Merge pull request github#16911 from github/repo-sync

Octomerger · web-flow · commit 1000e60329c1 · 2022-04-07T09:25:32.000-07:00
repo sync
diff --git a/content/actions/deployment/targeting-different-environments/using-environments-for-deployment.md b/content/actions/deployment/targeting-different-environments/using-environments-for-deployment.md
@@ -71,6 +71,14 @@ Secrets stored in an environment are only available to workflow jobs that refere
 
 {% data reusables.actions.permissions-statement-environment %}
 
+{% ifversion fpt or ghec %}
+{% note %}
+
+**Note:** To create an environment in a private repository, your organization must use {% data variables.product.prodname_ghe_cloud %}. {% data reusables.enterprise.link-to-ghec-trial %}
+
+{% endnote %}
+{% endif %}
+
 {% data reusables.repositories.navigate-to-repo %}
 {% data reusables.repositories.sidebar-settings %}
 {% data reusables.actions.sidebar-environment %}
diff --git a/content/organizations/collaborating-with-groups-in-organizations/viewing-insights-for-your-organization.md b/content/organizations/collaborating-with-groups-in-organizations/viewing-insights-for-your-organization.md
@@ -12,12 +12,17 @@ topics:
   - Organizations
   - Teams
 shortTitle: View organization insights
+permissions: Organization members can view organization insights.
 ---
 
-All members of an organization can view organization insights. For more information, see "[Roles in an organization](/organizations/managing-peoples-access-to-your-organization-with-roles/roles-in-an-organization)."
-
 You can use organization activity insights to help you better understand how members of your organization are using {% data variables.product.product_name %} to collaborate and work on code. Dependency insights can help you track, report, and act on your organization's open source usage.
 
+{% note %}
+
+**Note:** To view organization insights, your organization must use {% data variables.product.prodname_ghe_cloud %}. {% data reusables.enterprise.link-to-ghec-trial %}
+
+{% endnote %}
+
 ## Viewing organization activity insights
 
 {% note %}
diff --git a/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/accessing-compliance-reports-for-your-organization.md b/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/accessing-compliance-reports-for-your-organization.md
@@ -17,6 +17,13 @@ You can access {% data variables.product.company_short %}'s compliance reports i
 
 {% data reusables.security.compliance-report-list %}
 
+
+{% note %}
+
+**Note:** To view compliance reports, your organization must use {% data variables.product.prodname_ghe_cloud %}. {% data reusables.enterprise.link-to-ghec-trial %}
+
+{% endnote %}
+
 ## Accessing compliance reports for your organization
 
 {% data reusables.profile.access_org %}
diff --git a/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/restricting-email-notifications-for-your-organization.md b/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/restricting-email-notifications-for-your-organization.md
@@ -30,6 +30,14 @@ When restricted email notifications are enabled in an organization, members can
 
 {% data reusables.notifications.email-restrictions-verification %}
 
+{% ifversion fpt or ghec %}
+{% note %}
+
+**Note:** To restrict email notifications, your organization must use {% data variables.product.prodname_ghe_cloud %}. {% data reusables.enterprise.link-to-ghec-trial %}
+
+{% endnote %}
+{% endif %}
+
 Outside collaborators are not subject to restrictions on email notifications for verified or approved domains. For more information about outside collaborators, see "[Roles in an organization](/organizations/managing-peoples-access-to-your-organization-with-roles/roles-in-an-organization#outside-collaborators)."
 
 If your organization is owned by an enterprise account, organization members will be able to receive notifications from any domains verified or approved for the enterprise account, in addition to any domains verified or approved for the organization. For more information, see "[Verifying or approving a domain for your enterprise](/admin/configuration/configuring-your-enterprise/verifying-or-approving-a-domain-for-your-enterprise)."
diff --git a/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization.md b/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization.md
@@ -135,18 +135,17 @@ Using the qualifier `country`, you can filter events in the audit log based on t
 You can interact with the audit log using the GraphQL API{% ifversion fpt or ghec %} or the REST API{% endif %}.
 
