A GitHub Pages domain was verified for an organization or enterprise.","docs_reference_links":"/pages/configuring-a-custom-domain-for-your-github-pages-site/verifying-your-custom-domain-for-github-pages","docs_reference_titles":"/pages/configuring-a-custom-domain-for-your-github-pages-site/verifying-your-custom-domain-for-github-pages","fieldsIndex":173},{"action":"payment_method.create","description":"A new payment method was added, such as a new credit card or PayPal account.","docs_reference_links":"N/A","fieldsIndex":11},{"action":"payment_method.remove","description":"A payment method was removed.","docs_reference_links":"N/A","fieldsIndex":11},{"action":"payment_method.update","description":"An existing payment method was updated.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"personal_access_token.access_granted","description":"A fine-grained personal access token was granted access to resources.","docs_reference_links":"/organizations/managing-programmatic-access-to-your-organization/managing-requests-for-personal-access-tokens-in-your-organization","docs_reference_titles":"/organizations/managing-programmatic-access-to-your-organization/managing-requests-for-personal-access-tokens-in-your-organization","fieldsIndex":174},{"action":"personal_access_token.access_restriction_disabled","description":"The configured restriction for access to resources via personal access tokens was disabled.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"personal_access_token.access_restriction_enabled","description":"The configured restriction for access to resources via personal access tokens was enabled.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"personal_access_token.access_revoked","description":"A fine-grained personal access token was revoked. The token can still read public organization resources.","docs_reference_links":"/organizations/managing-programmatic-access-to-your-organization/reviewing-and-revoking-personal-access-tokens-in-your-organization","docs_reference_titles":"/organizations/managing-programmatic-access-to-your-organization/reviewing-and-revoking-personal-access-tokens-in-your-organization","fieldsIndex":175},{"action":"personal_access_token.auto_approve_grant_requests_disabled","description":"Triggered when fine-grained personal access tokens can access organization resources without prior approval.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"personal_access_token.auto_approve_grant_requests_enabled","description":"Triggered when the organization must approve fine-grained personal access tokens before the tokens can access organization resources.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"personal_access_token.expiration_limit_set","description":"A personal access token expiration limit was set.","docs_reference_links":"N/A","fieldsIndex":176},{"action":"personal_access_token.expiration_limit_unset","description":"A personal access token expiration limit was unset.","docs_reference_links":"N/A","fieldsIndex":177},{"action":"personal_access_token.request_cancelled","description":"A pending request for a fine-grained personal access token to access organization resources was canceled.","docs_reference_links":"N/A","fieldsIndex":178},{"action":"personal_access_token.request_created","description":"Triggered when a fine-grained personal access token was created to access organization resources and the organization requires approval before the token can access organization resources.","docs_reference_links":"/organizations/managing-programmatic-access-to-your-organization/managing-requests-for-personal-access-tokens-in-your-organization","docs_reference_titles":"/organizations/managing-programmatic-access-to-your-organization/managing-requests-for-personal-access-tokens-in-your-organization","fieldsIndex":179},{"action":"personal_access_token.request_denied","description":"A request for a fine-grained personal access token to access organization resources was denied.","docs_reference_links":"/organizations/managing-programmatic-access-to-your-organization/managing-requests-for-personal-access-tokens-in-your-organization","docs_reference_titles":"/organizations/managing-programmatic-access-to-your-organization/managing-requests-for-personal-access-tokens-in-your-organization","fieldsIndex":180},{"action":"prebuild_configuration.create","description":"A GitHub Codespaces prebuild configuration for a repository was created.","docs_reference_links":"/codespaces/prebuilding-your-codespaces/about-github-codespaces-prebuilds","docs_reference_titles":"/codespaces/prebuilding-your-codespaces/about-github-codespaces-prebuilds","fieldsIndex":181},{"action":"prebuild_configuration.destroy","description":"A GitHub Codespaces prebuild configuration for a repository was deleted.","docs_reference_links":"/codespaces/prebuilding-your-codespaces/about-github-codespaces-prebuilds","docs_reference_titles":"/codespaces/prebuilding-your-codespaces/about-github-codespaces-prebuilds","fieldsIndex":181},{"action":"prebuild_configuration.run_triggered","description":"A user initiated a run of a GitHub Codespaces prebuild configuration for a repository branch.","docs_reference_links":"/codespaces/prebuilding-your-codespaces/about-github-codespaces-prebuilds","docs_reference_titles":"/codespaces/prebuilding-your-codespaces/about-github-codespaces-prebuilds","fieldsIndex":181},{"action":"prebuild_configuration.update","description":"A GitHub Codespaces prebuild configuration for a repository was edited.","docs_reference_links":"/codespaces/prebuilding-your-codespaces/about-github-codespaces-prebuilds","docs_reference_titles":"/codespaces/prebuilding-your-codespaces/about-github-codespaces-prebuilds","fieldsIndex":181},{"action":"premium_runner.create","description":"N/A","docs_reference_links":"N/A","fieldsIndex":48},{"action":"premium_runner.destroy","description":"N/A","docs_reference_links":"N/A","fieldsIndex":0},{"action":"premium_runner.update","description":"N/A","docs_reference_links":"N/A","fieldsIndex":48},{"action":"private_repository_forking.clear","description":"An enterprise owner cleared the policy setting for allowing forks of private and internal repositories, for a repository, organization or enterprise.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"private_repository_forking.disable","description":"An enterprise owner disabled the policy setting for allowing forks of private and internal repositories, for a repository, organization or enterprise. Private and internal repositories are never allowed to be forked.","docs_reference_links":"N/A","fieldsIndex":32},{"action":"private_repository_forking.enable","description":"An enterprise owner enabled the policy setting for allowing forks of private and internal repositories, for a repository, organization or enterprise. Private and internal repositories are always allowed to be forked.","docs_reference_links":"N/A","fieldsIndex":182},{"action":"private_vulnerability_reporting.disable","description":"N/A","docs_reference_links":"N/A","fieldsIndex":0},{"action":"private_vulnerability_reporting.enable","description":"N/A","docs_reference_links":"N/A","fieldsIndex":0},{"action":"private_vulnerability_reporting_new_repos.disable","description":"N/A","docs_reference_links":"N/A","fieldsIndex":0},{"action":"private_vulnerability_reporting_new_repos.enable","description":"N/A","docs_reference_links":"N/A","fieldsIndex":0},{"action":"profile_picture.update","description":"A profile picture was updated.","docs_reference_links":"/account-and-profile/setting-up-and-managing-your-github-profile/customizing-your-profile/personalizing-your-profile","docs_reference_titles":"Personalize your profile","fieldsIndex":183},{"action":"project.access","description":"A project board visibility was changed.","docs_reference_links":"N/A","fieldsIndex":0},{"action":"project_base_role.update","description":"A project's base role was updated.","docs_reference_links":"N/A","fieldsIndex":184},{"action":"project.close","description":"A project board was closed.","docs_reference_links":"/issues/organizing-your-work-with-project-boards/managing-project-boards/closing-a-project-board","docs_reference_titles":"Planning and tracking with Projects","fieldsIndex":185},{"action":"project_collaborator.add","description":"A collaborator was added to a project.","docs_reference_links":"N/A","fieldsIndex":186},{"action":"project_collaborator.remove","description":"A collaborator was removed from a project.","docs_reference_links":"N/A","fieldsIndex":186},{"action":"project_collaborator.update","description":"A project collaborator's permission level was changed.","docs_reference_links":"N/A","fieldsIndex":186},{"action":"project.create","description":"A project board was created.","docs_reference_links":"N/A","fieldsIndex":53},{"action":"project.delete","description":"A project board was deleted.","docs_reference_links":"N/A","fieldsIndex":187},{"action":"project_field.create","description":"A field was created in a project board.","docs_reference_links":"/issues/planning-and-tracking-with-projects/understanding-fields","docs_reference_titles":"/issues/planning-and-tracking-with-projects/understanding-fields","fieldsIndex":53},{"action":"project_field.delete","description":"A field was deleted in a project board.","docs_reference_links":"/issues/planning-and-tracking-with-projects/understanding-fields/deleting-custom-fields","docs_reference_titles":"/issues/planning-and-tracking-with-projects/understanding-fields/deleting-custom-fields","fieldsIndex":188},{"action":"project.link","description":"A repository was linked to a project board.","docs_reference_links":"N/A","fieldsIndex":0},{"action":"project.open","description":"A project board was reopened.","docs_reference_links":"/issues/organizing-your-work-with-project-boards/managing-project-boards/reopening-a-closed-project-board","docs_reference_titles":"Planning and tracking with Projects","fieldsIndex":185},{"action":"project.rename","description":"A project board was renamed.","docs_reference_links":"N/A","fieldsIndex":189},{"action":"project.unlink","description":"A repository was unlinked from a project board.","docs_reference_links":"N/A","fieldsIndex":0},{"action":"project.update_org_permission","description":"The project's base-level permission for all organization members was changed or removed.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"project.update_team_permission","description":"A team's project board permission level was changed or when a team was added or removed from a project board.","docs_reference_links":"N/A","fieldsIndex":190},{"action":"project.update_user_permission","description":"A user was added to or removed from a project board or had their permission level changed.","docs_reference_links":"N/A","fieldsIndex":53},{"action":"project_view.create","description":"A view was created in a project board.","docs_reference_links":"/issues/planning-and-tracking-with-projects/customizing-views-in-your-project/managing-your-views","docs_reference_titles":"/issues/planning-and-tracking-with-projects/customizing-views-in-your-project/managing-your-views","fieldsIndex":53},{"action":"project_view.delete","description":"A view was deleted in a project board.","docs_reference_links":"/issues/planning-and-tracking-with-projects/customizing-views-in-your-project/managing-your-views","docs_reference_titles":"/issues/planning-and-tracking-with-projects/customizing-views-in-your-project/managing-your-views","fieldsIndex":11},{"action":"project.visibility_private","description":"A project's visibility was changed from public to private.","docs_reference_links":"N/A","fieldsIndex":191},{"action":"project.visibility_public","description":"A project's visibility was changed from private to public.","docs_reference_links":"N/A","fieldsIndex":192},{"action":"protected_branch.authorized_users_teams","description":"The users, teams, or integrations allowed to bypass a branch protection were changed.","docs_reference_links":"/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches","docs_reference_titles":"/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches","fieldsIndex":193},{"action":"protected_branch.branch_allowances","description":"A protected branch allowance was given to a specific user, team or integration.","docs_reference_links":"N/A","fieldsIndex":194},{"action":"protected_branch.create","description":"Branch protection was enabled on a branch.","docs_reference_links":"N/A","fieldsIndex":195},{"action":"protected_branch.destroy","description":"Branch protection was disabled on a branch.","docs_reference_links":"N/A","fieldsIndex":195},{"action":"protected_branch.dismiss_stale_reviews","description":"Enforcement of dismissing stale pull requests was updated on a branch.","docs_reference_links":"N/A","fieldsIndex":196},{"action":"protected_branch.dismissal_restricted_users_teams","description":"Enforcement of restricting users and/or teams who can dismiss reviews was updated on a branch.","docs_reference_links":"N/A","fieldsIndex":197},{"action":"protected_branch.policy_override","description":"A branch protection requirement was overridden by a repository administrator.","docs_reference_links":"N/A","fieldsIndex":198},{"action":"protected_branch.rejected_ref_update","description":"A branch update attempt was rejected.","docs_reference_links":"N/A","fieldsIndex":198},{"action":"protected_branch.update_admin_enforced","description":"Branch protection was enforced for repository administrators.","docs_reference_links":"N/A","fieldsIndex":199},{"action":"protected_branch.update_allow_deletions_enforcement_level","description":"Branch deletion was enabled or disabled for a protected branch.","docs_reference_links":"N/A","fieldsIndex":200},{"action":"protected_branch.update_allow_force_pushes_enforcement_level","description":"Force pushes were enabled or disabled for a branch.","docs_reference_links":"N/A","fieldsIndex":201},{"action":"protected_branch.update_ignore_approvals_from_contributors","description":"Ignoring of approvals from contributors to a pull request was enabled or disabled for a branch.","docs_reference_links":"/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/managing-a-branch-protection-rule","docs_reference_titles":"/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/managing-a-branch-protection-rule","fieldsIndex":202},{"action":"protected_branch.update_linear_history_requirement_enforcement_level","description":"Required linear commit history was enabled or disabled for a branch.","docs_reference_links":"N/A","fieldsIndex":203},{"action":"protected_branch.update_lock_allows_fetch_and_merge","description":"Fork syncing was enabled or disabled for a read-only branch","docs_reference_links":"repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches#lock-branch","docs_reference_titles":"repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches#lock-branch","fieldsIndex":204},{"action":"protected_branch.update_lock_branch_enforcement_level","description":"The enforcement of a branch lock was updated.","docs_reference_links":"/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches#lock-branch","docs_reference_titles":"/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches#lock-branch","fieldsIndex":205},{"action":"protected_branch.update_merge_queue_enforcement_level","description":"Enforcement of the merge queue was modified for a branch.","docs_reference_links":"/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches#require-merge-queue","docs_reference_titles":"/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches#require-merge-queue","fieldsIndex":206},{"action":"protected_branch.update_name","description":"A branch name pattern was updated for a branch.","docs_reference_links":"N/A","fieldsIndex":207},{"action":"protected_branch.update_pull_request_reviews_enforcement_level","description":"Enforcement of required pull request reviews was updated for a branch. Can be 0 (deactivated), 1 (non-admins), or 2 (everyone).","docs_reference_links":"N/A","fieldsIndex":208},{"action":"protected_branch.update_require_code_owner_review","description":"Enforcement of required code owner review was updated for a branch.","docs_reference_links":"N/A","fieldsIndex":209},{"action":"protected_branch.update_require_last_push_approval","description":"Someone other than the person who pushed the last code-modifying commit to the branch must approve pull requests for the branch.","docs_reference_links":"/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches#require-pull-request-reviews-before-merging","docs_reference_titles":"/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches#require-pull-request-reviews-before-merging","fieldsIndex":210},{"action":"protected_branch.update_required_approving_review_count","description":"Enforcement of the required number of approvals before merging was updated on a branch.","docs_reference_links":"N/A","fieldsIndex":211},{"action":"protected_branch.update_required_status_checks_enforcement_level","description":"Enforcement of required status checks was updated for a branch.","docs_reference_links":"N/A","fieldsIndex":212},{"action":"protected_branch.update_signature_requirement_enforcement_level","description":"Enforcement of required commit signing was updated for a branch.","docs_reference_links":"N/A","fieldsIndex":213},{"action":"protected_branch.update_strict_required_status_checks_policy","description":"Enforcement of required status checks was updated for a branch.","docs_reference_links":"N/A","fieldsIndex":214},{"action":"public_key.create","description":"An SSH key was added to a user account or a deploy key was added to a repository.","docs_reference_links":"/authentication/connecting-to-github-with-ssh/adding-a-new-ssh-key-to-your-github-account","docs_reference_titles":"/authentication/connecting-to-github-with-ssh/adding-a-new-ssh-key-to-your-github-account","fieldsIndex":215},{"action":"public_key.delete","description":"An SSH key was removed from a user account or a deploy key was removed from a repository.","docs_reference_links":"/authentication/keeping-your-account-and-data-secure/reviewing-your-ssh-keys","docs_reference_titles":"/authentication/keeping-your-account-and-data-secure/reviewing-your-ssh-keys","fieldsIndex":216},{"action":"public_key.unverification_failure","description":"A user account's SSH key or a repository's deploy key was unable to be unverified.","docs_reference_links":"/authentication/connecting-to-github-with-ssh/managing-deploy-keys#deploy-keys","docs_reference_titles":"/authentication/connecting-to-github-with-ssh/managing-deploy-keys#deploy-keys","fieldsIndex":217},{"action":"public_key.unverify","description":"A user account's SSH key or a repository's deploy key was unverified.","docs_reference_links":"/authentication/connecting-to-github-with-ssh/managing-deploy-keys#deploy-keys","docs_reference_titles":"/authentication/connecting-to-github-with-ssh/managing-deploy-keys#deploy-keys","fieldsIndex":218},{"action":"public_key.update","description":"A user account's SSH key or a repository's deploy key was updated.","docs_reference_links":"/authentication/connecting-to-github-with-ssh/managing-deploy-keys#deploy-keys","docs_reference_titles":"/authentication/connecting-to-github-with-ssh/managing-deploy-keys#deploy-keys","fieldsIndex":215},{"action":"public_key.verification_failure","description":"A user account's SSH key or a repository's deploy key was unable to be verified.","docs_reference_links":"/authentication/connecting-to-github-with-ssh/managing-deploy-keys#deploy-keys","docs_reference_titles":"/authentication/connecting-to-github-with-ssh/managing-deploy-keys#deploy-keys","fieldsIndex":215},{"action":"public_key.verify","description":"A user account's SSH key or a repository's deploy key was verified.","docs_reference_links":"/authentication/connecting-to-github-with-ssh/managing-deploy-keys#deploy-keys","docs_reference_titles":"/authentication/connecting-to-github-with-ssh/managing-deploy-keys#deploy-keys","fieldsIndex":215},{"action":"pull_request.close","description":"A pull request was closed without being merged.","docs_reference_links":"/pull-requests/collaborating-with-pull-requests/incorporating-changes-from-a-pull-request/closing-a-pull-request","docs_reference_titles":"/pull-requests/collaborating-with-pull-requests/incorporating-changes-from-a-pull-request/closing-a-pull-request","fieldsIndex":219},{"action":"pull_request.converted_to_draft","description":"A pull request was converted to a draft.","docs_reference_links":"/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/changing-the-stage-of-a-pull-request#converting-a-pull-request-to-a-draft","docs_reference_titles":"/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/changing-the-stage-of-a-pull-request#converting-a-pull-request-to-a-draft","fieldsIndex":220},{"action":"pull_request.create","description":"A pull request was created.","docs_reference_links":"/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/creating-a-pull-request","docs_reference_titles":"/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/creating-a-pull-request","fieldsIndex":221},{"action":"pull_request.create_review_request","description":"A review was requested on a pull request.","docs_reference_links":"/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/about-pull-request-reviews","docs_reference_titles":"/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/about-pull-request-reviews","fieldsIndex":222},{"action":"pull_request.in_progress","description":"A pull request was marked as in progress.","docs_reference_links":"N/A","fieldsIndex":223},{"action":"pull_request.indirect_merge","description":"A pull request was considered merged because the pull request's commits were merged into the target branch.","docs_reference_links":"N/A","fieldsIndex":219},{"action":"pull_request.merge","description":"A pull request was merged.","docs_reference_links":"/pull-requests/collaborating-with-pull-requests/incorporating-changes-from-a-pull-request/merging-a-pull-request","docs_reference_titles":"/pull-requests/collaborating-with-pull-requests/incorporating-changes-from-a-pull-request/merging-a-pull-request","fieldsIndex":219},{"action":"pull_request.ready_for_review","description":"A pull request was marked as ready for review.","docs_reference_links":"/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/changing-the-stage-of-a-pull-request#marking-a-pull-request-as-ready-for-review","docs_reference_titles":"/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/changing-the-stage-of-a-pull-request#marking-a-pull-request-as-ready-for-review","fieldsIndex":220},{"action":"pull_request.rebase","description":"A pull request was rebased.","docs_reference_links":"N/A","fieldsIndex":220},{"action":"pull_request.remove_review_request","description":"A review request was removed from a pull request.","docs_reference_links":"/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/about-pull-request-reviews","docs_reference_titles":"/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/about-pull-request-reviews","fieldsIndex":222},{"action":"pull_request.reopen","description":"A pull request was reopened after previously being closed.","docs_reference_links":"N/A","fieldsIndex":220},{"action":"pull_request_review_comment.create","description":"A review comment was added to a pull request.","docs_reference_links":"/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/about-pull-request-reviews","docs_reference_titles":"/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/about-pull-request-reviews","fieldsIndex":224},{"action":"pull_request_review_comment.delete","description":"A review comment on a pull request was deleted.","docs_reference_links":"N/A","fieldsIndex":225},{"action":"pull_request_review_comment.update","description":"A review comment on a pull request was changed.","docs_reference_links":"N/A","fieldsIndex":226},{"action":"pull_request_review.delete","description":"A review on a pull request was deleted.","docs_reference_links":"N/A","fieldsIndex":227},{"action":"pull_request_review.dismiss","description":"A review on a pull request was dismissed.","docs_reference_links":"/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/dismissing-a-pull-request-review","docs_reference_titles":"/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/dismissing-a-pull-request-review","fieldsIndex":227},{"action":"pull_request_review.submit","description":"A review on a pull request was submitted.","docs_reference_links":"/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/reviewing-proposed-changes-in-a-pull-request#submitting-your-review","docs_reference_titles":"/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/reviewing-proposed-changes-in-a-pull-request#submitting-your-review","fieldsIndex":227},{"action":"repo.access","description":"The visibility of a repository changed.","docs_reference_links":"/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/setting-repository-visibility","docs_reference_titles":"/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/setting-repository-visibility","fieldsIndex":228},{"action":"repo.actions_enabled","description":"GitHub Actions was enabled for a repository.","docs_reference_links":"organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization#using-the-audit-log-api","docs_reference_titles":"organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization#using-the-audit-log-api","fieldsIndex":229},{"action":"repo.add_member","description":"A collaborator was added to a repository.","docs_reference_links":"/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-access-to-your-personal-repositories/inviting-collaborators-to-a-personal-repository","docs_reference_titles":"Inviting collaborators to a personal repository","fieldsIndex":230},{"action":"repo.add_topic","description":"A topic was added to a repository.","docs_reference_links":"/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/classifying-your-repository-with-topics","docs_reference_titles":"/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/classifying-your-repository-with-topics","fieldsIndex":231},{"action":"repo.advanced_security_disabled","description":"GitHub Advanced Security was disabled for a repository.","docs_reference_links":"/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository","docs_reference_titles":"/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository","fieldsIndex":232},{"action":"repo.advanced_security_enabled","description":"GitHub Advanced Security was enabled for a repository.","docs_reference_links":"/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository","docs_reference_titles":"/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository","fieldsIndex":232},{"action":"repo.archived","description":"A repository was archived.","docs_reference_links":"/repositories/archiving-a-github-repository","docs_reference_titles":"/repositories/archiving-a-github-repository","fieldsIndex":233},{"action":"repo.change_merge_setting","description":"Pull request merge options were changed for a repository.","docs_reference_links":"N/A","fieldsIndex":233},{"action":"repo.code_scanning_ai_findings_disabled","description":"AI-powered findings for code scanning were disabled for a repository.","docs_reference_links":"N/A","fieldsIndex":234},{"action":"repo.code_scanning_ai_findings_enabled","description":"AI-powered findings for code scanning were enabled for a repository.","docs_reference_links":"N/A","fieldsIndex":234},{"action":"repo.code_scanning_analysis_deleted","description":"Code scanning analysis for a repository was deleted.","docs_reference_links":"/rest/code-scanning#delete-a-code-scanning-analysis-from-a-repository","docs_reference_titles":"/rest/code-scanning#delete-a-code-scanning-analysis-from-a-repository","fieldsIndex":235},{"action":"repo.code_scanning_autofix_disabled","description":"Autofix for code scanning alerts was disabled for a repository.","docs_reference_links":"N/A","fieldsIndex":234},{"action":"repo.code_scanning_autofix_enabled","description":"Autofix for code scanning alerts was enabled for a repository.","docs_reference_links":"N/A","fieldsIndex":234},{"action":"repo.code_scanning_autofix_third_party_tools_disabled","description":"Autofix for third party tools for code scanning alerts was disabled for a repository.","docs_reference_links":"N/A","fieldsIndex":234},{"action":"repo.code_scanning_autofix_third_party_tools_enabled","description":"Autofix for third party tools for code scanning alerts was enabled for a repository.","docs_reference_links":"N/A","fieldsIndex":234},{"action":"repo.code_scanning_configuration_for_branch_deleted","description":"A code scanning configuration for a branch of a repository was deleted.","docs_reference_links":"/code-security/code-scanning/managing-code-scanning-alerts/managing-code-scanning-alerts-for-your-repository#removing-stale-configurations-and-alerts-from-a-branch","docs_reference_titles":"Resolving code scanning alerts","fieldsIndex":236},{"action":"repo.code_scanning_delegated_alert_dismissal_disabled","description":"Prevention of direct alert dismissal for code scanning was disabled for a repository.","docs_reference_links":"N/A","fieldsIndex":234},{"action":"repo.code_scanning_delegated_alert_dismissal_enabled","description":"Prevention of direct alert dismissal for code scanning was enabled for a repository.","docs_reference_links":"N/A","fieldsIndex":234},{"action":"repo.codeql_disabled","description":"Code scanning using the default setup was disabled for a repository.","docs_reference_links":"/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning","docs_reference_titles":"Configuring default setup for code scanning","fieldsIndex":231},{"action":"repo.codeql_enabled","description":"Code scanning using the default setup was enabled for a repository.","docs_reference_links":"/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning","docs_reference_titles":"Configuring default setup for code scanning","fieldsIndex":237},{"action":"repo.codeql_updated","description":"Code scanning using the default setup was updated for a repository.","docs_reference_links":"/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning","docs_reference_titles":"Configuring default setup for code scanning","fieldsIndex":237},{"action":"repo.codespaces_trusted_repo_access_granted","description":"GitHub Codespaces was granted trusted repository access to this repository.","docs_reference_links":"N/A","fieldsIndex":234},{"action":"repo.codespaces_trusted_repo_access_revoked","description":"GitHub Codespaces trusted repository access to this repository was revoked.","docs_reference_links":"N/A","fieldsIndex":0},{"action":"repo.config.disable_collaborators_only","description":"The interaction limit for collaborators only was disabled.","docs_reference_links":"/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository","docs_reference_titles":"/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository","fieldsIndex":238},{"action":"repo.config.disable_contributors_only","description":"The interaction limit for prior contributors only was disabled in a repository.","docs_reference_links":"/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository","docs_reference_titles":"/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository","fieldsIndex":239},{"action":"repo.config.disable_sockpuppet_disallowed","description":"The interaction limit for existing users only was disabled in a repository.","docs_reference_links":"/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository","docs_reference_titles":"/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository","fieldsIndex":238},{"action":"repo.config.enable_collaborators_only","description":"The interaction limit for collaborators only was enabled in a repository Users that are not collaborators or organization members were unable to interact with a repository for a set duration.","docs_reference_links":"/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository","docs_reference_titles":"/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository","fieldsIndex":32},{"action":"repo.config.enable_contributors_only","description":"The interaction limit for prior contributors only was enabled in a repository Users that are not prior contributors, collaborators or organization members were unable to interact with a repository for a set duration.","docs_reference_links":"/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository","docs_reference_titles":"/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository","fieldsIndex":104},{"action":"repo.config.enable_sockpuppet_disallowed","description":"The interaction limit for existing users was enabled in a repository New users aren't able to interact with a repository for a set duration Existing users of the repository, contributors, collaborators or organization members are able to interact with a repository.","docs_reference_links":"/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository","docs_reference_titles":"/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository","fieldsIndex":18},{"action":"repo.configure_self_hosted_jit_runner","description":"A new just-in-time GitHub Actions self-hosted runner was configured","docs_reference_links":"/rest/actions/self-hosted-runners#create-configuration-for-a-just-in-time-runner-for-a-repository","docs_reference_titles":"/rest/actions/self-hosted-runners#create-configuration-for-a-just-in-time-runner-for-a-repository","fieldsIndex":32},{"action":"repo.create","description":"A repository was created.","docs_reference_links":"/repositories/creating-and-managing-repositories/creating-a-new-repository","docs_reference_titles":"/repositories/creating-and-managing-repositories/creating-a-new-repository","fieldsIndex":240},{"action":"repo.create_actions_secret","description":"A GitHub Actions secret was created for a repository.","docs_reference_links":"/actions/security-guides/using-secrets-in-github-actions#creating-secrets-for-a-repository","docs_reference_titles":"Using secrets in GitHub Actions","fieldsIndex":241},{"action":"repo.create_actions_variable","description":"A GitHub Actions variable was created for a repository.","docs_reference_links":"/actions/learn-github-actions/variables#creating-configuration-variables-for-a-repository","docs_reference_titles":"Store information in variables","fieldsIndex":241},{"action":"repo.create_integration_secret","description":"A Codespaces or Dependabot secret was created for a repository.","docs_reference_links":"N/A","fieldsIndex":242},{"action":"repo.destroy","description":"A repository was deleted.","docs_reference_links":"/repositories/creating-and-managing-repositories/deleting-a-repository","docs_reference_titles":"/repositories/creating-and-managing-repositories/deleting-a-repository","fieldsIndex":240},{"action":"repo.download_zip","description":"A source code archive of a repository was downloaded as a ZIP file.","docs_reference_links":"/repositories/working-with-files/using-files/downloading-source-code-archives","docs_reference_titles":"/repositories/working-with-files/using-files/downloading-source-code-archives","fieldsIndex":233},{"action":"repo.immutable_releases_settings_disabled","description":"The setting for immutable releases was disabled for a repository.","docs_reference_links":"N/A","fieldsIndex":233},{"action":"repo.immutable_releases_settings_enabled","description":"The setting for immutable releases was enabled for a repository.","docs_reference_links":"N/A","fieldsIndex":233},{"action":"repo.pages_cname","description":"A GitHub Pages custom domain was modified in a repository.","docs_reference_links":"N/A","fieldsIndex":243},{"action":"repo.pages_create","description":"A GitHub Pages site was created.","docs_reference_links":"N/A","fieldsIndex":232},{"action":"repo.pages_destroy","description":"A GitHub Pages site was deleted.","docs_reference_links":"N/A","fieldsIndex":232},{"action":"repo.pages_https_redirect_disabled","description":"HTTPS redirects were disabled for a GitHub Pages site.","docs_reference_links":"N/A","fieldsIndex":232},{"action":"repo.pages_https_redirect_enabled","description":"HTTPS redirects were enabled for a GitHub Pages site.","docs_reference_links":"N/A","fieldsIndex":232},{"action":"repo.pages_private","description":"A GitHub Pages site visibility was changed to private.","docs_reference_links":"N/A","fieldsIndex":232},{"action":"repo.pages_public","description":"A GitHub Pages site visibility was changed to public.","docs_reference_links":"N/A","fieldsIndex":232},{"action":"repo.pages_soft_delete","description":"A GitHub Pages site was soft-deleted because its owner's plan changed.","docs_reference_links":"N/A","fieldsIndex":244},{"action":"repo.pages_soft_delete_restore","description":"A GitHub Pages site that was previously soft-deleted was restored.","docs_reference_links":"N/A","fieldsIndex":233},{"action":"repo.pages_source","description":"A GitHub Pages source was modified.","docs_reference_links":"N/A","fieldsIndex":232},{"action":"repo.register_self_hosted_runner","description":"A new self-hosted runner was registered.","docs_reference_links":"/actions/hosting-your-own-runners/managing-self-hosted-runners/adding-self-hosted-runners#adding-a-self-hosted-runner-to-a-repository","docs_reference_titles":"Adding self-hosted runners","fieldsIndex":245},{"action":"repo.remove_actions_secret","description":"A GitHub Actions secret was deleted for a repository.","docs_reference_links":"/actions/security-guides/using-secrets-in-github-actions#creating-secrets-for-a-repository","docs_reference_titles":"Using secrets in GitHub Actions","fieldsIndex":246},{"action":"repo.remove_actions_variable","description":"A GitHub Actions variable was deleted for a repository.","docs_reference_links":"/actions/learn-github-actions/variables#creating-configuration-variables-for-a-repository","docs_reference_titles":"Store information in variables","fieldsIndex":246},{"action":"repo.remove_integration_secret","description":"A Codespaces or Dependabot secret was deleted for a repository.","docs_reference_links":"N/A","fieldsIndex":247},{"action":"repo.remove_member","description":"A collaborator was removed from a repository.","docs_reference_links":"/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-access-to-your-personal-repositories/removing-a-collaborator-from-a-personal-repository","docs_reference_titles":"Removing a collaborator from a personal repository","fieldsIndex":233},{"action":"repo.remove_self_hosted_runner","description":"A self-hosted runner was removed.","docs_reference_links":"/actions/hosting-your-own-runners/managing-self-hosted-runners/removing-self-hosted-runners#removing-a-runner-from-a-repository","docs_reference_titles":"Removing self-hosted runners","fieldsIndex":32},{"action":"repo.remove_topic","description":"A topic was removed from a repository.","docs_reference_links":"N/A","fieldsIndex":231},{"action":"repo.rename","description":"A repository was renamed.","docs_reference_links":"/repositories/creating-and-managing-repositories/renaming-a-repository","docs_reference_titles":"/repositories/creating-and-managing-repositories/renaming-a-repository","fieldsIndex":248},{"action":"repo.rename_branch","description":"A branch was renamed.","docs_reference_links":"/repositories/configuring-branches-and-merges-in-your-repository/managing-branches-in-your-repository/renaming-a-branch","docs_reference_titles":"/repositories/configuring-branches-and-merges-in-your-repository/managing-branches-in-your-repository/renaming-a-branch","fieldsIndex":249},{"action":"repo.restore","description":"N/A","docs_reference_links":"N/A","fieldsIndex":234},{"action":"repo.self_hosted_runner_offline","description":"The runner application was stopped. This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports.","docs_reference_links":"/actions/hosting-your-own-runners/managing-self-hosted-runners/monitoring-and-troubleshooting-self-hosted-runners#checking-the-status-of-a-self-hosted-runner","docs_reference_titles":"Monitoring and troubleshooting self-hosted runners","fieldsIndex":148},{"action":"repo.self_hosted_runner_online","description":"The runner application was started. This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports.","docs_reference_links":"/actions/hosting-your-own-runners/managing-self-hosted-runners/monitoring-and-troubleshooting-self-hosted-runners#checking-the-status-of-a-self-hosted-runner","docs_reference_titles":"Monitoring and troubleshooting self-hosted runners","fieldsIndex":148},{"action":"repo.self_hosted_runner_updated","description":"The runner application was updated. This event is not included in the JSON/CSV export.","docs_reference_links":"/actions/hosting-your-own-runners/managing-self-hosted-runners/about-self-hosted-runners#about-self-hosted-runners","docs_reference_titles":"Self-hosted runners","fieldsIndex":149},{"action":"repo.set_actions_cache_retention_policy","description":"The cache retention policy for GitHub Actions was set for a repository.","docs_reference_links":"/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository","docs_reference_titles":"/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository","fieldsIndex":250},{"action":"repo.set_actions_cache_storage_policy","description":"The cache storage policy for GitHub Actions was set for a repository.","docs_reference_links":"/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository","docs_reference_titles":"/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository","fieldsIndex":251},{"action":"repo.set_actions_fork_pr_approvals_policy","description":"The setting for requiring approvals for workflows from public forks was changed for a repository.","docs_reference_links":"/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#configuring-required-approval-for-workflows-from-public-forks","docs_reference_titles":"/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#configuring-required-approval-for-workflows-from-public-forks","fieldsIndex":252},{"action":"repo.set_actions_private_fork_pr_approvals_policy","description":"The policy for requiring approval for fork pull request workflows from collaborators without write access to private repos was changed for a repository.","docs_reference_links":"/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#enabling-workflows-for-forks-of-private-repositories","docs_reference_titles":"/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#enabling-workflows-for-forks-of-private-repositories","fieldsIndex":252},{"action":"repo.set_actions_retention_limit","description":"The retention period for GitHub Actions artifacts and logs in a repository was changed.","docs_reference_links":"/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#configuring-the-retention-period-for-github-actions-artifacts-and-logs-in-your-repository","docs_reference_titles":"/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#configuring-the-retention-period-for-github-actions-artifacts-and-logs-in-your-repository","fieldsIndex":253},{"action":"repo.set_default_workflow_permissions","description":"The default permissions granted to the GITHUB_TOKEN when running workflows were changed for a repository.","docs_reference_links":"/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#setting-the-permissions-of-the-github_token-for-your-repository","docs_reference_titles":"/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#setting-the-permissions-of-the-github_token-for-your-repository","fieldsIndex":233},{"action":"repo.set_fork_pr_workflows_policy","description":"Triggered when the policy for workflows on private repository forks is changed.","docs_reference_links":"/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#enabling-workflows-for-private-repository-forks","docs_reference_titles":"/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#enabling-workflows-for-private-repository-forks","fieldsIndex":252},{"action":"repo.set_workflow_permission_can_approve_pr","description":"The policy for allowing GitHub Actions to create and approve pull requests was changed for a repository.","docs_reference_links":"/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#preventing-github-actions-from-creating-or-approving-pull-requests","docs_reference_titles":"/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#preventing-github-actions-from-creating-or-approving-pull-requests","fieldsIndex":233},{"action":"repo.staff_unlock","description":"An enterprise owner or GitHub staff (with permission from a repository administrator) temporarily unlocked the repository.","docs_reference_links":"N/A","fieldsIndex":234},{"action":"repo.transfer","description":"A user accepted a request to receive a transferred repository.","docs_reference_links":"/repositories/creating-and-managing-repositories/transferring-a-repository","docs_reference_titles":"/repositories/creating-and-managing-repositories/transferring-a-repository","fieldsIndex":254},{"action":"repo.transfer_outgoing","description":"A repository was transferred to another repository network.","docs_reference_links":"N/A","fieldsIndex":255},{"action":"repo.transfer_start","description":"A user sent a request to transfer a repository to another user or organization.","docs_reference_links":"N/A","fieldsIndex":244},{"action":"repo.unarchived","description":"A repository was unarchived.","docs_reference_links":"/repositories/archiving-a-github-repository","docs_reference_titles":"/repositories/archiving-a-github-repository","fieldsIndex":233},{"action":"repo.update_actions_access_settings","description":"The setting to control how a repository was used by GitHub Actions workflows in other repositories was