forked from github/docs
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
New translation batch for de (github#32913)
- Loading branch information
Showing
37 changed files
with
1,820 additions
and
747 deletions.
There are no files selected for viewing
240 changes: 240 additions & 0 deletions
240
...igrating-to-github-actions/automating-migration-with-github-actions-importer.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,240 @@ | ||
--- | ||
title: Automating migration with GitHub Actions Importer | ||
intro: 'Use {% data variables.product.prodname_actions_importer %} to plan and automate your migration to {% data variables.product.prodname_actions %}.' | ||
versions: | ||
fpt: '*' | ||
ghec: '*' | ||
ghes: '*' | ||
ghae: '*' | ||
type: how_to | ||
miniTocMaxHeadingLevel: 3 | ||
topics: | ||
- Migration | ||
- CI | ||
- CD | ||
shortTitle: Automate migration with {% data variables.product.prodname_actions_importer %} | ||
--- | ||
|
||
{% data reusables.actions.enterprise-beta %} | ||
{% data reusables.actions.enterprise-github-hosted-runners %} | ||
|
||
[Legal notice](#legal-notice) | ||
|
||
{% note %} | ||
|
||
**Note**: {% data variables.product.prodname_actions_importer %} is currently available as a public preview. Visit the [sign up page](https://github.com/features/actions-importer/signup) to request access to the preview. Once you are granted access you'll be able to use the `gh-actions-importer` CLI extension | ||
|
||
{% endnote %} | ||
|
||
## About {% data variables.product.prodname_actions_importer %} | ||
|
||
You can use {% data variables.product.prodname_actions_importer %} to plan and automatically migrate your CI/CD pipelines to {% data variables.product.prodname_actions %} from Azure DevOps, CircleCI, GitLab, Jenkins, and Travis CI. | ||
|
||
{% data variables.product.prodname_actions_importer %} is distributed as a Docker container, and uses a [{% data variables.product.prodname_dotcom %} CLI](https://cli.github.com) extension to interact with the container. | ||
|
||
Any workflow that is converted by the {% data variables.product.prodname_actions_importer %} should be inspected for correctness before using it as a production workload. The goal is to achieve an 80% conversion rate for every workflow, however, the actual conversion rate will depend on the makeup of each individual pipeline that is converted. | ||
|
||
## Supported CI platforms | ||
|
||
You can use {% data variables.product.prodname_actions_importer %} to migrate from the following platforms: | ||
|
||
- Azure DevOps | ||
- CircleCI | ||
- GitLab | ||
- Jenkins | ||
- Travis CI | ||
|
||
Once you are granted access to the preview, you will be able to access further reference documentation for each of the supported platforms. | ||
|
||
## Prerequisites | ||
|
||
{% data variables.product.prodname_actions_importer %} has the following requirements: | ||
|
||
- You must have been granted access to the public preview for the {% data variables.product.prodname_actions_importer %}. | ||
{%- ifversion ghes < 3.5 or ghae %} | ||
- Use a {% data variables.product.pat_generic %} with the `read:packages` scope enabled. | ||
{%- else %} | ||
- You must have credentials to authenticate to the {% data variables.product.prodname_registry %} {% data variables.product.prodname_container_registry %}. For more information, see "[Working with the Container registry](/packages/working-with-a-github-packages-registry/working-with-the-container-registry#authenticating-to-the-container-registry)." | ||
{% endif %} | ||
- An environment where you can run Linux-based containers, and can install the necessary tools. | ||
- Docker is [installed](https://docs.docker.com/get-docker/) and running. | ||
- [{% data variables.product.prodname_dotcom %} CLI](https://cli.github.com) is installed. | ||
|
||
{% note %} | ||
|
||
**Note**: The {% data variables.product.prodname_actions_importer %} container and CLI do not need to be installed on the same server as your CI platform. | ||
|
||
{% endnote %} | ||
|
||
### Installing the {% data variables.product.prodname_actions_importer %} CLI extension | ||
|
||
1. Install the {% data variables.product.prodname_actions_importer %} CLI extension: | ||
|
||
```bash | ||
$ gh extension install github/gh-actions-importer | ||
``` | ||
1. Verify that the extension is installed: | ||
|
||
```bash | ||
$ gh actions-importer -h | ||
Options: | ||
