diff --git a/content/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect.md b/content/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect.md index 4001c3c2b3d6..797ac8008d35 100644 --- a/content/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect.md +++ b/content/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect.md @@ -10,7 +10,7 @@ type: tutorial topics: - Security --- - + {% data reusables.actions.enterprise-github-hosted-runners %} ## Overview of OpenID Connect @@ -276,7 +276,7 @@ To security harden their OIDC configuration, enterprise administrators can confi This configuration means that your enterprise will receive the OIDC token from a unique URL, and you can then configure your cloud provider to only accept tokens from that URL. This helps ensure that only the enterprise's repositories can access your cloud resources using OIDC. -To activate this setting for your enterprise, an enterprise administrator must use the `/enterprises/{enterprise}/actions/oidc/customization/issuer` endpoint and specify `"include_enterprise_slug": true` in the request body. For more information, see "[AUTOTITLE](/rest/actions/oidc#set-the-github-actions-oidc-custom-issuer-policy-for-an-enterprise)" in the REST API documentation. +To activate this setting for your enterprise, an enterprise administrator must use the `/enterprises/{enterprise}/actions/oidc/customization/issuer` endpoint and specify `"include_enterprise_slug": true` in the request body. For more information, see "[AUTOTITLE](/rest/actions/oidc#set-the-github-actions-oidc-custom-issuer-policy-for-an-enterprise)." After this setting is applied, the JWT will contain the updated `iss` value. In the following example, the `iss` key uses `octocat-inc` as its `enterpriseSlug` value: @@ -298,7 +298,7 @@ After this setting is applied, the JWT will contain the updated `iss` value. In ### Customizing the subject claims for an organization or repository -To help improve security, compliance, and standardization, you can customize the standard claims to suit your required access conditions. If your cloud provider supports conditions on subject claims, you can create a condition that checks whether the `sub` value matches the path of the reusable workflow, such as `"job_workflow_ref:octo-org/octo-automation/.github/workflows/oidc.yml@refs/heads/main"`. The exact format will vary depending on your cloud provider's OIDC configuration. To configure the matching condition on {% data variables.product.prodname_dotcom %}, you can can use the REST API to require that the `sub` claim must always include a specific custom claim, such as `job_workflow_ref`. You can use the [OIDC REST API](/rest/actions/oidc) to apply a customization template for the OIDC subject claim; for example, you can require that the `sub` claim within the OIDC token must always include a specific custom claim, such as `job_workflow_ref`. +To help improve security, compliance, and standardization, you can customize the standard claims to suit your required access conditions. If your cloud provider supports conditions on subject claims, you can create a condition that checks whether the `sub` value matches the path of the reusable workflow, such as `"job_workflow_ref:octo-org/octo-automation/.github/workflows/oidc.yml@refs/heads/main"`. The exact format will vary depending on your cloud provider's OIDC configuration. To configure the matching condition on {% data variables.product.prodname_dotcom %}, you can can use the REST API to require that the `sub` claim must always include a specific custom claim, such as `job_workflow_ref`. You can use the REST API to apply a customization template for the OIDC subject claim; for example, you can require that the `sub` claim within the OIDC token must always include a specific custom claim, such as `job_workflow_ref`. For more information, see "[AUTOTITLE](/rest/actions/oidc)." {% note %} @@ -450,7 +450,7 @@ In your cloud provider's OIDC configuration, configure the `sub` condition to re Default subject claims can be created