changed.","docs_reference_links":"N/A","fieldsIndex":256},{"action":"repo.update_actions_secret","description":"A GitHub Actions secret was updated for a repository.","docs_reference_links":"/actions/security-guides/using-secrets-in-github-actions#creating-secrets-for-a-repository","docs_reference_titles":"Using secrets in GitHub Actions","fieldsIndex":241},{"action":"repo.update_actions_settings","description":"A repository administrator changed GitHub Actions policy settings for a repository.","docs_reference_links":"N/A","fieldsIndex":257},{"action":"repo.update_actions_variable","description":"A GitHub Actions variable was updated for a repository.","docs_reference_links":"/actions/learn-github-actions/variables#creating-configuration-variables-for-a-repository","docs_reference_titles":"Store information in variables","fieldsIndex":241},{"action":"repo.update_default_branch","description":"The default branch for a repository was changed.","docs_reference_links":"N/A","fieldsIndex":232},{"action":"repo.update_integration_secret","description":"A Codespaces or Dependabot secret was updated for a repository.","docs_reference_links":"N/A","fieldsIndex":242},{"action":"repo.update_member","description":"A user's permission to a repository was changed.","docs_reference_links":"N/A","fieldsIndex":258},{"action":"repository_advisory.close","description":"Someone closed a security advisory.","docs_reference_links":"/code-security/security-advisories/working-with-repository-security-advisories/about-repository-security-advisories","docs_reference_titles":"Repository security advisories","fieldsIndex":32},{"action":"repository_advisory.cve_request","description":"Someone requested a CVE (Common Vulnerabilities and Exposures) number from GitHub for a draft security advisory.","docs_reference_links":"N/A","fieldsIndex":32},{"action":"repository_advisory.github_broadcast","description":"GitHub made a security advisory public in the GitHub Advisory Database.","docs_reference_links":"N/A","fieldsIndex":187},{"action":"repository_advisory.github_withdraw","description":"GitHub withdrew a security advisory that was published in error.","docs_reference_links":"N/A","fieldsIndex":187},{"action":"repository_advisory.open","description":"Someone opened a draft security advisory.","docs_reference_links":"N/A","fieldsIndex":32},{"action":"repository_advisory.publish","description":"Someone published a security advisory.","docs_reference_links":"N/A","fieldsIndex":32},{"action":"repository_advisory.reopen","description":"Someone reopened as draft security advisory.","docs_reference_links":"N/A","fieldsIndex":259},{"action":"repository_advisory.update","description":"Someone edited a draft or published security advisory.","docs_reference_links":"N/A","fieldsIndex":91},{"action":"repository_branch_protection_evaluation.disable","description":"Branch protections were disabled for the repository.","docs_reference_links":"/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/managing-a-branch-protection-rule","docs_reference_titles":"/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/managing-a-branch-protection-rule","fieldsIndex":15},{"action":"repository_branch_protection_evaluation.enable","description":"Branch protections were enabled for this repository.","docs_reference_links":"/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/managing-a-branch-protection-rule","docs_reference_titles":"/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/managing-a-branch-protection-rule","fieldsIndex":15},{"action":"repository_code_security.disable","description":"Code security was disabled for a repository.","docs_reference_links":"N/A","fieldsIndex":231},{"action":"repository_code_security.enable","description":"Code security was enabled for a repository.","docs_reference_links":"N/A","fieldsIndex":231},{"action":"repository_content_analysis.disable","description":"Data use settings were disabled for a private repository.","docs_reference_links":"/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository#enabling-or-disabling-security-and-analysis-features-for-private-repositories","docs_reference_titles":"/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository#enabling-or-disabling-security-and-analysis-features-for-private-repositories","fieldsIndex":0},{"action":"repository_content_analysis.enable","description":"Data use settings were enabled for a private repository.","docs_reference_links":"/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository#enabling-or-disabling-security-and-analysis-features-for-private-repositories","docs_reference_titles":"/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository#enabling-or-disabling-security-and-analysis-features-for-private-repositories","fieldsIndex":0},{"action":"repository_dependency_graph_autosubmit.disable","description":"Automatic dependency submission was disabled for a repository.","docs_reference_links":"N/A","fieldsIndex":231},{"action":"repository_dependency_graph_autosubmit.enable","description":"Automatic dependency submission was enabled for a repository.","docs_reference_links":"N/A","fieldsIndex":231},{"action":"repository_dependency_graph.disable","description":"The dependency graph was disabled for a private repository.","docs_reference_links":"/repositories/managing-your-repositorys-settings-and-features/enabling-fea tures-for-your-repository/managing-security-and-analysis-settings-for-your-repository#enabling-or-disabling-security-and-analysis-features-for-private-repositories","docs_reference_titles":"/repositories/managing-your-repositorys-settings-and-features/enabling-fea, tures-for-your-repository/managing-security-and-analysis-settings-for-your-repository#enabling-or-disabling-security-and-analysis-features-for-private-repositories","fieldsIndex":231},{"action":"repository_dependency_graph.enable","description":"The dependency graph was enabled for a private repository.","docs_reference_links":"N/A","fieldsIndex":231},{"action":"repository_dependency_updates_self_hosted.disabled","description":"Dependency updates on self-hosted runners was disabled.","docs_reference_links":"code-security/how-tos/secure-your-supply-chain/manage-your-dependency-security/managing-dependabot-on-self-hosted-runners","docs_reference_titles":"Configuring Dependabot on self-hosted runners","fieldsIndex":238},{"action":"repository_dependency_updates_self_hosted.enabled","description":"Dependency updates on self-hosted runners was enabled.","docs_reference_links":"code-security/how-tos/secure-your-supply-chain/manage-your-dependency-security/managing-dependabot-on-self-hosted-runners","docs_reference_titles":"Configuring Dependabot on self-hosted runners","fieldsIndex":231},{"action":"repository_image.create","description":"An image to represent a repository was uploaded.","docs_reference_links":"N/A","fieldsIndex":260},{"action":"repository_image.destroy","description":"An image to represent a repository was deleted.","docs_reference_links":"N/A","fieldsIndex":260},{"action":"repository_invitation.accept","description":"An invitation to join a repository was accepted.","docs_reference_links":"N/A","fieldsIndex":261},{"action":"repository_invitation.cancel","description":"An invitation to join a repository was canceled.","docs_reference_links":"N/A","fieldsIndex":262},{"action":"repository_invitation.create","description":"An invitation to join a repository was sent.","docs_reference_links":"N/A","fieldsIndex":262},{"action":"repository_invitation.reject","description":"An invitation to join a repository was declined.","docs_reference_links":"N/A","fieldsIndex":261},{"action":"repository_limit.reached","description":"An organization has reached their repository limit.","docs_reference_links":"repositories/creating-and-managing-repositories/repository-limits","docs_reference_titles":"repositories/creating-and-managing-repositories/repository-limits","fieldsIndex":263},{"action":"repository_limit.warning","description":"An organization is approaching their repository limit.","docs_reference_links":"repositories/creating-and-managing-repositories/repository-limits","docs_reference_titles":"repositories/creating-and-managing-repositories/repository-limits","fieldsIndex":264},{"action":"repository_malware_alerts.disable","description":"Dependabot malware alerts was disabled.","docs_reference_links":"N/A","fieldsIndex":231},{"action":"repository_malware_alerts.enable","description":"Dependabot malware alerts was enabled.","docs_reference_links":"N/A","fieldsIndex":231},{"action":"repository_projects_change.clear","description":"The repository projects policy was removed for an organization, or all organizations in the enterprise Organization owners can now control their repository projects settings.","docs_reference_links":"/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-projects-in-your-enterprise","docs_reference_titles":"Enforcing policies for projects in your enterprise","fieldsIndex":0},{"action":"repository_projects_change.disable","description":"Repository projects were disabled for a repository, all repositories in an organization, or all organizations in an enterprise.","docs_reference_links":"N/A","fieldsIndex":32},{"action":"repository_projects_change.enable","description":"Repository projects were enabled for a repository, all repositories in an organization, or all organizations in an enterprise.","docs_reference_links":"N/A","fieldsIndex":32},{"action":"repository_ruleset.create","description":"A repository ruleset was created.","docs_reference_links":"/repositories/configuring-branches-and-merges-in-your-repository/managing-rulesets/creating-rulesets-for-a-repository","docs_reference_titles":"/repositories/configuring-branches-and-merges-in-your-repository/managing-rulesets/creating-rulesets-for-a-repository","fieldsIndex":265},{"action":"repository_ruleset.destroy","description":"A repository ruleset was deleted.","docs_reference_links":"/repositories/configuring-branches-and-merges-in-your-repository/managing-rulesets/managing-rulesets-for-a-repository#deleting-a-ruleset","docs_reference_titles":"/repositories/configuring-branches-and-merges-in-your-repository/managing-rulesets/managing-rulesets-for-a-repository#deleting-a-ruleset","fieldsIndex":265},{"action":"repository_ruleset.update","description":"A repository ruleset was edited.","docs_reference_links":"/repositories/configuring-branches-and-merges-in-your-repository/managing-rulesets/managing-rulesets-for-a-repository#editing-a-ruleset","docs_reference_titles":"/repositories/configuring-branches-and-merges-in-your-repository/managing-rulesets/managing-rulesets-for-a-repository#editing-a-ruleset","fieldsIndex":266},{"action":"repository_secret_scanning_automatic_validity_checks.disabled","description":"Automatic partner validation checks have been disabled at the repository level","docs_reference_links":"/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository#allowing-validity-checks-for-partner-patterns-in-a-repository","docs_reference_titles":"/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository#allowing-validity-checks-for-partner-patterns-in-a-repository","fieldsIndex":231},{"action":"repository_secret_scanning_automatic_validity_checks.enabled","description":"Automatic partner validation checks have been enabled at the repository level","docs_reference_links":"/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository#allowing-validity-checks-for-partner-patterns-in-a-repository","docs_reference_titles":"/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository#allowing-validity-checks-for-partner-patterns-in-a-repository","fieldsIndex":231},{"action":"repository_secret_scanning_custom_pattern.create","description":"A custom pattern was created for secret scanning in a repository.","docs_reference_links":"/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning#defining-a-custom-pattern-for-a-repository","docs_reference_titles":"Defining custom patterns for secret scanning","fieldsIndex":104},{"action":"repository_secret_scanning_custom_pattern.delete","description":"A custom pattern was removed from secret scanning in a repository.","docs_reference_links":"/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning#removing-a-custom-pattern","docs_reference_titles":"Defining custom patterns for secret scanning","fieldsIndex":234},{"action":"repository_secret_scanning_custom_pattern.publish","description":"A custom pattern was published for secret scanning in a repository.","docs_reference_links":"/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning#defining-a-custom-pattern-for-a-repository","docs_reference_titles":"Defining custom patterns for secret scanning","fieldsIndex":234},{"action":"repository_secret_scanning_custom_pattern_push_protection.disabled","description":"Push protection for a custom pattern for secret scanning was disabled for your repository.","docs_reference_links":"/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning#defining-a-custom-pattern-for-a-repository","docs_reference_titles":"Defining custom patterns for secret scanning","fieldsIndex":234},{"action":"repository_secret_scanning_custom_pattern_push_protection.enabled","description":"Push protection for a custom pattern for secret scanning was enabled for your repository.","docs_reference_links":"/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning#defining-a-custom-pattern-for-a-repository","docs_reference_titles":"Defining custom patterns for secret scanning","fieldsIndex":234},{"action":"repository_secret_scanning_custom_pattern.update","description":"Changes to a custom pattern were saved and a dry run was executed for secret scanning in a repository.","docs_reference_links":"/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning#editing-a-custom-pattern","docs_reference_titles":"Defining custom patterns for secret scanning","fieldsIndex":104},{"action":"repository_secret_scanning.disable","description":"Secret scanning was disabled for a repository.","docs_reference_links":"/code-security/secret-scanning/about-secret-scanning","docs_reference_titles":"Secret scanning","fieldsIndex":231},{"action":"repository_secret_scanning.enable","description":"Secret scanning was enabled for a repository.","docs_reference_links":"N/A","fieldsIndex":231},{"action":"repository_secret_scanning_extended_metadata.disabled","description":"Metadata for secret scanning alerts has been disabled at the repository level","docs_reference_links":"/code-security/secret-scanning/enabling-secret-scanning-features/enabling-extended-metadata-checks-for-your-repository","docs_reference_titles":"Enabling extended metadata checks for your repository","fieldsIndex":231},{"action":"repository_secret_scanning_extended_metadata.enabled","description":"Metadata for secret scanning alerts has been enabled at the repository level","docs_reference_links":"/code-security/secret-scanning/enabling-secret-scanning-features/enabling-extended-metadata-checks-for-your-repository","docs_reference_titles":"Enabling extended metadata checks for your repository","fieldsIndex":231},{"action":"repository_secret_scanning_generic_secrets.disabled","description":"Generic secrets have been disabled at the repository level","docs_reference_links":"N/A","fieldsIndex":231},{"action":"repository_secret_scanning_generic_secrets.enabled","description":"Generic secrets have been enabled at the repository level","docs_reference_links":"N/A","fieldsIndex":231},{"action":"repository_secret_scanning_non_provider_patterns.disabled","description":"Secret scanning for non-provider patterns was disabled at the repository level.","docs_reference_links":"/code-security/secret-scanning/secret-scanning-patterns#non-provider-patterns","docs_reference_titles":"Supported secret scanning patterns","fieldsIndex":231},{"action":"repository_secret_scanning_non_provider_patterns.enabled","description":"Secret scanning for non-provider patterns was enabled at the repository level.","docs_reference_links":"/code-security/secret-scanning/secret-scanning-patterns#non-provider-patterns","docs_reference_titles":"Supported secret scanning patterns","fieldsIndex":231},{"action":"repository_secret_scanning_push_protection_bypass_list.add","description":"A role or team was added to the push protection bypass list at the repository level.","docs_reference_links":"/code-security/secret-scanning/push-protection-for-repositories-and-organizations#enabling-delegated-bypass-for-push-protection","docs_reference_titles":"Push protection","fieldsIndex":104},{"action":"repository_secret_scanning_push_protection_bypass_list.disable","description":"Push protection settings for \"Users who can bypass push protection for secret scanning\" changed from \"Specific roles or teams\" to \"Anyone with write access\" at the repository level.","docs_reference_links":"/code-security/secret-scanning/push-protection-for-repositories-and-organizations#enabling-delegated-bypass-for-push-protection","docs_reference_titles":"Push protection","fieldsIndex":231},{"action":"repository_secret_scanning_push_protection_bypass_list.enable","description":"Push protection settings for \"Users who can bypass push protection for secret scanning\" changed from \"Anyone with write access\" to \"Specific roles or teams\" at the repository level.","docs_reference_links":"/code-security/secret-scanning/push-protection-for-repositories-and-organizations#enabling-delegated-bypass-for-push-protection","docs_reference_titles":"Push protection","fieldsIndex":102},{"action":"repository_secret_scanning_push_protection_bypass_list.remove","description":"A role or team was removed from the push protection bypass list at the repository level.","docs_reference_links":"/code-security/secret-scanning/push-protection-for-repositories-and-organizations#enabling-delegated-bypass-for-push-protection","docs_reference_titles":"Push protection","fieldsIndex":234},{"action":"repository_secret_scanning_push_protection.disable","description":"Secret scanning push protection was disabled for a repository.","docs_reference_links":"/code-security/secret-scanning/protecting-pushes-with-secret-scanning","docs_reference_titles":"Push protection","fieldsIndex":231},{"action":"repository_secret_scanning_push_protection.enable","description":"Secret scanning push protection was enabled for a repository.","docs_reference_links":"/code-security/secret-scanning/protecting-pushes-with-secret-scanning","docs_reference_titles":"Push protection","fieldsIndex":231},{"action":"repository_security_configuration.applied","description":"A code security configuration was applied to a repository.","docs_reference_links":"N/A","fieldsIndex":267},{"action":"repository_security_configuration.failed","description":"A code security configuration failed to attach to the repository.","docs_reference_links":"N/A","fieldsIndex":267},{"action":"repository_security_configuration.removed","description":"A code security configuration was removed from a repository.","docs_reference_links":"N/A","fieldsIndex":267},{"action":"repository_security_configuration.removed_by_settings_change","description":"A code security configuration was removed due to a change in repository or enterprise settings.","docs_reference_links":"N/A","fieldsIndex":267},{"action":"repository_security_updates.disable","description":"Dependabot security updates was disabled.","docs_reference_links":"/code-security/dependabot/dependabot-security-updates/configuring-dependabot-security-updates","docs_reference_titles":"Configuring Dependabot security updates","fieldsIndex":231},{"action":"repository_security_updates.enable","description":"Dependabot security updates was enabled.","docs_reference_links":"/code-security/dependabot/dependabot-security-updates/configuring-dependabot-security-updates","docs_reference_titles":"Configuring Dependabot security updates","fieldsIndex":231},{"action":"repository_visibility_change.clear","description":"The repository visibility change setting was cleared for an organization or enterprise.","docs_reference_links":"/organizations/managing-organization-settings/restricting-repository-visibility-changes-in-your-organization, /admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-changes-to-repository-visibility","docs_reference_titles":"/organizations/managing-organization-settings/restricting-repository-visibility-changes-in-your-organization, Enforcing repository management policies in your enterprise","fieldsIndex":15},{"action":"repository_visibility_change.disable","description":"The ability for enterprise members to update a repository's visibility was disabled. Members are unable to change repository visibilities in an organization, or all organizations in an enterprise.","docs_reference_links":"N/A","fieldsIndex":11},{"action":"repository_visibility_change.enable","description":"The ability for enterprise members to update a repository's visibility was enabled. Members are able to change repository visibilities in an organization, or all organizations in an enterprise.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"repository_vulnerability_alert.assign","description":"A user was assigned to a Dependabot alert.","docs_reference_links":"N/A","fieldsIndex":268},{"action":"repository_vulnerability_alert.auto_dismiss","description":"A Dependabot alert was automatically dismissed because its metadata matches an enabled Dependabot rule.","docs_reference_links":"/code-security/dependabot/dependabot-alerts/using-alert-rules-to-prioritize-dependabot-alerts","docs_reference_titles":"Dependabot auto-triage rules","fieldsIndex":269},{"action":"repository_vulnerability_alert.auto_reopen","description":"A previously auto-dismissed Dependabot alert was automatically reopened because its metadata no longer matches an enabled Dependabot rule.","docs_reference_links":"/code-security/dependabot/dependabot-alerts/using-alert-rules-to-prioritize-dependabot-alerts","docs_reference_titles":"Dependabot auto-triage rules","fieldsIndex":269},{"action":"repository_vulnerability_alert.create","description":"GitHub created a Dependabot alert because the repository uses a vulnerable dependency.","docs_reference_links":"/code-security/dependabot/dependabot-alerts/about-dependabot-alerts","docs_reference_titles":"Dependabot alerts","fieldsIndex":270},{"action":"repository_vulnerability_alert.dismiss","description":"A Dependabot alert was manually dismissed.","docs_reference_links":"N/A","fieldsIndex":271},{"action":"repository_vulnerability_alert.reintroduce","description":"A Dependabot alert was automatically reopened because the repository resumed use of a vulnerable dependency.","docs_reference_links":"N/A","fieldsIndex":270},{"action":"repository_vulnerability_alert.reopen","description":"A Dependabot alert was manually reopened.","docs_reference_links":"N/A","fieldsIndex":268},{"action":"repository_vulnerability_alert.resolve","description":"Changes were pushed to update and resolve a Dependabot alert in a project dependency.","docs_reference_links":"N/A","fieldsIndex":270},{"action":"repository_vulnerability_alert.unassign","description":"A user was unassigned to a Dependabot alert.","docs_reference_links":"N/A","fieldsIndex":272},{"action":"repository_vulnerability_alert.withdraw","description":"A Dependabot alert was withdrawn.","docs_reference_links":"N/A","fieldsIndex":273},{"action":"repository_vulnerability_alerts.authorized_users_teams","description":"The list of people or teams authorized to receive Dependabot alerts for the repository was updated.","docs_reference_links":"/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository#granting-access-to-security-alerts","docs_reference_titles":"/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository#granting-access-to-security-alerts","fieldsIndex":234},{"action":"repository_vulnerability_alerts_auto_dismissal.disable","description":"Automatic dismissal of low-impact Dependabot alerts was disabled for the repository.","docs_reference_links":"N/A","fieldsIndex":187},{"action":"repository_vulnerability_alerts_auto_dismissal.enable","description":"Automatic dismissal of low-impact Dependabot alerts was enabled for the repository.","docs_reference_links":"N/A","fieldsIndex":231},{"action":"repository_vulnerability_alerts.disable","description":"Dependabot alerts was disabled.","docs_reference_links":"N/A","fieldsIndex":231},{"action":"repository_vulnerability_alerts.enable","description":"Dependabot alerts was enabled.","docs_reference_links":"N/A","fieldsIndex":231},{"action":"required_status_check.create","description":"A status check was marked as required for a protected branch.","docs_reference_links":"/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches#require-status-checks-before-merging","docs_reference_titles":"/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches#require-status-checks-before-merging","fieldsIndex":274},{"action":"required_status_check.destroy","description":"A status check was no longer marked as required for a protected branch.","docs_reference_links":"/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches#require-status-checks-before-merging","docs_reference_titles":"/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches#require-status-checks-before-merging","fieldsIndex":274},{"action":"restrict_notification_delivery.disable","description":"Email notification restrictions for an organization or enterprise were disabled.","docs_reference_links":"/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/restricting-email-notifications-for-your-organization, /admin/policies/enforcing-policies-for-your-enterprise/restricting-email-notifications-for-your-enterprise","docs_reference_titles":"Restricting email notifications for your organization, Restricting email notifications for your enterprise","fieldsIndex":275},{"action":"restrict_notification_delivery.enable","description":"Email notification restrictions for an organization or enterprise were enabled.","docs_reference_links":"/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/restricting-email-notifications-for-your-organization, /admin/policies/enforcing-policies-for-your-enterprise/restricting-email-notifications-for-your-enterprise","docs_reference_titles":"Restricting email notifications for your organization, Restricting email notifications for your enterprise","fieldsIndex":276},{"action":"role.create","description":"A new custom repository role was created.","docs_reference_links":"/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/managing-custom-repository-roles-for-an-organization","docs_reference_titles":"Managing custom repository roles for an organization","fieldsIndex":277},{"action":"role.destroy","description":"A custom repository role was deleted.","docs_reference_links":"/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/managing-custom-repository-roles-for-an-organization","docs_reference_titles":"Managing custom repository roles for an organization","fieldsIndex":278},{"action":"role.update","description":"A custom repository role was edited.","docs_reference_links":"/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/managing-custom-repository-roles-for-an-organization","docs_reference_titles":"Managing custom repository roles for an organization","fieldsIndex":279},{"action":"secret_scanning_alert.assign","description":"A user was assigned to a secret scanning alert.","docs_reference_links":"/code-security/secret-scanning/managing-alerts-from-secret-scanning","docs_reference_titles":"Manage secret scanning alerts","fieldsIndex":280},{"action":"secret_scanning_alert.create","description":"GitHub detected a secret and created a secret scanning alert.","docs_reference_links":"/code-security/secret-scanning/managing-alerts-from-secret-scanning","docs_reference_titles":"Manage secret scanning alerts","fieldsIndex":280},{"action":"secret_scanning_alert.delete","description":"A secret scanning alert was deleted by GitHub. Note that deletions from custom patterns are not logged.","docs_reference_links":"/code-security/secret-scanning/managing-alerts-from-secret-scanning","docs_reference_titles":"Manage secret scanning alerts","fieldsIndex":281},{"action":"secret_scanning_alert.public_leak","description":"A secret scanning alert was leaked in a public repo.","docs_reference_links":"/code-security/secret-scanning/managing-alerts-from-secret-scanning","docs_reference_titles":"Manage secret scanning alerts","fieldsIndex":280},{"action":"secret_scanning_alert.reopen","description":"A secret scanning alert was reopened.","docs_reference_links":"N/A","fieldsIndex":282},{"action":"secret_scanning_alert.report","description":"A leaked secret was reported to the secret's provider by secret scanning.","docs_reference_links":"/code-security/secret-scanning/managing-alerts-from-secret-scanning/resolving-alerts","docs_reference_titles":"Resolving alerts from secret scanning","fieldsIndex":283},{"action":"secret_scanning_alert.resolve","description":"A secret scanning alert was resolved.","docs_reference_links":"N/A","fieldsIndex":282},{"action":"secret_scanning_alert.revoke","description":"A secret scanning alert was revoked.","docs_reference_links":"N/A","fieldsIndex":284},{"action":"secret_scanning_alert.unassign","description":"A user was unassigned from a secret scanning alert.","docs_reference_links":"/code-security/secret-scanning/managing-alerts-from-secret-scanning","docs_reference_titles":"Manage secret scanning alerts","fieldsIndex":280},{"action":"secret_scanning_alert.validate","description":"A secret scanning alert was validated.","docs_reference_links":"/code-security/secret-scanning/managing-alerts-from-secret-scanning","docs_reference_titles":"Manage secret scanning alerts","fieldsIndex":285},{"action":"secret_scanning_closure_request.approve","description":"A request to close a secret scanning alert was approved by a user.","docs_reference_links":"N/A","fieldsIndex":286},{"action":"secret_scanning_closure_request.cancel","description":"N/A","docs_reference_links":"A reqeust to close a secret scanning alert was canceled by a user.","docs_reference_titles":"A, reqeust, to, close, a, secret, scanning, alert, was, canceled, by, a, user.","fieldsIndex":56},{"action":"secret_scanning_closure_request.create","description":"N/A","docs_reference_links":"A user requested to close a secret scanning alert.","docs_reference_titles":"A, user, requested, to, close, a, secret, scanning, alert.","fieldsIndex":287},{"action":"secret_scanning_closure_request.deny","description":"A request to close a secret scanning alert was denied by a user.","docs_reference_links":"N/A","fieldsIndex":286},{"action":"secret_scanning.disable","description":"Secret scanning was disabled for all existing repositories.","docs_reference_links":"/code-security/secret-scanning/about-secret-scanning","docs_reference_titles":"Secret scanning","fieldsIndex":11},{"action":"secret_scanning.enable","description":"Secret scanning was enabled for all existing repositories.","docs_reference_links":"/code-security/secret-scanning/about-secret-scanning","docs_reference_titles":"Secret scanning","fieldsIndex":53},{"action":"secret_scanning_new_repos.disable","description":"Secret scanning was disabled for all new repositories.","docs_reference_links":"/code-security/secret-scanning/about-secret-scanning","docs_reference_titles":"Secret scanning","fieldsIndex":53},{"action":"secret_scanning_new_repos.enable","description":"Secret scanning was enabled for all new repositories.","docs_reference_links":"/code-security/secret-scanning/about-secret-scanning","docs_reference_titles":"Secret scanning","fieldsIndex":53},{"action":"secret_scanning_push_protection.bypass","description":"Triggered when a user bypasses the push protection on a secret detected by secret scanning.","docs_reference_links":"/code-security/secret-scanning/protecting-pushes-with-secret-scanning#bypassing-push-protection-for-a-secret","docs_reference_titles":"Push protection","fieldsIndex":288},{"action":"secret_scanning_push_protection_request.approve","description":"A request to bypass secret scanning push protection was approved by a user.","docs_reference_links":"/code-security/secret-scanning/push-protection-for-repositories-and-organizations#managing-requests-to-bypass-push-protection","docs_reference_titles":"Push protection","fieldsIndex":289},{"action":"secret_scanning_push_protection_request.cancel","description":"A user canceled a request to bypass secret scanning push protection.","docs_reference_links":"/code-security/secret-scanning/working-with-push-protection#requesting-bypass-privileges-when-working-with-the-command-line","docs_reference_titles":"/code-security/secret-scanning/working-with-push-protection#requesting-bypass-privileges-when-working-with-the-command-line","fieldsIndex":290},{"action":"secret_scanning_push_protection_request.complete","description":"A user pushed a commit containing a secret for which there is an approved secret scanning push protection bypass request.","docs_reference_links":"/code-security/secret-scanning/working-with-push-protection#requesting-bypass-privileges-when-working-with-the-command-line","docs_reference_titles":"/code-security/secret-scanning/working-with-push-protection#requesting-bypass-privileges-when-working-with-the-command-line","fieldsIndex":290},{"action":"secret_scanning_push_protection_request.deny","description":"A request to bypass secret scanning push protection was denied by a user.","docs_reference_links":"/code-security/secret-scanning/push-protection-for-repositories-and-organizations#managing-requests-to-bypass-push-protection","docs_reference_titles":"Push protection","fieldsIndex":291},{"action":"secret_scanning_push_protection_request.request","description":"A user requested to bypass secret scanning push protection.","docs_reference_links":"/code-security/secret-scanning/working-with-push-protection#requesting-bypass-privileges-when-working-with-the-command-line","docs_reference_titles":"/code-security/secret-scanning/working-with-push-protection#requesting-bypass-privileges-when-working-with-the-command-line","fieldsIndex":292},{"action":"secret_scanning_scan.completed","description":"A secret scanning scan has completed on this repository.","docs_reference_links":"/code-security/secret-scanning/about-secret-scanning","docs_reference_titles":"Secret scanning","fieldsIndex":293},{"action":"security_configuration.create","description":"A security configuration was created","docs_reference_links":"N/A","fieldsIndex":294},{"action":"security_configuration_default.delete","description":"A default security configuration setting for new repositories was removed.","docs_reference_links":"N/A","fieldsIndex":295},{"action":"security_configuration_default.update","description":"A default security configuration setting for new repositories was updated.","docs_reference_links":"N/A","fieldsIndex":295},{"action":"security_configuration.delete","description":"A security configuration was deleted","docs_reference_links":"N/A","fieldsIndex":294},{"action":"security_configuration_policy.update","description":"A security configuration policy was updated","docs_reference_links":"N/A","fieldsIndex":296},{"action":"security_configuration.update","description":"A security configuration was updated","docs_reference_links":"N/A","fieldsIndex":297},{"action":"sponsors.agreement_sign","description":"A GitHub Sponsors agreement was signed on behalf of an organization.","docs_reference_links":"N/A","fieldsIndex":298},{"action":"sponsors.custom_amount_settings_change","description":"Custom amounts for GitHub Sponsors were enabled or disabled, or the suggested custom amount was changed.","docs_reference_links":"/sponsors/receiving-sponsorships-through-github-sponsors/managing-your-sponsorship-tiers","docs_reference_titles":"/sponsors/receiving-sponsorships-through-github-sponsors/managing-your-sponsorship-tiers","fieldsIndex":298},{"action":"sponsors.fiscal_host_change","description":"The fiscal host for a GitHub Sponsors listing was updated.","docs_reference_links":"N/A","fieldsIndex":299},{"action":"sponsors.invoiced_agreement_sign","description":"An agreement for invoiced billing for GitHub Sponsors was signed.","docs_reference_links":"/sponsors/sponsoring-open-source-contributors/paying-for-github-sponsors-by-invoice","docs_reference_titles":"/sponsors/sponsoring-open-source-contributors/paying-for-github-sponsors-by-invoice","fieldsIndex":0},{"action":"sponsors.repo_funding_links_file_action","description":"The FUNDING file in a repository was changed.","docs_reference_links":"/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/displaying-a-sponsor-button-in-your-repository","docs_reference_titles":"/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/displaying-a-sponsor-button-in-your-repository","fieldsIndex":300},{"action":"sponsors.sponsor_sponsorship_cancel","description":"A sponsorship was canceled.","docs_reference_links":"/billing/managing-billing-for-github-sponsors/downgrading-a-sponsorship","docs_reference_titles":"Downgrading a sponsorship","fieldsIndex":301},{"action":"sponsors.sponsor_sponsorship_create","description":"A sponsorship was created, by sponsoring an account.","docs_reference_links":"/sponsors/sponsoring-open-source-contributors/about-sponsorships-fees-and-taxes","docs_reference_titles":"/sponsors/sponsoring-open-source-contributors/about-sponsorships-fees-and-taxes","fieldsIndex":302},{"action":"sponsors.sponsor_sponsorship_payment_complete","description":"After you sponsor an account and a payment has been processed, the sponsorship payment was marked as complete.","docs_reference_links":"/sponsors/sponsoring-open-source-contributors/about-sponsorships-fees-and-taxes","docs_reference_titles":"/sponsors/sponsoring-open-source-contributors/about-sponsorships-fees-and-taxes","fieldsIndex":302},{"action":"sponsors.sponsor_sponsorship_preference_change","description":"The option to receive email updates from a sponsored account was changed.","docs_reference_links":"/sponsors/sponsoring-open-source-contributors/managing-your-sponsorship","docs_reference_titles":"/sponsors/sponsoring-open-source-contributors/managing-your-sponsorship","fieldsIndex":301},{"action":"sponsors.sponsor_sponsorship_tier_change","description":"A sponsorship was upgraded or downgraded.","docs_reference_links":"/billing/managing-billing-for-github-sponsors/upgrading-a-sponsorship, /billing/managing-billing-for-github-sponsors/downgrading-a-sponsorship","docs_reference_titles":"Upgrading a sponsorship, Downgrading a sponsorship","fieldsIndex":302},{"action":"sponsors.sponsored_developer_approve","description":"A GitHub Sponsors account was approved.","docs_reference_links":"/sponsors/receiving-sponsorships-through-github-sponsors/setting-up-github-sponsors-for-your-personal-account","docs_reference_titles":"/sponsors/receiving-sponsorships-through-github-sponsors/setting-up-github-sponsors-for-your-personal-account","fieldsIndex":299},{"action":"sponsors.sponsored_developer_create","description":"A GitHub Sponsors account was created.","docs_reference_links":"/sponsors/receiving-sponsorships-through-github-sponsors/setting-up-github-sponsors-for-your-personal-account","docs_reference_titles":"/sponsors/receiving-sponsorships-through-github-sponsors/setting-up-github-sponsors-for-your-personal-account","fieldsIndex":303},{"action":"sponsors.sponsored_developer_disable","description":"A GitHub Sponsors account was disabled.","docs_reference_links":"N/A","fieldsIndex":299},{"action":"sponsors.sponsored_developer_profile_update","description":"The profile for GitHub Sponsors account was edited.","docs_reference_links":"/sponsors/receiving-sponsorships-through-github-sponsors/editing-your-profile-details-for-github-sponsors","docs_reference_titles":"/sponsors/receiving-sponsorships-through-github-sponsors/editing-your-profile-details-for-github-sponsors","fieldsIndex":303},{"action":"sponsors.sponsored_developer_redraft","description":"A GitHub Sponsors account was returned to draft state from approved state.","docs_reference_links":"N/A","fieldsIndex":299},{"action":"sponsors.sponsored_developer_request_approval","description":"An application for GitHub Sponsors was submitted for approval.","docs_reference_links":"/sponsors/receiving-sponsorships-through-github-sponsors/setting-up-github-sponsors-for-your-personal-account","docs_reference_titles":"/sponsors/receiving-sponsorships-through-github-sponsors/setting-up-github-sponsors-for-your-personal-account","fieldsIndex":299},{"action":"sponsors.sponsored_developer_tier_description_update","description":"The description for a sponsorship tier was changed.","docs_reference_links":"/sponsors/receiving-sponsorships-through-github-sponsors/managing-your-sponsorship-tiers","docs_reference_titles":"/sponsors/receiving-sponsorships-through-github-sponsors/managing-your-sponsorship-tiers","fieldsIndex":304},{"action":"sponsors.sponsors_patreon_user_create","description":"A Patreon account was linked to a user account for use with GitHub Sponsors.","docs_reference_links":"/sponsors/receiving-sponsorships-through-github-sponsors/enabling-sponsorships-through-patreon#linking-your-patreon-account-to-your-github-account","docs_reference_titles":"/sponsors/receiving-sponsorships-through-github-sponsors/enabling-sponsorships-through-patreon#linking-your-patreon-account-to-your-github-account","fieldsIndex":305},{"action":"sponsors.sponsors_patreon_user_destroy","description":"A Patreon account for use with GitHub Sponsors was unlinked from a user account.","docs_reference_links":"/sponsors/sponsoring-open-source-contributors/unlinking-your-patreon-account-from-your-github-account","docs_reference_titles":"Unlinking your Patreon account from GitHub","fieldsIndex":305},{"action":"sponsors.update_tier_repository","description":"A GitHub Sponsors tier changed access for a repository.","docs_reference_links":"N/A","fieldsIndex":304},{"action":"sponsors.update_tier_welcome_message","description":"The welcome message for a GitHub Sponsors tier for an organization was updated.","docs_reference_links":"N/A","fieldsIndex":304},{"action":"sponsors.withdraw_agreement_signature","description":"A signature was withdrawn from a GitHub Sponsors agreement that applies to an organization.","docs_reference_links":"N/A","fieldsIndex":298},{"action":"ssh_certificate_authority.create","description":"An SSH certificate authority for an organization or enterprise was created.","docs_reference_links":"/organizations/managing-git-access-to-your-organizations-repositories/managing-your-organizations-ssh-certificate-authorities, /admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-security-settings-in-your-enterprise#managing-ssh-certificate-authorities-for-your-enterprise","docs_reference_titles":"Managing your organization's SSH certificate authorities, Enforcing policies for security settings in your enterprise","fieldsIndex":306},{"action":"ssh_certificate_authority.destroy","description":"An SSH certificate authority for an organization or enterprise was deleted.","docs_reference_links":"/organizations/managing-git-access-to-your-organizations-repositories/managing-your-organizations-ssh-certificate-authorities, /admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-security-settings-in-your-enterprise#managing-ssh-certificate-authorities-for-your-enterprise","docs_reference_titles":"Managing your organization's SSH certificate authorities, Enforcing policies for security settings in your enterprise","fieldsIndex":306},{"action":"ssh_certificate_requirement.disable","description":"The requirement for members to use SSH certificates to access an organization resources was disabled.","docs_reference_links":"/organizations/managing-git-access-to-your-organizations-repositories/managing-your-organizations-ssh-certificate-authorities, /admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-security-settings-in-your-enterprise#managing-ssh-certificate-authorities-for-your-enterprise","docs_reference_titles":"Managing your organization's SSH certificate authorities, Enforcing policies for security settings in your enterprise","fieldsIndex":15},{"action":"ssh_certificate_requirement.enable","description":"The requirement for members to use SSH certificates to access an organization resources was enabled.","docs_reference_links":"/organizations/managing-git-access-to-your-organizations-repositories/managing-your-organizations-ssh-certificate-authorities, /admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-security-settings-in-your-enterprise#managing-ssh-certificate-authorities-for-your-enterprise","docs_reference_titles":"Managing your organization's SSH certificate authorities, Enforcing policies for security settings in your enterprise","fieldsIndex":15},{"action":"staff.dependabot_debug_credentials_generated","description":"Dependabot encrypted config was read.","docs_reference_links":"N/A","fieldsIndex":187},{"action":"staff.set_domain_token_expiration","description":"The verification code expiry time for an organization or enterprise domain was set.","docs_reference_links":"N/A","fieldsIndex":307},{"action":"staff.unverify_domain","description":"An organization or enterprise domain was unverified.","docs_reference_links":"N/A","fieldsIndex":308},{"action":"staff.verify_domain","description":"An organization or enterprise domain was verified.","docs_reference_links":"N/A","fieldsIndex":309},{"action":"sub_issues.parent_issue_add","description":"A parent issue was added to an issue.","docs_reference_links":"N/A","fieldsIndex":91},{"action":"sub_issues.parent_issue_remove","description":"A parent issue was removed from an issue.","docs_reference_links":"N/A","fieldsIndex":91},{"action":"sub_issues.sub_issue_add","description":"A sub-issue was added to an issue.","docs_reference_links":"N/A","fieldsIndex":91},{"action":"sub_issues.sub_issue_remove","description":"A sub-issue was removed from an issue.","docs_reference_links":"N/A","fieldsIndex":91},{"action":"team.add_member","description":"A member of an organization was added to a team.","docs_reference_links":"/organizations/organizing-members-into-teams/adding-organization-members-to-a-team","docs_reference_titles":"/organizations/organizing-members-into-teams/adding-organization-members-to-a-team","fieldsIndex":310},{"action":"team.add_repository","description":"A team was given access and permissions to a repository.","docs_reference_links":"N/A","fieldsIndex":311},{"action":"team.add_to_organization","description":"A team was added to an organization.","docs_reference_links":"N/A","fieldsIndex":312},{"action":"team.change_parent_team","description":"A child team was created or a child team's parent was changed.","docs_reference_links":"/organizations/organizing-members-into-teams/moving-a-team-in-your-organizations-hierarchy","docs_reference_titles":"/organizations/organizing-members-into-teams/moving-a-team-in-your-organizations-hierarchy","fieldsIndex":310},{"action":"team.change_privacy","description":"A team's privacy level was changed.","docs_reference_links":"/organizations/organizing-members-into-teams/changing-team-visibility","docs_reference_titles":"/organizations/organizing-members-into-teams/changing-team-visibility","fieldsIndex":310},{"action":"team.create","description":"A new team is created.","docs_reference_links":"N/A","fieldsIndex":310},{"action":"team.demote_maintainer","description":"A user was demoted from a team maintainer to a team member.","docs_reference_links":"/organizations/organizing-members-into-teams/assigning-the-team-maintainer-role-to-a-team-member","docs_reference_titles":"/organizations/organizing-members-into-teams/assigning-the-team-maintainer-role-to-a-team-member","fieldsIndex":310},{"action":"team.destroy","description":"A team was deleted.","docs_reference_links":"N/A","fieldsIndex":310},{"action":"team_group_mapping.create","description":"N/A","docs_reference_links":"N/A","fieldsIndex":313},{"action":"team_group_mapping.destroy","description":"N/A","docs_reference_links":"N/A","fieldsIndex":313},{"action":"team_group_mapping.update","description":"N/A","docs_reference_links":"N/A","fieldsIndex":313},{"action":"team.members_limit_warning","description":"A team is approaching its members limit.","docs_reference_links":"N/A","fieldsIndex":314},{"action":"team.organization_assignments_limit_reached","description":"A team has reached its organization assignments limit.","docs_reference_links":"N/A","fieldsIndex":314},{"action":"team.organization_assignments_limit_warning","description":"A team is approaching its organization assignments limit.","docs_reference_links":"N/A","fieldsIndex":314},{"action":"team.promote_maintainer","description":"A user was promoted from a team member to a team maintainer.","docs_reference_links":"/organizations/organizing-members-into-teams/assigning-the-team-maintainer-role-to-a-team-member#promoting-an-organization-member-to-team-maintainer","docs_reference_titles":"/organizations/organizing-members-into-teams/assigning-the-team-maintainer-role-to-a-team-member#promoting-an-organization-member-to-team-maintainer","fieldsIndex":310},{"action":"team.remove_from_organization","description":"A team was removed from an organization.","docs_reference_links":"N/A","fieldsIndex":312},{"action":"team.remove_member","description":"An organization member was removed from a team.","docs_reference_links":"/organizations/organizing-members-into-teams/removing-organization-members-from-a-team","docs_reference_titles":"/organizations/organizing-members-into-teams/removing-organization-members-from-a-team","fieldsIndex":310},{"action":"team.remove_repository","description":"A repository was removed from a team's control.","docs_reference_links":"N/A","fieldsIndex":315},{"action":"team.rename","description":"A team's name was changed.","docs_reference_links":"N/A","fieldsIndex":316},{"action":"team_sync_tenant.disabled","description":"Team synchronization with a tenant was disabled.","docs_reference_links":"/organizations/managing-saml-single-sign-on-for-your-organization/managing-team-synchronization-for-your-organization, /admin/identity-and-access-management/using-saml-for-enterprise-iam/managing-team-synchronization-for-organizations-in-your-enterprise","docs_reference_titles":"Managing team synchronization for your organization, Managing team synchronization for organizations in your enterprise","fieldsIndex":15},{"action":"team_sync_tenant.enabled","description":"Team synchronization with a tenant was enabled.","docs_reference_links":"/organizations/managing-saml-single-sign-on-for-your-organization/managing-team-synchronization-for-your-organization, /admin/identity-and-access-management/using-saml-for-enterprise-iam/managing-team-synchronization-for-organizations-in-your-enterprise","docs_reference_titles":"Managing team synchronization for your organization, Managing team synchronization for organizations in your enterprise","fieldsIndex":15},{"action":"team_sync_tenant.update_okta_credentials","description":"The Okta credentials for team synchronization with a tenant were changed.