Skip to content

Commit ac3a3a4

Browse files
authored
Merge pull request #36190 from github/repo-sync
Repo sync
2 parents daef227 + 8580004 commit ac3a3a4

File tree

13 files changed

+222
-20
lines changed

13 files changed

+222
-20
lines changed

content/admin/managing-code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise.md

+17-6
Original file line numberDiff line numberDiff line change
@@ -32,6 +32,14 @@ To manage individual {% data variables.product.prodname_GH_advanced_security %}
3232
3333
{% endif %}
3434

35+
{% ifversion ghec %}
36+
37+
{% data variables.product.prodname_security_configurations_caps %} simplify the rollout of {% data variables.product.company_short %} security products at scale by helping you define collections of security settings and apply them across your enterprise. For more information, see [AUTOTITLE](/admin/managing-code-security/securing-your-enterprise/about-security-configurations).
38+
39+
{% data reusables.security-configurations.overview %}
40+
41+
{% endif %}
42+
3543
{% data reusables.secret-scanning.secret-scanning-enterprise-level-api %}
3644

3745
{% ifversion ghes %}For information about buying a license for {% data variables.product.prodname_GH_advanced_security %}, see [AUTOTITLE](/billing/managing-billing-for-your-products/managing-billing-for-github-advanced-security/about-billing-for-github-advanced-security).{% elsif ghec %}For information about buying a license for {% data variables.product.prodname_GH_advanced_security %}, see [AUTOTITLE](/billing/managing-billing-for-your-products/managing-billing-for-github-advanced-security/signing-up-for-github-advanced-security).{% endif %}
@@ -42,23 +50,26 @@ When you enable one or more security and analysis features for existing reposito
4250

4351
{% data reusables.security.security-and-analysis-features-enable-read-only %}
4452

53+
{% ifversion ghes %}
54+
4555
## Managing {% data variables.product.prodname_advanced_security %} features
4656

4757
{% data reusables.advanced-security.note-org-enable-uses-seats %}
4858

4959
{% data reusables.enterprise-accounts.access-enterprise %}
5060
{% data reusables.enterprise-accounts.settings-tab %}
51-
52-
1. In the left sidebar, click {% ifversion code-security-wording-only %}**Code security**{% else %}**Code security and analysis**{% endif %}.
61+
1. In the left sidebar, click **Code security and analysis**.
5362
1. Optionally, enable or disable a feature for all existing repositories.
5463

55-
* To the right of the feature, click **Disable all** or **Enable all**. {% ifversion ghes or ghec %}If the control for "{% data variables.product.prodname_GH_advanced_security %}" is disabled, you have no available licenses for {% data variables.product.prodname_GH_advanced_security %}.{% endif %}
64+
* To the right of the feature, click **Disable all** or **Enable all**. If the control for "{% data variables.product.prodname_GH_advanced_security %}" is disabled, you have no available licenses for {% data variables.product.prodname_GH_advanced_security %}.
5665
* To confirm the change, click the **Enable/Disable all** or **Enable/Disable for eligible repositories** button in the dialog that is displayed.
57-
1. Optionally, to enable or disable a feature automatically when new private and internal repositories{% ifversion secret-scanning-user-owned-repos %}, user namespace repositories {% ifversion ghec %}belonging to {% data variables.product.prodname_emus %}{% endif %}{% endif %}, or public repositories and repositories with {% data variables.product.prodname_GH_advanced_security %} enabled are created, select the checkbox below the feature.
58-
{% ifversion secret-scanning-custom-link-on-block %}
66+
1. Optionally, to enable or disable a feature automatically when new private and internal repositories{% ifversion secret-scanning-user-owned-repos %}, user namespace repositories{% endif %}, or public repositories and repositories with {% data variables.product.prodname_GH_advanced_security %} enabled are created, select the checkbox below the feature.{% ifversion org-npp-enablement-security-configurations %}
67+
1. Optionally, to enable the scanning of non-provider patterns, to the right of "Scan for non-provider patterns", click **Enable all**. To learn more about scanning for non-provider patterns, see [AUTOTITLE](/code-security/secret-scanning/introduction/supported-secret-scanning-patterns#non-provider-patterns) and [AUTOTITLE](/code-security/secret-scanning/managing-alerts-from-secret-scanning/viewing-alerts).{% endif %}
5968
1. Optionally, to include a resource link in the message that members will see when they attempt to push a secret, select **Add a resource link in the CLI and web UI when a commit is blocked**, then type a URL, and click **Save link**.
6069

