Repo sync

.github/workflows/azure-prod-build-deploy.yml

@@ -66,6 +66,7 @@ jobs:
       - name: 'Create Azure Container Registry Token'
         env:
           CONTAINER_REGISTRY_SERVER: ${{ secrets.PROD_REGISTRY_SERVER }}
+          CONTAINER_REPO: ${{ github.repository }}
         run: npm run create-acr-token
 
       - name: 'Docker login'

content/actions/sharing-automations/reusing-workflows.md

@@ -60,7 +60,7 @@
   You cannot directly use reusable workflows defined on {% data variables.product.prodname_dotcom_the_website %}. Instead store a copy of the reusable workflow on {% data variables.location.product_location %}, and call the workflow from that path.
 
   {% elsif actions-workflow-policy %}, and your {% ifversion ghec %}enterprise{% else %}organization{% endif %} allows you to use public reusable workflows.{% endif %}{% ifversion ghes or ghec %}
 * The called workflow is stored in an internal repository and the settings for that repository allow it to be accessed. For more information, see {% ifversion internal-actions %}"[AUTOTITLE](/actions/creating-actions/sharing-actions-and-workflows-with-your-enterprise){% else %}"[AUTOTITLE](/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#allowing-access-to-components-in-an-internal-repository){% endif %}."{% endif %}{% ifversion private-actions %}
 * The called workflow is stored in a private repository and the settings for that repository allow it to be accessed. For more information, see {% ifversion ghes or ghec %}"[AUTOTITLE](/actions/creating-actions/sharing-actions-and-workflows-with-your-enterprise)."{% else %}"[AUTOTITLE](/actions/creating-actions/sharing-actions-and-workflows-with-your-organization)" and "[AUTOTITLE](/actions/creating-actions/sharing-actions-and-workflows-from-your-private-repository)."{% endif %}
 {% endif %}
 
@@ -94,7 +94,7 @@
 
 ## Limitations
 
 {% ifversion nested-reusable-workflow %}
 * You can connect up to four levels of workflows. For more information, see "[Nesting reusable workflows](#nesting-reusable-workflows)."
 * You can call a maximum of 20 unique reusable workflows from a single workflow file. This limit includes any trees of nested reusable workflows that may be called starting from your top-level caller workflow file.
 
@@ -103,8 +103,8 @@
 * Reusable workflows can't call other reusable workflows.
 * You can call a maximum of 20 unique reusable workflows from a single workflow file.
 {% endif %}
 {% ifversion private-actions %}{% else %}- Reusable workflows stored within a private repository can only be used by workflows within the same repository.{% endif %}
 {% ifversion actions-reusable-workflow-matrix %}{% else %}* The `strategy` property is not supported in any job that calls a reusable workflow.{% endif %}
 * Any environment variables set in an `env` context defined at the workflow level in the caller workflow are not propagated to the called workflow. For more information, see "[AUTOTITLE](/actions/learn-github-actions/variables)" and "[AUTOTITLE](/actions/learn-github-actions/contexts#env-context)."
 * Similarly, environment variables set in the `env` context, defined in the called workflow, are not accessible in the `env` context of the caller workflow. Instead, you must use outputs of the reusable workflow. For more information, see "[Using outputs from a reusable workflow](#using-outputs-from-a-reusable-workflow)."
 * To reuse variables in multiple workflows, set them at the organization, repository, or environment levels and reference them using the `vars` context. For more information see "[AUTOTITLE](/actions/learn-github-actions/variables)" and "[AUTOTITLE](/actions/learn-github-actions/contexts#vars-context)."
@@ -136,13 +136,13 @@
            required: true
            type: string
        secrets:
-         envPAT:
+         personal_access_token:
            required: true
    ```
 
    {% endraw %}
    For details of the syntax for defining inputs and secrets, see [`on.workflow_call.inputs`](/actions/using-workflows/workflow-syntax-for-github-actions#onworkflow_callinputs) and [`on.workflow_call.secrets`](/actions/using-workflows/workflow-syntax-for-github-actions#onworkflow_callsecrets).
    {% ifversion actions-inherit-secrets-reusable-workflows %}
 1. In the reusable workflow, reference the input or secret that you defined in the `on` key in the previous step.
 
    {% note %}
@@ -160,22 +160,22 @@
    jobs:
      reusable_workflow_job:
        runs-on: ubuntu-latest
-       environment: production
        steps:
        - uses: actions/labeler@v4
          with:
-           repo-token: ${{ secrets.envPAT }}
+           repo-token: ${{ secrets.personal_access_token }}
            configuration-path: ${{ inputs.config-path }}
    ```
 
    {% endraw %}
-   In the example above, `envPAT` is an environment secret that's been added to the `production` environment. This environment is therefore referenced within the job.
 
-   {% note %}
+   In the example above, `personal_access_token` is a secret that's defined at the repository or organization level.
 
-   **Note**: Environment secrets are {% ifversion fpt or ghec %}encrypted {% endif %}strings that are stored in an environment that you've defined for a repository. Environment secrets are only available to workflow jobs that reference the appropriate environment. For more information, see "[AUTOTITLE](/actions/deployment/targeting-different-environments/managing-environments-for-deployment#environment-secrets)."
+   {% warning %}
 
-   {% endnote %}
+   **Warning**: Environment secrets cannot be passed from the caller workflow as `on.workflow_call` does not support the `environment` keyword. If you include `environment` in the reusable workflow at the job level, the environment secret will be used, and not the secret passed from the caller workflow. For more information, see "[AUTOTITLE](/actions/deployment/targeting-different-environments/managing-environments-for-deployment#environment-secrets)" and "[AUTOTITLE](/actions/writing-workflows/workflow-syntax-for-github-actions#onworkflow_call)".
+
+   {% endwarning %}
 