-?, -h, --help Show help and usage information | ||
Commands: | ||
update Update to the latest version of the GitHub Actions Importer. | ||
version Display the version of the GitHub Actions Importer. | ||
configure Start an interactive prompt to configure credentials used to authenticate with your CI server(s). | ||
audit Plan your CI/CD migration by analyzing your current CI/CD footprint. | ||
forecast Forecast GitHub Actions usage from historical pipeline utilization. | ||
dry-run Convert a pipeline to a GitHub Actions workflow and output its yaml file. | ||
migrate Convert a pipeline to a GitHub Actions workflow and open a pull request with the changes. | ||
``` | ||
|
||
### Updating the {% data variables.product.prodname_actions_importer %} CLI | ||
|
||
To ensure you're running the latest version of {% data variables.product.prodname_actions_importer %}, you should regularly run the `update` command: | ||
```bash | ||
$ gh actions-importer update | ||
``` | ||
You must be authenticated with the {% data variables.product.prodname_container_registry %} for this command to be successful. Alternatively, you can provide credentials using the `--username` and `--password-stdin` parameters: | ||
```bash | ||
$ echo $GITHUB_TOKEN | gh actions-importer update --username $GITHUB_HANDLE --password-stdin | ||
``` | ||
### Authenticating at the command line | ||
You must configure credentials that allow {% data variables.product.prodname_actions_importer %} to communicate with {% data variables.product.prodname_dotcom %} and your current CI server. You can configure these credentials using environment variables or a `.env.local` file. The environment variables can be configured in an interactive prompt, by running the following command: | ||
```bash | ||
$ gh actions-importer configure | ||
``` | ||
Once you are granted access to the preview, you will be able to access further reference documentation about using environment variables. | ||
## Using the {% data variables.product.prodname_actions_importer %} CLI | ||
Use the subcommands of `gh actions-importer` to begin your migration to {% data variables.product.prodname_actions %}, including `audit`, `forecast`, `dry-run`, and `migrate`. | ||
### Auditing your existing CI pipelines | ||
The `audit` subcommand can be used to plan your CI/CD migration by analyzing your current CI/CD footprint. This analysis can be used to plan a timeline for migrating to {% data variables.product.prodname_actions %}. | ||
To run an audit, use the following command to determine your available options: | ||
```bash | ||
$ gh actions-importer audit -h | ||
Description: | ||
Plan your CI/CD migration by analyzing your current CI/CD footprint. | ||
[...] | ||
Commands: | ||
azure-devops An audit will output a list of data used in an Azure DevOps instance. | ||
circle-ci An audit will output a list of data used in a CircleCI instance. | ||
gitlab An audit will output a list of data used in a GitLab instance. | ||
jenkins An audit will output a list of data used in a Jenkins instance. | ||
travis-ci An audit will output a list of data used in a Travis CI instance. | ||
``` | ||
Once you are granted access to the preview, you will be able to access further reference documentation about running an audit. | ||
### Forecasting usage | ||
The `forecast` subcommand reviews historical pipeline usage to create a forecast of {% data variables.product.prodname_actions %} usage. | ||
To run a forecast, use the following command to determine your available options: | ||
```bash | ||
$ gh actions-importer forecast -h | ||
Description: | ||
Forecasts GitHub Actions usage from historical pipeline utilization. | ||
[...] | ||
Commands: | ||
azure-devops Forecasts GitHub Actions usage from historical Azure DevOps pipeline utilization. | ||
jenkins Forecasts GitHub Actions usage from historical Jenkins pipeline utilization. | ||
gitlab Forecasts GitHub Actions usage from historical GitLab pipeline utilization. | ||
circle-ci Forecasts GitHub Actions usage from historical CircleCI pipeline utilization. | ||
travis-ci Forecasts GitHub Actions usage from historical Travis CI pipeline utilization. | ||
github Forecasts GitHub Actions usage from historical GitHub pipeline utilization. | ||
``` | ||
Once you are granted access to the preview, you will be able to access further reference documentation about running a forecast. | ||
