Merge branch 'main' into al-cheb/windows-default-shell

Author: Martin Lopes

.github/allowed-actions.js

@@ -25,7 +25,7 @@ module.exports = [
   'pascalgn/automerge-action@c9bd182',
   'peter-evans/create-issue-from-file@a04ce672e3acedb1f8e416b46716ddfd09905326',
   'peter-evans/create-or-update-comment@5221bf4aa615e5c6e95bb142f9673a9c791be2cd',
-  'peter-evans/create-pull-request@938e6aea6f8dbdaced2064e948cb806c77fe87b8',
+  'peter-evans/create-pull-request@8c603dbb04b917a9fc2dd991dc54fef54b640b43',
   'rachmari/actions-add-new-issue-to-column@1a459ef92308ba7c9c9dc2fcdd72f232495574a9',
   'rachmari/labeler@832d42ec5523f3c6d46e8168de71cd54363e3e2e',
   'repo-sync/github-sync@3832fe8e2be32372e1b3970bbae8e7079edeec88',

.github/workflows/remove-unused-assets.yml

@@ -33,7 +33,7 @@ jobs:
       - name: Remove script results file
         run: rm -rf ./results.md
       - name: Create pull request
-        uses: peter-evans/create-pull-request@938e6aea6f8dbdaced2064e948cb806c77fe87b8
+        uses: peter-evans/create-pull-request@8c603dbb04b917a9fc2dd991dc54fef54b640b43
         with:
           # need to use a token with repo and workflow scopes for this step
           token: ${{ secrets.OCTOMERGER_PAT_WITH_REPO_AND_WORKFLOW_SCOPE }}

.github/workflows/repo-sync-stalls.yml

@@ -40,7 +40,7 @@ jobs:
               const timeDelta = Date.now() - Date.parse(pr.created_at);
               const minutesOpen = timeDelta / 1000 / 60;
 
-              if (minutesOpen > 30) {
+              if (minutesOpen > 180) {
                 core.setFailed('Repo sync appears to be stalled') 
               }
             })

.github/workflows/repo-sync.yml

@@ -44,6 +44,7 @@ jobs:
           github_token: ${{ secrets.OCTOMERGER_PAT_WITH_REPO_AND_WORKFLOW_SCOPE }}
 
       - name: Create pull request
+        id: create-pull
         uses: repo-sync/pull-request@33777245b1aace1a58c87a29c90321aa7a74bd7d
         env:
           GITHUB_TOKEN: ${{ secrets.OCTOMERGER_PAT_WITH_REPO_AND_WORKFLOW_SCOPE }}
@@ -70,6 +71,35 @@ jobs:
           github-token: ${{ secrets.GITHUB_TOKEN }}
           number: ${{ steps.find-pull-request.outputs.number }}
 
+      # There are cases where the branch becomes out-of-date in between the time this workflow began and when the pull request is created/updated
+      - name: Update branch
+        if: ${{ steps.find-pull-request.outputs.number }}
+        uses: actions/github-script@626af12fe9a53dc2972b48385e7fe7dec79145c9
+        with:
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+          script: |
+            const mainHeadSha = await github.git.getRef({
+              ...context.repo,
+              ref: 'heads/main'
+            })
+            console.log(`heads/main sha: ${mainHeadSha.data.object.sha}`)
+
+            const pull = await github.pulls.get({
+              ...context.repo,
+              pull_number: parseInt(${{ steps.find-pull-request.outputs.number }})
+            })
+            console.log(`Pull request base sha: ${pull.data.base.sha}`)
+
+            if (mainHeadSha.data.object.sha !== pull.data.base.sha || pull.data.mergeable_state === 'behind') {
+              const updateBranch = await github.pulls.updateBranch({
+                ...context.repo,
+                pull_number: parseInt(${{ steps.find-pull-request.outputs.number }})
+              })
+              console.log(updateBranch.data.message)
+            } else {
+              console.log(`Branch is already up-to-date`)
+            }
+
       - name: Send Slack notification if workflow fails
         uses: someimportantcompany/github-actions-slack-message@0b470c14b39da4260ed9e3f9a4f1298a74ccdefd
         if: failure()

.github/workflows/update-graphql-files.yml

@@ -10,8 +10,8 @@ env:
 
 on:
   workflow_dispatch:
-  #schedule:
-  #- cron: '20 16 * * *' # run every day at 16:20 UTC / 8:20 PST
+  schedule:
+    - cron: '20 16 * * *' # run every day at 16:20 UTC / 8:20 PST
 
 jobs:
   update_graphql_files:
@@ -37,15 +37,15 @@ jobs:
       - name: Run updater scripts
         env:
           # need to use a token from a user with access to github/github for this step
-          GITHUB_TOKEN: ${{ secrets.OCTOMERGER_PAT_WITH_REPO_AND_WORKFLOW_SCOPE }}
+          GITHUB_TOKEN: ${{ secrets.RACHMARI_REPO_WORKFLOW }}
         run: |
           script/graphql/update-files.js
       - name: Create pull request
         id: create-pull-request
-        uses: peter-evans/create-pull-request@938e6aea6f8dbdaced2064e948cb806c77fe87b8
+        uses: peter-evans/create-pull-request@8c603dbb04b917a9fc2dd991dc54fef54b640b43
         with:
           # need to use a token with repo and workflow scopes for this step
-          token: ${{ secrets.OCTOMERGER_PAT_WITH_REPO_AND_WORKFLOW_SCOPE }}
+          token: ${{ secrets.GITHUB_TOKEN }}
           commit-message: 'Action ran graphql script"update-files"'
           title: GraphQL schema update
           body:

CONTRIBUTING.md

@@ -152,7 +152,7 @@ We (usually the docs team, but sometimes GitHub product managers, engineers, or
 You should always review your own PR first.
 