at the organization level. All repositories in an organization have the ability to opt in or opt out of using their organization's default `sub` claim. -To create a default `sub` claim at the organization level, an organization administrator must use the REST API endpoint at "[AUTOTITLE](/rest/actions/oidc#set-the-customization-template-for-an-oidc-subject-claim-for-an-organization)." Once an organization has created a default claim, the REST API can be used to programmatically apply the default claim to repositories within the organization. To configure repositories to use the default `sub` claim format, use the REST API endpoint at "[AUTOTITLE](/rest/actions/oidc#set-the-customization-template-for-an-oidc-subject-claim-for-a-repository)" with the following request body: +To create a default `sub` claim at the organization level, an organization administrator must use the REST API endpoint at "[AUTOTITLE](/rest/actions/oidc#set-the-customization-template-for-an-oidc-subject-claim-for-an-organization)." Once an organization has created a default claim, the REST API can be used to programmatically apply the default claim to repositories within the organization. To configure repositories to use the default `sub` claim format, use the `PUT /repos/{owner}/{repo}/actions/oidc/customization/sub` REST API endpoint at with the following request body. For more information, see "[AUTOTITLE](/rest/actions/oidc#set-the-customization-template-for-an-oidc-subject-claim-for-a-repository)." ```json { @@ -462,7 +462,7 @@ To create a default `sub` claim at the organization level, an organization admin A repository administrator can configure their repository to use the template created by the administrator of their organisation. -To configure the repository to use the organization's template, a repository admin must use the REST API endpoint at "[AUTOTITLE](/rest/actions/oidc#set-the-customization-template-for-an-oidc-subject-claim-for-a-repository)" with the following request body: +To configure the repository to use the organization's template, a repository admin must use the `PUT /repos/{owner}/{repo}/actions/oidc/customization/sub` REST API endpoint at with the following request body. For more information, see "[AUTOTITLE](/rest/actions/oidc#set-the-customization-template-for-an-oidc-subject-claim-for-a-repository)." ```json { diff --git a/content/actions/hosting-your-own-runners/managing-self-hosted-runners/using-labels-with-self-hosted-runners.md b/content/actions/hosting-your-own-runners/managing-self-hosted-runners/using-labels-with-self-hosted-runners.md index 01d03a2219cf..d9a2f73f053e 100644 --- a/content/actions/hosting-your-own-runners/managing-self-hosted-runners/using-labels-with-self-hosted-runners.md +++ b/content/actions/hosting-your-own-runners/managing-self-hosted-runners/using-labels-with-self-hosted-runners.md @@ -120,7 +120,7 @@ You can remove custom labels from self-hosted runners at the repository{% ifvers You can programmatically assign labels to a self-hosted runner after the runner is created, or during its initial configuration. -- To programmatically assign labels to an existing self-hosted runner, you must use the REST API. For more information, see the "[AUTOTITLE](/rest/actions/self-hosted-runners)" REST API. +- To programmatically assign labels to an existing self-hosted runner, you must use the REST API. For more information, see "[AUTOTITLE](/rest/actions/self-hosted-runners)." - To programmatically assign labels to a self-hosted runner during the initial runner configuration, you can pass label names to the `config` script using the `labels` parameter. {% note %} diff --git a/content/actions/managing-workflow-runs/removing-workflow-artifacts.md b/content/actions/managing-workflow-runs/removing-workflow-artifacts.md index edb89a31d66b..9d34ecc2e619 100644 --- a/content/actions/managing-workflow-runs/removing-workflow-artifacts.md +++ b/content/actions/managing-workflow-runs/removing-workflow-artifacts.md @@ -38,4 +38,4 @@ You can also define a custom retention period