 {% ifversion fpt or ghec %}
-The audit log API requires {% data variables.product.prodname_ghe_cloud %}.{% ifversion fpt %} {% data reusables.enterprise.link-to-ghec-trial %}{% endif %}
-
-### Using the GraphQL API
-
-{% endif %}
 
 {% note %}
 
-**Note**: The audit log GraphQL API is available for organizations using {% data variables.product.prodname_enterprise %}. {% data reusables.gated-features.more-info-org-products %}
+**Note:** To use the audit log API, your organization must use {% data variables.product.prodname_ghe_cloud %}. {% data reusables.enterprise.link-to-ghec-trial %}
 
 {% endnote %}
 
+### Using the GraphQL API
+
+{% endif %}
+
 To ensure your intellectual property is secure, and you maintain compliance for your organization, you can use the audit log GraphQL API to keep copies of your audit log data and monitor:
 {% data reusables.audit_log.audit-log-api-info %}
 
@@ -162,12 +161,6 @@ For example, you can make a GraphQL request to see all the new organization memb
 
 ### Using the REST API
 
-{% note %}
-
-**Note:** The audit log REST API is available for users of {% data variables.product.prodname_ghe_cloud %} only.
-
-{% endnote %}
-
 To ensure your intellectual property is secure, and you maintain compliance for your organization, you can use the audit log REST API to keep copies of your audit log data and monitor:
 {% data reusables.audit_log.audited-data-list %}
 
diff --git a/content/organizations/managing-git-access-to-your-organizations-repositories/about-ssh-certificate-authorities.md b/content/organizations/managing-git-access-to-your-organizations-repositories/about-ssh-certificate-authorities.md
@@ -20,6 +20,8 @@ shortTitle: SSH certificate authorities
 
 An SSH certificate is a mechanism for one SSH key to sign another SSH key. If you use an SSH certificate authority (CA) to provide your organization members with signed SSH certificates, you can add the CA to your enterprise account or organization to allow organization members to use their certificates to access organization resources. 
 
+{% data reusables.organizations.ssh-ca-ghec-only %}
+
 After you add an SSH CA to your organization or enterprise account, you can use the CA to sign client SSH certificates for organization members. Organization members can use the signed certificates to access your organization's repositories (and only your organization's repositories) with Git. Optionally, you can require that members use SSH certificates to access organization resources. For more information, see "[Managing your organization's SSH certificate authorities](/articles/managing-your-organizations-ssh-certificate-authorities)" and "[Enforcing policies for security settings in your enterprise](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-security-settings-in-your-enterprise#managing-ssh-certificate-authorities-for-your-enterprise)."
 
 For example, you can build an internal system that issues a new certificate to your developers every morning. Each developer can use their daily certificate to work on your organization's repositories on {% data variables.product.product_name %}. At the end of the day, the certificate can automatically expire, protecting your repositories if the certificate is later compromised.
diff --git a/content/organizations/managing-git-access-to-your-organizations-repositories/index.md b/content/organizations/managing-git-access-to-your-organizations-repositories/index.md
@@ -20,3 +20,4 @@ children:
 shortTitle: Manage Git access
 ---
 
+{% data reusables.organizations.ssh-ca-ghec-only %}
diff --git a/content/organizations/managing-git-access-to-your-organizations-repositories/managing-your-organizations-ssh-certificate-authorities.md b/content/organizations/managing-git-access-to-your-organizations-repositories/managing-your-organizations-ssh-certificate-authorities.md
@@ -14,12 +14,13 @@ topics:
   - Organizations
   - Teams
 shortTitle: Manage SSH authorities
+permissions: Organization owners can manage an organization's SSH certificate authorities (CA).
 ---
 
-Organization owners can manage an organization's SSH certificate authorities (CA).
-
 You can allow members to access your organization's repositories using SSH certificates you provide by adding an SSH CA to your organization. {% data reusables.organizations.can-require-ssh-cert %} For more information, see "[About SSH certificate authorities](/articles/about-ssh-certificate-authorities)."
 
