Private image registry support & Codespaces audit logs (#18840)

* adding new tables and linking to info on audit logs

* editing some text:

* adding new info on how to add image registry login

* adding link and fixing table

* formatting

* formatting

* Apply suggestions from code review

Co-authored-by: Laura Coursen <lecoursen@github.com>

* updaing private image registry secret info and other improvements

* some minor fixes

* fixing test errors

* rewriting registry secret section

* rewriting registry secret section

* updating link to reflect title

* Update content/github/developing-online-with-codespaces/managing-encrypted-secrets-for-codespaces.md

Co-authored-by: Laura Coursen <lecoursen@github.com>

* updating bullet point

Co-authored-by: Laura Coursen <lecoursen@github.com>

Author: timeyoutakeit

assets/images/help/settings/codespaces-image-registry-secret-example.png

@@ -93,6 +93,10 @@ An overview of some of the most common actions that are recorded as events in th
 
 | Action | Description
 |------------------|-------------------
+| `create` | Triggered when you [create a codespace](/github/developing-online-with-codespaces/creating-a-codespace).
+| `resume` | Triggered when you resume a suspended codespace.
+| `delete` | Triggered when you [delete a codespace](/github/developing-online-with-codespaces/deleting-a-codespace).
+| `manage_access_and_security` | Triggered when you update [the repositories a codespace has access to](/github/developing-online-with-codespaces/managing-access-and-security-for-codespaces).
 | `trusted_repositories_access_update` | Triggered when you change your user account's [access and security setting for {% data variables.product.prodname_codespaces %}](/github/developing-online-with-codespaces/managing-access-and-security-for-codespaces).
 
 #### `marketplace_agreement_signature` category actions

content/github/authenticating-to-github/reviewing-your-security-log.md

@@ -25,6 +25,12 @@ When you enable access and security for a repository owned by your user account,
 1. If you chose "Selected repositories", select the drop-down menu, then click a repository to allow the repository's codespaces to access other repositories you own. Repeat for all repositories whose codespaces you want to access other repositories you own.
   !["Selected repositories" drop-down menu](/assets/images/help/settings/codespaces-access-and-security-repository-drop-down.png)
 
+### Reviewing your security log for {% data variables.product.prodname_codespaces %}
+
+The security log is where you can review {% data variables.product.prodname_codespaces %} actions that you have performed. For information about accessing the log, see "[Reviewing your security log](/github/authenticating-to-github/reviewing-your-security-log#accessing-your-security-log)."
+
+The security log includes details on what action occured and when you performed it. For information about {% data variables.product.prodname_codespaces %} actions, see "[{% data variables.product.prodname_codespaces %} category actions](/github/authenticating-to-github/reviewing-your-security-log#codespaces-category-actions)".
+
 ### Managing security and access for your organization
 
 Organization owners can manage security and access for {% data variables.product.prodname_codespaces %}.
@@ -41,3 +47,9 @@ When you enable access and security for a repository owned by your organization,
   ![Radio buttons to manage trusted repositories](/assets/images/help/settings/codespaces-access-and-security-radio-buttons.png)
 1. If you chose "Selected repositories", select the drop-down menu, then click a repository to allow the repository's codespaces to access other repositories owned by your organization. Repeat for all repositories whose codespaces you want to access other repositories.
     !["Selected repositories" drop-down menu](/assets/images/help/settings/codespaces-access-and-security-repository-drop-down.png)
+
+### Reviewing your organization's audit logs for {% data variables.product.prodname_codespaces %}
+
+The audit log is where you can review actions related to {% data variables.product.prodname_codespaces %} that have been performed by members of your organization. For information about accessing the log, see "[Reviewing your security log](/organizations/keeping-your-organization-secure/reviewing-the-audit-log-for-your-organization#accessing-the-audit-log)."
+
+The audit log includes details such as who performed the action, what the action was, and when the action was performed. For information on {% data variables.product.prodname_codespaces %} actions, see "[{% data variables.product.prodname_codespaces %} category actions](/organizations/keeping-your-organization-secure/reviewing-the-audit-log-for-your-organization#codespaces-category-actions)."

content/github/developing-online-with-codespaces/managing-access-and-security-for-codespaces.md

@@ -22,6 +22,7 @@ You can add encrypted secrets to your user account that you want to use in your
 - Personal access tokens to cloud services
 - Service principals
 - Subscription identifiers
+- [Credentials for a private image registry](#allowing-your-codespace-to-access-private-images)
 
 You can choose which repositories should have access to each secret. Then, you can use the secret in any codespace you create for a repository that has access to the secret.
 