for individual artifacts using the ## Finding the expiration date of an artifact -You can use the API to confirm the date that an artifact is scheduled to be deleted. For more information, see the `expires_at` value returned by "[AUTOTITLE](/rest/actions#artifacts)." +You can use the API to confirm the date that an artifact is scheduled to be deleted. For more information, see the `expires_at` value returned by the REST API. For more information, see "[AUTOTITLE](/rest/actions/artifacts)." diff --git a/content/actions/using-workflows/caching-dependencies-to-speed-up-workflows.md b/content/actions/using-workflows/caching-dependencies-to-speed-up-workflows.md index fff5dbd56e0f..5dab35fb60a1 100644 --- a/content/actions/using-workflows/caching-dependencies-to-speed-up-workflows.md +++ b/content/actions/using-workflows/caching-dependencies-to-speed-up-workflows.md @@ -282,7 +282,7 @@ To manage caches created from your workflows, you can: There are multiple ways to manage caches for your repositories: - Using the {% data variables.product.prodname_dotcom %} web interface, as shown below. -- Using the REST API. For more information, see the "[AUTOTITLE](/rest/actions/cache)" REST API documentation. +- Using the REST API. For more information, see "[AUTOTITLE](/rest/actions/cache)." - Installing the `gh cache` subcommand to manage your caches from the command line. For more information, see the [GitHub CLI documentation](https://cli.github.com/manual/gh_cache). {% note %} @@ -293,7 +293,7 @@ There are multiple ways to manage caches for your repositories: {% else %} -You can use the {% data variables.product.product_name %} REST API to manage your caches. {% ifversion actions-cache-list-delete-apis %}You can use the API to list and delete cache entries, and see your cache usage.{% elsif actions-cache-management %}At present, you can use the API to see your cache usage, with more functionality expected in future updates.{% endif %} For more information, see the "[AUTOTITLE](/rest/actions/cache)" REST API documentation. +You can use the {% data variables.product.product_name %} REST API to manage your caches. {% ifversion actions-cache-list-delete-apis %}You can use the API to list and delete cache entries, and see your cache usage.{% elsif actions-cache-management %}At present, you can use the API to see your cache usage, with more functionality expected in future updates.{% endif %} For more information, see "[AUTOTITLE](/rest/actions/cache)." You can also install a {% data variables.product.prodname_cli %} extension to manage your caches from the command line. For more information about the extension, see [the extension documentation](https://github.com/actions/gh-actions-cache#readme). For more information about {% data variables.product.prodname_cli %} extensions, see "[AUTOTITLE](/github-cli/github-cli/using-github-cli-extensions)." @@ -350,15 +350,15 @@ on: jobs: cleanup: runs-on: ubuntu-latest - steps: + steps: - name: Cleanup run: | gh extension install actions/gh-actions-cache - + echo "Fetching list of cache key" cacheKeysForPR=$(gh actions-cache list -R $REPO -B $BRANCH -L 100 | cut -f 1 ) - ## Setting this to not fail the workflow while deleting cache keys. + ## Setting this to not fail the workflow while deleting cache keys. set +e echo "Deleting caches..." for cacheKey in $cacheKeysForPR diff --git a/content/actions/using-workflows/disabling-and-enabling-a-workflow.md b/content/actions/using-workflows/disabling-and-enabling-a-workflow.md index a190622b6e21..19f358e246ac 100644 --- a/content/actions/using-workflows/disabling-and-enabling-a-workflow.md +++ b/content/actions/using-workflows/disabling-and-enabling-a-workflow.md @@ -10,7 +10,7 @@ shortTitle: Disable & enable a workflow redirect_from: - /actions/managing-workflow-runs/disabling-and-enabling-a-workflow --- - + {% data reusables.actions.enterprise-github-hosted-runners %} Disabling a workflow allows you to stop a workflow from being triggered without having to delete the file from the repo. You can easily re-enable