### Testing the migration process | ||
The `dry-run` subcommand can be used to convert a pipeline to its {% data variables.product.prodname_actions %} equivalent, and then write the workflow to your local filesystem. | ||
To perform a dry run, use the following command to determine your available options: | ||
```bash | ||
$ gh actions-importer dry-run -h | ||
Description: | ||
Convert a pipeline to a GitHub Actions workflow and output its yaml file. | ||
[...] | ||
Commands: | ||
azure-devops Convert an Azure DevOps pipeline to a GitHub Actions workflow and output its yaml file. | ||
circle-ci Convert a CircleCI pipeline to GitHub Actions workflows and output the yaml file(s). | ||
gitlab Convert a GitLab pipeline to a GitHub Actions workflow and output the yaml file. | ||
jenkins Convert a Jenkins job to a GitHub Actions workflow and output its yaml file. | ||
travis-ci Convert a Travis CI pipeline to a GitHub Actions workflow and output its yaml file. | ||
``` | ||
Once you are granted access to the preview, you will be able to access further reference documentation about performing a dry run. | ||
### Migrating a pipeline to {% data variables.product.prodname_actions %} | ||
The `migrate` subcommand can be used to convert a pipeline to its GitHub Actions equivalent and then create a pull request with the contents. | ||
To run a migration, use the following command to determine your available options: | ||
```bash | ||
$ gh actions-importer migrate -h | ||
Description: | ||
Convert a pipeline to a GitHub Actions workflow and open a pull request with the changes. | ||
[...] | ||
Commands: | ||
azure-devops Convert an Azure DevOps pipeline to a GitHub Actions workflow and open a pull request with the changes. | ||
circle-ci Convert a CircleCI pipeline to GitHub Actions workflows and open a pull request with the changes. | ||
gitlab Convert a GitLab pipeline to a GitHub Actions workflow and open a pull request with the changes. | ||
jenkins Convert a Jenkins job to a GitHub Actions workflow and open a pull request with the changes. | ||
travis-ci Convert a Travis CI pipeline to a GitHub Actions workflow and and open a pull request with the changes. | ||
``` | ||
Once you are granted access to the preview, you will be able to access further reference documentation about running a migration. | ||
## Legal notice | ||
Portions have been adapted from https://github.com/github/gh-actions-importer/ under the MIT license: | ||
``` | ||
MIT License | ||
Copyright (c) 2022 GitHub | ||
Permission is hereby granted, free of charge, to any person obtaining a copy | ||
of this software and associated documentation files (the "Software"), to deal | ||
in the Software without restriction, including without limitation the rights | ||
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell | ||
copies of the Software, and to permit persons to whom the Software is | ||
furnished to do so, subject to the following conditions: | ||
The above copyright notice and this permission notice shall be included in all | ||
copies or substantial portions of the Software. | ||
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR | ||
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, | ||
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE | ||
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER | ||
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, | ||
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE | ||
SOFTWARE. | ||
``` |
70 changes: 70 additions & 0 deletions
70
...idance-on-reporting-and-writing/privately-reporting-a-security-vulnerability.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,70 @@ | ||
--- | ||
title: Privately reporting a security vulnerability | ||
intro: Some public repositories configure security advisories so that anyone can report security vulnerabilities directly and privately to the maintainers. | ||
versions: | ||
fpt: '*' | ||
ghec: '*' | ||
type: how_to | ||
miniTocMaxHeadingLevel: 3 | ||
topics: | ||
- Security advisories | ||
- Vulnerabilities | ||
shortTitle: Privately reporting | ||
--- | ||
|
||
{% data reusables.security-advisory.private-vulnerability-reporting-beta %} | ||
|
||
{% data reusables.security-advisory.private-vulnerability-reporting-enable %} | ||
|
||
## About privately reporting a security vulnerability | ||
|
||