@@ -67,3 +68,22 @@ You can update the value of an existing secret, and you can change which reposit
   !["Delete" button](/assets/images/help/settings/codespaces-secret-delete-button.png)
 1. Read the warning, then click **OK**.
   ![Confirmation to delete secret](/assets/images/help/settings/codespaces-secret-delete-warning.png)
+
+### Allowing your codespace to access private images
+
+A registry is a secure space for storing and managing private container images, such as Azure Container Registry or DockerHub. By adding a secret, your codespace can access private images within the registry.
+
+When a codespace launches, {% data variables.product.prodname_codespaces %} will check for the following three secrets, which define the server name, username, and personal access token (PAT) for the container registry. If those secrets are found, {% data variables.product.prodname_codespaces %} will make the registry available inside your codespace.
+
+- `<*>_CONTAINER_REGISTRY_SERVER`
+- `<*>_CONTAINER_REGISTRY_USER`
+- `<*>_CONTAINER_REGISTRY_PASSWORD`
+
+Use the steps in "[Adding a secret](#adding-a-secret)" to add a secret for each of these items. Replace the “<*>” in the name with a consistent identifier. For example, if you had a private image registry in Azure, it might look like the following:
+
+```
+ACR_CONTAINER_REGISTRY_SERVER = mycompany.azurecr.io
+ACR_CONTAINER_REGISTRY_USER = acr-user-here
+ACR_CONTAINER_REGISTRY_PASSWORD = <PAT>
+```
+![Image registry secret example](/assets/images/help/settings/codespaces-image-registry-secret-example.png)

content/github/developing-online-with-codespaces/managing-encrypted-secrets-for-codespaces.md

@@ -36,6 +36,7 @@ To search for specific events, use the `action` qualifier in your query. Actions
 | [`account`](#account-category-actions) | Contains all activities related to your organization account.
 | [`advisory_credit`](#advisory_credit-category-actions) | Contains all activities related to crediting a contributor for a security advisory in the {% data variables.product.prodname_advisory_database %}. For more information, see "[About {% data variables.product.prodname_dotcom %} Security Advisories](/github/managing-security-vulnerabilities/about-github-security-advisories)."
 | [`billing`](#billing-category-actions) | Contains all activities related to your organization's billing.
+| [`codespaces`](#codespaces-category-actions) | Contains all activities related to your organization's codespaces.
 | [`dependabot_alerts`](#dependabot_alerts-category-actions) | Contains organization-level configuration activities for {% data variables.product.prodname_dependabot %} alerts in existing repositories. For more information, see "[About alerts for vulnerable dependencies](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)."
 | [`dependabot_alerts_new_repos`](#dependabot_alerts_new_repos-category-actions) | Contains organization-level configuration activities for {% data variables.product.prodname_dependabot %} alerts in new repositories created in the organization.
 | [`dependabot_security_updates`](#dependabot_security_updates-category-actions) | Contains organization-level configuration activities for {% data variables.product.prodname_dependabot_security_updates %} in existing repositories. For more information, see "[Configuring {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/configuring-dependabot-security-updates)."
@@ -190,6 +191,20 @@ An overview of some of the most common actions that are recorded as events in th
 | `change_billing_type` | Triggered when your organization [changes how it pays for {% data variables.product.prodname_dotcom %}](/articles/adding-or-editing-a-payment-method).
 | `change_email` | Triggered when your organization's [billing email address](/articles/setting-your-billing-email) changes.
 
+#### `codespaces` category actions
+
+| Action | Description
+|------------------|-------------------
+| `create` | Triggered when a user [creates a codespace](/github/developing-online-with-codespaces/creating-a-codespace).
+| `resume` | Triggered when a user resumes a suspended codespace.
+| `delete` | Triggered when a user [deletes a codespace](/github/developing-online-with-codespaces/deleting-a-codespace).
+| `create_an_org_secret` | Triggered when a user creates an organization-level [secret for {% data variables.product.prodname_codespaces %}](/github/developing-online-with-codespaces/managing-encrypted-secrets-for-codespaces#about-encrypted-secrets-for-codespaces)
+| `update_an_org_secret` | Triggered when a user updates an organization-level [secret for {% data variables.product.prodname_codespaces %}](/github/developing-online-with-codespaces/managing-encrypted-secrets-for-codespaces#about-encrypted-secrets-for-codespaces).
+| `remove_an_org_secret` | Triggered when a user removes an organization-level [secret for {% data variables.product.prodname_codespaces %}](/github/developing-online-with-codespaces/managing-encrypted-secrets-for-codespaces#about-encrypted-secrets-for-codespaces).
+| `manage_access_and_security` | Triggered when a user updates [which repositories a codespace can access](/github/developing-online-with-codespaces/managing-access-and-security-for-codespaces).
+
+
+
 #### `dependabot_alerts` category actions
 
 | Action | Description