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"team.update_repository_permission","description":"A team's permission to a repository was changed.","docs_reference_links":"N/A","fieldsIndex":317},{"action":"user_content_edit.delete","description":"Triggered when a user content edit is deleted.","docs_reference_links":"N/A","fieldsIndex":318},{"action":"vulnerability_alert_rule.create","description":"A Dependabot rule was created.","docs_reference_links":"N/A","fieldsIndex":319},{"action":"vulnerability_alert_rule.delete","description":"A Dependabot rule was deleted.","docs_reference_links":"N/A","fieldsIndex":320},{"action":"vulnerability_alert_rule.disable","description":"A Dependabot rule was disabled for a single repository or disabled by default for an organization.","docs_reference_links":"N/A","fieldsIndex":319},{"action":"vulnerability_alert_rule.enable","description":"A Dependabot rule was enabled for a single repository or enabled by default for an organization.","docs_reference_links":"N/A","fieldsIndex":321},{"action":"vulnerability_alert_rule.force_disable","description":"A Dependabot rule was enabled for an organization and cannot be disabled for its repositories.","docs_reference_links":"N/A","fieldsIndex":322},{"action":"vulnerability_alert_rule.force_enable","description":"A Dependabot rule was disabled for an organization and cannot be enabled for its repositories.","docs_reference_links":"N/A","fieldsIndex":322},{"action":"vulnerability_alert_rule.update","description":"A Dependabot rule's conditions, actions, or metadata changed.","docs_reference_links":"N/A","fieldsIndex":319},{"action":"workflows.actions_policy_violation","description":"A workflow run produced one or more workflow execution protection policy violations.","docs_reference_links":"N/A","fieldsIndex":323},{"action":"workflows.approve_workflow_job","description":"A workflow job was approved.","docs_reference_links":"/actions/managing-workflow-runs/reviewing-deployments","docs_reference_titles":"Reviewing deployments","fieldsIndex":324},{"action":"workflows.bypass_protection_rules","description":"N/A","docs_reference_links":"N/A","fieldsIndex":325},{"action":"workflows.cancel_workflow_run","description":"A workflow run was cancelled.","docs_reference_links":"/actions/managing-workflow-runs/canceling-a-workflow","docs_reference_titles":"Canceling a workflow run","fieldsIndex":326},{"action":"workflows.comment_workflow_job","description":"N/A","docs_reference_links":"N/A","fieldsIndex":327},{"action":"workflows.completed_workflow_run","description":"A workflow status changed to completed. This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports.","docs_reference_links":"/actions/monitoring-and-troubleshooting-workflows/viewing-workflow-run-history","docs_reference_titles":"Viewing workflow run history","fieldsIndex":328},{"action":"workflows.created_workflow_run","description":"A workflow run was create. This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports.","docs_reference_links":"/actions/learn-github-actions/understanding-github-actions#create-an-example-workflow","docs_reference_titles":"Understanding GitHub Actions","fieldsIndex":329},{"action":"workflows.delete_workflow_run","description":"A workflow run was deleted.","docs_reference_links":"/actions/managing-workflow-runs/deleting-a-workflow-run","docs_reference_titles":"Deleting a workflow run","fieldsIndex":330},{"action":"workflows.disable_workflow","description":"A workflow was disabled.","docs_reference_links":"N/A","fieldsIndex":331},{"action":"workflows.enable_workflow","description":"A workflow was enabled, after previously being disabled by disable_workflow.","docs_reference_links":"N/A","fieldsIndex":331},{"action":"workflows.pin_workflow","description":"A workflow was pinned.","docs_reference_links":"N/A","fieldsIndex":332},{"action":"workflows.prepared_workflow_job","description":"A workflow job was started. Includes the list of secrets that were provided to the job. This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports.","docs_reference_links":"/actions/using-workflows/events-that-trigger-workflows","docs_reference_titles":"Events that trigger workflows","fieldsIndex":333},{"action":"workflows.reject_workflow_job","description":"A workflow job was rejected.","docs_reference_links":"/actions/managing-workflow-runs/reviewing-deployments","docs_reference_titles":"Reviewing deployments","fieldsIndex":334},{"action":"workflows.rerun_workflow_run","description":"A workflow run was re-run.","docs_reference_links":"/actions/managing-workflow-runs/re-running-workflows-and-jobs","docs_reference_titles":"Re-running workflows and jobs","fieldsIndex":335},{"action":"workflows.unpin_workflow","description":"A workflow was unpinned after previously being pinned.","docs_reference_links":"N/A","fieldsIndex":332},{"action":"account_recovery_token.confirm","description":"N/A","docs_reference_links":"N/A","fieldsIndex":0},{"action":"account_recovery_token.destroy","description":"N/A","docs_reference_links":"N/A","fieldsIndex":0},{"action":"account_recovery_token.recover","description":"N/A","docs_reference_links":"N/A","fieldsIndex":0},{"action":"billing.update_bill_cycle_day","description":"N/A","docs_reference_links":"N/A","fieldsIndex":15},{"action":"business.add_admin","description":"An enterprise owner was added to an enterprise.","docs_reference_links":"/admin/user-management/managing-users-in-your-enterprise/inviting-people-to-manage-your-enterprise","docs_reference_titles":"Inviting people to manage your enterprise","fieldsIndex":336},{"action":"business.add_billing_manager","description":"A billing manager was added to an enterprise.","docs_reference_links":"N/A","fieldsIndex":336},{"action":"business.add_support_entitlee","description":"A support entitlement was added to a member of an enterprise.","docs_reference_links":"/admin/user-management/managing-users-in-your-enterprise/managing-support-entitlements-for-your-enterprise","docs_reference_titles":"Managing support entitlements for your enterprise","fieldsIndex":337},{"action":"business.remove_admin","description":"An enterprise owner was removed from an enterprise.","docs_reference_links":"/admin/user-management/managing-users-in-your-enterprise/inviting-people-to-manage-your-enterprise","docs_reference_titles":"Inviting people to manage your enterprise","fieldsIndex":336},{"action":"business.remove_billing_manager","description":"A billing manager was removed from an enterprise.","docs_reference_links":"N/A","fieldsIndex":336},{"action":"business.remove_member","description":"A member was removed from an enterprise.","docs_reference_links":"N/A","fieldsIndex":338},{"action":"business.remove_support_entitlee","description":"A support entitlement was removed from a member of an enterprise.","docs_reference_links":"/admin/user-management/managing-users-in-your-enterprise/managing-support-entitlements-for-your-enterprise","docs_reference_titles":"Managing support entitlements for your enterprise","fieldsIndex":336},{"action":"business.security_center_export_code_scanning_metrics","description":"A CSV export was requested on the \"CodeQL pull request alerts\" page.","docs_reference_links":"N/A","fieldsIndex":146},{"action":"business.security_center_export_coverage","description":"A CSV export was requested on the \"Coverage\" page.","docs_reference_links":"N/A","fieldsIndex":147},{"action":"business.security_center_export_overview_dashboard","description":"A CSV export was requested on the \"Overview Dashboard\" page.","docs_reference_links":"N/A","fieldsIndex":146},{"action":"business.security_center_export_risk","description":"A CSV export was requested on the \"Risk\" page.","docs_reference_links":"N/A","fieldsIndex":147},{"action":"business.set_actions_cache_retention_policy","description":"The cache retention policy for GitHub Actions was set for an enterprise.","docs_reference_links":"/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise","docs_reference_titles":"Enforcing policies for GitHub Actions in your enterprise","fieldsIndex":337},{"action":"business.set_actions_cache_storage_policy","description":"The cache storage policy for GitHub Actions was set for an enterprise.","docs_reference_links":"/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise","docs_reference_titles":"Enforcing policies for GitHub Actions in your enterprise","fieldsIndex":13},{"action":"business.set_actions_fork_pr_approvals_policy","description":"The policy for requiring approvals for workflows from public forks was changed for an enterprise.","docs_reference_links":"/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise#enforcing-a-policy-for-fork-pull-requests-in-your-enterprise","docs_reference_titles":"Enforcing policies for GitHub Actions in your enterprise","fieldsIndex":339},{"action":"business.set_actions_private_fork_pr_approvals_policy","description":"The policy for requiring approval for fork pull request workflows from collaborators without write access to private repos was changed for an enterprise.","docs_reference_links":"/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise#enforcing-a-policy-for-fork-pull-requests-in-private-repositories","docs_reference_titles":"Enforcing policies for GitHub Actions in your enterprise","fieldsIndex":340},{"action":"business.set_actions_retention_limit","description":"The retention period for GitHub Actions artifacts and logs was changed for an enterprise.","docs_reference_links":"/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise#enforcing-a-policy-for-artifact-and-log-retention-in-your-enterprise","docs_reference_titles":"Enforcing policies for GitHub Actions in your enterprise","fieldsIndex":341},{"action":"business.set_default_workflow_permissions","description":"The default permissions granted to the GITHUB_TOKEN when running workflows were changed for an enterprise.","docs_reference_links":"/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise#enforcing-a-policy-for-workflow-permissions-in-your-enterprise","docs_reference_titles":"Enforcing policies for GitHub Actions in your enterprise","fieldsIndex":13},{"action":"business.set_fork_pr_workflows_policy","description":"The policy for fork pull request workflows was changed for an enterprise.","docs_reference_links":"/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise#enforcing-a-policy-for-fork-pull-requests-in-your-enterprise","docs_reference_titles":"Enforcing policies for GitHub Actions in your enterprise","fieldsIndex":340},{"action":"business.set_workflow_permission_can_approve_pr","description":"The policy for allowing GitHub Actions to create and approve pull requests was changed for an enterprise.","docs_reference_links":"/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise#preventing-github-actions-from-creating-or-approving-pull-requests","docs_reference_titles":"Enforcing policies for GitHub Actions in your enterprise","fieldsIndex":13},{"action":"gist.create","description":"A gist was created.","docs_reference_links":"N/A","fieldsIndex":342},{"action":"gist.destroy","description":"A gist was deleted.","docs_reference_links":"N/A","fieldsIndex":342},{"action":"gist.visibility_change","description":"The visibility of a gist was updated.","docs_reference_links":"N/A","fieldsIndex":342},{"action":"git_signing_ssh_public_key.create","description":"An SSH key was added to a user account as a Git commit signing key.","docs_reference_links":"/authentication/managing-commit-signature-verification/telling-git-about-your-signing-key","docs_reference_titles":"/authentication/managing-commit-signature-verification/telling-git-about-your-signing-key","fieldsIndex":343},{"action":"git_signing_ssh_public_key.delete","description":"An SSH key was removed from a user account as a Git commit signing key.","docs_reference_links":"/authentication/managing-commit-signature-verification/telling-git-about-your-signing-key","docs_reference_titles":"/authentication/managing-commit-signature-verification/telling-git-about-your-signing-key","fieldsIndex":344},{"action":"gpg_key.create","description":"N/A","docs_reference_links":"N/A","fieldsIndex":345},{"action":"gpg_key.destroy","description":"N/A","docs_reference_links":"N/A","fieldsIndex":345},{"action":"marketplace_listing_plan.create","description":"N/A","docs_reference_links":"N/A","fieldsIndex":346},{"action":"marketplace_listing_plan.publish","description":"N/A","docs_reference_links":"N/A","fieldsIndex":346},{"action":"marketplace_listing_plan.retire","description":"N/A","docs_reference_links":"N/A","fieldsIndex":346},{"action":"marketplace_listing_plan.update","description":"N/A","docs_reference_links":"N/A","fieldsIndex":346},{"action":"mcp_registry.allowlist_add_server","description":"A server was added to an MCP registry allowlist.","docs_reference_links":"N/A","fieldsIndex":347},{"action":"mcp_registry.allowlist_create","description":"An MCP registry allowlist was created.","docs_reference_links":"N/A","fieldsIndex":348},{"action":"mcp_registry.allowlist_delete","description":"An MCP registry allowlist was deleted.","docs_reference_links":"N/A","fieldsIndex":349},{"action":"mcp_registry.allowlist_remove_server","description":"A server was removed from an MCP registry allowlist.","docs_reference_links":"N/A","fieldsIndex":347},{"action":"mcp_registry.allowlist_set_server_entries","description":"Entries were set for a server in an MCP registry allowlist.","docs_reference_links":"N/A","fieldsIndex":350},{"action":"mcp_registry.allowlist_update","description":"An MCP registry allowlist was updated.","docs_reference_links":"N/A","fieldsIndex":351},{"action":"mcp_registry.settings_update","description":"An MCP policy setting for the business was updated.","docs_reference_links":"N/A","fieldsIndex":352},{"action":"oauth_access.create","description":"An OAuth access token was generated.","docs_reference_links":"/apps/oauth-apps/building-oauth-apps/authorizing-oauth-apps, /authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token","docs_reference_titles":"/apps/oauth-apps/building-oauth-apps/authorizing-oauth-apps, Managing your personal access tokens","fieldsIndex":353},{"action":"oauth_access.destroy","description":"An OAuth access token was deleted.","docs_reference_links":"/apps/oauth-apps/building-oauth-apps/authorizing-oauth-apps","docs_reference_titles":"/apps/oauth-apps/building-oauth-apps/authorizing-oauth-apps","fieldsIndex":354},{"action":"oauth_access.regenerate","description":"An OAuth access token was regenerated.","docs_reference_links":"N/A","fieldsIndex":353},{"action":"oauth_access.revoke","description":"An OAuth access token was revoked.","docs_reference_links":"N/A","fieldsIndex":355},{"action":"oauth_access.update","description":"An OAuth access token was updated.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"oauth_authorization.create","description":"An authorization for an OAuth application was created.","docs_reference_links":"/apps/oauth-apps/using-oauth-apps/authorizing-oauth-apps","docs_reference_titles":"/apps/oauth-apps/using-oauth-apps/authorizing-oauth-apps","fieldsIndex":353},{"action":"oauth_authorization.destroy","description":"An authorization for an OAuth application was deleted.","docs_reference_links":"/apps/using-github-apps/reviewing-your-authorized-integrations","docs_reference_titles":"Reviewing and revoking authorization of GitHub Apps","fieldsIndex":356},{"action":"oauth_authorization.update","description":"An authorization for an OAuth application was updated.","docs_reference_links":"/apps/oauth-apps/using-oauth-apps/authorizing-oauth-apps","docs_reference_titles":"/apps/oauth-apps/using-oauth-apps/authorizing-oauth-apps","fieldsIndex":357},{"action":"passkey.register","description":"A new passkey was added.","docs_reference_links":"N/A","fieldsIndex":358},{"action":"passkey.remove","description":"A new passkey was removed.","docs_reference_links":"N/A","fieldsIndex":358},{"action":"personal_access_token.create","description":"Triggered when you create a fine-grained personal access token.","docs_reference_links":"N/A","fieldsIndex":359},{"action":"personal_access_token.credential_regenerated","description":"Triggered when you regenerate a fine-grained personal access token.","docs_reference_links":"N/A","fieldsIndex":360},{"action":"personal_access_token.credential_revoked","description":"A fine-grained personal access token was revoked by GitHub Advanced Security.","docs_reference_links":"/code-security/getting-started/github-security-features#secret-scanning-alerts-for-users","docs_reference_titles":"/code-security/getting-started/github-security-features#secret-scanning-alerts-for-users","fieldsIndex":361},{"action":"personal_access_token.destroy","description":"Triggered when you delete a fine-grained personal access token.","docs_reference_links":"N/A","fieldsIndex":362},{"action":"personal_access_token.update","description":"A fine-grained personal access token was updated.","docs_reference_links":"/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens#fine-grained-personal-access-tokens","docs_reference_titles":"/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens#fine-grained-personal-access-tokens","fieldsIndex":363},{"action":"repo.temporary_access_granted","description":"Temporary access was enabled for a repository.","docs_reference_links":"/admin/user-management/managing-repositories-in-your-enterprise/accessing-user-owned-repositories-in-your-enterprise","docs_reference_titles":"Accessing user-owned repositories in your enterprise","fieldsIndex":104},{"action":"sandbox.add_port","description":"A forwarded port was added to a sandbox.","docs_reference_links":"N/A","fieldsIndex":0},{"action":"sandbox.create","description":"A sandbox was created.","docs_reference_links":"N/A","fieldsIndex":0},{"action":"sandbox.delete","description":"A sandbox was deleted.","docs_reference_links":"N/A","fieldsIndex":0},{"action":"sandbox.generate_token","description":"A token was generated for a sandbox.","docs_reference_links":"N/A","fieldsIndex":0},{"action":"sandbox.remove_port","description":"A forwarded port was removed from a sandbox.","docs_reference_links":"N/A","fieldsIndex":0},{"action":"sandbox.resume","description":"A sandbox was resumed.","docs_reference_links":"N/A","fieldsIndex":0},{"action":"sandbox.stop","description":"A sandbox was stopped.","docs_reference_links":"N/A","fieldsIndex":0},{"action":"security_key.register","description":"A security key was registered for an account.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"security_key.remove","description":"A security key was removed from an account.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"social_identity.linked","description":"A user linked a social identity to their account.","docs_reference_links":"N/A","fieldsIndex":0},{"action":"social_identity.unlinked","description":"A user unlinked a social identity from their account.","docs_reference_links":"N/A","fieldsIndex":16},{"action":"social_identity.unlinked_all","description":"A user unlinked all social identities from their account.","docs_reference_links":"N/A","fieldsIndex":0},{"action":"sponsors.sponsored_developer_update_newsletter_send","description":"Triggered when you send an email update to your sponsors.","docs_reference_links":"/sponsors/receiving-sponsorships-through-github-sponsors/contacting-your-sponsors","docs_reference_titles":"/sponsors/receiving-sponsorships-through-github-sponsors/contacting-your-sponsors","fieldsIndex":15},{"action":"sponsors.waitlist_join","description":"You join the waitlist to join GitHub Sponsors.","docs_reference_links":"/sponsors/receiving-sponsorships-through-github-sponsors/setting-up-github-sponsors-for-your-personal-account","docs_reference_titles":"/sponsors/receiving-sponsorships-through-github-sponsors/setting-up-github-sponsors-for-your-personal-account","fieldsIndex":303},{"action":"successor_invitation.accept","description":"Triggered when you accept a succession invitation.","docs_reference_links":"/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-access-to-your-personal-repositories/maintaining-ownership-continuity-of-your-personal-accounts-repositories","docs_reference_titles":"Maintaining ownership continuity of your personal account's repositories","fieldsIndex":0},{"action":"successor_invitation.cancel","description":"Triggered when you cancel a succession invitation.","docs_reference_links":"/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-access-to-your-personal-repositories/maintaining-ownership-continuity-of-your-personal-accounts-repositories","docs_reference_titles":"Maintaining ownership continuity of your personal account's repositories","fieldsIndex":0},{"action":"successor_invitation.create","description":"Triggered when you create a succession invitation.","docs_reference_links":"/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-access-to-your-personal-repositories/maintaining-ownership-continuity-of-your-personal-accounts-repositories","docs_reference_titles":"Maintaining ownership continuity of your personal account's repositories","fieldsIndex":0},{"action":"successor_invitation.decline","description":"Triggered when you decline a succession invitation.","docs_reference_links":"/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-access-to-your-personal-repositories/maintaining-ownership-continuity-of-your-personal-accounts-repositories","docs_reference_titles":"Maintaining ownership continuity of your personal account's repositories","fieldsIndex":0},{"action":"successor_invitation.destroy","description":"N/A","docs_reference_links":"N/A","fieldsIndex":0},{"action":"successor_invitation.revoke","description":"Triggered when you revoke a succession invitation.","docs_reference_links":"/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-access-to-your-personal-repositories/maintaining-ownership-continuity-of-your-personal-accounts-repositories","docs_reference_titles":"Maintaining ownership continuity of your personal account's repositories","fieldsIndex":364},{"action":"trusted_device.register","description":"A new trusted device was added.","docs_reference_links":"N/A","fieldsIndex":0},{"action":"trusted_device.remove","description":"A trusted device was removed.","docs_reference_links":"N/A","fieldsIndex":0},{"action":"two_factor_account_recovery.abort","description":"N/A","docs_reference_links":"N/A","fieldsIndex":0},{"action":"two_factor_account_recovery.complete","description":"N/A","docs_reference_links":"N/A","fieldsIndex":0},{"action":"two_factor_account_recovery.ignore","description":"N/A","docs_reference_links":"N/A","fieldsIndex":0},{"action":"two_factor_account_recovery.staff_approve","description":"N/A","docs_reference_links":"N/A","fieldsIndex":0},{"action":"two_factor_account_recovery.staff_decline","description":"N/A","docs_reference_links":"N/A","fieldsIndex":0},{"action":"two_factor_account_recovery.start","description":"N/A","docs_reference_links":"N/A","fieldsIndex":15},{"action":"two_factor_account_recovery.two_factor_destroy","description":"N/A","docs_reference_links":"N/A","fieldsIndex":0},{"action":"two_factor_authentication.add_factor","description":"A secondary authentication factor was added to a user account.","docs_reference_links":"/authentication/securing-your-account-with-two-factor-authentication-2fa/configuring-two-factor-authentication","docs_reference_titles":"/authentication/securing-your-account-with-two-factor-authentication-2fa/configuring-two-factor-authentication","fieldsIndex":15},{"action":"two_factor_authentication.disabled","description":"Two-factor authentication was disabled for a user account.","docs_reference_links":"https://docs.github.com/en/authentication/securing-your-account-with-two-factor-authentication-2fa/disabling-two-factor-authentication-for-your-personal-account","docs_reference_titles":"Disabling two-factor authentication for your personal account","fieldsIndex":15},{"action":"two_factor_authentication.enabled","description":"Two-factor authentication was enabled for a user account.","docs_reference_links":"https://docs.github.com/en/authentication/securing-your-account-with-two-factor-authentication-2fa/configuring-two-factor-authentication","docs_reference_titles":"Configuring two-factor authentication","fieldsIndex":15},{"action":"two_factor_authentication.password_reset_fallback_sms","description":"A one-time password code was sent to a user account fallback phone number.","docs_reference_links":"N/A","fieldsIndex":0},{"action":"two_factor_authentication.recovery_codes_regenerated","description":"Two factor recovery codes were regenerated for a user account.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"two_factor_authentication.remove_factor","description":"A secondary authentication factor was removed from a user account.","docs_reference_links":"/authentication/securing-your-account-with-two-factor-authentication-2fa/configuring-two-factor-authentication","docs_reference_titles":"/authentication/securing-your-account-with-two-factor-authentication-2fa/configuring-two-factor-authentication","fieldsIndex":15},{"action":"two_factor_authentication.sign_in_fallback_sms","description":"A one-time password code was sent to a user account fallback phone number.","docs_reference_links":"N/A","fieldsIndex":0},{"action":"two_factor_authentication.update_fallback","description":"The two-factor authentication fallback for a user account was changed.","docs_reference_links":"N/A","fieldsIndex":0},{"action":"user.add_email","description":"An email address was added to a user account.","docs_reference_links":"/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-email-preferences/adding-an-email-address-to-your-github-account","docs_reference_titles":"Adding an email address to your GitHub account","fieldsIndex":365},{"action":"user.async_delete","description":"An asynchronous job was started to destroy a user account, eventually triggering a user.delete event.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"user.audit_log_export","description":"Audit log entries were exported.","docs_reference_links":"N/A","fieldsIndex":115},{"action":"user.block_user","description":"A user was blocked by another user.","docs_reference_links":"N/A","fieldsIndex":117},{"action":"user.change_password","description":"A user changed their password.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"user.codespaces_trusted_repo_access_granted","description":"Triggered when you allow the codespaces you create for a repository to access other repositories owned by your personal account.","docs_reference_links":"/codespaces/managing-codespaces-for-your-organization/managing-repository-access-for-your-organizations-codespaces","docs_reference_titles":"Managing access to other repositories within your codespace","fieldsIndex":366},{"action":"user.codespaces_trusted_repo_access_revoked","description":"Triggered when you disallow the codespaces you create for a repository to access other repositories owned by your personal account.","docs_reference_links":"/codespaces/managing-codespaces-for-your-organization/managing-repository-access-for-your-organizations-codespaces","docs_reference_titles":"Managing access to other repositories within your codespace","fieldsIndex":120},{"action":"user.create","description":"A new user account was created.","docs_reference_links":"N/A","fieldsIndex":367},{"action":"user.create_integration_secret","description":"A user secret for Codespaces was created.","docs_reference_links":"N/A","fieldsIndex":368},{"action":"user.creation_rate_limit_exceeded","description":"The rate of creation of user accounts, applications, issues, pull requests or other resources exceeded the configured rate limits, or too many users were followed too quickly.","docs_reference_links":"N/A","fieldsIndex":16},{"action":"user.delete","description":"A user account was destroyed by an asynchronous job.","docs_reference_links":"N/A","fieldsIndex":0},{"action":"user.demote","description":"A site administrator was demoted to an ordinary user account.","docs_reference_links":"N/A","fieldsIndex":364},{"action":"user.destroy","description":"A user deleted his or her account, triggering user.async_delete.","docs_reference_links":"N/A","fieldsIndex":0},{"action":"user.device_verification_failure","description":"N/A","docs_reference_links":"N/A","fieldsIndex":15},{"action":"user.device_verification_requested","description":"N/A","docs_reference_links":"N/A","fieldsIndex":15},{"action":"user.device_verification_success","description":"N/A","docs_reference_links":"N/A","fieldsIndex":15},{"action":"user.disable_collaborators_only","description":"N/A","docs_reference_links":"N/A","fieldsIndex":364},{"action":"user.disable_contributors_only","description":"N/A","docs_reference_links":"N/A","fieldsIndex":0},{"action":"user.disable_sockpuppet_disallowed","description":"N/A","docs_reference_links":"N/A","fieldsIndex":369},{"action":"user_email.confirm_claim","description":"An enterprise managed user claimed an email address.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"user_email.mark_as_unclaimed","description":"N/A","docs_reference_links":"An enterprise managed user unclaimed an email address.","docs_reference_titles":"An, GitHub Help Documentation, managed, user, unclaimed, an, email, address.","fieldsIndex":15},{"action":"user.enable_collaborators_only","description":"N/A","docs_reference_links":"N/A","fieldsIndex":364},{"action":"user.enable_contributors_only","description":"N/A","docs_reference_links":"N/A","fieldsIndex":369},{"action":"user.enable_sockpuppet_disallowed","description":"N/A","docs_reference_links":"N/A","fieldsIndex":369},{"action":"user.failed_login","description":"A user tried to sign in with an incorrect username, password, or two-factor authentication code.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"user.forgot_password","description":"A user requested a password reset.","docs_reference_links":"/authentication/keeping-your-account-and-data-secure/updating-your-github-access-credentials","docs_reference_titles":"/authentication/keeping-your-account-and-data-secure/updating-your-github-access-credentials","fieldsIndex":370},{"action":"user.grant_github_developer","description":"N/A","docs_reference_links":"N/A","fieldsIndex":0},{"action":"user.hide_private_contributions_count","description":"A user changed the visibility of their private contributions. The number of contributions to private repositories on the user's profile are now hidden.","docs_reference_links":"/account-and-profile/setting-up-and-managing-your-github-profile/managing-contribution-settings-on-your-profile/showing-your-private-contributions-and-achievements-on-your-profile","docs_reference_titles":"Manage visibility settings for private contributions","fieldsIndex":15},{"action":"user.login","description":"A user signed in.","docs_reference_links":"N/A","fieldsIndex":371},{"action":"user.logout","description":"A user signed out.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"user.new_device_used","description":"A user signed in from a new device.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"user.promote","description":"An ordinary user account was promoted to a site administrator.","docs_reference_links":"N/A","fieldsIndex":364},{"action":"user.recreate","description":"A user's account was restored.","docs_reference_links":"N/A","fieldsIndex":0},{"action":"user.remove_email","description":"An email address was removed from a user account.","docs_reference_links":"N/A","fieldsIndex":365},{"action":"user.remove_integration_secret","description":"A user secret for Codespaces was deleted.","docs_reference_links":"N/A","fieldsIndex":372},{"action":"user.rename","description":"A username was changed.","docs_reference_links":"N/A","fieldsIndex":373},{"action":"user.reset_password","description":"A user reset their account password.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"user_session.country_change","description":"N/A","docs_reference_links":"N/A","fieldsIndex":15},{"action":"user.show_private_contributions_count","description":"A user changed the visibility of their private contributions. The number of contributions to private repositories on the user's profile are now shown.","docs_reference_links":"/account-and-profile/setting-up-and-managing-your-github-profile/managing-contribution-settings-on-your-profile/showing-your-private-contributions-and-achievements-on-your-profile","docs_reference_titles":"Manage visibility settings for private contributions","fieldsIndex":15},{"action":"user.sign_in_from_unrecognized_device","description":"A user signed in from an unrecognized device.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"user.sign_in_from_unrecognized_device_and_location","description":"A user signed in from an unrecognized device and location.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"user_status.destroy","description":"Triggered when you clear the status on your profile.","docs_reference_links":"N/A","fieldsIndex":374},{"action":"user_status.update","description":"Triggered when you set or change the status on your profile.","docs_reference_links":"/account-and-profile/setting-up-and-managing-your-github-profile/customizing-your-profile/personalizing-your-profile#setting-a-status","docs_reference_titles":"Personalize your profile","fieldsIndex":375},{"action":"user.suspend","description":"A user account was suspended.","docs_reference_links":"N/A","fieldsIndex":11},{"action":"user.toggle_warn_private_email","description":"N/A","docs_reference_links":"N/A","fieldsIndex":0},{"action":"user.two_factor_challenge_failure","description":"A 2FA challenge issued for a user account failed.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"user.two_factor_challenge_success","description":"A 2FA challenge issued for a user account succeeded.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"user.two_factor_recover","description":"A user used their 2FA recovery codes.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"user.two_factor_recovery_codes_downloaded","description":"A user downloaded 2FA recovery codes for their account.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"user.two_factor_recovery_codes_printed","description":"A user printed 2FA recovery codes for their account.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"user.two_factor_recovery_codes_viewed","description":"A user viewed 2FA recovery codes for their account.