+{% data reusables.organizations.ssh-ca-ghec-only %}
+
 {% data reusables.organizations.add-extension-to-cert %}
 
 ## Adding an SSH certificate authority
diff --git a/content/organizations/managing-organization-settings/restricting-repository-creation-in-your-organization.md b/content/organizations/managing-organization-settings/restricting-repository-creation-in-your-organization.md
@@ -40,10 +40,12 @@ Enterprise owners can restrict the options you have available for your organizat
    ![Repository creation options](/assets/images/help/organizations/repo-creation-perms-radio-buttons.png)
    {%- elsif fpt %}
    ![Repository creation options](/assets/images/help/organizations/repo-creation-perms-radio-buttons-fpt.png)
+   {%- endif %}
    
+   {% ifversion fpt or ghec %}
    {% note %}
 
-   **Note:** To restrict members to creating private repositories only, your organization must use {% data variables.product.prodname_ghe_cloud %}.
+   **Note:** To restrict members to creating private repositories only, your organization must use {% data variables.product.prodname_ghe_cloud %}. {% data reusables.enterprise.link-to-ghec-trial %}
 
    {% endnote %}
    {%- endif %}
diff --git a/content/organizations/managing-saml-single-sign-on-for-your-organization/about-identity-and-access-management-with-saml-single-sign-on.md b/content/organizations/managing-saml-single-sign-on-for-your-organization/about-identity-and-access-management-with-saml-single-sign-on.md
@@ -18,6 +18,8 @@ shortTitle: IAM with SAML SSO
 
 {% data reusables.saml.dotcom-saml-explanation %}
 
+{% data reusables.saml.ghec-only %}
+
 {% data reusables.saml.saml-accounts %}
 
 Organization owners can enforce SAML SSO for an individual organization, or enterprise owners can enforce SAML SSO for all organizations in an enterprise account. For more information, see "[Configuring SAML single sign-on for your enterprise](/enterprise-cloud@latest/admin/authentication/managing-identity-and-access-for-your-enterprise/configuring-saml-single-sign-on-for-your-enterprise)."
diff --git a/content/organizations/managing-saml-single-sign-on-for-your-organization/about-scim.md b/content/organizations/managing-saml-single-sign-on-for-your-organization/about-scim.md
@@ -15,6 +15,8 @@ topics:
 
 If you use [SAML SSO](/articles/about-identity-and-access-management-with-saml-single-sign-on) in your organization, you can implement SCIM to add, manage, and remove organization members' access to {% data variables.product.product_name %}. For example, an administrator can deprovision an organization member using SCIM and automatically remove the member from the organization.
 
+{% data reusables.saml.ghec-only %}
+
 If you use SAML SSO without implementing SCIM, you won't have automatic deprovisioning. When organization members' sessions expire after their access is removed from the IdP, they aren't automatically removed from the organization. Authorized tokens grant access to the organization even after their sessions expire. To remove access, organization administrators can either manually remove the authorized token from the organization or automate its removal with SCIM.
 
 These identity providers are compatible with the {% data variables.product.product_name %} SCIM API for organizations. For more information, see [SCIM](/rest/reference/scim) in the {% ifversion ghec %}{% data variables.product.prodname_dotcom %}{% else %}{% data variables.product.product_name %}{% endif %} API documentation.
diff --git a/content/organizations/managing-saml-single-sign-on-for-your-organization/configuring-saml-single-sign-on-and-scim-using-okta.md b/content/organizations/managing-saml-single-sign-on-for-your-organization/configuring-saml-single-sign-on-and-scim-using-okta.md
@@ -16,6 +16,8 @@ shortTitle: Configure SAML & SCIM with Okta
 
 You can control access to your organization on {% data variables.product.product_location %} and other web applications from one central interface by configuring the organization to use SAML SSO and SCIM with Okta, an Identity Provider (IdP).
 