6170
> [!NOTE]
6271
> When a custom link is configured for an organization, the organization-level value overrides the custom link set for the enterprise. See [AUTOTITLE](/code-security/secret-scanning/protecting-pushes-with-secret-scanning).
6372
64-
![Screenshot of "Push protection" settings. The checkbox and text field used for enabling a custom link are outlined.](/assets/images/help/organizations/secret-scanning-custom-link.png){% endif %}
73+
![Screenshot of "Push protection" settings. The checkbox and text field used for enabling a custom link are outlined.](/assets/images/help/organizations/secret-scanning-custom-link.png)
74+
75+
{% endif %}

content/admin/managing-code-security/securing-your-enterprise/about-security-configurations.md

+1-7
Original file line numberDiff line numberDiff line change
@@ -15,13 +15,7 @@ topics:
1515

1616
{% data variables.product.prodname_security_configurations_caps %} simplify the rollout of {% data variables.product.company_short %} security products at scale by helping you define collections of security settings and apply them across your enterprise.
1717

18-
{% ifversion security-configurations-cloud %}
19-
20-
We recommend securing your enterprise with the {% data variables.product.prodname_github_security_configuration %}, then evaluating the security findings on your repositories before configuring {% data variables.product.prodname_custom_security_configurations %}. For more information, see [AUTOTITLE](/admin/managing-code-security/securing-your-enterprise/applying-the-github-recommended-security-configuration-to-your-enterprise).
21-
22-
{% endif %}
23-
24-
With {% data variables.product.prodname_custom_security_configurations %}, you can create collections of enablement settings for {% data variables.product.company_short %}'s security products to meet the specific security needs of your enterprise. For example, you can create a different {% data variables.product.prodname_custom_security_configuration %} for each organization or group of similar organizations to reflect their different levels of security requirements and compliance obligations. For more information, see [AUTOTITLE](/admin/managing-code-security/securing-your-enterprise/creating-a-custom-security-configuration-for-your-enterprise).
18+
{% data reusables.security-configurations.overview %}
2519

2620
{% ifversion security-configurations-ghes-only %}
2721

content/admin/overview/about-github-for-enterprises.md

+1-1
Original file line numberDiff line numberDiff line change
@@ -86,7 +86,7 @@ When businesses adopt {% data variables.product.prodname_enterprise %}, their re
8686
1. Learn more about {% data variables.product.prodname_enterprise %}.
8787

8888
* [AUTOTITLE](/enterprise-cloud@latest/admin/overview/about-github-enterprise-cloud){% ifversion not ghec %} in the {% data variables.product.prodname_ghe_cloud %} documentation{% endif %}
89-
* [AUTOTITLE]({% ifversion not ghes %}/enterprise-server@latest{% endif %}/admin/overview/about-github-enterprise-server){% ifversion not ghes %}" in the {% data variables.product.prodname_ghe_server %} documentation.{% else %}.{% endif %}
89+
* [AUTOTITLE]({% ifversion not ghes %}/enterprise-server@latest{% endif %}/admin/overview/about-github-enterprise-server){% ifversion not ghes %} in the {% data variables.product.prodname_ghe_server %} documentation.{% else %}.{% endif %}
9090
1. Set up a trial.
9191

9292
* [AUTOTITLE](/admin/overview/setting-up-a-trial-of-github-enterprise-cloud)

content/code-security/codeql-cli/codeql-cli-manual/test-extract.md

+7-2
Original file line numberDiff line numberDiff line change
@@ -24,7 +24,7 @@ redirect_from:
2424
## Synopsis
2525

2626
```shell copy
27-
codeql test extract <options>... -- <testDir>
27+
codeql test extract [--source-root=<dir>] <options>... -- <testDirectory>
2828
```
2929

3030
## Description
@@ -39,7 +39,7 @@ execute test queries against.
3939

4040
### Primary Options
4141

42-
#### `<testDir>`
42+
#### `<testDirectory>`
4343

4444
\[Mandatory] The path to the test directory.
4545

@@ -49,6 +49,11 @@ Override the location of the database being created. By default it will
4949
be a subdirectory whose name is derived from the name of the test
5050
directory itself with '.testproj' appended.
5151