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"user.two_factor_requested","description":"A user was prompted for a two-factor authentication code.","docs_reference_links":"/authentication/securing-your-account-with-two-factor-authentication-2fa/accessing-github-using-two-factor-authentication","docs_reference_titles":"/authentication/securing-your-account-with-two-factor-authentication-2fa/accessing-github-using-two-factor-authentication","fieldsIndex":15},{"action":"user.unblock_user","description":"A user was unblocked by another user.","docs_reference_links":"N/A","fieldsIndex":376},{"action":"user.unsuspend","description":"A user account was unsuspended.","docs_reference_links":"N/A","fieldsIndex":11},{"action":"user.update_integration_secret","description":"A user secret for Codespaces was updated.","docs_reference_links":"N/A","fieldsIndex":368},{"action":"user.update_new_repository_default_branch_setting","description":"N/A","docs_reference_links":"N/A","fieldsIndex":15},{"action":"api.request","description":"An API request was made to an endpoint for the enterprise, or an enterprise owned resource. This event is only included if API Request Events is enabled in the enterprise's audit log settings. This event is only available via audit log streaming.","docs_reference_links":"/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/streaming-the-audit-log-for-your-enterprise#enabling-audit-log-streaming-of-api-requests","docs_reference_titles":"Streaming the audit log for your enterprise","fieldsIndex":377},{"action":"audit_log_streaming.check","description":"A manual check of the endpoint configured for audit log streaming was performed.","docs_reference_links":"N/A","fieldsIndex":378},{"action":"audit_log_streaming.create","description":"An endpoint was added for audit log streaming.","docs_reference_links":"N/A","fieldsIndex":379},{"action":"audit_log_streaming.destroy","description":"An audit log streaming endpoint was deleted.","docs_reference_links":"N/A","fieldsIndex":380},{"action":"audit_log_streaming.update","description":"An endpoint configuration was updated for audit log streaming, such as the stream was paused, enabled, or disabled.","docs_reference_links":"N/A","fieldsIndex":381},{"action":"business.add_disallowed_two_factor_method","description":"An enterprise prevented access to resources by users with the given two-factor method.","docs_reference_links":"N/A","fieldsIndex":382},{"action":"business.add_organization","description":"An organization was added to an enterprise.","docs_reference_links":"N/A","fieldsIndex":383},{"action":"business_advanced_security.disabled","description":"GitHub Advanced Security was disabled for your enterprise.","docs_reference_links":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise","docs_reference_titles":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise","fieldsIndex":11},{"action":"business_advanced_security.disabled_for_new_repos","description":"GitHub Advanced Security was disabled for new repositories in your enterprise.","docs_reference_links":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise","docs_reference_titles":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise","fieldsIndex":15},{"action":"business_advanced_security.disabled_for_new_user_namespace_repos","description":"GitHub Advanced Security was disabled for new user namespace repositories in your enterprise.","docs_reference_links":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise","docs_reference_titles":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise","fieldsIndex":15},{"action":"business_advanced_security.enabled","description":"GitHub Advanced Security was enabled for your enterprise.","docs_reference_links":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise","docs_reference_titles":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise","fieldsIndex":11},{"action":"business_advanced_security.enabled_for_new_repos","description":"GitHub Advanced Security was enabled for new repositories in your enterprise.","docs_reference_links":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise","docs_reference_titles":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise","fieldsIndex":11},{"action":"business_advanced_security.enabled_for_new_user_namespace_repos","description":"GitHub Advanced Security was enabled for new user namespace repositories in your enterprise.","docs_reference_links":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise","docs_reference_titles":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise","fieldsIndex":15},{"action":"business.advanced_security_metered_usage_lock","description":"Enablement for Advanced Security features on new repositories has been locked for this enterprise.","docs_reference_links":"N/A","fieldsIndex":121},{"action":"business.advanced_security_metered_usage_unlock","description":"Enablement for Advanced Security features on new repositories has been unlocked for this enterprise.","docs_reference_links":"N/A","fieldsIndex":121},{"action":"business.advanced_security_policy_update","description":"An enterprise owner created, updated, or removed a policy for GitHub Advanced Security.","docs_reference_links":"/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-code-security-and-analysis-for-your-enterprise","docs_reference_titles":"Enforcing policies for code security and analysis for your enterprise","fieldsIndex":384},{"action":"business.advanced_security_repo_admin_enablement_policy_update","description":"N/A","docs_reference_links":"N/A","fieldsIndex":384},{"action":"business_advanced_security.user_namespace_repos_disabled","description":"GitHub Advanced Security was disabled for user namespace repositories in your enterprise.","docs_reference_links":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise","docs_reference_titles":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise","fieldsIndex":15},{"action":"business_advanced_security.user_namespace_repos_enabled","description":"GitHub Advanced Security was enabled for user namespace repositories in your enterprise.","docs_reference_links":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise","docs_reference_titles":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise","fieldsIndex":15},{"action":"business.audit_log_export","description":"An export of the enterprise audit log was created. If the export included a query, the log will list the query used and the number of audit log entries matching that query.","docs_reference_links":"admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/exporting-audit-log-activity-for-your-enterprise","docs_reference_titles":"Exporting audit log activity for your enterprise","fieldsIndex":115},{"action":"business.audit_log_git_event_export","description":"An export of the enterprise's Git events was created.","docs_reference_links":"admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/exporting-audit-log-activity-for-your-enterprise","docs_reference_titles":"Exporting audit log activity for your enterprise","fieldsIndex":116},{"action":"business.cancel_admin_invitation","description":"An invitation for someone to be an owner of an enterprise was canceled.","docs_reference_links":"N/A","fieldsIndex":385},{"action":"business.cancel_billing_manager_invitation","description":"An invitation for someone to be an billing manager of an enterprise was canceled.","docs_reference_links":"N/A","fieldsIndex":386},{"action":"business.cancel_trial","description":"The trial of GitHub Enterprise Cloud was canceled.","docs_reference_links":"/admin/overview/setting-up-a-trial-of-github-enterprise-cloud","docs_reference_titles":"Setting up a trial of GitHub Enterprise Cloud","fieldsIndex":337},{"action":"business.change_seats_plan_type","description":"The seats plan type was changed for an enterprise.","docs_reference_links":"N/A","fieldsIndex":387},{"action":"business.clear_actions_settings","description":"An enterprise owner or site administrator cleared GitHub Actions policy settings for an enterprise.","docs_reference_links":"/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise","docs_reference_titles":"Enforcing policies for GitHub Actions in your enterprise","fieldsIndex":388},{"action":"business.clear_default_repository_permission","description":"An enterprise owner cleared the base repository permission policy setting for an enterprise.","docs_reference_links":"/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-base-repository-permissions","docs_reference_titles":"Enforcing repository management policies in your enterprise","fieldsIndex":13},{"action":"business.clear_disallowed_two_factor_methods","description":"Cleared two-factor authentication restrictions for an enterprise.","docs_reference_links":"N/A","fieldsIndex":13},{"action":"business.clear_members_can_create_repos","description":"An enterprise owner cleared a restriction on repository creation in organizations in the enterprise.","docs_reference_links":"/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#setting-a-policy-for-repository-creation","docs_reference_titles":"Enforcing repository management policies in your enterprise","fieldsIndex":389},{"action":"business.code_quality_access_policy_update","description":"The policy for Code Quality access was updated for an enterprise.","docs_reference_links":"N/A","fieldsIndex":384},{"action":"business.code_quality_enablement_policy_update","description":"The policy for Code Quality enablement was updated for an enterprise.","docs_reference_links":"N/A","fieldsIndex":384},{"action":"business.code_scanning_ai_findings_policy_update","description":"The policy for Code scanning AI findings was updated for an enterprise.","docs_reference_links":"N/A","fieldsIndex":384},{"action":"business.code_scanning_autofix_policy_update","description":"The policy for Code scanning autofix was updated for an enterprise.","docs_reference_links":"N/A","fieldsIndex":384},{"action":"business.code_scanning_autofix_third_party_tools_policy_update","description":"The policy for Code scanning autofix third party tools was updated for an enterprise.","docs_reference_links":"/code-security/getting-started/github-security-features#available-with-github-code-security","docs_reference_titles":"/code-security/getting-started/github-security-features#available-with-github-code-security","fieldsIndex":384},{"action":"business.code_security_enablement_policy_update","description":"The policy for Code Security enablement was updated for an enterprise.","docs_reference_links":"/code-security/getting-started/github-security-features#available-with-github-code-security","docs_reference_titles":"/code-security/getting-started/github-security-features#available-with-github-code-security","fieldsIndex":384},{"action":"business.code_security_metered_usage_lock","description":"Enablement for Code Security features on new repositories has been locked for this enterprise.","docs_reference_links":"N/A","fieldsIndex":121},{"action":"business.code_security_metered_usage_unlock","description":"Enablement for Code Security features on new repositories has been unlocked for this enterprise.","docs_reference_links":"N/A","fieldsIndex":121},{"action":"business.connect_usage_metrics_export","description":"Server statistics were exported for the enterprise.","docs_reference_links":"/admin/monitoring-activity-in-your-enterprise/analyzing-how-your-team-works-with-server-statistics/exporting-server-statistics","docs_reference_titles":"Exporting Server Statistics","fieldsIndex":337},{"action":"business.convert_trial","description":"The enterprise account on a trial of GitHub Enterprise Cloud was upgraded to a paid enterprise account.","docs_reference_links":"/admin/overview/setting-up-a-trial-of-github-enterprise-cloud","docs_reference_titles":"Setting up a trial of GitHub Enterprise Cloud","fieldsIndex":337},{"action":"business.create","description":"An enterprise was created.","docs_reference_links":"N/A","fieldsIndex":337},{"action":"business.create_trial","description":"A trial of GitHub Enterprise Cloud began.","docs_reference_links":"/admin/overview/setting-up-a-trial-of-github-enterprise-cloud","docs_reference_titles":"Setting up a trial of GitHub Enterprise Cloud","fieldsIndex":337},{"action":"business.delete","description":"The enterprise was deleted.","docs_reference_links":"/admin/overview/deleting-an-enterprise-account","docs_reference_titles":"Deleting an enterprise account","fieldsIndex":337},{"action":"business.delete_custom_image","description":"A custom image was deleted for an enterprise.","docs_reference_links":"/actions/how-tos/manage-runners/larger-runners/use-custom-images","docs_reference_titles":"/actions/how-tos/manage-runners/larger-runners/use-custom-images","fieldsIndex":13},{"action":"business.delete_custom_image_version","description":"A custom image version was deleted for an enterprise.","docs_reference_links":"/actions/how-tos/manage-runners/larger-runners/use-custom-images","docs_reference_titles":"/actions/how-tos/manage-runners/larger-runners/use-custom-images","fieldsIndex":13},{"action":"business_dependabot_alerts.disable","description":"Dependabot alerts were disabled for your enterprise.","docs_reference_links":"N/A","fieldsIndex":11},{"action":"business_dependabot_alerts.enable","description":"Dependabot alerts were enabled for your enterprise.","docs_reference_links":"N/A","fieldsIndex":11},{"action":"business_dependabot_alerts_new_repos.disable","description":"Dependabot alerts were disabled for new repositories in your enterprise.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"business_dependabot_alerts_new_repos.enable","description":"Dependabot alerts were enabled for new repositories in your enterprise.","docs_reference_links":"N/A","fieldsIndex":11},{"action":"business.dependabot_alerts_repo_admin_enablement_policy_update","description":"N/A","docs_reference_links":"N/A","fieldsIndex":384},{"action":"business.disable_oidc","description":"OIDC single sign-on was disabled for an enterprise.","docs_reference_links":"/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/configuring-oidc-for-enterprise-managed-users","docs_reference_titles":"Configuring OIDC for Enterprise Managed Users","fieldsIndex":15},{"action":"business.disable_open_scim","description":"SCIM provisioning for custom integrations that use the REST API was disabled for the enterprise.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"business.disable_saml","description":"SAML single sign-on was disabled for an enterprise.","docs_reference_links":"N/A","fieldsIndex":390},{"action":"business.disable_source_ip_disclosure","description":"Display of IP addresses within audit log events for the enterprise was disabled.","docs_reference_links":"/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/displaying-ip-addresses-in-the-audit-log-for-your-enterprise","docs_reference_titles":"Displaying IP addresses in the audit log for your enterprise","fieldsIndex":15},{"action":"business.disable_two_factor_requirement","description":"The requirement for members to have two-factor authentication enabled to access an enterprise was disabled.","docs_reference_links":"N/A","fieldsIndex":337},{"action":"business.enable_oidc","description":"OIDC single sign-on was enabled for an enterprise.","docs_reference_links":"/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/configuring-oidc-for-enterprise-managed-users","docs_reference_titles":"Configuring OIDC for Enterprise Managed Users","fieldsIndex":15},{"action":"business.enable_open_scim","description":"SCIM provisioning for custom integrations that use the REST API was enabled for the enterprise.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"business.enable_saml","description":"SAML single sign-on was enabled for an enterprise.","docs_reference_links":"N/A","fieldsIndex":390},{"action":"business.enable_source_ip_disclosure","description":"Display of IP addresses within audit log events for the enterprise was enabled.","docs_reference_links":"/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/displaying-ip-addresses-in-the-audit-log-for-your-enterprise","docs_reference_titles":"Displaying IP addresses in the audit log for your enterprise","fieldsIndex":15},{"action":"business.enable_two_factor_requirement","description":"The requirement for members to have two-factor authentication enabled to access an enterprise was enabled.","docs_reference_links":"N/A","fieldsIndex":13},{"action":"business.enterprise_server_license_download","description":"A GitHub Enterprise Server license was downloaded.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"business.enterprise_teams_limit_reached","description":"An enterprise has reached its enterprise teams limit.","docs_reference_links":"N/A","fieldsIndex":391},{"action":"business.enterprise_teams_limit_warning","description":"An enterprise is approaching its enterprise teams limit.","docs_reference_links":"N/A","fieldsIndex":391},{"action":"business.expire_trial","description":"The trial of GitHub Enterprise Cloud expired.","docs_reference_links":"/admin/overview/setting-up-a-trial-of-github-enterprise-cloud","docs_reference_titles":"Setting up a trial of GitHub Enterprise Cloud","fieldsIndex":337},{"action":"business.github_models_billing_disabled","description":"GitHub Models billing was disabled for the business.","docs_reference_links":"N/A","fieldsIndex":337},{"action":"business.github_models_billing_enabled","description":"GitHub Models billing was enabled for the business.","docs_reference_links":"N/A","fieldsIndex":337},{"action":"business.import_license_usage","description":"License usage information was imported from a GitHub Enterprise Server instance to an enterprise account on GitHub.com.","docs_reference_links":"/billing/managing-your-license-for-github-enterprise/syncing-license-usage-between-github-enterprise-server-and-github-enterprise-cloud#manually-uploading-github-enterprise-server-license-usage","docs_reference_titles":"Syncing license usage from GitHub Enterprise Server to Cloud","fieldsIndex":392},{"action":"business.invite_admin","description":"An invitation for someone to be an enterprise owner of an enterprise was sent.","docs_reference_links":"N/A","fieldsIndex":385},{"action":"business.invite_billing_manager","description":"An invitation for someone to be a billing manager of an enterprise was sent.","docs_reference_links":"N/A","fieldsIndex":385},{"action":"business.invite_unaffiliated_member","description":"An invitation for someone to join an enterprise was sent.","docs_reference_links":"N/A","fieldsIndex":385},{"action":"business.members_can_update_protected_branches.clear","description":"An enterprise owner unset a policy for whether members of an enterprise can update protected branches on repositories for individual organizations. Organization owners can choose whether to allow updating protected branches settings.","docs_reference_links":"N/A","fieldsIndex":337},{"action":"business.members_can_update_protected_branches.disable","description":"The ability for enterprise members to update branch protection rules was disabled. Only enterprise owners can update protected branches.","docs_reference_links":"N/A","fieldsIndex":13},{"action":"business.members_can_update_protected_branches.enable","description":"The ability for enterprise members to update branch protection rules was enabled. Enterprise owners and members can update protected branches.","docs_reference_links":"N/A","fieldsIndex":388},{"action":"business.members_limit_reached","description":"An enterprise has reached its members limit.","docs_reference_links":"N/A","fieldsIndex":391},{"action":"business.organizations_limit_reached","description":"An enterprise has reached its organizations limit.","docs_reference_links":"N/A","fieldsIndex":391},{"action":"business.organizations_limit_warning","description":"An enterprise is approaching its organizations limit.","docs_reference_links":"N/A","fieldsIndex":391},{"action":"business.proxy_security_header_disabled","description":"The proxy security header was disabled for an enterprise. All users on the network can now access GitHub, unless blocked by other means.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"business.proxy_security_header_enabled","description":"The proxy security header was enabled for an enterprise. When the header is provided in requests, only Enterprise Managed Users matching the header will be able to access GitHub.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"business.proxy_security_header_unsatisfied","description":"A user outside the enterprise tried to access GitHub while the proxy security header was enabled and provided in the request.","docs_reference_links":"N/A","fieldsIndex":13},{"action":"business.recovery_code_failed","description":"An enterprise owner failed to sign into a enterprise with an external identity provider (IdP) using a recovery code.","docs_reference_links":"/admin/identity-and-access-management/managing-recovery-codes-for-your-enterprise/accessing-your-enterprise-account-if-your-identity-provider-is-unavailable","docs_reference_titles":"Accessing your enterprise account if your identity provider is unavailable","fieldsIndex":393},{"action":"business.recovery_code_used","description":"An enterprise owner successfully signed into an enterprise with an external identity provider (IdP) using a recovery code.","docs_reference_links":"/admin/identity-and-access-management/managing-recovery-codes-for-your-enterprise/accessing-your-enterprise-account-if-your-identity-provider-is-unavailable","docs_reference_titles":"Accessing your enterprise account if your identity provider is unavailable","fieldsIndex":337},{"action":"business.recovery_codes_downloaded","description":"An enterprise owner downloaded the enterprise's SSO recovery codes.","docs_reference_links":"/admin/identity-and-access-management/managing-recovery-codes-for-your-enterprise/downloading-your-enterprise-accounts-single-sign-on-recovery-codes","docs_reference_titles":"Downloading your enterprise account's single sign-on recovery codes","fieldsIndex":337},{"action":"business.recovery_codes_generated","description":"An enterprise owner generated the enterprise's SSO recovery codes.","docs_reference_links":"/admin/identity-and-access-management/managing-recovery-codes-for-your-enterprise/downloading-your-enterprise-accounts-single-sign-on-recovery-codes","docs_reference_titles":"Downloading your enterprise account's single sign-on recovery codes","fieldsIndex":337},{"action":"business.recovery_codes_printed","description":"An enterprise owner printed the enterprise's SSO recovery codes.","docs_reference_links":"/admin/identity-and-access-management/managing-recovery-codes-for-your-enterprise/downloading-your-enterprise-accounts-single-sign-on-recovery-codes","docs_reference_titles":"Downloading your enterprise account's single sign-on recovery codes","fieldsIndex":337},{"action":"business.recovery_codes_viewed","description":"An enterprise owner viewed the enterprise's SSO recovery codes.","docs_reference_links":"/admin/identity-and-access-management/managing-recovery-codes-for-your-enterprise/downloading-your-enterprise-accounts-single-sign-on-recovery-codes","docs_reference_titles":"Downloading your enterprise account's single sign-on recovery codes","fieldsIndex":337},{"action":"business.remove_disallowed_two_factor_method","description":"Removed a two-factor authentication method restriction for an enterprise.","docs_reference_links":"N/A","fieldsIndex":394},{"action":"business.remove_organization","description":"An organization was removed from an enterprise.","docs_reference_links":"N/A","fieldsIndex":336},{"action":"business.rename_slug","description":"The slug for the enterprise URL was renamed.","docs_reference_links":"N/A","fieldsIndex":337},{"action":"business.restore","description":"The deleted enterprise was restored.","docs_reference_links":"N/A","fieldsIndex":337},{"action":"business.revoke_external_identity","description":"The external identity for a member in an enterprise was revoked.","docs_reference_links":"N/A","fieldsIndex":337},{"action":"business.revoke_sso_session","description":"The SAML single sign-on session for a member in an enterprise was revoked.","docs_reference_links":"N/A","fieldsIndex":337},{"action":"business.secret_protection_metered_usage_lock","description":"Enablement for Secret Protection features on new repositories has been locked for this enterprise.","docs_reference_links":"N/A","fieldsIndex":121},{"action":"business.secret_protection_metered_usage_unlock","description":"Enablement for Secret Protection features on new repositories has been unlocked for this enterprise.","docs_reference_links":"N/A","fieldsIndex":121},{"action":"business_secret_scanning_automatic_validity_checks.disabled","description":"Automatic partner validation checks have been disabled at the business level","docs_reference_links":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise#managing-advanced-security-features","docs_reference_titles":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise#managing-advanced-security-features","fieldsIndex":0},{"action":"business_secret_scanning_automatic_validity_checks.enabled","description":"Automatic partner validation checks have been enabled at the business level","docs_reference_links":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise#managing-advanced-security-features","docs_reference_titles":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise#managing-advanced-security-features","fieldsIndex":0},{"action":"business_secret_scanning_custom_pattern.create","description":"An enterprise-level custom pattern was created for secret scanning.","docs_reference_links":"/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning#defining-a-custom-pattern-for-an-enterprise-account","docs_reference_titles":"Defining custom patterns for secret scanning","fieldsIndex":11},{"action":"business_secret_scanning_custom_pattern.delete","description":"An enterprise-level custom pattern was removed from secret scanning.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"business_secret_scanning_custom_pattern.publish","description":"An enterprise-level custom pattern was published for secret scanning.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"business_secret_scanning_custom_pattern_push_protection.disabled","description":"Push protection for a custom pattern for secret scanning was disabled for your enterprise.","docs_reference_links":"/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning#defining-a-custom-pattern-for-an-enterprise-account","docs_reference_titles":"Defining custom patterns for secret scanning","fieldsIndex":0},{"action":"business_secret_scanning_custom_pattern_push_protection.enabled","description":"Push protection for a custom pattern for secret scanning was enabled for your enterprise.","docs_reference_links":"/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning#defining-a-custom-pattern-for-an-enterprise-account","docs_reference_titles":"Defining custom patterns for secret scanning","fieldsIndex":0},{"action":"business_secret_scanning_custom_pattern.update","description":"Changes to an enterprise-level custom pattern were saved and a dry run was executed for secret scanning.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"business_secret_scanning.disable","description":"Secret scanning was disabled for your enterprise.","docs_reference_links":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise","docs_reference_titles":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise","fieldsIndex":15},{"action":"business_secret_scanning.disabled_for_new_repos","description":"Secret scanning was disabled for new repositories in your enterprise.","docs_reference_links":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise","docs_reference_titles":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise","fieldsIndex":15},{"action":"business_secret_scanning.enable","description":"Secret scanning was enabled for your enterprise.","docs_reference_links":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise","docs_reference_titles":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise","fieldsIndex":15},{"action":"business_secret_scanning.enabled_for_new_repos","description":"Secret scanning was enabled for new repositories in your enterprise.","docs_reference_links":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise","docs_reference_titles":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise","fieldsIndex":11},{"action":"business_secret_scanning_generic_secrets.disabled","description":"Generic secrets have been disabled at the business level","docs_reference_links":"N/A","fieldsIndex":15},{"action":"business_secret_scanning_generic_secrets.enabled","description":"Generic secrets have been enabled at the business level","docs_reference_links":"N/A","fieldsIndex":15},{"action":"business_secret_scanning_non_provider_patterns.disabled","description":"Secret scanning for non-provider patterns was disabled at the enterprise level.","docs_reference_links":"/code-security/secret-scanning/secret-scanning-patterns#non-provider-patterns","docs_reference_titles":"Supported secret scanning patterns","fieldsIndex":15},{"action":"business_secret_scanning_non_provider_patterns.enabled","description":"Secret scanning for non-provider patterns was enabled at the enterprise level.","docs_reference_links":"/code-security/secret-scanning/secret-scanning-patterns#non-provider-patterns","docs_reference_titles":"Supported secret scanning patterns","fieldsIndex":15},{"action":"business_secret_scanning_push_protection_custom_message.disable","description":"The custom message triggered by an attempted push to a push-protected repository was disabled for your enterprise.","docs_reference_links":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise","docs_reference_titles":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise","fieldsIndex":15},{"action":"business_secret_scanning_push_protection_custom_message.enable","description":"The custom message triggered by an attempted push to a push-protected repository was enabled for your enterprise.","docs_reference_links":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise","docs_reference_titles":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise","fieldsIndex":15},{"action":"business_secret_scanning_push_protection_custom_message.update","description":"The custom message triggered by an attempted push to a push-protected repository was updated for your enterprise.","docs_reference_links":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise","docs_reference_titles":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise","fieldsIndex":15},{"action":"business_secret_scanning_push_protection.disable","description":"Push protection for secret scanning was disabled for your enterprise.","docs_reference_links":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise","docs_reference_titles":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise","fieldsIndex":0},{"action":"business_secret_scanning_push_protection.disabled_for_new_repos","description":"Push protection for secret scanning was disabled for new repositories in your enterprise.","docs_reference_links":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise","docs_reference_titles":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise","fieldsIndex":15},{"action":"business_secret_scanning_push_protection.enable","description":"Push protection for secret scanning was enabled for your enterprise.","docs_reference_links":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise","docs_reference_titles":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise","fieldsIndex":15},{"action":"business_secret_scanning_push_protection.enabled_for_new_repos","description":"Push protection for secret scanning was enabled for new repositories in your enterprise.","docs_reference_links":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise","docs_reference_titles":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise","fieldsIndex":11},{"action":"business_secret_scanning_push_protection_pattern_configuration.push_protection_setting_changed","description":"The push protection setting was updated for a secret type for your enterprise.","docs_reference_links":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise","docs_reference_titles":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise","fieldsIndex":144},{"action":"business_secret_scanning_push_protection_pattern_configuration.updated","description":"The push protection pattern configuration was updated for your enterprise.","docs_reference_links":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise","docs_reference_titles":"/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise","fieldsIndex":145},{"action":"business.secret_scanning_repo_admin_settings_policy_update","description":"N/A","docs_reference_links":"N/A","fieldsIndex":384},{"action":"business.sso_response","description":"A SAML single sign-on (SSO) response was generated when a member attempted to authenticate with your enterprise. This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports.","docs_reference_links":"N/A","fieldsIndex":395},{"action":"business.trial_email_verification_failed","description":"A trial email verification attempt failed for a GitHub Enterprise Cloud trial.","docs_reference_links":"/admin/overview/setting-up-a-trial-of-github-enterprise-cloud","docs_reference_titles":"Setting up a trial of GitHub Enterprise Cloud","fieldsIndex":337},{"action":"business.trial_email_verification_requested","description":"A trial email verification resend was requested for a GitHub Enterprise Cloud trial.","docs_reference_links":"/admin/overview/setting-up-a-trial-of-github-enterprise-cloud","docs_reference_titles":"Setting up a trial of GitHub Enterprise Cloud","fieldsIndex":337},{"action":"business.trial_email_verification_sent","description":"A trial email verification was sent for a GitHub Enterprise Cloud trial.","docs_reference_links":"/admin/overview/setting-up-a-trial-of-github-enterprise-cloud","docs_reference_titles":"Setting up a trial of GitHub Enterprise Cloud","fieldsIndex":337},{"action":"business.trial_email_verified","description":"The trial email was successfully verified for a GitHub Enterprise Cloud trial.","docs_reference_links":"/admin/overview/setting-up-a-trial-of-github-enterprise-cloud","docs_reference_titles":"Setting up a trial of GitHub Enterprise Cloud","fieldsIndex":337},{"action":"business.update_actions_settings","description":"An enterprise owner or site administrator updated GitHub Actions policy settings for an enterprise.","docs_reference_links":"/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise","docs_reference_titles":"Enforcing policies for GitHub Actions in your enterprise","fieldsIndex":396},{"action":"business.update_default_repository_permission","description":"The base repository permission setting was updated for all organizations in an enterprise.","docs_reference_links":"/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-base-repository-permissions","docs_reference_titles":"Enforcing repository management policies in your enterprise","fieldsIndex":397},{"action":"business.update_emu_repo_self_hosted_runners_policy","description":"N/A","docs_reference_links":"N/A","fieldsIndex":398},{"action":"business.update_member_repository_creation_permission","description":"The repository creation setting was updated for an enterprise.","docs_reference_links":"/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-repository-creation","docs_reference_titles":"Enforcing repository management policies in your enterprise","fieldsIndex":399},{"action":"business.update_member_repository_invitation_permission","description":"The policy setting for enterprise members inviting outside collaborators to repositories was updated.","docs_reference_links":"/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-inviting-outside-collaborators-to-repositories","docs_reference_titles":"Enforcing repository management policies in your enterprise","fieldsIndex":400},{"action":"business.update_repo_self_hosted_runners_policy","description":"N/A","docs_reference_links":"N/A","fieldsIndex":401},{"action":"business.update_saml_provider_settings","description":"The SAML single sign-on provider settings for an enterprise were updated.","docs_reference_links":"N/A","fieldsIndex":390},{"action":"business.update_unaffiliated_users_policy","description":"The policy for removing user accounts when removing the last organization membership was updated.","docs_reference_links":"/admin/enforcing-policies/enforcing-policies-for-your-enterprise/control-offboarding","docs_reference_titles":"Controlling user offboarding with the unaffiliated users policy","fieldsIndex":402},{"action":"business.upgrade_from_organization","description":"The organization was upgraded to an enterprise account.","docs_reference_links":"/billing/managing-the-plan-for-your-github-account/upgrading-your-accounts-plan#upgrading-your-organizations-plan","docs_reference_titles":"Upgrading your account's plan","fieldsIndex":337},{"action":"copilot.cfb_enterprise_org_enablement_changed","description":"The Copilot enablement policy changed at the enterprise level to either allow or disable access for all organizations, or to allow access for selected organizations.","docs_reference_links":"N/A","fieldsIndex":403},{"action":"copilot.cfb_enterprise_settings_changed","description":"Copilot feature settings were changed at the enterprise level.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"copilot.clickwrap_save_event","description":"The GitHub Copilot Product Terms or Pre-Release Preview Terms were accepted.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"copilot.enterprise_enablement_changed","description":"Copilot access was enabled or disabled at the enterprise level.","docs_reference_links":"N/A","fieldsIndex":403},{"action":"enterprise.configure_self_hosted_jit_runner","description":"A new just-in-time GitHub Actions self-hosted runner was configured","docs_reference_links":"/rest/actions/self-hosted-runners#create-configuration-for-a-just-in-time-runner-for-an-enterprise","docs_reference_titles":"/rest/actions/self-hosted-runners#create-configuration-for-a-just-in-time-runner-for-an-enterprise","fieldsIndex":11},{"action":"enterprise_domain.approve","description":"A domain was approved for an enterprise.","docs_reference_links":"/admin/configuration/configuring-your-enterprise/verifying-or-approving-a-domain-for-your-enterprise#approving-a-domain-for-your-enterprise-account","docs_reference_titles":"Verifying or approving a domain for your enterprise","fieldsIndex":163},{"action":"enterprise_domain.create","description":"A domain was added to an enterprise.","docs_reference_links":"/admin/configuration/configuring-your-enterprise/verifying-or-approving-a-domain-for-your-enterprise#verifying-a-domain-for-your-enterprise-account","docs_reference_titles":"Verifying or approving a domain for your enterprise","fieldsIndex":163},{"action":"enterprise_domain.destroy","description":"A domain was removed from an enterprise.","docs_reference_links":"/admin/configuration/configuring-your-enterprise/verifying-or-approving-a-domain-for-your-enterprise#removing-an-approved-or-verified-domain","docs_reference_titles":"Verifying or approving a domain for your enterprise","fieldsIndex":404},{"action":"enterprise_domain.verify","description":"A domain was verified for an enterprise.","docs_reference_links":"/admin/configuration/configuring-your-enterprise/verifying-or-approving-a-domain-for-your-enterprise#verifying-a-domain-for-your-enterprise-account","docs_reference_titles":"Verifying or approving a domain for your enterprise","fieldsIndex":163},{"action":"enterprise.register_self_hosted_runner","description":"A new GitHub Actions self-hosted runner was registered.","docs_reference_links":"/actions/hosting-your-own-runners/managing-self-hosted-runners/adding-self-hosted-runners#adding-a-self-hosted-runner-to-a-repository","docs_reference_titles":"Adding self-hosted runners","fieldsIndex":15},{"action":"enterprise.remove_self_hosted_runner","description":"A GitHub Actions self-hosted runner was removed.","docs_reference_links":"/actions/hosting-your-own-runners/managing-self-hosted-runners/removing-self-hosted-runners#removing-a-runner-from-a-repository","docs_reference_titles":"Removing self-hosted runners","fieldsIndex":11},{"action":"enterprise_role.assign","description":"An enterprise role was assigned to a user or enterprise team.","docs_reference_links":"/admin/managing-accounts-and-repositories/managing-users-in-your-enterprise/roles-in-an-enterprise","docs_reference_titles":"Abilities of roles in an enterprise","fieldsIndex":405},{"action":"enterprise_role.create","description":"A custom enterprise role was created in an enterprise.","docs_reference_links":"/admin/managing-accounts-and-repositories/managing-users-in-your-enterprise/roles-in-an-enterprise","docs_reference_titles":"Abilities of roles in an enterprise","fieldsIndex":406},{"action":"enterprise_role.destroy","description":"A custom enterprise role was deleted in an enterprise.","docs_reference_links":"/admin/managing-accounts-and-repositories/managing-users-in-your-enterprise/roles-in-an-enterprise","docs_reference_titles":"Abilities of roles in an enterprise","fieldsIndex":406},{"action":"enterprise_role.revoke","description":"A user or enterprise team was unassigned an enterprise role.","docs_reference_links":"/admin/managing-accounts-and-repositories/managing-users-in-your-enterprise/roles-in-an-enterprise","docs_reference_titles":"Abilities of roles in an enterprise","fieldsIndex":407},{"action":"enterprise_role.update","description":"A custom enterprise role was edited in an enterprise.","docs_reference_links":"/admin/managing-accounts-and-repositories/managing-users-in-your-enterprise/roles-in-an-enterprise","docs_reference_titles":"Abilities of roles in an enterprise","fieldsIndex":408},{"action":"enterprise.runner_group_created","description":"A GitHub Actions self-hosted runner group was created.","docs_reference_links":"/actions/hosting-your-own-runners/managing-self-hosted-runners/removing-self-hosted-runners#removing-a-runner-from-a-repository","docs_reference_titles":"Removing self-hosted runners","fieldsIndex":409},{"action":"enterprise.runner_group_removed","description":"A GitHub Actions self-hosted runner group was removed.","docs_reference_links":"/actions/hosting-your-own-runners/managing-self-hosted-runners/managing-access-to-self-hosted-runners-using-groups#removing-a-self-hosted-runner-group","docs_reference_titles":"Managing access to self-hosted runners using groups","fieldsIndex":410},{"action":"enterprise.runner_group_renamed","description":"A GitHub Actions self-hosted runner group was renamed.","docs_reference_links":"/actions/hosting-your-own-runners/managing-self-hosted-runners/managing-access-to-self-hosted-runners-using-groups#changing-the-access-policy-of-a-self-hosted-runner-group","docs_reference_titles":"Managing access to self-hosted runners using groups","fieldsIndex":141},{"action":"enterprise.runner_group_runner_removed","description":"The REST API was used to remove a GitHub Actions self-hosted runner from a group.","docs_reference_links":"/rest/actions#remove-a-self-hosted-runner-from-a-group-for-an-organization","docs_reference_titles":"/rest/actions#remove-a-self-hosted-runner-from-a-group-for-an-organization","fieldsIndex":411},{"action":"enterprise.runner_group_runners_added","description":"A GitHub Actions self-hosted runner was added to a group.","docs_reference_links":"/actions/hosting-your-own-runners/managing-self-hosted-runners/managing-access-to-self-hosted-runners-using-groups#moving-a-self-hosted-runner-to-a-group","docs_reference_titles":"Managing access to self-hosted runners using groups","fieldsIndex":410},{"action":"enterprise.runner_group_runners_updated","description":"A GitHub Actions runner group's list of members was updated.","docs_reference_links":"/rest/actions#set-self-hosted-runners-in-a-group-for-an-organization","docs_reference_titles":"/rest/actions#set-self-hosted-runners-in-a-group-for-an-organization","fieldsIndex":410},{"action":"enterprise.runner_group_updated","description":"The configuration of a GitHub Actions self-hosted runner group was changed.","docs_reference_links":"/actions/hosting-your-own-runners/managing-self-hosted-runners/managing-access-to-self-hosted-runners-using-groups#changing-the-access-policy-of-a-self-hosted-runner-group","docs_reference_titles":"Managing access to self-hosted runners using groups","fieldsIndex":409},{"action":"enterprise.runner_group_visiblity_updated","description":"The visibility of a GitHub Actions self-hosted runner group was updated via the REST API.","docs_reference_links":"/rest/actions#update-a-self-hosted-runner-group-for-an-organization","docs_reference_titles":"/rest/actions#update-a-self-hosted-runner-group-for-an-organization","fieldsIndex":143},{"action":"enterprise.self_hosted_runner_offline","description":"The GitHub Actions runner application was stopped. This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports.","docs_reference_links":"/actions/hosting-your-own-runners/managing-self-hosted-runners/monitoring-and-troubleshooting-self-hosted-runners#checking-the-status-of-a-self-hosted-runner","docs_reference_titles":"Monitoring and troubleshooting self-hosted runners","fieldsIndex":148},{"action":"enterprise.self_hosted_runner_online","description":"The GitHub Actions runner application was started. This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports.","docs_reference_links":"/actions/hosting-your-own-runners/managing-self-hosted-runners/monitoring-and-troubleshooting-self-hosted-runners#checking-the-status-of-a-self-hosted-runner","docs_reference_titles":"Monitoring and troubleshooting self-hosted runners","fieldsIndex":148},{"action":"enterprise.self_hosted_runner_updated","description":"The GitHub Actions runner application was updated. This event is not included in the JSON/CSV export.","docs_reference_links":"/actions/hosting-your-own-runners/managing-self-hosted-runners/about-self-hosted-runners#about-self-hosted-runners","docs_reference_titles":"Self-hosted runners","fieldsIndex":149},{"action":"enterprise_team.add_member","description":"A new member was added to the enterprise team or an IdP group linked to an enterprise team, or an IdP group was linked to an enterprise team.","docs_reference_links":"N/A","fieldsIndex":412},{"action":"enterprise_team.copilot_assignment","description":"A license for GitHub Copilot was assigned to an enterprise team.","docs_reference_links":"N/A","fieldsIndex":413},{"action":"enterprise_team.copilot_unassignment","description":"A license for GitHub Copilot was unassigned from an enterprise team.","docs_reference_links":"N/A","fieldsIndex":413},{"action":"enterprise_team.create","description":"A new enterprise team was created.","docs_reference_links":"N/A","fieldsIndex":412},{"action":"enterprise_team.destroy","description":"An enterprise team was deleted.","docs_reference_links":"N/A","fieldsIndex":413},{"action":"enterprise_team.remove_member","description":"A member was removed from the enterprise team or an IdP group linked to an enterprise team, or an IdP group was unlinked from an enterprise team.","docs_reference_links":"N/A","fieldsIndex":412},{"action":"enterprise_team.rename","description":"The name of an enterprise team was changed.","docs_reference_links":"N/A","fieldsIndex":414},{"action":"external_group.add_member","description":"A user was added to an external group.","docs_reference_links":"N/A","fieldsIndex":415},{"action":"external_group.delete","description":"An external group was deleted.","docs_reference_links":"N/A","fieldsIndex":416},{"action":"external_group.link","description":"An external group was linked to a GitHub team.","docs_reference_links":"N/A","fieldsIndex":417},{"action":"external_group.provision","description":"An external group was created.","docs_reference_links":"N/A","fieldsIndex":416},{"action":"external_group.remove_member","description":"A user was removed from an external group.","docs_reference_links":"N/A","fieldsIndex":415},{"action":"external_group.scim_api_failure","description":"Failed external group SCIM API request.","docs_reference_links":"/rest/scim/scim","docs_reference_titles":"REST API endpoints for SCIM","fieldsIndex":418},{"action":"external_group.scim_api_success","description":"Successful external group SCIM API request. Excludes GET API requests.","docs_reference_links":"/rest/scim/scim","docs_reference_titles":"REST API endpoints for SCIM","fieldsIndex":419},{"action":"external_group.unlink","description":"An external group was unlinked to a GitHub team.","docs_reference_links":"N/A","fieldsIndex":417},{"action":"external_group.update","description":"An external group was updated.","docs_reference_links":"N/A","fieldsIndex":416},{"action":"external_group.update_display_name","description":"An external group's display name was updated.","docs_reference_links":"N/A","fieldsIndex":416},{"action":"external_identity.deprovision","description":"An external identity was deprovisioned, suspending the linked GitHub user.","docs_reference_links":"N/A","fieldsIndex":420},{"action":"external_identity.provision","description":"An external identity was created and linked to a GitHub user.","docs_reference_links":"N/A","fieldsIndex":420},{"action":"external_identity.scim_api_failure","description":"Failed external identity SCIM API request.","docs_reference_links":"/rest/scim/scim","docs_reference_titles":"REST API endpoints for SCIM","fieldsIndex":421},{"action":"external_identity.scim_api_success","description":"Successful external identity SCIM API request. Excludes GET API requests.","docs_reference_links":"/rest/scim/scim","docs_reference_titles":"REST API endpoints for SCIM","fieldsIndex":422},{"action":"external_identity.update","description":"An external identity was updated.","docs_reference_links":"N/A","fieldsIndex":420},{"action":"ip_allow_list.disable_idp_ip_allowlist_for_web","description":"Identity Provider based IP allow list for web interactions was disabled.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"ip_allow_list.disable_skip_idp_ip_allowlist_app_access","description":"N/A","docs_reference_links":"N/A","fieldsIndex":15},{"action":"ip_allow_list.disable_user_level_enforcement","description":"IP allow list user level enforcement was disabled.","docs_reference_links":"N/A","fieldsIndex":11},{"action":"ip_allow_list.enable_idp_ip_allowlist_for_web","description":"Identity Provider based IP allow list for web interactions was enabled.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"ip_allow_list.enable_skip_idp_ip_allowlist_app_access","description":"N/A","docs_reference_links":"N/A","fieldsIndex":15},{"action":"ip_allow_list.enable_user_level_enforcement","description":"IP allow list user level enforcement was enabled.","docs_reference_links":"N/A","fieldsIndex":11},{"action":"ip_allow_list.update_ip_allowlist_configuration","description":"N/A","docs_reference_links":"N/A","fieldsIndex":15},{"action":"organization_custom_property_definition.create","description":"A new organization custom property definition was created.","docs_reference_links":"/admin/managing-accounts-and-repositories/managing-organizations-in-your-enterprise/managing-custom-properties-for-organization-in-your-enterprise","docs_reference_titles":"/admin/managing-accounts-and-repositories/managing-organizations-in-your-enterprise/managing-custom-properties-for-organization-in-your-enterprise","fieldsIndex":423},{"action":"organization_custom_property_definition.destroy","description":"An organization custom property definition was deleted.","docs_reference_links":"/admin/managing-accounts-and-repositories/managing-organizations-in-your-enterprise/managing-custom-properties-for-organization-in-your-enterprise","docs_reference_titles":"/admin/managing-accounts-and-repositories/managing-organizations-in-your-enterprise/managing-custom-properties-for-organization-in-your-enterprise","fieldsIndex":424},{"action":"organization_custom_property_definition.update","description":"An organization custom property definition was updated.","docs_reference_links":"/admin/managing-accounts-and-repositories/managing-organizations-in-your-enterprise/managing-custom-properties-for-organization-in-your-enterprise","docs_reference_titles":"/admin/managing-accounts-and-repositories/managing-organizations-in-your-enterprise/managing-custom-properties-for-organization-in-your-enterprise","fieldsIndex":425},{"action":"personal_access_token.access_restriction_reset","description":"The configured restriction for access to resources via personal access tokens was reset and delegated to organizations.