 For content changes, make sure that you:
-- [ ] Confirm that the changes address every part of the content strategy plan from your issue (if there are differences, explain them).
+- [ ] Confirm that the changes address every part of the content design plan from your issue (if there are differences, explain them).
 - [ ] Review the content for technical accuracy.
 - [ ] Review the entire pull request using the [localization checklist](contributing/localization-checklist.md).
 - [ ] Copy-edit the changes for grammar, spelling, and adherence to the style guide.

Gemfile.lock

@@ -10,10 +10,11 @@ GEM
 
 PLATFORMS
   ruby
+  x86_64-linux
 
 DEPENDENCIES
   graphql (= 1.10.6)
   graphql-schema_comparator (~> 1.0.0)
 
 BUNDLED WITH
-   2.1.4
+   2.2.1

app.json

@@ -3,10 +3,9 @@
   "env": {
     "NODE_ENV": "production",
     "NPM_CONFIG_PRODUCTION": "true",
-    "ENABLED_LANGUAGES": "en, de"
+    "ENABLED_LANGUAGES": "en"
   },
   "buildpacks": [
-    { "url": "https://github.com/DataDog/heroku-buildpack-datadog.git#1.21" },
     { "url": "heroku/nodejs" }
   ],
   "formation": {

content/actions/guides/building-and-testing-nodejs.md

@@ -195,7 +195,7 @@ steps:
 
 To authenticate to your private registry, you'll need to store your npm authentication token as a secret. For example, create a repository secret called `NPM_TOKEN`. For more information, see "[Creating and using encrypted secrets](/actions/automating-your-workflow-with-github-actions/creating-and-using-encrypted-secrets)."
 
-In the example below, the secret `NPM_TOKEN` stores the npm authentication token. The `setup-node` action configures the *.npmrc* file to read the npm authentication token from the `NODE_AUTH_TOKEN` environment variable. When using the `setup-node` action to create an *.npmrc* file, you must set the `NPM_AUTH_TOKEN` environment variable with the secret that contains your npm authentication token.
+In the example below, the secret `NPM_TOKEN` stores the npm authentication token. The `setup-node` action configures the *.npmrc* file to read the npm authentication token from the `NODE_AUTH_TOKEN` environment variable. When using the `setup-node` action to create an *.npmrc* file, you must set the `NODE_AUTH_TOKEN` environment variable with the secret that contains your npm authentication token.
 
 Before installing dependencies, use the `setup-node` action to create the *.npmrc* file. The action has two input parameters. The `node-version` parameter sets the Node.js version, and the `registry-url` parameter sets the default registry. If your package registry uses scopes, you must use the `scope` parameter. For more information, see [`npm-scope`](https://docs.npmjs.com/misc/scope).
 