 1. Pass the input or secret from the caller workflow.
 
@@ -230,7 +230,7 @@
 
 {% data reusables.actions.pass-inputs-to-reusable-workflows%}
 
 {% ifversion actions-reusable-workflow-matrix %}
 
 ### Using a matrix strategy with a reusable workflow
 
@@ -266,10 +266,10 @@
 * [`jobs.<job_id>.with.<input_id>`](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idwithinput_id)
 * [`jobs.<job_id>.secrets`](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idsecrets)
 * [`jobs.<job_id>.secrets.<secret_id>`](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idsecretssecret_id)
 {%- ifversion actions-inherit-secrets-reusable-workflows %}
 * [`jobs.<job_id>.secrets.inherit`](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idsecretsinherit)
 {%- endif %}
 {%- ifversion actions-reusable-workflow-matrix %}
 * [`jobs.<job_id>.strategy`](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstrategy)
 {%- endif %}
 * [`jobs.<job_id>.needs`](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idneeds)
@@ -318,7 +318,7 @@
 
 {% endraw %}
 
 {% ifversion nested-reusable-workflow %}
 
 ## Nesting reusable workflows
 
@@ -361,7 +361,7 @@
   workflowB-calls-workflowC:
     uses: different-org/example-repo/.github/workflows/C.yml@main
     secrets:
-      envPAT: ${{ secrets.envPAT }} # pass just this secret
+      repo-token: ${{ secrets.person_access_token }} # pass just this secret
 ```
 
 {% endraw %}
@@ -377,7 +377,7 @@
 
 ## Using outputs from a reusable workflow
 
 A reusable workflow may generate data that you want to use in the caller workflow. To use these outputs, you must specify them as the outputs of the reusable workflow.{% ifversion actions-reusable-workflow-matrix %}
 
 If a reusable workflow that sets an output is executed with a matrix strategy, the output will be the output set by the last successful completing reusable workflow of the matrix which actually sets a value.
 That means if the last successful completing reusable workflow sets an empty string for its output, and the second last successful completing reusable workflow sets an actual value for its output, the output will contain the value of the second last completing reusable workflow.{% endif %}

content/code-security/codeql-cli/using-the-advanced-functionality-of-the-codeql-cli/publishing-and-using-codeql-packs.md

@@ -26,16 +26,16 @@ library: # set to true if the pack is a library. Set to false or omit for a quer
 name: <scope>/<pack>
 version: <x.x.x>
 description: <Description to publish with the package>
-default-suite: # optional, one or more queries in the pack to run by default
+defaultSuite: # optional, one or more queries in the pack to run by default
     - query: <relative-path>/query-file>.ql
-default-suite-file: default-queries.qls # optional, a pointer to a query-suite in this pack
+defaultSuiteFile: default-queries.qls # optional, a pointer to a query-suite in this pack
 license: # optional, the license under which the pack is published
 dependencies: # map from CodeQL pack name to version range
 ```
 
 * `name:` must follow the `<scope>/<pack>` format, where `<scope>` is the {% data variables.product.prodname_dotcom %} organization that you will publish to and `<pack>` is the name for the pack.
 
-* A maximum of one of `default-suite` or `default-suite-file` is allowed. These are two different ways to define a default query suite to be run, the first by specifying queries directly in the qlpack.yml file and the second by specifying a query suite in the pack.
+* A maximum of one of `defaultSuite` or `defaultSuiteFile` is allowed. These are two different ways to define a default query suite to be run, the first by specifying queries directly in the qlpack.yml file and the second by specifying a query suite in the pack.
 
 ## Running `codeql pack publish`
 

content/copilot/setting-up-github-copilot/setting-up-github-copilot-for-your-organization.md

@@ -49,7 +49,7 @@ Alternatively, you can set up a self-serve workflow using the API. See "[Add tea
 
 Enhance the {% data variables.product.prodname_copilot_short %} experience for your organization by:
 
-* **Indexing repositories** to improve {% data variables.product.prodname_copilot_short %}'s responses relating to {% data variables.product.prodname_dotcom %} repositories _({% data variables.product.prodname_copilot_enterprise_short %} only)_. See "[AUTOTITLE](/copilot/managing-copilot/managing-github-copilot-in-your-organization/managing-github-copilot-features-in-your-organization/indexing-repositories-for-copilot-chat)."
+* **Indexing repositories** to improve {% data variables.product.prodname_copilot_short %}'s responses relating to {% data variables.product.prodname_dotcom %} repositories. See "[AUTOTITLE](/copilot/managing-copilot/managing-github-copilot-in-your-organization/managing-github-copilot-features-in-your-organization/indexing-repositories-for-copilot-chat)."
 * **Setting up knowledge bases** for use with {% data variables.product.prodname_copilot_chat_short %} _({% data variables.product.prodname_copilot_enterprise_short %} only)_. See "[AUTOTITLE](/enterprise-cloud@latest/copilot/managing-copilot/managing-github-copilot-in-your-organization/managing-github-copilot-features-in-your-organization/managing-copilot-knowledge-bases)."
 * **Fine tuning {% data variables.product.prodname_copilot_short %}** by creating a custom large language model. See "[AUTOTITLE](/copilot/managing-copilot/managing-github-copilot-in-your-organization/customizing-copilot-for-your-organization/creating-a-custom-model-for-github-copilot)."
 * **Installing {% data variables.product.prodname_copilot_extensions_short %}** to integrate other tools with {% data variables.product.prodname_copilot_chat_short %}. See "[AUTOTITLE](/copilot/managing-copilot/managing-github-copilot-in-your-organization/managing-github-copilot-features-in-your-organization/installing-github-copilot-extensions-for-your-organization)."