the workflow again on {% data variables.product.prodname_dotcom %}. @@ -28,7 +28,7 @@ Temporarily disabling a workflow can be useful in many scenarios. These are a fe {% endwarning %} -You can also disable and enable a workflow using the REST API. For more information, see the "[AUTOTITLE](/rest/actions#workflows)." +You can also disable and enable a workflow using the REST API. For more information, see "[AUTOTITLE](/rest/actions#workflows)." ## Disabling a workflow diff --git a/content/actions/using-workflows/manually-running-a-workflow.md b/content/actions/using-workflows/manually-running-a-workflow.md index d7318c19cc5a..e979f1ace536 100644 --- a/content/actions/using-workflows/manually-running-a-workflow.md +++ b/content/actions/using-workflows/manually-running-a-workflow.md @@ -94,4 +94,4 @@ When using the REST API, you configure the `inputs` and `ref` as request body pa {% endnote %} -For more information about using the REST API, see the "[AUTOTITLE](/rest/actions#create-a-workflow-dispatch-event)." +For more information about using the REST API, see "[AUTOTITLE](/rest/actions#create-a-workflow-dispatch-event)." diff --git a/content/actions/using-workflows/storing-workflow-data-as-artifacts.md b/content/actions/using-workflows/storing-workflow-data-as-artifacts.md index 41646a06a3d5..fc70863720ff 100644 --- a/content/actions/using-workflows/storing-workflow-data-as-artifacts.md +++ b/content/actions/using-workflows/storing-workflow-data-as-artifacts.md @@ -18,7 +18,7 @@ type: tutorial topics: - Workflows --- - + {% data reusables.actions.enterprise-github-hosted-runners %} ## About workflow artifacts @@ -140,7 +140,7 @@ The `retention-days` value cannot exceed the retention limit set by the reposito During a workflow run, you can use the [`download-artifact`](https://github.com/actions/download-artifact) action to download artifacts that were previously uploaded in the same workflow run. -After a workflow run has been completed, you can download or delete artifacts on {% data variables.product.prodname_dotcom %} or using the REST API. For more information, see "[AUTOTITLE](/actions/managing-workflow-runs/downloading-workflow-artifacts)," "[AUTOTITLE](/actions/managing-workflow-runs/removing-workflow-artifacts)," and the "[AUTOTITLE](/rest/actions#artifacts)." +After a workflow run has been completed, you can download or delete artifacts on {% data variables.product.prodname_dotcom %} or using the REST API. For more information, see "[AUTOTITLE](/actions/managing-workflow-runs/downloading-workflow-artifacts)," "[AUTOTITLE](/actions/managing-workflow-runs/removing-workflow-artifacts)," and "[AUTOTITLE](/rest/actions#artifacts)." ### Downloading artifacts during a workflow run diff --git a/content/rest/actions/artifacts.md b/content/rest/actions/artifacts.md index 5cc2c8746cd4..d1a610221023 100644 --- a/content/rest/actions/artifacts.md +++ b/content/rest/actions/artifacts.md @@ -1,5 +1,5 @@ --- -title: GitHub Actions Artifacts +title: REST API endpoints for GitHub Actions artifacts allowTitleToDifferFromFilename: true shortTitle: Artifacts intro: >- diff --git a/content/rest/actions/cache.md b/content/rest/actions/cache.md index 6122bf45d37e..882c85f6384b 100644 --- a/content/rest/actions/cache.md +++ b/content/rest/actions/cache.md @@ -1,5 +1,5 @@ --- -title: GitHub Actions Cache +title: REST API endpoints for GitHub Actions cache allowTitleToDifferFromFilename: true shortTitle: Cache intro: >- diff --git a/content/rest/actions/index.md b/content/rest/actions/index.md index ead2b8eb9045..b847ebe1ae2d 100644 --- a/content/rest/actions/index.md +++ b/content/rest/actions/index.md @@ -1,5 +1,7 @@ --- -title: Actions +title: REST API endpoints for GitHub Actions +shortTitle: Actions +allowTitleToDifferFromFilename: true intro: >- Use the REST API to interact with {% data variables.product.prodname_actions %} for an organization or repository. diff --git a/content/rest/actions/oidc.md b/content/rest/actions/oidc.md index 8b0a7ed03380..29c21b71636e 100644 --- a/content/rest/actions/oidc.md +++ b/content/rest/actions/oidc.md @@ -1,5 +1,5 @@ --- -title: GitHub Actions OIDC +title: REST API endpoints for GitHub Actions OIDC allowTitleToDifferFromFilename: true shortTitle: OIDC intro: 'Use the REST API to interact with JWTs for OIDC subject claims in {% data variables.product.prodname_actions %}.' diff --git a/content/rest/actions/permissions.md b/content/rest/actions/permissions.md index 35dbf062737b..02346a9aa9db 100644 --- a/content/rest/actions/permissions.md +++ b/content/rest/actions/permissions.md @@ -1,5 +1,5 @@ --- -title: GitHub Actions Permissions +title: REST API endpoints for GitHub Actions permissions allowTitleToDifferFromFilename: true shortTitle: Permissions intro: >- diff --git a/content/rest/actions/secrets.md b/content/rest/actions/secrets.md index 218c1512bd51..47d059456bee 100644 --- a/content/rest/actions/secrets.md +++ b/content/rest/actions/secrets.md @@ -1,5 +1,5 @@ --- -title: GitHub Actions Secrets +title: REST API endpoints for GitHub Actions Secrets allowTitleToDifferFromFilename: true shortTitle: Secrets intro: >- diff --git a/content/rest/actions/self-hosted-runner-groups.md b/content/rest/actions/self-hosted-runner-groups.md index 0e53c56d13cd..ed8c9287d770 100644 --- a/content/rest/actions/self-hosted-runner-groups.md +++ b/content/rest/actions/self-hosted-runner-groups.md @@ -1,5 +1,7 @@ --- -title: Self-hosted runner groups +title: REST API endpoints for self-hosted runner groups +shortTitle: Self-hosted runner groups +allowTitleToDifferFromFilename: true intro: >- Use the REST API to interact with self-hosted runner groups for {% data variables.product.prodname_actions %}. diff --git a/content/rest/actions/self-hosted-runners.md b/content/rest/actions/self-hosted-runners.md index dece0aa6f763..f6b40be160bd 100644 --- a/content/rest/actions/self-hosted-runners.md +++ b/content/rest/actions/self-hosted-runners.md @@ -1,5 +1,7 @@ --- -title: Self-hosted runners +title: REST API endpoints for self-hosted runners +shortTitle: Self-hosted runners +allowTitleToDifferFromFilename: true intro: >- Use the REST API to interact with self-hosted runners in {% data variables.product.prodname_actions %}. diff --git a/content/rest/actions/variables.md b/content/rest/actions/variables.md index 6c195a379477..fb9c97e03749 100644 --- a/content/rest/actions/variables.md +++ b/content/rest/actions/variables.md @@ -1,5 +1,5 @@ --- -title: GitHub Actions Variables +title: REST API endpoints for GitHub Actions variables allowTitleToDifferFromFilename: true shortTitle: Variables intro: 'Use the REST API to interact with variables in {% data variables.product.prodname_actions %}.' diff --git a/content/rest/actions/workflow-jobs.md b/content/rest/actions/workflow-jobs.md index 2e0b356747a2..2947fb9f76b5 100644 --- a/content/rest/actions/workflow-jobs.md +++ b/content/rest/actions/workflow-jobs.md @@ -1,5 +1,7 @@ --- -title: Workflow jobs +title: REST API endpoints for workflow jobs +shortTitle: Workflow jobs +allowTitleToDifferFromFilename: true intro: >- Use the REST API to interact with workflow jobs in {% data variables.product.prodname_actions %}. diff --git a/content/rest/actions/workflow-runs.md b/content/rest/actions/workflow-runs.md index 5a0f598488b9..b76f04dd73a7 100644 --- a/content/rest/actions/workflow-runs.md +++ b/content/rest/actions/workflow-runs.md @@ -1,5 +1,7 @@ --- -title: Workflow runs +title: REST API endpoints for workflow runs +shortTitle: Workflow runs +allowTitleToDifferFromFilename: true intro: >- Use the REST API to interact with workflow runs in {% data variables.product.prodname_actions %}. diff --git a/content/rest/actions/workflows.md b/content/rest/actions/workflows.md index 06bae857a00c..9962bc377bc6 100644 --- a/content/rest/actions/workflows.md +++ b/content/rest/actions/workflows.md @@ -1,5 +1,7 @@ --- -title: Workflows +title: REST API endpoints for workflows +shortTitle: Workflows +allowTitleToDifferFromFilename: true intro: >- Use the REST API to interact with workflows in {% data variables.product.prodname_actions %}.