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"personal_access_token.auto_approve_grant_requests_reset","description":"Triggered when the enterprise delegates to the organizations when to require approval for fine-grained personal access tokens before the tokens can access organization resources.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"sso_lockdown.disable","description":"SSO lockdown for users was disabled.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"sso_lockdown.enable","description":"SSO lockdown for users was enabled.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"sso_redirect.disable","description":"Automatic redirects for users to single sign-on (SSO) was disabled.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"sso_redirect.enable","description":"Automatic redirects for users to single sign-on (SSO) was enabled.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"copilot.user_access_reinstated","description":"N/A","docs_reference_links":"N/A","fieldsIndex":426},{"action":"copilot.user_access_revoked","description":"N/A","docs_reference_links":"N/A","fieldsIndex":426},{"action":"discussion_post.destroy","description":"N/A","docs_reference_links":"N/A","fieldsIndex":427},{"action":"discussion_post_reply.destroy","description":"N/A","docs_reference_links":"N/A","fieldsIndex":428},{"action":"discussion_post_reply.update","description":"N/A","docs_reference_links":"N/A","fieldsIndex":429},{"action":"discussion_post.update","description":"N/A","docs_reference_links":"N/A","fieldsIndex":427},{"action":"oauth_application.suspend","description":"N/A","docs_reference_links":"N/A","fieldsIndex":108},{"action":"oauth_application.unsuspend","description":"An OAuth application was unsuspended for a user or organization account.","docs_reference_links":"/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app","docs_reference_titles":"/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app","fieldsIndex":108},{"action":"org.async_delete","description":"A user initiated a background job to delete an organization.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"org.recreate","description":"An organization was restored.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"org.transform","description":"A user account was converted into an organization.","docs_reference_links":"/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-your-personal-account/converting-a-user-into-an-organization","docs_reference_titles":"Converting a user into an organization","fieldsIndex":430},{"action":"repo.collaborators_only","description":"N/A","docs_reference_links":"N/A","fieldsIndex":431},{"action":"repo.disk_archive","description":"A repository was archived on disk.","docs_reference_links":"/repositories/archiving-a-github-repository/archiving-repositories","docs_reference_titles":"/repositories/archiving-a-github-repository/archiving-repositories","fieldsIndex":0},{"action":"repo.hide_from_discovery","description":"N/A","docs_reference_links":"N/A","fieldsIndex":432},{"action":"repo.noindex","description":"N/A","docs_reference_links":"N/A","fieldsIndex":432},{"action":"repo.override_unlock","description":"The repository was unlocked.","docs_reference_links":"N/A","fieldsIndex":0},{"action":"repo.pages_build","description":"N/A","docs_reference_links":"N/A","fieldsIndex":433},{"action":"repo.require_login","description":"N/A","docs_reference_links":"N/A","fieldsIndex":434},{"action":"team_discussions.clear","description":"N/A","docs_reference_links":"N/A","fieldsIndex":0},{"action":"team_discussions.disable","description":"N/A","docs_reference_links":"N/A","fieldsIndex":0},{"action":"team_discussions.enable","description":"N/A","docs_reference_links":"N/A","fieldsIndex":0},{"action":"user.correct_password_from_unrecognized_device","description":"N/A","docs_reference_links":"N/A","fieldsIndex":15},{"action":"user.correct_password_from_unrecognized_device_and_location","description":"N/A","docs_reference_links":"N/A","fieldsIndex":15},{"action":"user.correct_password_from_unrecognized_location","description":"N/A","docs_reference_links":"N/A","fieldsIndex":15},{"action":"user.flag_as_large_scale_contributor","description":"A user account was flagged as a large scale contributor. Only contributions from public repositories the user owns will be shown in their contribution graph, in order to prevent timeouts.","docs_reference_links":"N/A","fieldsIndex":360},{"action":"user.minimize_comment","description":"A comment made by a user was minimized.","docs_reference_links":"N/A","fieldsIndex":53},{"action":"user.partial_two_factor_email_followup","description":"N/A","docs_reference_links":"N/A","fieldsIndex":15},{"action":"user.remove_large_scale_contributor_flag","description":"A user account was no longer flagged as a large scale contributor.","docs_reference_links":"N/A","fieldsIndex":0},{"action":"user.report_abuse","description":"N/A","docs_reference_links":"N/A","fieldsIndex":234},{"action":"user.report_content","description":"Triggered when you report an issue or pull request, or a comment on an issue, pull request, or commit.","docs_reference_links":"/communities/maintaining-your-safety-on-github/reporting-abuse-or-spam","docs_reference_titles":"/communities/maintaining-your-safety-on-github/reporting-abuse-or-spam","fieldsIndex":0},{"action":"user.sign_in_from_unrecognized_location","description":"A user signed in from an unrecognized location.","docs_reference_links":"N/A","fieldsIndex":15},{"action":"user.unminimize_comment","description":"A comment made by a user was unminimized.","docs_reference_links":"N/A","fieldsIndex":53},{"action":"copilot.knowledge_base_created","description":"N/A","docs_reference_links":"N/A","fieldsIndex":15},{"action":"copilot.knowledge_base_deleted","description":"N/A","docs_reference_links":"N/A","fieldsIndex":15},{"action":"copilot.knowledge_base_updated","description":"N/A","docs_reference_links":"N/A","fieldsIndex":15}] \ No newline at end of file diff --git a/src/audit-logs/data/shared/fields-pool.json b/src/audit-logs/data/shared/fields-pool.json index 0cbcfb9cbd5f..6dca21d79723 100644 --- a/src/audit-logs/data/shared/fields-pool.json +++ b/src/audit-logs/data/shared/fields-pool.json @@ -1 +1 @@ -[["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actions_cache_id","actions_cache_key","actions_cache_scope","actions_cache_version","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","ghsa_id","oauth_application_id","operation_type","public_repo","recipient","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","ghsa_id","oauth_application_id","operation_type","public_repo","recipient","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","ghsa_id","operation_type","public_repo","recipient"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","ghsa_id","oauth_application_id","operation_type","public_repo","recipient"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","oauth_application_id","operation_type","public_repo","user_programmatic_access_name","workflow_run_id"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","alert_enabled","alert_recipient_user_ids","budget_limit_type","created_at","customer_id","exclude_cost_center_usage","oauth_application_id","operation_type","pricing_target_id","pricing_target_type","status","target_amount","target_id","target_type","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","alert_enabled","budget_limit_type","created_at","customer_id","exclude_cost_center_usage","oauth_application_id","operation_type","pricing_target_id","pricing_target_type","status","target_amount","target_type","user_programmatic_access_name","uuid"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","alert_enabled","budget_limit_type","created_at","customer_id","exclude_cost_center_usage","oauth_application_id","old_alert_enabled","old_budget_limit_type","old_pricing_target_id","old_pricing_target_type","old_target_amount","old_target_id","old_target_type","operation_type","pricing_target_id","pricing_target_type","status","target_amount","target_id","target_type","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","oauth_application_id","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","email","oauth_application_id","operation_type","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","name","oauth_application_id","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","name","operation_type","resource_id","resource_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","oauth_application_id","operation_type","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","operation_type","public_repo","visibility"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","oauth_application_id","operation_type","public_repo","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","alert_number","alert_numbers","commit_oid","ref"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","alert_numbers","commit_oid","ref"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","alert_number","alert_numbers","dismissal_approver_id"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","alert_number","created_at","dismissal_request_id","oauth_application_id","operation_type","public_repo","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","alert_number","alert_numbers"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","operation_type","origin_repository"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","name","oauth_application_id","operation_type","owner","public_repo","pull_request_id","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","enablement","operation_type","organization_names"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","devcontainer_path","machine_type","name","oauth_application_id","operation_type","owner","public_repo","pull_request_id","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","name","oauth_application_id","operation_type","owner","public_repo","pull_request_id","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","oauth_application_id","operation_type","owner","public_repo","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","operation_type","owner","public_repo"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","devcontainer_path","machine_type","name","oauth_application_id","operation_type","owner","public_repo","pull_request_id","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type","public_repo","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","oauth_application_id","operation_type","owner","owner_type","plan","reason"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type","owner","owner_type","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","operation_type","owner","owner_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","oauth_application_id","operation_type","owner","owner_type","seat_assignment"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","operation_type","owner","owner_type","seat_assignment"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","new_value","old_value","operation_type","previous_value"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","old_settings","operation_type","public_repo"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","excluded_paths","operation_type","owner_type","public_repo","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","custom_instructions","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","oauth_application_id","old_plan","operation_type","owner","owner_type","plan"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","current_plan","operation_type","owner","owner_type","scheduled_plan"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","new_config","operation_type","public_repo"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type","owner","owner_type","public_repo","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","new_access","oauth_application_id","old_access","operation_type","owner","owner_type","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","name","operation_type","runner_group_id"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","allowed_values","created_at","default_value","definition_id","description","oauth_application_id","operation_type","property_name","required","user_programmatic_access_name","value_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","allowed_values","created_at","default_value","definition_id","oauth_application_id","old_allowed_values","old_default_value","old_required","old_values_editable_by","old_value_type","operation_type","property_name","required","user_programmatic_access_name","values_editable_by","value_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","definition_id","oauth_application_id","operation_type","property_name","public_repo","user_programmatic_access_name","value"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","definition_id","operation_type","public_repo"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","alert_number","created_at","number","oauth_application_id","operation_type","public_repo","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","alert_number","created_at","number","oauth_application_id","operation_type","public_repo","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","alert_number","created_at","number","operation_type","public_repo"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","alert_number","created_at","number","operation_type","public_repo"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","access_level","actor_is_bot","created_at","oauth_application_id","operation_type","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","number","oauth_application_id","operation_type","public_repo","title","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","message","oauth_application_id","operation_type","owner","owner_type","public_repo","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","operation_type","owner","owner_type","public_repo","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","message","oauth_application_id","old_message","operation_type","owner","owner_type","public_repo","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","environment_name","integration","name","oauth_application_id","operation_type","public_repo","topic","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","environment_name","oauth_application_id","operation_type","public_repo","topic","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","environment_name","key","oauth_application_id","operation_type","public_repo","user_programmatic_access_name","visibility"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","environment_name","name","oauth_application_id","operation_type","public_repo","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","environment_name","key","oauth_application_id","operation_type","public_repo","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","environment_name","integration","name","oauth_application_id","operation_type","public_repo","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","approvers","approvers_was","can_admins_bypass","environment_id","environment_name","new_value","old_value","prevent_self_review"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","external_id","repository_public","transport_protocol","transport_protocol_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","name","oauth_application_id","operation_type","runner_group_id","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","active","active_was","actor_is_agent","actor_is_bot","created_at","events","hook_id","integration","name","oauth_application_id","operation_type","public_repo","sponsors_listing_id","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","active","actor_is_agent","actor_is_bot","created_at","events","hook_id","integration","name","oauth_application_id","operation_type","public_repo","sponsors_listing_id","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","active","actor_is_agent","actor_is_bot","created_at","events","hook_id","integration","name","oauth_application","oauth_application_id","operation_type","public_repo","sponsors_listing_id","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","active","actor_is_agent","actor_is_bot","created_at","events","events_were","hook_id","integration","name","oauth_application_id","operation_type","public_repo","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","application_client_id","created_at","integration","name","oauth_application_id","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","application_client_id","created_at","integration","name","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","application_client_id","created_at","integration","name","oauth_application_id","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","application_client_id","created_at","integration","name","oauth_application_id","operation_type","repository_selection","topic","trigger_id","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","application_client_id","created_at","integration","name","oauth_application_id","operation_type","repository_selection","topic"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","application_client_id","created_at","integration","name","oauth_application_id","operation_type","repositories_added","repositories_added_names","repository_selection","topic","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","application_client_id","created_at","integration","name","oauth_application_id","operation_type","repositories_removed","repositories_removed_names","repository_selection","topic"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","application_client_id","created_at","integration","operation_type","reason","url"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","application_client_id","created_at","integration","operation_type","requester","url"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","application_client_id","created_at","integration","name","operation_type","repository_selection"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","application_client_id","created_at","integration","manager","name","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","application_client_id","created_at","integration","name","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","application_client_id","created_at","integration","name","operation_type","requester","requester_id","transfer_from","transfer_from_id","transfer_from_type","transfer_to","transfer_to_id","transfer_to_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","active","actor_is_bot","created_at","integration","ip_allow_list_entry","oauth_application_id","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type","public_repo","title","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","number","oauth_application_id","operation_type","owner_type","public_repo","pull_request_id","pull_request_title","pull_request_url","title","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","event","number","oauth_application_id","operation_type","owner_type","public_repo","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","number","oauth_application_id","operation_type","owner_type","public_repo","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","color","created_at","description","enabled","issue_type_name","oauth_application_id","operation_type","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","color","created_at","description","enabled","issue_type_name","oauth_application_id","operation_type","topic","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","color","created_at","description","enabled","issue_type_name","oauth_application_id","old_color","old_description","old_enabled","old_issue_type_name","operation_type","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","integration","marketplace_listing","oauth_application","oauth_application_id","operation_type","primary_category","secondary_category"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","integration","marketplace_listing","operation_type","primary_category","secondary_category"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","integration","marketplace_listing","operation_type","primary_category","secondary_category"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","allowlist_id","assignment_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type","public_repo","topic"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","check_response_timeout_minutes","created_at","max_entries_to_build","max_entries_to_merge","merge_method","merging_strategy","min_entries_to_merge","min_entries_to_merge_wait_minutes","operation_type","public_repo"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","oauth_application_id","operation_type","public_repo"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","failover_network_enabled","failover_network_settings_ids","name","network_configuration_id","network_settings_ids","oauth_application_id","operation_type","previous_settings_ids","selected_service","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","network_configuration_id","oauth_application_id","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","failover_network_enabled","failover_network_settings_ids","name","network_configuration_id","network_settings_ids","oauth_application_id","operation_type","previous_settings_ids","selected_service"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","oauth_application","oauth_application_id","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","oauth_application","oauth_application_id","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","operation_type","two_factor_method"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","invitation_id","oauth_application_id","operation_type","permission","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","invitee","inviter","oauth_application_id","operation_type","permission","public_repo"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type","team"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","new_policy","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","operation_type","query_phrase"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","end","operation_type","start"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","blocked_user","created_at","oauth_application_id","operation_type","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","initiated_from","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","email","invitation_id","invitee_email","oauth_application_id","operation_type","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","operation_type","topic"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","operation_type","topic"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","enablement","oauth_application_id","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","oauth_application_id","operation_type","owner_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","operation_type","team"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","invitation_id","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","key","oauth_application_id","operation_type","user_programmatic_access_name","visibility"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","integration","key","oauth_application_id","operation_type","user_programmatic_access_name","visibility"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","application_id","application_name","application_type","created_at","fingerprint","managed_hashed_token","managed_oauth_access_id","managed_oauth_scopes","managed_token_id","managed_token_scopes","oauth_application_id","oauth_credential_type","operation_type","topic","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","application_id","application_name","application_type","created_at","fingerprint","managed_hashed_token","managed_oauth_access_id","managed_oauth_scopes","managed_token_id","managed_token_scopes","oauth_application_id","oauth_credential_type","operation_type","owner","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","issuer","operation_type","sso_url"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","manager","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","count","created_at","limit","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","oauth_application_name","operation_type","url"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","operation_type","reason"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","key","oauth_application_id","operation_type","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","integration","key","oauth_application_id","operation_type","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","oauth_application_id","operation_type","team"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","old_login","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","network_configuration_id","oauth_application_id","operation_type","runner_group_allow_public","runner_group_id","runner_group_name","runner_group_restricted_to_workflows","runner_group_selected_workflow_refs","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type","runner_group_id","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","operation_type","runner_group_id"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type","runner_group_id","runner_id","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","operation_type","runner_group_id","visibility"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","push_protection_setting","secret_type","secret_type_display_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","end_date","filename","operation_type","query","requested_at","start_date"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","filename","operation_type","query","requested_at"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","operation_type","runner_id","runner_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","operation_type","runner_group_id","runner_group_name","runner_id","runner_name","source_version","target_version"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type","policy","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","oauth_application_id","operation_type","policy","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","limit","oauth_application_id","operation_type","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","issuer","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","from_business","operation_type","to_business"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","new_policy","oauth_application_id","old_policy","operation_type","updated_access_policy","updated_allowed_types","updated_github_owned_allowed","updated_patterns","updated_verified_allowed","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","new_policy","old_policy","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","old_permission","operation_type","permission","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","new_policy","oauth_application_id","old_policy","operation_type","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type","permission","user_programmatic_access_name","visibility"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","operation_type","permission"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","new_repo_runners_policy","oauth_application_id","old_repo_runners_policy","operation_type","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","definition_id","oauth_application_id","operation_type","property_name","value"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","domain_name","oauth_application_id","operation_type","owner","owner_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type","organization_role_id","organization_role_name","team","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","base_role","created_at","name","oauth_application_id","operation_type","organization_role_id","owner","owner_id","owner_type","role_permissions","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","base_role","created_at","name","oauth_application_id","operation_type","organization_role_id","owner","owner_id","owner_type","role_permissions"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","base_role","created_at","name","oauth_application_id","old_base_role","old_role_permissions","operation_type","organization_role_id","owner","owner_id","owner_type","role_permissions","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","new_project_base_role","old_project_base_role","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","ecosystem","operation_type","package","version_count"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","ecosystem","is_republished","operation_type","package","version_count"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","ecosystem","operation_type","package","version"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","ecosystem","is_republished","operation_type","package","version"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","domain","operation_type","owner","owner_type","state"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","operation_type","repositories","repository_selection","user_programmatic_access_id","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type","repositories","repository_selection","user_programmatic_access_id","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","exempt_administrators","old_token_expiration","operation_type","token_expiration"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","old_token_expiration","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","operation_type","repository_selection","user_programmatic_access_name","user_programmatic_access_request_id"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","operation_type","repositories","repository_selection","user_programmatic_access_id","user_programmatic_access_name","user_programmatic_access_request_id"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","operation_type","repository_selection","user_programmatic_access_name","user_programmatic_access_request_id"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","branch","created_at","operation_type","public_repo"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type","policy","public_repo","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","integration","marketplace_listing","oauth_application","oauth_application_id","operation_type","owner","team"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","new_project_base_role","old_project_base_role","operation_type","project_id","project_number","public_project"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type","project_id","project_kind","project_name","public_project","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","collaborator","collaborator_type","created_at","old_project_role","operation_type","project_id","project_name","project_role","public_project"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","operation_type","public_repo"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type","topic","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","old_name","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","operation_type","team"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","oauth_application_id","operation_type","project_id","project_kind","project_name","public_project"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","oauth_application_id","operation_type","project_id","project_kind","project_name","public_project","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","name","oauth_application_id","operation_type","public_repo","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","authorized_actors","created_at","name","oauth_application_id","operation_type","policy","public_repo","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","admin_enforced","allow_deletions_enforcement_level","allow_force_pushes_enforcement_level","authorized_actor_names","created_at","create_protected","dismiss_stale_reviews_on_push","enforcement_level","ignore_approvals_from_contributors","linear_history_requirement_enforcement_level","lock_allows_fetch_and_merge","lock_branch_enforcement_level","merge_queue_enforcement_level","name","oauth_application_id","operation_type","public_repo","pull_request_reviews_enforcement_level","required_approving_review_count","required_deployments_enforcement_level","required_review_thread_resolution_enforcement_level","required_status_checks_enforcement_level","require_code_owner_review","require_last_push_approval","signature_requirement_enforcement_level","strict_required_status_checks_policy","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","dismiss_stale_reviews_on_push","name","oauth_application_id","operation_type","public_repo","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","authorized_actors","authorized_actors_only","created_at","name","oauth_application_id","operation_type","public_repo","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","after","before","branch","compliant_pull_request_ids","created_at","deploy_key_fingerprint","oauth_application_id","operation_type","overridden_codes","public_repo","reasons","referrer","rule_suite_id","topic","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","admin_enforced","created_at","name","oauth_application_id","operation_type","public_repo","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","allow_deletions_enforcement_level","created_at","name","oauth_application_id","operation_type","public_repo","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","allow_force_pushes_enforcement_level","created_at","name","oauth_application_id","operation_type","public_repo","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","ignore_approvals_from_contributors","name","operation_type","public_repo"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","linear_history_requirement_enforcement_level","name","oauth_application_id","operation_type","public_repo","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","lock_allows_fetch_and_merge","name","oauth_application_id","operation_type","public_repo","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","enforcement_level","lock_branch_enforcement_level","name","oauth_application_id","operation_type","public_repo","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","merge_queue_enforcement_level","name","oauth_application_id","operation_type","public_repo","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","name","oauth_application_id","old_name","operation_type","public_repo","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","name","oauth_application_id","operation_type","public_repo","pull_request_reviews_enforcement_level","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","name","oauth_application_id","operation_type","public_repo","require_code_owner_review","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","name","oauth_application_id","operation_type","public_repo","require_last_push_approval","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","name","oauth_application_id","operation_type","public_repo","required_approving_review_count","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","name","oauth_application_id","operation_type","public_repo","required_status_checks_enforcement_level","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","name","oauth_application_id","operation_type","public_repo","signature_requirement_enforcement_level","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","name","oauth_application_id","operation_type","public_repo","strict_required_status_checks_policy","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","fingerprint","key","oauth_application_id","operation_type","public_repo","read_only","title","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","explanation","fingerprint","key","oauth_application_id","operation_type","public_repo","read_only","title","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","fingerprint","key","operation_type","read_only","title"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","explanation","fingerprint","key","operation_type","public_repo","read_only","title"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type","public_repo","pull_request_id","pull_request_title","pull_request_url","topic","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type","public_repo","pull_request_id","pull_request_title","pull_request_url","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","agent_session_id","created_at","oauth_application_id","operation_type","public_repo","pull_request_id","pull_request_title","pull_request_url","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type","public_repo","pull_request_id","pull_request_title","pull_request_url","reviewer","reviewer_id","reviewer_type","topic","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","operation_type","pull_request_id"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","comment_id","created_at","oauth_application_id","operation_type","topic","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","comment_id","created_at","oauth_application_id","operation_type","public_repo","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","comment_id","created_at","oauth_application_id","operation_type","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type","public_repo","pull_request_id","pull_request_title","pull_request_url","review_id","topic","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type","previous_visibility","public_repo","user_programmatic_access_name","visibility"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","integration","name","oauth_application_id","operation_type","public_repo","repository_selection","topic","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type","permission","public_repo","user_programmatic_access_name","visibility"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type","public_repo","topic","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type","public_repo","topic","user_programmatic_access_name","visibility"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type","public_repo","user_programmatic_access_name","visibility"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","operation_type","public_repo"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","category","created_at","oauth_application_id","operation_type","public_repo","tool","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","branch","category","created_at","operation_type","public_repo","tool"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","languages","oauth_application_id","operation_type","public_repo","query_suite","threat_model","topic","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","oauth_application_id","operation_type","public_repo","topic","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","oauth_application_id","operation_type","public_repo","topic"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type","public_repo","request_category","request_method","user_programmatic_access_name","visibility"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","key","oauth_application_id","operation_type","public_repo","user_programmatic_access_name","visibility"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","integration","key","oauth_application_id","operation_type","public_repo","user_programmatic_access_name","visibility"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","cname","created_at","oauth_application_id","old_cname","operation_type","public_repo","topic","user_programmatic_access_name","visibility"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","oauth_application_id","operation_type","public_repo","visibility"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","operation_type","public_repo"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","key","oauth_application_id","operation_type","public_repo","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","integration","key","oauth_application_id","operation_type","public_repo","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","old_name","operation_type","public_repo","user_programmatic_access_name","visibility"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","default_branch","new_branch","oauth_application_id","old_branch","operation_type","public_repo","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","oauth_application_id","operation_type","public_repo","user_programmatic_access_name","visibility"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type","public_repo","visibility"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type","policy","public_repo","user_programmatic_access_name","visibility"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","limit","oauth_application_id","operation_type","public_repo","user_programmatic_access_name","visibility"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","oauth_application_id","old_user","operation_type","owner","public_repo","repo_was","visibility"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","new_nwo","oauth_application_id","operation_type","public_repo","visibility"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","old_policy","operation_type","policy","visibility"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","new_policy","oauth_application_id","old_policy","operation_type","public_repo","updated_access_policy","updated_allowed_types","updated_github_owned_allowed","updated_patterns","updated_verified_allowed","user_programmatic_access_name","visibility"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","new_repo_base_role","new_repo_permission","oauth_application_id","old_base_role","old_permission","old_repo_base_role","old_repo_permission","operation_type","public_repo","user_programmatic_access_name","visibility"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type","public_repo"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","content_type","created_at","operation_type","public_repo"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","invitee","inviter","oauth_application_id","operation_type","public_repo"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","invitee","inviter","oauth_application_id","operation_type","public_repo","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","count","created_at","limit","operation_type","owner"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","count","created_at","limit","oauth_application_id","operation_type","owner","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","name","oauth_application_id","operation_type","public_repo","ruleset_bypass_actors","ruleset_conditions","ruleset_enforcement","ruleset_id","ruleset_name","ruleset_rules","ruleset_source_type","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","old_name","operation_type","public_repo","ruleset_bypass_actors_added","ruleset_bypass_actors_deleted","ruleset_bypass_actors_updated","ruleset_conditions_added","ruleset_conditions_deleted","ruleset_conditions_updated","ruleset_enforcement","ruleset_id","ruleset_name","ruleset_old_enforcement","ruleset_old_name","ruleset_rules_added","ruleset_rules_deleted","ruleset_rules_updated","ruleset_source_type","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type","public_repo","repository_security_configuration_failure_reason","repository_security_configuration_state","security_configuration_id","security_configuration_name","topic","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","active","actor_is_agent","actor_is_bot","alert_id","alert_number","created_at","ghsa_id","oauth_application_id","operation_type","owner","public_repo","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","active","actor_is_agent","actor_is_bot","alert_id","alert_number","created_at","ghsa_id","oauth_application_id","operation_type","owner","public_repo","topic","user_programmatic_access_name","vulnerability_alert_rule_id","vulnerability_alert_rule_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","active","actor_is_agent","actor_is_bot","alert_id","alert_number","created_at","ghsa_id","oauth_application_id","operation_type","owner","public_repo","topic","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","active","actor_is_agent","actor_is_bot","alert_id","alert_number","created_at","dismiss_comment","dismiss_reason","ghsa_id","oauth_application_id","operation_type","owner","public_repo","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","active","actor_is_bot","alert_id","alert_number","created_at","ghsa_id","oauth_application_id","operation_type","owner","public_repo","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","active","actor_is_agent","actor_is_bot","alert_id","alert_number","created_at","ghsa_id","operation_type","owner","public_repo"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","context","created_at","oauth_application_id","operation_type","public_repo","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","operation_type","owner"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type","owner"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","base_role","created_at","name","oauth_application_id","old_role_permissions","operation_type","owner","role_permissions","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","base_role","created_at","name","oauth_application_id","operation_type","owner","role_permissions"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","base_role","created_at","name","oauth_application_id","old_base_role","old_role_permissions","operation_type","owner","role_permissions","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","multi_repo","number","publicly_leaked","secret_type","secret_type_display_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","multi_repo","number","publicly_leaked","reason","secret_type","secret_type_display_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","multi_repo","number","oauth_application_id","operation_type","publicly_leaked","public_repo","resolution","secret_type","secret_type_display_name","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","multi_repo","number","publicly_leaked","report_result","secret_type","secret_type_display_name","secret_type_provider"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","number","operation_type","public_repo"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","current_validity","multi_repo","number","previous_validity","publicly_leaked","secret_type","secret_type_display_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","alert_number","created_at","number","oauth_application_id","operation_type","public_repo","request_reviewer_comment","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","alert_number","comment","created_at","number","operation_type","public_repo","reason"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","multi_repo","number","publicly_leaked","push_protection_bypass_reason","request_reviewer","request_reviewer_comment","request_reviewer_id","secret_type","secret_type_display_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","number","oauth_application_id","operation_type","public_repo","request_reviewer_comment","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","number","operation_type","public_repo"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","number","operation_type","public_repo","request_reviewer_comment","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","comment","created_at","number","operation_type","public_repo"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","completed_at","created_at","custom_pattern_name","custom_pattern_scope","operation_type","public_repo","secret_types","source","source_slug","started_at","type","type_slug"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type","security_configuration_code_scanning","security_configuration_code_scanning_delegated_alert_dismissal","security_configuration_code_security_sku_enabled","security_configuration_created_at","security_configuration_dependabot_alerts","security_configuration_dependabot_delegated_alert_dismissal","security_configuration_dependabot_security_updates","security_configuration_dependency_graph","security_configuration_dependency_graph_autosubmit_action","security_configuration_description","security_configuration_enable_ghas","security_configuration_id","security_configuration_name","security_configuration_private_vulnerability_reporting","security_configuration_secret_protection_sku_enabled","security_configuration_secret_scanning","security_configuration_secret_scanning_delegated_alert_dismissal","security_configuration_secret_scanning_delegated_bypass","security_configuration_secret_scanning_extended_metadata","security_configuration_secret_scanning_generic_secrets","security_configuration_secret_scanning_non_provider_patterns","security_configuration_secret_scanning_push_protection","security_configuration_secret_scanning_validity_checks","security_configuration_updated_at","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","default_for_new_private_repos","default_for_new_public_repos","oauth_application_id","operation_type","security_configuration_name","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","enforcement","oauth_application_id","operation_type","security_configuration_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type","security_configuration_code_scanning","security_configuration_code_scanning_delegated_alert_dismissal","security_configuration_code_security_sku_enabled","security_configuration_created_at","security_configuration_dependabot_alerts","security_configuration_dependabot_delegated_alert_dismissal","security_configuration_dependabot_security_updates","security_configuration_dependency_graph","security_configuration_dependency_graph_autosubmit_action","security_configuration_description","security_configuration_enable_ghas","security_configuration_id","security_configuration_name","security_configuration_private_vulnerability_reporting","security_configuration_secret_protection_sku_enabled","security_configuration_secret_scanning","security_configuration_secret_scanning_delegated_alert_dismissal","security_configuration_secret_scanning_delegated_bypass","security_configuration_secret_scanning_extended_metadata","security_configuration_secret_scanning_generic_secrets","security_configuration_secret_scanning_non_provider_patterns","security_configuration_secret_scanning_push_protection","security_configuration_secret_scanning_validity_checks","security_configuration_updated_at","topic","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","operation_type","sponsors_listing_id"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","operation_type","sponsors_listing_id"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","operation_type","public_repo","topic","visibility"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","active","actor_is_bot","created_at","oauth_application_id","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","active","actor_is_bot","created_at","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","oauth_application_id","operation_type","sponsors_listing_id"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","operation_type","public_repo","sponsors_listing_id"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","operation_type","patreon_email","patreon_username"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","fingerprint","openssh_public_key","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","domain_name","operation_type","owner","owner_type","token_expires_at"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","domain_name","operation_type","owner","owner_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","domain_name","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type","team","team_type","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type","permission","public_repo","team","team_type","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type","team","team_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type","team","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","count","created_at","limit","operation_type","team","team_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type","public_repo","team","team_type","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","name","name_was","oauth_application_id","operation_type","team","team_type","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","new_repo_base_role","new_repo_permission","oauth_application_id","old_permission","old_repo_base_role","old_repo_permission","operation_type","permission","public_repo","team","team_type","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","deleted_at","deleted_by","deleted_by_id","deleted_content","editor","editor_id","operation_type","user_content_id","user_content_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","operation_type","public_repo","vulnerability_alert_rule_id","vulnerability_alert_rule_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","operation_type","public_repo","topic","vulnerability_alert_rule_id","vulnerability_alert_rule_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type","public_repo","topic","user_programmatic_access_name","vulnerability_alert_rule_id","vulnerability_alert_rule_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","operation_type","vulnerability_alert_rule_id","vulnerability_alert_rule_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","allowed","created_at","event_name","integration_installation_id","operation_type","public_repo","ruleset_ids","violations"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type","public_repo","run_number","topic","user_programmatic_access_name","workflow_run_id"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","operation_type","public_repo","run_number","workflow_run_id"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","cancelled_at","created_at","event","head_branch","head_sha","name","oauth_application_id","operation_type","public_repo","run_number","started_at","topic","trigger_id","user_programmatic_access_name","workflow_id","workflow_run_id"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","operation_type","public_repo","run_number","workflow_run_id"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","completed_at","conclusion","created_at","event","head_branch","head_sha","name","operation_type","public_repo","run_attempt","run_number","started_at","topic","trigger_id","workflow_id","workflow_run_id"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","event","head_branch","head_sha","name","operation_type","public_repo","run_number","started_at","trigger_id","workflow_id","workflow_run_id"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","event","head_branch","head_sha","name","oauth_application_id","operation_type","public_repo","run_number","started_at","topic","trigger_id","user_programmatic_access_name","workflow_id","workflow_run_id"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type","public_repo","user_programmatic_access_name","workflow_id"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","operation_type","public_repo","workflow_id"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","calling_workflow_refs","calling_workflow_shas","created_at","environment_name","imposer_repo","is_hosted_runner","job_name","job_workflow_ref","operation_type","runner_group_id","runner_group_name","runner_id","runner_labels","runner_name","runner_owner_type","secrets_passed","workflow_run_id"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type","public_repo","run_number","user_programmatic_access_name","workflow_run_id"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","check_run_id","created_at","event","head_branch","head_sha","name","oauth_application_id","operation_type","public_repo","rerun_type","run_attempt","run_number","started_at","trigger_id","user_programmatic_access_name","workflow_id","workflow_run_id"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","name","oauth_application_id","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","name","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","name","oauth_application_id","operation_type","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","name","operation_type","policy"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","name","oauth_application_id","operation_type","policy"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","limit","name","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","gist","gist_id","oauth_application_id","operation_type","user_programmatic_access_name","visibility"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","fingerprint","key","oauth_application_id","operation_type","title","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","explanation","fingerprint","key","oauth_application_id","operation_type","title","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","key","name","oauth_application_id","operation_type","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","bullets","created_at","description","has_free_trial","marketplace_listing","marketplace_listing_plan","monthly_price_in_cents","operation_type","yearly_price_in_cents"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","allowlist_id","server_id","server_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","allowlist_description","allowlist_id","allowlist_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","allowlist_id","allowlist_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","allowlist_id","entries","server_id"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","allowlist_id","allowlist_name","old_allowlist_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","block_local_servers","mcp_policy","old_block_local_servers","old_mcp_policy"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","integration","oauth_application_id","oauth_application_name","operation_type","topic","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","explanation","integration","oauth_application_id","oauth_application_name","operation_type","topic","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","explanation","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","explanation","integration","oauth_application_id","oauth_application_name","operation_type","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","oauth_application_name","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","nickname","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","operation_type","repository_selection","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","operation_type","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","explanation","operation_type","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","explanation","operation_type","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","operation_type","pat_field_changed","repository_selection","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","oauth_application_id","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","email","oauth_application_id","operation_type","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","oauth_application_id","operation_type","public_repo","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","email","oauth_application_id","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","integration","key","oauth_application_id","operation_type","user_programmatic_access_name","visibility"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","operation_type","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","email","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","operation_type","passkey_nickname"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","integration","key","oauth_application_id","operation_type","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","old_login","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","emoji","limited_availability","message","oauth_application_id","operation_type","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","emoji","limited_availability","message","oauth_application_id","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","blocked_user","created_at","oauth_application_id","operation_type","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","operation_type","public_repo","query_string","rate_limit_remaining","request_body","request_method","route","status_code","url_path"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","audit_log_stream_id","audit_log_stream_result","audit_log_stream_sink_details","created_at","oauth_application_id","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","audit_log_stream_id","audit_log_stream_sink","created_at","oauth_application_id","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","audit_log_stream_id","audit_log_stream_sink","audit_log_stream_sink_details","created_at","oauth_application_id","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","audit_log_stream_enabled","audit_log_stream_id","audit_log_stream_sink","audit_log_stream_sink_details","created_at","new_azure_blob_container","new_event_hub_instance","new_gc_bucket","new_s3_arn_role","new_s3_bucket","new_splunk_domain","new_splunk_port","old_azure_blob_container","old_event_hub_instance","old_gc_bucket","old_s3_arn_role","old_s3_bucket","old_splunk_domain","old_splunk_port","operation_type","reason","secrets_updated","ssl_verify"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","name","oauth_application_id","operation_type","two_factor_method"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","name","oauth_application_id","operation_type","organization_upgrade"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","name","new_policy","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","email","invitation_id","name","oauth_application_id","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","email","invitation_id","name","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","name","operation_type","seats_plan_type","seats_plan_type_was"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","name","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","name","oauth_application_id","operation_type","visibility"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","issuer","name","operation_type","sso_url"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","count","created_at","limit","name","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","name","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","name","operation_type","reason"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","name","operation_type","two_factor_method"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","issuer","name","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","name","new_policy","oauth_application_id","old_policy","operation_type","updated_access_policy","updated_allowed_types","updated_github_owned_allowed","updated_patterns","updated_verified_allowed"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","name","oauth_application_id","old_permission","operation_type","permission"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","name","new_emu_repo_runners_policy","old_emu_repo_runners_policy","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","name","oauth_application_id","operation_type","permission","visibility"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","name","oauth_application_id","operation_type","permission"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","name","new_repo_runners_policy","old_repo_runners_policy","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","new_value","old_value","operation_type","remove_existing_unaffiliated_users","users_removed_count"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","current_value","operation_type","previous_value"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","domain_name","operation_type","owner","owner_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","enterprise_role_id","enterprise_role_name","oauth_application_id","operation_type","team"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","base_role","created_at","name","operation_type","owner","role_permissions"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","enterprise_role_id","enterprise_role_name","oauth_application_id","operation_type","team"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","base_role","created_at","name","old_role_permissions","operation_type","owner","role_permissions"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","network_configuration_id","oauth_application_id","operation_type","runner_group_allow_public","runner_group_id","runner_group_name","runner_group_restricted_to_workflows","runner_group_selected_workflow_refs"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","oauth_application_id","operation_type","runner_group_id"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","oauth_application_id","operation_type","runner_group_id","runner_id"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","enterprise_team","enterprise_team_id","oauth_application_id","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","enterprise_team","enterprise_team_id","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","enterprise_team","enterprise_team_id","name","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","external_group","external_group_id","oauth_application_id","operation_type","scim_group_id"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","external_group","external_group_id","oauth_application_id","operation_type","scim_group_id"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","external_group","external_group_id","oauth_application_id","operation_type","scim_group_id","team","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","api_request_body","created_at","message","oauth_application_id","operation_type","query_string","request_method","route","scim_group_id","status_code","url_path","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","api_request_body","created_at","oauth_application_id","operation_type","query_string","request_method","route","scim_group_id","status_code","url_path"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type","scim_user_id"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","api_request_body","created_at","message","oauth_application_id","operation_type","query_string","request_method","route","scim_user_id","status_code","url_path","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","api_request_body","created_at","oauth_application_id","operation_type","query_string","request_method","route","scim_user_id","status_code","url_path"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","allowed_values","created_at","default_value","definition_id","description","oauth_application_id","operation_type","property_name","required","value_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","allowed_values","created_at","default_value","definition_id","description","oauth_application_id","operation_type","property_name","required","value_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","allowed_values","created_at","default_value","definition_id","old_allowed_values","old_default_value","old_required","old_values_editable_by","operation_type","property_name","required","values_editable_by"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","oauth_application_id","operation_type","owner","owner_type","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","number","operation_type","team","title"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","number","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","number","operation_type","team"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","operation_type","owner"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","operation_type","visibility"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","operation_type","public_repo","visibility"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","operation_type","public_repo","topic","visibility"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","operation_type","public_repo","visibility"]] \ No newline at end of file +[["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actions_cache_id","actions_cache_key","actions_cache_scope","actions_cache_version","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","ghsa_id","oauth_application_id","operation_type","public_repo","recipient","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","ghsa_id","oauth_application_id","operation_type","public_repo","recipient","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","ghsa_id","operation_type","public_repo","recipient"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","ghsa_id","oauth_application_id","operation_type","public_repo","recipient"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","oauth_application_id","operation_type","public_repo","user_programmatic_access_name","workflow_run_id"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","alert_enabled","alert_recipient_user_ids","budget_limit_type","created_at","customer_id","exclude_cost_center_usage","oauth_application_id","operation_type","pricing_target_id","pricing_target_type","status","target_amount","target_id","target_type","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","alert_enabled","budget_limit_type","created_at","customer_id","exclude_cost_center_usage","oauth_application_id","operation_type","pricing_target_id","pricing_target_type","status","target_amount","target_type","user_programmatic_access_name","uuid"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","alert_enabled","budget_limit_type","created_at","customer_id","exclude_cost_center_usage","oauth_application_id","old_alert_enabled","old_budget_limit_type","old_pricing_target_id","old_pricing_target_type","old_target_amount","old_target_id","old_target_type","operation_type","pricing_target_id","pricing_target_type","status","target_amount","target_id","target_type","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","oauth_application_id","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","email","oauth_application_id","operation_type","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","name","oauth_application_id","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","name","operation_type","resource_id","resource_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","oauth_application_id","operation_type","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","operation_type","public_repo","visibility"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","oauth_application_id","operation_type","public_repo","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","alert_number","alert_numbers","commit_oid","ref"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","alert_numbers","commit_oid","ref"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","alert_number","alert_numbers","dismissal_approver_id"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","alert_number","created_at","dismissal_request_id","oauth_application_id","operation_type","public_repo","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","alert_number","alert_numbers"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","operation_type","origin_repository"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","name","oauth_application_id","operation_type","owner","public_repo","pull_request_id","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","enablement","operation_type","organization_names"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","devcontainer_path","machine_type","name","oauth_application_id","operation_type","owner","public_repo","pull_request_id","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","name","oauth_application_id","operation_type","owner","public_repo","pull_request_id","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","oauth_application_id","operation_type","owner","public_repo","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","operation_type","owner","public_repo"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","devcontainer_path","machine_type","name","oauth_application_id","operation_type","owner","public_repo","pull_request_id","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type","public_repo","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","oauth_application_id","operation_type","owner","owner_type","plan","reason"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type","owner","owner_type","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","operation_type","owner","owner_type","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","oauth_application_id","operation_type","owner","owner_type","seat_assignment"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","operation_type","owner","owner_type","seat_assignment"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","new_value","old_value","operation_type","previous_value"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","old_settings","operation_type","public_repo"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","excluded_paths","operation_type","owner_type","public_repo","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","custom_instructions","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","operation_type","owner","owner_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","oauth_application_id","old_plan","operation_type","owner","owner_type","plan"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","current_plan","operation_type","owner","owner_type","scheduled_plan"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","new_config","operation_type","public_repo"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type","owner","owner_type","public_repo","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","new_access","oauth_application_id","old_access","operation_type","owner","owner_type","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","name","operation_type","runner_group_id"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","allowed_values","created_at","default_value","definition_id","description","oauth_application_id","operation_type","property_name","required","user_programmatic_access_name","value_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","allowed_values","created_at","default_value","definition_id","oauth_application_id","old_allowed_values","old_default_value","old_required","old_values_editable_by","old_value_type","operation_type","property_name","required","user_programmatic_access_name","values_editable_by","value_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","definition_id","oauth_application_id","operation_type","property_name","public_repo","user_programmatic_access_name","value"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","definition_id","operation_type","public_repo"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","alert_number","created_at","number","oauth_application_id","operation_type","public_repo","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","alert_number","created_at","number","oauth_application_id","operation_type","public_repo","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","alert_number","created_at","number","operation_type","public_repo"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","alert_number","created_at","number","operation_type","public_repo"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","access_level","actor_is_bot","created_at","oauth_application_id","operation_type","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","number","oauth_application_id","operation_type","public_repo","title","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","message","oauth_application_id","operation_type","owner","owner_type","public_repo","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","operation_type","owner","owner_type","public_repo","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","message","oauth_application_id","old_message","operation_type","owner","owner_type","public_repo","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","environment_name","integration","name","oauth_application_id","operation_type","public_repo","topic","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","environment_name","oauth_application_id","operation_type","public_repo","topic","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","environment_name","key","oauth_application_id","operation_type","public_repo","user_programmatic_access_name","visibility"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","environment_name","name","oauth_application_id","operation_type","public_repo","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","environment_name","key","oauth_application_id","operation_type","public_repo","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","environment_name","integration","name","oauth_application_id","operation_type","public_repo","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","approvers","approvers_was","can_admins_bypass","environment_id","environment_name","new_value","old_value","prevent_self_review"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","external_id","repository_public","transport_protocol","transport_protocol_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","name","oauth_application_id","operation_type","runner_group_id","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","active","active_was","actor_is_agent","actor_is_bot","created_at","events","hook_id","integration","name","oauth_application_id","operation_type","public_repo","sponsors_listing_id","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","active","actor_is_agent","actor_is_bot","created_at","events","hook_id","integration","name","oauth_application_id","operation_type","public_repo","sponsors_listing_id","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","active","actor_is_agent","actor_is_bot","created_at","events","hook_id","integration","name","oauth_application","oauth_application_id","operation_type","public_repo","sponsors_listing_id","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","active","actor_is_agent","actor_is_bot","created_at","events","events_were","hook_id","integration","name","oauth_application_id","operation_type","public_repo","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","application_client_id","created_at","integration","name","oauth_application_id","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","application_client_id","created_at","integration","name","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","application_client_id","created_at","integration","name","oauth_application_id","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","application_client_id","created_at","integration","name","oauth_application_id","operation_type","repository_selection","topic","trigger_id","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","application_client_id","created_at","integration","name","oauth_application_id","operation_type","repository_selection","topic"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","application_client_id","created_at","integration","name","oauth_application_id","operation_type","repositories_added","repositories_added_names","repository_selection","topic","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","application_client_id","created_at","integration","name","oauth_application_id","operation_type","repositories_removed","repositories_removed_names","repository_selection","topic"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","application_client_id","created_at","integration","operation_type","reason","url"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","application_client_id","created_at","integration","operation_type","requester","url"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","application_client_id","created_at","integration","name","operation_type","repository_selection"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","application_client_id","created_at","integration","manager","name","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","application_client_id","created_at","integration","name","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","application_client_id","created_at","integration","name","operation_type","requester","requester_id","transfer_from","transfer_from_id","transfer_from_type","transfer_to","transfer_to_id","transfer_to_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","active","actor_is_bot","created_at","integration","ip_allow_list_entry","oauth_application_id","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type","public_repo","title","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","number","oauth_application_id","operation_type","owner_type","public_repo","pull_request_id","pull_request_title","pull_request_url","title","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","event","number","oauth_application_id","operation_type","owner_type","public_repo","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","number","oauth_application_id","operation_type","owner_type","public_repo","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","color","created_at","description","enabled","issue_type_name","oauth_application_id","operation_type","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","color","created_at","description","enabled","issue_type_name","oauth_application_id","operation_type","topic","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","color","created_at","description","enabled","issue_type_name","oauth_application_id","old_color","old_description","old_enabled","old_issue_type_name","operation_type","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","integration","marketplace_listing","oauth_application","oauth_application_id","operation_type","primary_category","secondary_category"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","integration","marketplace_listing","operation_type","primary_category","secondary_category"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","integration","marketplace_listing","operation_type","primary_category","secondary_category"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","allowlist_id","assignment_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type","public_repo","topic"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","check_response_timeout_minutes","created_at","max_entries_to_build","max_entries_to_merge","merge_method","merging_strategy","min_entries_to_merge","min_entries_to_merge_wait_minutes","operation_type","public_repo"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","oauth_application_id","operation_type","public_repo"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","failover_network_enabled","failover_network_settings_ids","name","network_configuration_id","network_settings_ids","oauth_application_id","operation_type","previous_settings_ids","selected_service","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","network_configuration_id","oauth_application_id","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","failover_network_enabled","failover_network_settings_ids","name","network_configuration_id","network_settings_ids","oauth_application_id","operation_type","previous_settings_ids","selected_service"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","oauth_application","oauth_application_id","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","oauth_application","oauth_application_id","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","operation_type","two_factor_method"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","invitation_id","oauth_application_id","operation_type","permission","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","invitee","inviter","oauth_application_id","operation_type","permission","public_repo"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type","team"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","new_policy","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","operation_type","query_phrase"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","end","operation_type","start"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","blocked_user","created_at","oauth_application_id","operation_type","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","initiated_from","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","email","invitation_id","invitee_email","oauth_application_id","operation_type","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","operation_type","topic"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","operation_type","topic"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","enablement","oauth_application_id","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","oauth_application_id","operation_type","owner_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","operation_type","team"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","invitation_id","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","key","oauth_application_id","operation_type","user_programmatic_access_name","visibility"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","integration","key","oauth_application_id","operation_type","user_programmatic_access_name","visibility"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","application_id","application_name","application_type","created_at","fingerprint","managed_hashed_token","managed_oauth_access_id","managed_oauth_scopes","managed_token_id","managed_token_scopes","oauth_application_id","oauth_credential_type","operation_type","topic","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","application_id","application_name","application_type","created_at","fingerprint","managed_hashed_token","managed_oauth_access_id","managed_oauth_scopes","managed_token_id","managed_token_scopes","oauth_application_id","oauth_credential_type","operation_type","owner","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","issuer","operation_type","sso_url"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","manager","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","count","created_at","limit","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","oauth_application_name","operation_type","url"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","operation_type","reason"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","key","oauth_application_id","operation_type","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","integration","key","oauth_application_id","operation_type","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","oauth_application_id","operation_type","team"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","old_login","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","network_configuration_id","oauth_application_id","operation_type","runner_group_allow_public","runner_group_id","runner_group_name","runner_group_restricted_to_workflows","runner_group_selected_workflow_refs","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type","runner_group_id","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","operation_type","runner_group_id"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type","runner_group_id","runner_id","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","operation_type","runner_group_id","visibility"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","push_protection_setting","secret_type","secret_type_display_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","end_date","filename","operation_type","query","requested_at","start_date"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","filename","operation_type","query","requested_at"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","operation_type","runner_id","runner_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","operation_type","runner_group_id","runner_group_name","runner_id","runner_name","source_version","target_version"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type","policy","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","oauth_application_id","operation_type","policy","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","limit","oauth_application_id","operation_type","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","issuer","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","from_business","operation_type","to_business"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","new_policy","oauth_application_id","old_policy","operation_type","updated_access_policy","updated_allowed_types","updated_github_owned_allowed","updated_patterns","updated_verified_allowed","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","new_policy","old_policy","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","old_permission","operation_type","permission","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","new_policy","oauth_application_id","old_policy","operation_type","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type","permission","user_programmatic_access_name","visibility"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","operation_type","permission"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","new_repo_runners_policy","oauth_application_id","old_repo_runners_policy","operation_type","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","definition_id","oauth_application_id","operation_type","property_name","value"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","domain_name","oauth_application_id","operation_type","owner","owner_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type","organization_role_id","organization_role_name","team","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","base_role","created_at","name","oauth_application_id","operation_type","organization_role_id","owner","owner_id","owner_type","role_permissions","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","base_role","created_at","name","oauth_application_id","operation_type","organization_role_id","owner","owner_id","owner_type","role_permissions"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","base_role","created_at","name","oauth_application_id","old_base_role","old_role_permissions","operation_type","organization_role_id","owner","owner_id","owner_type","role_permissions","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","new_project_base_role","old_project_base