content/actions/guides/deploying-to-amazon-elastic-container-service.md

@@ -0,0 +1,150 @@
+---
+title: Deploying to Amazon Elastic Container Service
+intro: You can deploy to Amazon Elastic Container Service (ECS) as part of your continuous deployment (CD) workflows.
+product: '{% data reusables.gated-features.actions %}'
+versions:
+  free-pro-team: '*'
+  enterprise-server: '>=2.22'
+---
+
+{% data reusables.actions.enterprise-beta %}
+{% data reusables.actions.enterprise-github-hosted-runners %}
+
+### Introduction
+
+This guide explains how to use {% data variables.product.prodname_actions %} to build a containerized application, push it to [Amazon Elastic Container Registry (ECR)](https://aws.amazon.com/ecr/), and deploy it to [Amazon Elastic Container Service (ECS)](https://aws.amazon.com/ecs/).
+
+On every new release in your {% data variables.product.company_short %} repository, the {% data variables.product.prodname_actions %} workflow builds and pushes a new container image to Amazon ECR, and then deploys a new task definition to Amazon ECS.
+
+### Prerequisites
+
+Before creating your {% data variables.product.prodname_actions %} workflow, you will first need to complete the following setup steps for Amazon ECR and ECS:
+
+1. Create an Amazon ECR repository to store your images.
+
+   For example, using [the AWS CLI](https://aws.amazon.com/cli/):
+
+   {% raw %}```bash{:copy}
+   aws ecr create-repository \
+       --repository-name MY_ECR_REPOSITORY \
+       --region MY_AWS_REGION
+   ```{% endraw %}
+
+   Ensure that you use the same Amazon ECR repository name (represented here by `MY_ECR_REPOSITORY`) for the `ECR_REPOSITORY` variable in the workflow below.
+
+   Ensure that you use the same AWS region value for the `AWS_REGION` (represented here by `MY_AWS_REGION`) variable in the workflow below.
+
+2. Create an Amazon ECS task definition, cluster, and service.
+
+   For details, follow the [Getting started wizard on the Amazon ECS console](https://us-east-2.console.aws.amazon.com/ecs/home?region=us-east-2#/firstRun), or the [Getting started guide](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/getting-started-fargate.html) in the Amazon ECS documentation.
+
+   Ensure that you note the names you set for the Amazon ECS service and cluster, and use them for the `ECS_SERVICE` and `ECS_CLUSTER` variables in the workflow below.
+
+3. Store your Amazon ECS task definition as a JSON file in your {% data variables.product.company_short %} repository.
+
+   The format of the file should be the same as the output generated by:
+
+   {% raw %}```bash{:copy}
+   aws ecs register-task-definition --generate-cli-skeleton
+   ```{% endraw %}
+
+   Ensure that you set the `ECS_TASK_DEFINITION` variable in the workflow below as the path to the JSON file.
+
+   Ensure that you set the `CONTAINER_NAME` variable in the workflow below as the container name in the `containerDefinitions` section of the task definition.
+
+4. Create {% data variables.product.prodname_actions %} secrets named `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY` to store the values for your Amazon IAM access key.
+
+   For more information on creating secrets for {% data variables.product.prodname_actions %}, see "[Encrypted secrets](/actions/reference/encrypted-secrets#creating-encrypted-secrets-for-a-repository)."
+
+   See the documentation for each action used below for the recommended IAM policies for the IAM user, and methods for handling the access key credentials.
+
+### Creating the workflow
+
+Once you've completed the prerequisites, you can proceed with creating the workflow.
+
+The following example workflow demonstrates how to build a container image and push it to Amazon ECR. It then updates the task definition with the new image ID, and deploys the task definition to Amazon ECS.
+
+Ensure that you provide your own values for all the variables in the `env` key of the workflow.
+
+{% raw %}
+```yaml{:copy}
+name: Deploy to Amazon ECS
+
+on:
+  release:
+    types: [ created ]
+
+env:
+  AWS_REGION: MY_AWS_REGION                   # set this to your preferred AWS region, e.g. us-west-1
+  ECR_REPOSITORY: MY_ECR_REPOSITORY           # set this to your Amazon ECR repository name
+  ECS_SERVICE: MY_ECS_SERVICE                 # set this to your Amazon ECS service name
+  ECS_CLUSTER: MY_ECS_CLUSTER                 # set this to your Amazon ECS cluster name
+  ECS_TASK_DEFINITION: MY_ECS_TASK_DEFINITION # set this to the path to your Amazon ECS task definition
+                                               # file, e.g. .aws/task-definition.json
+  CONTAINER_NAME: MY_CONTAINER_NAME           # set this to the name of the container in the
+                                               # containerDefinitions section of your task definition
+
+defaults:
+  run:
+    shell: bash
+
+jobs:
+  deploy:
+    name: Deploy
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+
+      - name: Configure AWS credentials
+        uses: aws-actions/configure-aws-credentials@v1
+        with:
+          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+          aws-region: $AWS_REGION
+
+      - name: Login to Amazon ECR
+        id: login-ecr
+        uses: aws-actions/amazon-ecr-login@v1
+
+      - name: Build, tag, and push image to Amazon ECR
+        id: build-image
+        env:
+          ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
+          IMAGE_TAG: ${{ github.sha }}
+        run: |
+          # Build a docker container and
+          # push it to ECR so that it can
+          # be deployed to ECS.
+          docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG .
+          docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
+          echo "image=$ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG" >> $GITHUB_ENV
+
+      - name: Fill in the new image ID in the Amazon ECS task definition
+        id: task-def
+        uses: aws-actions/amazon-ecs-render-task-definition@v1
+        with:
+          task-definition: $ECS_TASK_DEFINITION
+          container-name: $CONTAINER_NAME
+          image: ${{ steps.build-image.outputs.image }}
+
+      - name: Deploy Amazon ECS task definition
+        uses: aws-actions/amazon-ecs-deploy-task-definition@v1
+        with:
+          task-definition: ${{ steps.task-def.outputs.task-definition }}
+          service: $ECS_SERVICE
+          cluster: $ECS_CLUSTER
+          wait-for-service-stability: true
+```
+{% endraw %}
+
+### Additional resources
+
+For more information on the services used in these examples, see the following documentation:
+
+* "[Security best practices in IAM](https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html)" in the Amazon AWS documentation.
+* Official AWS "[Configure AWS Credentials](https://github.com/aws-actions/configure-aws-credentials)" action.
+* Official AWS [Amazon ECR "Login"](https://github.com/aws-actions/amazon-ecr-login) action.
+* Official AWS [Amazon ECS "Render Task Definition"](https://github.com/aws-actions/amazon-ecs-render-task-definition) action.
+* Official AWS [Amazon ECS "Deploy Task Definition"](https://github.com/aws-actions/amazon-ecs-deploy-task-definition) action.