52+
#### `-s, --source-root=<dir>`
53+
54+
\[Advanced] The root source code directory, if different from the test
55+
directory.
56+
5257
#### `--search-path=<dir>[:<dir>...]`
5358

5459
A list of directories under which extractor packs may be found. The

content/copilot/rolling-out-github-copilot-at-scale/driving-copilot-adoption-in-your-company.md

+3-3
Original file line numberDiff line numberDiff line change
@@ -85,6 +85,6 @@ If your organization has specific {% data variables.product.prodname_copilot_sho
8585
Once you have implemented your {% data variables.product.prodname_copilot_short %} enablement process, you should regularly review and optimize it to ensure it continues to meet your organization's needs. Some ways you can do this are:
8686

8787
* Monitoring usage data to identify trends and patterns. See [AUTOTITLE](/copilot/rolling-out-github-copilot-at-scale/analyzing-usage-over-time-with-the-copilot-metrics-api).
88-
* Following up with users who haven't been using their assigned license. You can use the API to see the latest activity date for each assigned seat. See [AUTOTITLE](/rest/copilot/copilot-user-management#list-all-copilot-seat-assignments-for-an-organization).
89-
* Gathering feedback from teams to understand what is working well and what could be improved
90-
* Reviewing {% data variables.product.prodname_discussions %} and other communication channels to identify common issues and questions
88+
* Following up with users who haven't been using their assigned license. You can use the API to see the latest activity date for each assigned seat. See [AUTOTITLE](/copilot/rolling-out-github-copilot-at-scale/reminding-inactive-users).
89+
* Gathering feedback from teams to understand what is working well and what could be improved.
90+
* Reviewing {% data variables.product.prodname_discussions %} and other communication channels to identify common issues and questions.