Security researchers often feel responsible for alerting users to a vulnerability that could be exploited. If there are no clear instuctions about contacting maintainers of the repository containing the vulnerability, security researchers may have no other choice but to post about the vulnerability on social media, send direct messages to the maintainer, or even create public issues. This situation can potentially lead to a public disclosure of the vulnerability details. | ||
|
||
Private vulnerability reporting makes it easy for security researchers to report vulnerabilities directly to repository maintainer using a simple form. | ||
|
||
For security researchers, the benefits of using private vulnerability reporting are: | ||
- Less frustration, and less time spent trying to figure out how to contact the maintainer. | ||
- A smoother process for disclosing and discussing vulnerability details. | ||
- The opportunity to discuss vulnerability details privately with repository maintainer. | ||
|
||
{% note %} | ||
|
||
**Note:** If the repository doesn't have private vulnerabiliy reporting enabled, you need to initiate the reporting process by following the instructions in the security policy for the repository, or create an issue asking the maintainers for a preferred security contact. For more information, see "[About coordinated disclosure of security vulnerabilities](/code-security/security-advisories/guidance-on-reporting-and-writing/about-coordinated-disclosure-of-security-vulnerabilities#about-reporting-and-disclosing-vulnerabilities-in-projects-on-github)." | ||
|
||
{% endnote %} | ||
|
||
## Privately reporting a security vulnerability | ||
|
||
Security researchers can privately report a security vulnerability to repository maintainers. | ||
|
||
{% data reusables.repositories.navigate-to-repo %} | ||
{% data reusables.repositories.sidebar-security %} | ||
{% data reusables.repositories.sidebar-advisories %} | ||
1. Click **Report a vulnerability** to open the advisory form. | ||
|
||
![Screenshot showing the "Report a vulnerability" button](/assets/images/help/security/report-a-vulnerability-button.png) | ||
|
||
2. Fill in the advisory details form. | ||
{% tip %} | ||
|
||
**Tip:** In this form, only the title and description are mandatory. (In the general draft security advisory form, which the repository maintainer initiates, specifying the ecosystem is also required.) However, we recommend security researchers provide as much information as possible on the form so that the maintainers can make an informed decision about the submitted report. You can adopt the template used by our security researchers from the {% data variables.product.prodname_security %}, which is available on the [`github/securitylab` repository](https://github.com/github/securitylab/blob/main/docs/report-template.md)." | ||
|
||
{% endtip %} | ||
|
||
For more information about the fields available and guidance on filling in the form, see "[Creating a repository security advisory](/code-security/security-advisories/repository-security-advisories/creating-a-repository-security-advisory)" and "[Best practices for writing repository security advisories](/code-security/security-advisories/guidance-on-reporting-and-writing/best-practices-for-writing-repository-security-advisories)." | ||
|
||
1. At the bottom of the form, click **Submit report**. {% data variables.product.prodname_dotcom %} will display a message letting you know that maintainers have been notified and that you have a pending credit for this security advisory. | ||
|
||
![Screenshot showing the "Submit report" button](/assets/images/help/security/advisory-submit-report-button.png) | ||
|
||
{% tip %} | ||
|
||
**Tip:** When the report is submitted, {% data variables.product.prodname_dotcom %} automatically adds the reporter of the vulnerability as a collaborator and as a credited user on the proposed advisory. | ||
|
||
{% endtip %} | ||
|
||
1. Optionally, click **Start a temporary private fork** if you want to start to fix the issue. Note that only the repository maintainer can merge that private fork. | ||
|
||
![Screenshot showing the "Start a temporary fork" button](/assets/images/help/security/advisory-start-a-temporary-private-fork-button.png) | ||
|
||
The next steps depend on the action taken by the repository maintainer. For more information, see "[Managing privately reported security vulnerabilities](/code-security/security-advisories/guidance-on-reporting-and-writing/managing-privately-reported-security-vulnerabilities)." |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.