_role","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","ecosystem","operation_type","package","version_count"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","ecosystem","is_republished","operation_type","package","version_count"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","ecosystem","operation_type","package","version"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","ecosystem","is_republished","operation_type","package","version"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","domain","operation_type","owner","owner_type","state"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","operation_type","repositories","repository_selection","user_programmatic_access_id","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type","repositories","repository_selection","user_programmatic_access_id","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","exempt_administrators","old_token_expiration","operation_type","token_expiration"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","old_token_expiration","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","operation_type","repository_selection","user_programmatic_access_name","user_programmatic_access_request_id"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","operation_type","repositories","repository_selection","user_programmatic_access_id","user_programmatic_access_name","user_programmatic_access_request_id"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","operation_type","repository_selection","user_programmatic_access_name","user_programmatic_access_request_id"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","branch","created_at","operation_type","public_repo"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type","policy","public_repo","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","integration","marketplace_listing","oauth_application","oauth_application_id","operation_type","owner","team"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","new_project_base_role","old_project_base_role","operation_type","project_id","project_number","public_project"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type","project_id","project_kind","project_name","public_project","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","collaborator","collaborator_type","created_at","old_project_role","operation_type","project_id","project_name","project_role","public_project"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","operation_type","public_repo"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type","topic","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","old_name","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","operation_type","team"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","oauth_application_id","operation_type","project_id","project_kind","project_name","public_project"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","oauth_application_id","operation_type","project_id","project_kind","project_name","public_project","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","name","oauth_application_id","operation_type","public_repo","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","authorized_actors","created_at","name","oauth_application_id","operation_type","policy","public_repo","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","admin_enforced","allow_deletions_enforcement_level","allow_force_pushes_enforcement_level","authorized_actor_names","created_at","create_protected","dismiss_stale_reviews_on_push","enforcement_level","ignore_approvals_from_contributors","linear_history_requirement_enforcement_level","lock_allows_fetch_and_merge","lock_branch_enforcement_level","merge_queue_enforcement_level","name","oauth_application_id","operation_type","public_repo","pull_request_reviews_enforcement_level","required_approving_review_count","required_deployments_enforcement_level","required_review_thread_resolution_enforcement_level","required_status_checks_enforcement_level","require_code_owner_review","require_last_push_approval","signature_requirement_enforcement_level","strict_required_status_checks_policy","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","dismiss_stale_reviews_on_push","name","oauth_application_id","operation_type","public_repo","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","authorized_actors","authorized_actors_only","created_at","name","oauth_application_id","operation_type","public_repo","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","after","before","branch","compliant_pull_request_ids","created_at","deploy_key_fingerprint","oauth_application_id","operation_type","overridden_codes","public_repo","reasons","referrer","rule_suite_id","topic","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","admin_enforced","created_at","name","oauth_application_id","operation_type","public_repo","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","allow_deletions_enforcement_level","created_at","name","oauth_application_id","operation_type","public_repo","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","allow_force_pushes_enforcement_level","created_at","name","oauth_application_id","operation_type","public_repo","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","ignore_approvals_from_contributors","name","operation_type","public_repo"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","linear_history_requirement_enforcement_level","name","oauth_application_id","operation_type","public_repo","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","lock_allows_fetch_and_merge","name","oauth_application_id","operation_type","public_repo","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","enforcement_level","lock_branch_enforcement_level","name","oauth_application_id","operation_type","public_repo","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","merge_queue_enforcement_level","name","oauth_application_id","operation_type","public_repo","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","name","oauth_application_id","old_name","operation_type","public_repo","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","name","oauth_application_id","operation_type","public_repo","pull_request_reviews_enforcement_level","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","name","oauth_application_id","operation_type","public_repo","require_code_owner_review","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","name","oauth_application_id","operation_type","public_repo","require_last_push_approval","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","name","oauth_application_id","operation_type","public_repo","required_approving_review_count","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","name","oauth_application_id","operation_type","public_repo","required_status_checks_enforcement_level","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","name","oauth_application_id","operation_type","public_repo","signature_requirement_enforcement_level","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","name","oauth_application_id","operation_type","public_repo","strict_required_status_checks_policy","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","fingerprint","key","oauth_application_id","operation_type","public_repo","read_only","title","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","explanation","fingerprint","key","oauth_application_id","operation_type","public_repo","read_only","title","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","fingerprint","key","operation_type","read_only","title"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","explanation","fingerprint","key","operation_type","public_repo","read_only","title"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type","public_repo","pull_request_id","pull_request_title","pull_request_url","topic","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type","public_repo","pull_request_id","pull_request_title","pull_request_url","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","agent_session_id","created_at","oauth_application_id","operation_type","public_repo","pull_request_id","pull_request_title","pull_request_url","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type","public_repo","pull_request_id","pull_request_title","pull_request_url","reviewer","reviewer_id","reviewer_type","topic","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","operation_type","pull_request_id"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","comment_id","created_at","oauth_application_id","operation_type","topic","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","comment_id","created_at","oauth_application_id","operation_type","public_repo","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","comment_id","created_at","oauth_application_id","operation_type","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type","public_repo","pull_request_id","pull_request_title","pull_request_url","review_id","topic","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type","previous_visibility","public_repo","user_programmatic_access_name","visibility"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","integration","name","oauth_application_id","operation_type","public_repo","repository_selection","topic","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type","permission","public_repo","user_programmatic_access_name","visibility"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type","public_repo","topic","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type","public_repo","topic","user_programmatic_access_name","visibility"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type","public_repo","user_programmatic_access_name","visibility"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","operation_type","public_repo"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","category","created_at","oauth_application_id","operation_type","public_repo","tool","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","branch","category","created_at","operation_type","public_repo","tool"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","languages","oauth_application_id","operation_type","public_repo","query_suite","threat_model","topic","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","oauth_application_id","operation_type","public_repo","topic","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","oauth_application_id","operation_type","public_repo","topic"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type","public_repo","request_category","request_method","user_programmatic_access_name","visibility"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","key","oauth_application_id","operation_type","public_repo","user_programmatic_access_name","visibility"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","integration","key","oauth_application_id","operation_type","public_repo","user_programmatic_access_name","visibility"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","cname","created_at","oauth_application_id","old_cname","operation_type","public_repo","topic","user_programmatic_access_name","visibility"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","oauth_application_id","operation_type","public_repo","visibility"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","operation_type","public_repo"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","key","oauth_application_id","operation_type","public_repo","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","integration","key","oauth_application_id","operation_type","public_repo","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","old_name","operation_type","public_repo","user_programmatic_access_name","visibility"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","default_branch","new_branch","oauth_application_id","old_branch","operation_type","public_repo","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","oauth_application_id","operation_type","public_repo","user_programmatic_access_name","visibility"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type","public_repo","visibility"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type","policy","public_repo","user_programmatic_access_name","visibility"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","limit","oauth_application_id","operation_type","public_repo","user_programmatic_access_name","visibility"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","oauth_application_id","old_user","operation_type","owner","public_repo","repo_was","visibility"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","new_nwo","oauth_application_id","operation_type","public_repo","visibility"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","old_policy","operation_type","policy","visibility"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","new_policy","oauth_application_id","old_policy","operation_type","public_repo","updated_access_policy","updated_allowed_types","updated_github_owned_allowed","updated_patterns","updated_verified_allowed","user_programmatic_access_name","visibility"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","new_repo_base_role","new_repo_permission","oauth_application_id","old_base_role","old_permission","old_repo_base_role","old_repo_permission","operation_type","public_repo","user_programmatic_access_name","visibility"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type","public_repo"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","content_type","created_at","operation_type","public_repo"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","invitee","inviter","oauth_application_id","operation_type","public_repo"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","invitee","inviter","oauth_application_id","operation_type","public_repo","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","count","created_at","limit","operation_type","owner"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","count","created_at","limit","oauth_application_id","operation_type","owner","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","name","oauth_application_id","operation_type","public_repo","ruleset_bypass_actors","ruleset_conditions","ruleset_enforcement","ruleset_id","ruleset_name","ruleset_rules","ruleset_source_type","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","old_name","operation_type","public_repo","ruleset_bypass_actors_added","ruleset_bypass_actors_deleted","ruleset_bypass_actors_updated","ruleset_conditions_added","ruleset_conditions_deleted","ruleset_conditions_updated","ruleset_enforcement","ruleset_id","ruleset_name","ruleset_old_enforcement","ruleset_old_name","ruleset_rules_added","ruleset_rules_deleted","ruleset_rules_updated","ruleset_source_type","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type","public_repo","repository_security_configuration_failure_reason","repository_security_configuration_state","security_configuration_id","security_configuration_name","topic","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","active","actor_is_agent","actor_is_bot","alert_id","alert_number","created_at","ghsa_id","oauth_application_id","operation_type","owner","public_repo","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","active","actor_is_agent","actor_is_bot","alert_id","alert_number","created_at","ghsa_id","oauth_application_id","operation_type","owner","public_repo","topic","user_programmatic_access_name","vulnerability_alert_rule_id","vulnerability_alert_rule_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","active","actor_is_agent","actor_is_bot","alert_id","alert_number","created_at","ghsa_id","oauth_application_id","operation_type","owner","public_repo","topic","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","active","actor_is_agent","actor_is_bot","alert_id","alert_number","created_at","dismiss_comment","dismiss_reason","ghsa_id","oauth_application_id","operation_type","owner","public_repo","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","active","actor_is_bot","alert_id","alert_number","created_at","ghsa_id","oauth_application_id","operation_type","owner","public_repo","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","active","actor_is_agent","actor_is_bot","alert_id","alert_number","created_at","ghsa_id","operation_type","owner","public_repo"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","context","created_at","oauth_application_id","operation_type","public_repo","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","operation_type","owner"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type","owner"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","base_role","created_at","name","oauth_application_id","old_role_permissions","operation_type","owner","role_permissions","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","base_role","created_at","name","oauth_application_id","operation_type","owner","role_permissions"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","base_role","created_at","name","oauth_application_id","old_base_role","old_role_permissions","operation_type","owner","role_permissions","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","multi_repo","number","publicly_leaked","secret_type","secret_type_display_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","multi_repo","number","publicly_leaked","reason","secret_type","secret_type_display_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","multi_repo","number","oauth_application_id","operation_type","publicly_leaked","public_repo","resolution","secret_type","secret_type_display_name","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","multi_repo","number","publicly_leaked","report_result","secret_type","secret_type_display_name","secret_type_provider"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","number","operation_type","public_repo"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","current_validity","multi_repo","number","previous_validity","publicly_leaked","secret_type","secret_type_display_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","alert_number","created_at","number","oauth_application_id","operation_type","public_repo","request_reviewer_comment","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","alert_number","comment","created_at","number","operation_type","public_repo","reason"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","multi_repo","number","publicly_leaked","push_protection_bypass_reason","request_reviewer","request_reviewer_comment","request_reviewer_id","secret_type","secret_type_display_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","number","oauth_application_id","operation_type","public_repo","request_reviewer_comment","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","number","operation_type","public_repo"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","number","operation_type","public_repo","request_reviewer_comment","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","comment","created_at","number","operation_type","public_repo"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","completed_at","created_at","custom_pattern_name","custom_pattern_scope","operation_type","public_repo","secret_types","source","source_slug","started_at","type","type_slug"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type","security_configuration_code_scanning","security_configuration_code_scanning_delegated_alert_dismissal","security_configuration_code_security_sku_enabled","security_configuration_created_at","security_configuration_dependabot_alerts","security_configuration_dependabot_delegated_alert_dismissal","security_configuration_dependabot_security_updates","security_configuration_dependency_graph","security_configuration_dependency_graph_autosubmit_action","security_configuration_description","security_configuration_enable_ghas","security_configuration_id","security_configuration_name","security_configuration_private_vulnerability_reporting","security_configuration_secret_protection_sku_enabled","security_configuration_secret_scanning","security_configuration_secret_scanning_delegated_alert_dismissal","security_configuration_secret_scanning_delegated_bypass","security_configuration_secret_scanning_extended_metadata","security_configuration_secret_scanning_generic_secrets","security_configuration_secret_scanning_non_provider_patterns","security_configuration_secret_scanning_push_protection","security_configuration_secret_scanning_validity_checks","security_configuration_updated_at","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","default_for_new_private_repos","default_for_new_public_repos","oauth_application_id","operation_type","security_configuration_name","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","enforcement","oauth_application_id","operation_type","security_configuration_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type","security_configuration_code_scanning","security_configuration_code_scanning_delegated_alert_dismissal","security_configuration_code_security_sku_enabled","security_configuration_created_at","security_configuration_dependabot_alerts","security_configuration_dependabot_delegated_alert_dismissal","security_configuration_dependabot_security_updates","security_configuration_dependency_graph","security_configuration_dependency_graph_autosubmit_action","security_configuration_description","security_configuration_enable_ghas","security_configuration_id","security_configuration_name","security_configuration_private_vulnerability_reporting","security_configuration_secret_protection_sku_enabled","security_configuration_secret_scanning","security_configuration_secret_scanning_delegated_alert_dismissal","security_configuration_secret_scanning_delegated_bypass","security_configuration_secret_scanning_extended_metadata","security_configuration_secret_scanning_generic_secrets","security_configuration_secret_scanning_non_provider_patterns","security_configuration_secret_scanning_push_protection","security_configuration_secret_scanning_validity_checks","security_configuration_updated_at","topic","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","operation_type","sponsors_listing_id"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","operation_type","sponsors_listing_id"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","operation_type","public_repo","topic","visibility"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","active","actor_is_bot","created_at","oauth_application_id","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","active","actor_is_bot","created_at","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","oauth_application_id","operation_type","sponsors_listing_id"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","operation_type","public_repo","sponsors_listing_id"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","operation_type","patreon_email","patreon_username"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","fingerprint","openssh_public_key","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","domain_name","operation_type","owner","owner_type","token_expires_at"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","domain_name","operation_type","owner","owner_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","domain_name","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type","team","team_type","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type","permission","public_repo","team","team_type","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type","team","team_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type","team","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","count","created_at","limit","operation_type","team","team_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type","public_repo","team","team_type","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","name","name_was","oauth_application_id","operation_type","team","team_type","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","new_repo_base_role","new_repo_permission","oauth_application_id","old_permission","old_repo_base_role","old_repo_permission","operation_type","permission","public_repo","team","team_type","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","deleted_at","deleted_by","deleted_by_id","deleted_content","editor","editor_id","operation_type","user_content_id","user_content_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","operation_type","public_repo","vulnerability_alert_rule_id","vulnerability_alert_rule_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","operation_type","public_repo","topic","vulnerability_alert_rule_id","vulnerability_alert_rule_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type","public_repo","topic","user_programmatic_access_name","vulnerability_alert_rule_id","vulnerability_alert_rule_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","operation_type","vulnerability_alert_rule_id","vulnerability_alert_rule_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","allowed","created_at","event_name","integration_installation_id","operation_type","public_repo","ruleset_ids","violations"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type","public_repo","run_number","topic","user_programmatic_access_name","workflow_run_id"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","operation_type","public_repo","run_number","workflow_run_id"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","cancelled_at","created_at","event","head_branch","head_sha","name","oauth_application_id","operation_type","public_repo","run_number","started_at","topic","trigger_id","user_programmatic_access_name","workflow_id","workflow_run_id"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","operation_type","public_repo","run_number","workflow_run_id"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","completed_at","conclusion","created_at","event","head_branch","head_sha","name","operation_type","public_repo","run_attempt","run_number","started_at","topic","trigger_id","workflow_id","workflow_run_id"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","event","head_branch","head_sha","name","operation_type","public_repo","run_number","started_at","trigger_id","workflow_id","workflow_run_id"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","event","head_branch","head_sha","name","oauth_application_id","operation_type","public_repo","run_number","started_at","topic","trigger_id","user_programmatic_access_name","workflow_id","workflow_run_id"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type","public_repo","user_programmatic_access_name","workflow_id"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","operation_type","public_repo","workflow_id"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","calling_workflow_refs","calling_workflow_shas","created_at","environment_name","imposer_repo","is_hosted_runner","job_name","job_workflow_ref","operation_type","runner_group_id","runner_group_name","runner_id","runner_labels","runner_name","runner_owner_type","secrets_passed","workflow_run_id"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type","public_repo","run_number","user_programmatic_access_name","workflow_run_id"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","check_run_id","created_at","event","head_branch","head_sha","name","oauth_application_id","operation_type","public_repo","rerun_type","run_attempt","run_number","started_at","trigger_id","user_programmatic_access_name","workflow_id","workflow_run_id"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","name","oauth_application_id","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","name","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","name","oauth_application_id","operation_type","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","name","operation_type","policy"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","name","oauth_application_id","operation_type","policy"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","limit","name","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","gist","gist_id","oauth_application_id","operation_type","user_programmatic_access_name","visibility"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","fingerprint","key","oauth_application_id","operation_type","title","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","explanation","fingerprint","key","oauth_application_id","operation_type","title","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","key","name","oauth_application_id","operation_type","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","bullets","created_at","description","has_free_trial","marketplace_listing","marketplace_listing_plan","monthly_price_in_cents","operation_type","yearly_price_in_cents"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","allowlist_id","server_id","server_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","allowlist_description","allowlist_id","allowlist_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","allowlist_id","allowlist_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","allowlist_id","entries","server_id"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","allowlist_id","allowlist_name","old_allowlist_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","block_local_servers","mcp_policy","old_block_local_servers","old_mcp_policy"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","integration","oauth_application_id","oauth_application_name","operation_type","topic","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","explanation","integration","oauth_application_id","oauth_application_name","operation_type","topic","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","explanation","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","explanation","integration","oauth_application_id","oauth_application_name","operation_type","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","oauth_application_name","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","nickname","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","operation_type","repository_selection","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","operation_type","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","explanation","operation_type","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","explanation","operation_type","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","operation_type","pat_field_changed","repository_selection","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","oauth_application_id","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","email","oauth_application_id","operation_type","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","oauth_application_id","operation_type","public_repo","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","email","oauth_application_id","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","integration","key","oauth_application_id","operation_type","user_programmatic_access_name","visibility"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","operation_type","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","email","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","operation_type","passkey_nickname"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","integration","key","oauth_application_id","operation_type","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","old_login","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","emoji","limited_availability","message","oauth_application_id","operation_type","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","emoji","limited_availability","message","oauth_application_id","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","blocked_user","created_at","oauth_application_id","operation_type","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","operation_type","public_repo","query_string","rate_limit_remaining","request_body","request_method","route","status_code","url_path"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","audit_log_stream_id","audit_log_stream_result","audit_log_stream_sink_details","created_at","oauth_application_id","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","audit_log_stream_id","audit_log_stream_sink","created_at","oauth_application_id","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","audit_log_stream_id","audit_log_stream_sink","audit_log_stream_sink_details","created_at","oauth_application_id","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","audit_log_stream_enabled","audit_log_stream_id","audit_log_stream_sink","audit_log_stream_sink_details","created_at","new_azure_blob_container","new_event_hub_instance","new_gc_bucket","new_s3_arn_role","new_s3_bucket","new_splunk_domain","new_splunk_port","old_azure_blob_container","old_event_hub_instance","old_gc_bucket","old_s3_arn_role","old_s3_bucket","old_splunk_domain","old_splunk_port","operation_type","reason","secrets_updated","ssl_verify"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","name","oauth_application_id","operation_type","two_factor_method"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","name","oauth_application_id","operation_type","organization_upgrade"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","name","new_policy","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","email","invitation_id","name","oauth_application_id","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","email","invitation_id","name","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","name","operation_type","seats_plan_type","seats_plan_type_was"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","name","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","name","oauth_application_id","operation_type","visibility"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","issuer","name","operation_type","sso_url"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","count","created_at","limit","name","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","name","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","name","operation_type","reason"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","name","operation_type","two_factor_method"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","issuer","name","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","name","new_policy","oauth_application_id","old_policy","operation_type","updated_access_policy","updated_allowed_types","updated_github_owned_allowed","updated_patterns","updated_verified_allowed"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","name","oauth_application_id","old_permission","operation_type","permission"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","name","new_emu_repo_runners_policy","old_emu_repo_runners_policy","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","name","oauth_application_id","operation_type","permission","visibility"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","name","oauth_application_id","operation_type","permission"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","name","new_repo_runners_policy","old_repo_runners_policy","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","new_value","old_value","operation_type","remove_existing_unaffiliated_users","users_removed_count"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","current_value","operation_type","previous_value"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","domain_name","operation_type","owner","owner_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","enterprise_role_id","enterprise_role_name","oauth_application_id","operation_type","team"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","base_role","created_at","name","operation_type","owner","role_permissions"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","enterprise_role_id","enterprise_role_name","oauth_application_id","operation_type","team"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","base_role","created_at","name","old_role_permissions","operation_type","owner","role_permissions"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","network_configuration_id","oauth_application_id","operation_type","runner_group_allow_public","runner_group_id","runner_group_name","runner_group_restricted_to_workflows","runner_group_selected_workflow_refs"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","oauth_application_id","operation_type","runner_group_id"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","oauth_application_id","operation_type","runner_group_id","runner_id"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","enterprise_team","enterprise_team_id","oauth_application_id","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","enterprise_team","enterprise_team_id","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","enterprise_team","enterprise_team_id","name","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","external_group","external_group_id","oauth_application_id","operation_type","scim_group_id"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","external_group","external_group_id","oauth_application_id","operation_type","scim_group_id"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","external_group","external_group_id","oauth_application_id","operation_type","scim_group_id","team","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","api_request_body","created_at","message","oauth_application_id","operation_type","query_string","request_method","route","scim_group_id","status_code","url_path","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","api_request_body","created_at","oauth_application_id","operation_type","query_string","request_method","route","scim_group_id","status_code","url_path"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","created_at","oauth_application_id","operation_type","scim_user_id"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","api_request_body","created_at","message","oauth_application_id","operation_type","query_string","request_method","route","scim_user_id","status_code","url_path","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","api_request_body","created_at","oauth_application_id","operation_type","query_string","request_method","route","scim_user_id","status_code","url_path"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_agent","actor_is_bot","allowed_values","created_at","default_value","definition_id","description","oauth_application_id","operation_type","property_name","required","value_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","allowed_values","created_at","default_value","definition_id","description","oauth_application_id","operation_type","property_name","required","value_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","allowed_values","created_at","default_value","definition_id","old_allowed_values","old_default_value","old_required","old_values_editable_by","operation_type","property_name","required","values_editable_by"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","oauth_application_id","operation_type","owner","owner_type","user_programmatic_access_name"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","number","operation_type","team","title"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","number","operation_type"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","number","operation_type","team"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","operation_type","owner"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","operation_type","visibility"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","actor_is_bot","created_at","operation_type","public_repo","visibility"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","operation_type","public_repo","topic","visibility"],["@timestamp","_document_id","action","actor","actor_id","business","business_id","hashed_token","org","org_id","programmatic_access_type","repo","repo_id","repository","repository_id","request_access_security_header","request_id","token_id","token_scopes","user","user_id","user_agent","created_at","operation_type","public_repo","visibility"]] \ No newline at end of file diff --git a/src/audit-logs/lib/config.json b/src/audit-logs/lib/config.json index b00f9bf2c73a..f2509ab4253d 100644 --- a/src/audit-logs/lib/config.json +++ b/src/audit-logs/lib/config.json @@ -9,5 +9,5 @@ "git": "Note: Git events have special access requirements and retention policies that differ from other audit log events. For GitHub Enterprise Cloud, access Git events via the REST API only with 7-day retention. For GitHub Enterprise Server, Git events must be enabled in audit log configuration and are not included in search results.", "sso_redirect": "Note: Automatically redirecting users to sign in is currently in beta for Enterprise Managed Users and subject to change." }, - "sha": "5f3b0dfb52ad071aeddb8bf021ce28f7a4cb65c0" + "sha": "71eb1fc4647e2269484f8d330d40afa3206dc26f" } \ No newline at end of file diff --git a/src/content-linter/lib/helpers/liquid-utils.ts b/src/content-linter/lib/helpers/liquid-utils.ts index fb8ddc4dc5e5..8afbfd290f0d 100644 --- a/src/content-linter/lib/helpers/liquid-utils.ts +++ b/src/content-linter/lib/helpers/liquid-utils.ts @@ -123,20 +123,26 @@ export function getLiquidIfVersionTokens(content: string): TagToken[] { .filter((token): token is TagToken => token.kind === TokenKind.Tag) .filter((token) => IFVERSION_TAG_NAMES.includes(token.name)) - let inIfStatement = false + let ifDepth = 0 let inCaseStatement = false const ifVersionTokens: TagToken[] = [] for (const token of tokens) { - // Filter out `if` statements and their related tags + // Filter out `if` statements and their related tags (supports nesting) if (token.name === 'if') { - inIfStatement = true + ifDepth++ continue } - if (inIfStatement && token.name !== 'endif') continue - if (inIfStatement && token.name === 'endif') { - inIfStatement = false + // While we're inside a regular if subtree, `endif` can close either + // `if` or `ifversion`, so count nested `ifversion` tags too. + if (ifDepth > 0 && token.name === 'ifversion') { + ifDepth++ continue } + if (ifDepth > 0 && token.name === 'endif') { + ifDepth-- + continue + } + if (ifDepth > 0) continue // Filter out `case` statements and their related tags (including `else`) if (token.name === 'case') { inCaseStatement = true diff --git a/src/content-linter/tests/unit/liquid-ifversion-versions.ts b/src/content-linter/tests/unit/liquid-ifversion-versions.ts index d9c48f8e5d6d..9b602487cda2 100644 --- a/src/content-linter/tests/unit/liquid-ifversion-versions.ts +++ b/src/content-linter/tests/unit/liquid-ifversion-versions.ts @@ -139,6 +139,76 @@ describe(liquidIfversionVersions.names.join(' - '), () => { const errors = result.markdown expect(errors.length).toBe(0) }) + + test('does not crash with nested if blocks inside ifversion', async () => { + const markdown = [ + ...placeholderAllVersionsFm, + '{% ifversion ghec %}', + ' {% if "foo" %}', + ' {% if "bar" %}nested{% endif %}', + ' {% endif %}', + '{% endif %}', + ].join('\n') + + const result = await runRule(liquidIfversionVersions, { + strings: { markdown }, + }) + // No crash; zero errors expected for valid ifversion usage + const errors = result.markdown + expect(errors.length).toBe(0) + }) + + test('does not crash with nested if blocks at top level', async () => { + const markdown = [ + ...placeholderAllVersionsFm, + '{% if "foo" %}', + ' {% if "bar" %}...{% endif %}', + '{% endif %}', + ].join('\n') + + const result = await runRule(liquidIfversionVersions, { + strings: { markdown }, + }) + const errors = result.markdown + expect(errors.length).toBe(0) + }) + + test('does not crash with ifversion nested inside if blocks', async () => { + const markdown = [ + ...placeholderAllVersionsFm, + '{% if "foo" %}', + ' {% ifversion ghec %}', + ' {% endif %}', + '{% endif %}', + ].join('\n') + + const result = await runRule(liquidIfversionVersions, { + strings: { markdown }, + }) + const errors = result.markdown + expect(errors.length).toBe(0) + }) + + test('does not crash with mixed if/ifversion nesting and else branches', async () => { + const markdown = [ + ...placeholderAllVersionsFm, + '{% if "foo" %}', + ' {% ifversion ghec %}', + ' {% if "bar" %}nested{% endif %}', + ' {% else %}', + ' text', + ' {% endif %}', + '{% else %}', + ' top-level else', + '{% endif %}', + ].join('\n') + + const result = await runRule(liquidIfversionVersions, { + strings: { markdown }, + }) + const errors = result.markdown + expect(errors.length).toBe(0) + }) }) describe.skip('test validateIfversionConditionalsVersions function', () => { diff --git a/src/content-pipelines/config.yml b/src/content-pipelines/config.yml index 4d6924808240..b1ff535d702f 100644 --- a/src/content-pipelines/config.yml +++ b/src/content-pipelines/config.yml @@ -34,6 +34,7 @@ copilot-cli: All information relating to files in the ~/.copilot configuration directory, and settings in those files, should go in content/copilot/reference/copilot-cli-reference/cli-config-dir-reference.md. All reference details relating to hooks should go in content/copilot/reference/hooks-reference.md. All other CLI topics (MCP, skills, agents, permissions, etc.) belong in content/copilot/reference/copilot-cli-reference/cli-command-reference.md even when they mention plugins. + Do not overwrite the paragraph starting "OTel configuration can also be set in..." in cli-command-reference.md # TODO # mcp-server: diff --git a/src/graphql/data/fpt/changelog.json b/src/graphql/data/fpt/changelog.json index 801e8d6a460a..631ca06cabb5 100644 --- a/src/graphql/data/fpt/changelog.json +++ b/src/graphql/data/fpt/changelog.json @@ -1,4 +1,22 @@ [ + { + "schemaChanges": [ + { + "title": "The GraphQL schema includes these changes:", + "changes": [ + "