content/copilot/rolling-out-github-copilot-at-scale/index.md

+1
Original file line numberDiff line numberDiff line change
@@ -9,4 +9,5 @@ topics:
99
children:
1010
- /driving-copilot-adoption-in-your-company
1111
- /analyzing-usage-over-time-with-the-copilot-metrics-api
12+
- /reminding-inactive-users
1213
---
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,148 @@
1+
---
2+
title: Reminding inactive users to use their GitHub Copilot license
3+
shortTitle: Remind inactive users
4+
intro: 'Use the {% data variables.product.github %} API to identify inactive users and help them get started.'
5+
versions:
6+
feature: copilot
7+
permissions: Organization owners and billing managers
8+
product: '{% data variables.product.prodname_copilot_for_business %} or {% data variables.product.prodname_copilot_enterprise %}'
9+
topics:
10+
- Copilot
11+
allowTitleToDifferFromFilename: true
12+
layout: inline
13+
---
14+
15+
When you're rolling out {% data variables.product.prodname_copilot %} in a business, it's important to keep track of which users are using their {% data variables.product.prodname_copilot_short %} license, so you can respond effectively by reassigning unused licenses or helping people to get started with {% data variables.product.prodname_copilot_short %}.
16+
17+
You can use the [List all Copilot seat assignments for an organization](/rest/copilot/copilot-user-management#list-all-copilot-seat-assignments-for-an-organization) API endpoint to find the last activity date for each user who is assigned a license in an organization. Then, you can respond automatically by filtering for users who haven't used their license for a certain amount of time and sending a reminder to those users.
18+
19+
## Writing the reminder message
20+
21+
Your reminder to inactive users should help users to get past common adoption blockers for {% data variables.product.prodname_copilot_short %}. We recommend identifying specific blockers for your company by running surveys or interviewing developers.
22+
23+
For example, the message could include information and links to help users:
24+
25+
* Install {% data variables.product.prodname_copilot_short %} in their environment.
26+
* Set up {% data variables.product.prodname_copilot_short %} to work with your company's proxy or firewall.
27+
* Get the most out of {% data variables.product.prodname_copilot_short %} in their day-to-day work.
28+
29+
You should also clearly communicate any further action you will take if the license continues to go unused, such as revoking the user's license.
30+
31+
### Example reminder
32+
33+
In the next section, we'll use this message in an automation that creates an issue assigned to each inactive user.
34+
35+
> We noticed you haven't used your assigned license for {% data variables.product.prodname_copilot %} in 30 days. Here are some resources that might help you get started:
36+
>
37+
> * If you haven't yet set up {% data variables.product.prodname_copilot_short %} in your environment, see [AUTOTITLE](/copilot/setting-up-github-copilot/setting-up-github-copilot-for-yourself) or [AUTOTITLE](/copilot/troubleshooting-github-copilot/troubleshooting-common-issues-with-github-copilot).
38+
> * For best practices and advice on getting started, see [AUTOTITLE](/copilot/using-github-copilot/best-practices-for-using-github-copilot) or [AUTOTITLE](/copilot/using-github-copilot/prompt-engineering-for-github-copilot).
39+
> * For examples related to specific tasks, see [AUTOTITLE](/copilot/example-prompts-for-github-copilot-chat).
40+
>
41+
> If you no longer need access to {% data variables.product.prodname_copilot_short %}, please let us know in this issue. If your license remains inactive for a further 30 days, we'll revoke it to free up access for another user.
42+
43+
#### Example reminder in Markdown
44+
45+
<!-- markdownlint-disable search-replace -->
46+
47+
``` markdown copy
48+
We noticed you haven't used your assigned license for {% data variables.product.prodname_copilot %} in 30 days. Here are some resources that might help you get started:
49+
50+
* If you haven't yet set up Copilot in your environment, see [Setting up GitHub Copilot for yourself](https://docs.github.com/en/copilot/setting-up-github-copilot/setting-up-github-copilot-for-yourself) or [Troubleshooting common issues with GitHub Copilot](https://docs.github.com/en/copilot/troubleshooting-github-copilot/troubleshooting-common-issues-with-github-copilot).
51+
* For best practices and advice on getting started, see [Best practices for using GitHub Copilot](https://docs.github.com/en/copilot/using-github-copilot/best-practices-for-using-github-copilot) or [Prompt engineering for GitHub Copilot](https://docs.github.com/en/copilot/using-github-copilot/prompt-engineering-for-github-copilot).
52+
* For examples related to specific tasks, see [Copilot Chat Cookbook](https://docs.github.com/en/copilot/example-prompts-for-github-copilot-chat).
53+
54+
If you no longer need access to {% data variables.product.prodname_copilot_short %}, please let us know in this issue. If your license remains inactive for a further 30 days, we'll revoke it to free up access for another user.
55+
```
56+
57+
<!-- markdownlint-enable search-replace -->
58+
59+
## Automating the reminder with {% data variables.product.prodname_actions %}
60+
61+