Field viewerCanAssign was added to interface Assignable

", + "

Field viewerCanAssign was added to object type Issue

", + "

Field viewerCanSetMilestone was added to object type Issue

", + "

Field viewerCanType was added to object type Issue

", + "

Field viewerCanUpdateMetadata was added to object type Issue

", + "

Field viewerCanAssign was added to object type PullRequest

" + ] + } + ], + "previewChanges": [], + "upcomingChanges": [], + "date": "2026-07-16" + }, { "schemaChanges": [ { diff --git a/src/graphql/data/fpt/schema-issues.json b/src/graphql/data/fpt/schema-issues.json index fe22ef753ce1..7dc0b62e1796 100644 --- a/src/graphql/data/fpt/schema-issues.json +++ b/src/graphql/data/fpt/schema-issues.json @@ -3897,6 +3897,13 @@ } ] }, + { + "name": "viewerCanAssign", + "description": "

Indicates if the viewer can edit assignees for this object.

", + "type": "Boolean!", + "id": "boolean", + "href": "/graphql/reference/other#scalar-boolean" + }, { "name": "viewerCanClose", "description": "

Indicates if the object can be closed by the viewer.

", @@ -3939,6 +3946,13 @@ "id": "boolean", "href": "/graphql/reference/other#scalar-boolean" }, + { + "name": "viewerCanSetMilestone", + "description": "

Indicates if the viewer can edit the milestone of the issue.

", + "type": "Boolean!", + "id": "boolean", + "href": "/graphql/reference/other#scalar-boolean" + }, { "name": "viewerCanSubscribe", "description": "

Check if the viewer is able to change their subscription status for the repository.

", @@ -3946,6 +3960,13 @@ "id": "boolean", "href": "/graphql/reference/other#scalar-boolean" }, + { + "name": "viewerCanType", + "description": "

Check if the current viewer can set the issue type of this issue.

", + "type": "Boolean", + "id": "boolean", + "href": "/graphql/reference/other#scalar-boolean" + }, { "name": "viewerCanUpdate", "description": "

Check if the current viewer can update this object.

", @@ -3953,6 +3974,13 @@ "id": "boolean", "href": "/graphql/reference/other#scalar-boolean" }, + { + "name": "viewerCanUpdateMetadata", + "description": "

Check if the viewer has triage-level (or higher) access to update this issue's\nmetadata. Note: this reflects the viewer's base repository role and does not\naccount for individual fine-grained permissions granted via custom repository roles.

", + "type": "Boolean", + "id": "boolean", + "href": "/graphql/reference/other#scalar-boolean" + }, { "name": "viewerCannotUpdateReasons", "description": "

Reasons why the current viewer can not update this comment.

", @@ -8654,6 +8682,13 @@ } } ] + }, + { + "name": "viewerCanAssign", + "description": "

Indicates if the viewer can edit assignees for this object.

", + "type": "Boolean!", + "id": "boolean", + "href": "/graphql/reference/other#scalar-boolean" } ], "category": "issues" diff --git a/src/graphql/data/fpt/schema-pulls.json b/src/graphql/data/fpt/schema-pulls.json index 957084a2015d..c1dbeda072ef 100644 --- a/src/graphql/data/fpt/schema-pulls.json +++ b/src/graphql/data/fpt/schema-pulls.json @@ -4383,6 +4383,13 @@ "id": "boolean", "href": "/graphql/reference/other#scalar-boolean" }, + { + "name": "viewerCanAssign", + "description": "

Indicates if the viewer can edit assignees for this object.

", + "type": "Boolean!", + "id": "boolean", + "href": "/graphql/reference/other#scalar-boolean" + }, { "name": "viewerCanClose", "description": "

Indicates if the object can be closed by the viewer.

", diff --git a/src/graphql/data/fpt/schema.docs.graphql b/src/graphql/data/fpt/schema.docs.graphql index b0764be9ff54..0f144e8adb06 100644 --- a/src/graphql/data/fpt/schema.docs.graphql +++ b/src/graphql/data/fpt/schema.docs.graphql @@ -1898,6 +1898,11 @@ interface Assignable @docsCategory(name: "issues") { """ query: String ): AssigneeConnection! + + """ + Indicates if the viewer can edit assignees for this object. + """ + viewerCanAssign: Boolean! } """ @@ -20606,6 +20611,11 @@ type Issue implements Assignable & Closable & Comment & Deletable & Labelable & last: Int ): UserContentEditConnection + """ + Indicates if the viewer can edit assignees for this object. + """ + viewerCanAssign: Boolean! + """ Indicates if the object can be closed by the viewer. """ @@ -20636,16 +20646,33 @@ type Issue implements Assignable & Closable & Comment & Deletable & Labelable & """ viewerCanSetFields: Boolean + """ + Indicates if the viewer can edit the milestone of the issue. + """ + viewerCanSetMilestone: Boolean! + """ Check if the viewer is able to change their subscription status for the repository. """ viewerCanSubscribe: Boolean! + """ + Check if the current viewer can set the issue type of this issue. + """ + viewerCanType: Boolean + """ Check if the current viewer can update this object. """ viewerCanUpdate: Boolean! + """ + Check if the viewer has triage-level (or higher) access to update this issue's + metadata. Note: this reflects the viewer's base repository role and does not + account for individual fine-grained permissions granted via custom repository roles. + """ + viewerCanUpdateMetadata: Boolean + """ Reasons why the current viewer can not update this comment. """ @@ -43978,6 +44005,11 @@ type PullRequest implements Assignable & Closable & Comment & Labelable & Lockab """ viewerCanApplySuggestion: Boolean! + """ + Indicates if the viewer can edit assignees for this object. + """ + viewerCanAssign: Boolean! + """ Indicates if the object can be closed by the viewer. """ diff --git a/src/graphql/data/ghec/schema-issues.json b/src/graphql/data/ghec/schema-issues.json index fe22ef753ce1..7dc0b62e1796 100644 --- a/src/graphql/data/ghec/schema-issues.json +++ b/src/graphql/data/ghec/schema-issues.json @@ -3897,6 +3897,13 @@ } ] }, + { + "name": "viewerCanAssign", + "description": "

Indicates if the viewer can edit assignees for this object.

", + "type": "Boolean!", + "id": "boolean", + "href": "/graphql/reference/other#scalar-boolean" + }, { "name": "viewerCanClose", "description": "

Indicates if the object can be closed by the viewer.

", @@ -3939,6 +3946,13 @@ "id": "boolean", "href": "/graphql/reference/other#scalar-boolean" }, + { + "name": "viewerCanSetMilestone", + "description": "

Indicates if the viewer can edit the milestone of the issue.

", + "type": "Boolean!", + "id": "boolean", + "href": "/graphql/reference/other#scalar-boolean" + }, { "name": "viewerCanSubscribe", "description": "

Check if the viewer is able to change their subscription status for the repository.

", @@ -3946,6 +3960,13 @@ "id": "boolean", "href": "/graphql/reference/other#scalar-boolean" }, + { + "name": "viewerCanType", + "description": "

Check if the current viewer can set the issue type of this issue.

", + "type": "Boolean", + "id": "boolean", + "href": "/graphql/reference/other#scalar-boolean" + }, { "name": "viewerCanUpdate", "description": "

Check if the current viewer can update this object.

", @@ -3953,6 +3974,13 @@ "id": "boolean", "href": "/graphql/reference/other#scalar-boolean" }, + { + "name": "viewerCanUpdateMetadata", + "description": "

Check if the viewer has triage-level (or higher) access to update this issue's\nmetadata. Note: this reflects the viewer's base repository role and does not\naccount for individual fine-grained permissions granted via custom repository roles.

", + "type": "Boolean", + "id": "boolean", + "href": "/graphql/reference/other#scalar-boolean" + }, { "name": "viewerCannotUpdateReasons", "description": "

Reasons why the current viewer can not update this comment.

", @@ -8654,6 +8682,13 @@ } } ] + }, + { + "name": "viewerCanAssign", + "description": "

Indicates if the viewer can edit assignees for this object.

", + "type": "Boolean!", + "id": "boolean", + "href": "/graphql/reference/other#scalar-boolean" } ], "category": "issues" diff --git a/src/graphql/data/ghec/schema-pulls.json b/src/graphql/data/ghec/schema-pulls.json index 957084a2015d..c1dbeda072ef 100644 --- a/src/graphql/data/ghec/schema-pulls.json +++ b/src/graphql/data/ghec/schema-pulls.json @@ -4383,6 +4383,13 @@ "id": "boolean", "href": "/graphql/reference/other#scalar-boolean" }, + { + "name": "viewerCanAssign", + "description": "

Indicates if the viewer can edit assignees for this object.

", + "type": "Boolean!", + "id": "boolean", + "href": "/graphql/reference/other#scalar-boolean" + }, { "name": "viewerCanClose", "description": "

Indicates if the object can be closed by the viewer.

", diff --git a/src/graphql/data/ghec/schema.docs.graphql b/src/graphql/data/ghec/schema.docs.graphql index b0764be9ff54..0f144e8adb06 100644 --- a/src/graphql/data/ghec/schema.docs.graphql +++ b/src/graphql/data/ghec/schema.docs.graphql @@ -1898,6 +1898,11 @@ interface Assignable @docsCategory(name: "issues") { """ query: String ): AssigneeConnection! + + """ + Indicates if the viewer can edit assignees for this object. + """ + viewerCanAssign: Boolean! } """ @@ -20606,6 +20611,11 @@ type Issue implements Assignable & Closable & Comment & Deletable & Labelable & last: Int ): UserContentEditConnection + """ + Indicates if the viewer can edit assignees for this object. + """ + viewerCanAssign: Boolean! + """ Indicates if the object can be closed by the viewer. """ @@ -20636,16 +20646,33 @@ type Issue implements Assignable & Closable & Comment & Deletable & Labelable & """ viewerCanSetFields: Boolean + """ + Indicates if the viewer can edit the milestone of the issue. + """ + viewerCanSetMilestone: Boolean! + """ Check if the viewer is able to change their subscription status for the repository. """ viewerCanSubscribe: Boolean! + """ + Check if the current viewer can set the issue type of this issue. + """ + viewerCanType: Boolean + """ Check if the current viewer can update this object. """ viewerCanUpdate: Boolean! + """ + Check if the viewer has triage-level (or higher) access to update this issue's + metadata. Note: this reflects the viewer's base repository role and does not + account for individual fine-grained permissions granted via custom repository roles. + """ + viewerCanUpdateMetadata: Boolean + """ Reasons why the current viewer can not update this comment. """ @@ -43978,6 +44005,11 @@ type PullRequest implements Assignable & Closable & Comment & Labelable & Lockab """ viewerCanApplySuggestion: Boolean! + """ + Indicates if the viewer can edit assignees for this object. + """ + viewerCanAssign: Boolean! + """ Indicates if the object can be closed by the viewer. """ diff --git a/src/secret-scanning/data/pattern-docs/fpt/public-docs.yml b/src/secret-scanning/data/pattern-docs/fpt/public-docs.yml index f0661fc4320e..66da6f9aaede 100644 --- a/src/secret-scanning/data/pattern-docs/fpt/public-docs.yml +++ b/src/secret-scanning/data/pattern-docs/fpt/public-docs.yml @@ -3074,6 +3074,16 @@ hasExtendedMetadata: false base64Supported: false isduplicate: false +- provider: Lovable Labs + supportedSecret: Lovable API Key + secretType: lovable_api_key + isPublic: true + isPrivateWithGhas: false + hasPushProtection: false + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false - provider: Mailchimp supportedSecret: Mailchimp API Key secretType: mailchimp_api_key diff --git a/src/secret-scanning/data/pattern-docs/ghec/public-docs.yml b/src/secret-scanning/data/pattern-docs/ghec/public-docs.yml index f0661fc4320e..66da6f9aaede 100644 --- a/src/secret-scanning/data/pattern-docs/ghec/public-docs.yml +++ b/src/secret-scanning/data/pattern-docs/ghec/public-docs.yml @@ -3074,6 +3074,16 @@ hasExtendedMetadata: false base64Supported: false isduplicate: false +- provider: Lovable Labs + supportedSecret: Lovable API Key + secretType: lovable_api_key + isPublic: true + isPrivateWithGhas: false + hasPushProtection: false + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false - provider: Mailchimp supportedSecret: Mailchimp API Key secretType: mailchimp_api_key