The following example workflow uses the API to identify users in an organization who haven't used their license for 30 days, then creates an issue assigned to each user. This is a simple example that you can adapt to meet your needs.
62+
63+
To use this workflow:
64+
65+
1. Create a label in the repository where reminder issues will be created. Call the label `copilot-reminder`. We'll use this label to check whether a reminder issue is already open for each inactive user.
66+
67+
To create a label, see [AUTOTITLE](/issues/using-labels-and-milestones-to-track-work/managing-labels#creating-a-label).
68+
1. Save your reminder message, such as the one provided in [Example reminder in Markdown](#example-reminder-in-markdown), as an {% data variables.product.prodname_actions %} variable in your repository or organization. Call the variable `COPILOT_REMINDER_MESSAGE`.
69+
70+
To create a variable, see [AUTOTITLE](/actions/writing-workflows/choosing-what-your-workflow-does/store-information-in-variables#creating-configuration-variables-for-a-repository).
71+
1. Create a {% data variables.product.pat_generic %} with permission to call the [List all Copilot seat assignments for an organization](/rest/copilot/copilot-user-management#list-all-copilot-seat-assignments-for-an-organization) API endpoint. For example, create a fine-grained token with the following details:
72+
* **Resource owner**: The organization where you're looking for inactive users.
73+
* **Organization permissions**: {% data variables.product.prodname_copilot_for_business %} (read-only).
74+
75+
To create a token, see [AUTOTITLE](/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens#creating-a-fine-grained-personal-access-token).
76+
1. Save the access token as a {% data variables.product.prodname_actions %} secret in your repository or organization. Call the secret `COPILOT_LICENSE_READ`.
77+
78+
To create a secret, see [AUTOTITLE](/actions/security-for-github-actions/security-guides/using-secrets-in-github-actions#creating-secrets-for-a-repository).
79+
1. Using the example below, create the workflow in the repository where you want the reminder issues to be created.
80+
81+
If you're new to {% data variables.product.prodname_actions %}, see [AUTOTITLE](/actions/writing-workflows/quickstart).
82+
1. In the workflow, replace the `ORG/REPO` placeholders in the `gh` commands with the name of the repository where you want the reminder issues to be created. For example: `octo-org/octo-repo`.
83+
84+
### Example workflow
85+
86+
>[!NOTE] This example assumes you assign licenses through an organization. If you use a dedicated enterprise account for {% data variables.product.prodname_copilot_business_short %}, you will need to use different API endpoints. See [AUTOTITLE](/admin/copilot-business-only/setting-up-a-dedicated-enterprise-for-copilot-business-personal-accounts#automate-license-management).
87+
88+
<!-- markdownlint-disable GHD021 -->
89+
90+
``` yaml annotate
91+
# Name your workflow
92+
name: Remind inactive users about Copilot license
93+
94+
# Run the workflow every day at 8am UTC
95+
on:
96+
schedule:
97+
- cron: '0 8 * * *'
98+
99+
jobs:
100+
context-log:
101+
runs-on: ubuntu-latest
102+
steps:
103+
- name: Check Copilot Last Activity
104+
id: check-last-activity
105+
run: |
106+
# Call the user management API
107+
RESPONSE=$(gh api \
108+
-H "Accept: application/vnd.github+json" \
109+
-H "X-GitHub-Api-Version: 2022-11-28" \
110+
-H "Authorization: Bearer {% raw %}${{ secrets.COPILOT_LICENSE_READ }}{% endraw %}" \
111+
/orgs/$ORGANIZATION_VAR/copilot/billing/seats)
112+
echo "Raw Response from gh api:"
113+
echo "$RESPONSE"
114+
115+
# Parse and check each user's `last_activity_at`
116+
echo "$RESPONSE" | jq -c '.seats[]' | while read -r seat; do
117+
LOGIN=$(echo "$seat" | jq -r '.assignee.login')
118+
LAST_ACTIVITY=$(echo "$seat" | jq -r '.last_activity_at')
119+
120+
# Replace ORG/REPO with the repository name
121+
EXISTING_ISSUES=$(gh issue list --repo ORG/REPO --assignee $LOGIN --label 'copilot-reminder' --json id)
122+
123+
# Convert dates to seconds since epoch for comparison
124+
LAST_ACTIVITY_DATE=$(date -d "$LAST_ACTIVITY" +%s)
125+
THIRTY_DAYS_AGO=$(date -d "30 days ago" +%s)
126+
127+
# Create issues for inactive users who don't have an existing open issue
128+
if [ "$LAST_ACTIVITY_DATE" -lt "$THIRTY_DAYS_AGO" ] && [ "$EXISTING_ISSUES" = "[]" ]; then
129+
echo "User $LOGIN has not been active in the last 30 days. Last activity: $LAST_ACTIVITY"
130+
131+
# Replace ORG/REPO with the repository name
132+
NEW_ISSUE_URL="$(gh issue create --title "Reminder about your GitHub Copilot license" --body "{% raw %}${{ vars.COPILOT_REMINDER_MESSAGE }}{% endraw %}" --repo ORG/REPO --assignee $LOGIN --label 'copilot-reminder')"
133+
else
134+
echo "User $LOGIN is active or already has an assigned reminder issue. Last activity: $LAST_ACTIVITY"
135+
fi
136+
done
137+
138+
# Set the GITHUB_TOKEN, required for the `gh issue` commands
139+
env:
140+
GITHUB_TOKEN: {% raw %}${{ github.token }}{% endraw %}
141+
```
142+
143+
<!-- markdownlint-enable GHD021 -->
144+
145+
## Further reading
146+
147+
* [AUTOTITLE](/copilot/rolling-out-github-copilot-at-scale/driving-copilot-adoption-in-your-company)
148+
* [AUTOTITLE](/copilot/rolling-out-github-copilot-at-scale/analyzing-usage-over-time-with-the-copilot-metrics-api)

0 commit comments

Comments
 (0)