+{% data reusables.saml.ghec-only %}
+
 SAML SSO controls and secures access to organization resources like repositories, issues, and pull requests. SCIM automatically adds, manages, and removes members' access to your organization on {% data variables.product.product_location %} when you make changes in Okta. For more information, see "[About identity and access management with SAML single sign-on](/organizations/managing-saml-single-sign-on-for-your-organization/about-identity-and-access-management-with-saml-single-sign-on)" and "[About SCIM](/organizations/managing-saml-single-sign-on-for-your-organization/about-scim)."
 
 After you enable SCIM, the following provisioning features are available for any users that you assign your {% data variables.product.prodname_ghe_cloud %} application to in Okta.
diff --git a/content/organizations/managing-saml-single-sign-on-for-your-organization/connecting-your-identity-provider-to-your-organization.md b/content/organizations/managing-saml-single-sign-on-for-your-organization/connecting-your-identity-provider-to-your-organization.md
@@ -14,6 +14,8 @@ shortTitle: Connect an IdP
 
 When you enable SAML SSO for your {% data variables.product.product_name %} organization, you connect your identity provider (IdP) to your organization. For more information, see "[Enabling and testing SAML single sign-on for your organization](/organizations/managing-saml-single-sign-on-for-your-organization/enabling-and-testing-saml-single-sign-on-for-your-organization)."
 
+{% data reusables.saml.ghec-only %}
+
 You can find the SAML and SCIM implementation details for your IdP in the IdP's documentation.
 - Active Directory Federation Services (AD FS) [SAML](https://docs.microsoft.com/windows-server/identity/active-directory-federation-services)
 - Azure Active Directory (Azure AD) [SAML](https://docs.microsoft.com/azure/active-directory/active-directory-saas-github-tutorial) and [SCIM](https://docs.microsoft.com/azure/active-directory/active-directory-saas-github-provisioning-tutorial)
diff --git a/content/organizations/managing-saml-single-sign-on-for-your-organization/enabling-and-testing-saml-single-sign-on-for-your-organization.md b/content/organizations/managing-saml-single-sign-on-for-your-organization/enabling-and-testing-saml-single-sign-on-for-your-organization.md
@@ -16,6 +16,8 @@ shortTitle: Enable & test SAML SSO
 
 You can enable SAML SSO in your organization without requiring all members to use it. Enabling but not enforcing SAML SSO in your organization can help smooth your organization's SAML SSO adoption. Once a majority of your organization's members use SAML SSO, you can enforce it within your organization.
 
+{% data reusables.saml.ghec-only %}
+
 If you enable but don't enforce SAML SSO, organization members who choose not to use SAML SSO can still be members of the organization. For more information on enforcing SAML SSO, see "[Enforcing SAML single sign-on for your organization](/articles/enforcing-saml-single-sign-on-for-your-organization)."
 
 {% data reusables.saml.outside-collaborators-exemption %}
diff --git a/content/organizations/managing-saml-single-sign-on-for-your-organization/enforcing-saml-single-sign-on-for-your-organization.md b/content/organizations/managing-saml-single-sign-on-for-your-organization/enforcing-saml-single-sign-on-for-your-organization.md
@@ -20,6 +20,8 @@ When you enable SAML SSO, {% data variables.product.prodname_dotcom %} will prom
 
 You can also enforce SAML SSO for your organization. {% data reusables.saml.when-you-enforce %} Enforcement removes any members and administrators who have not authenticated via your IdP from the organization. {% data variables.product.company_short %} sends an email notification to each removed user. 
 
+{% data reusables.saml.ghec-only %}
+
 {% data reusables.saml.removed-users-can-rejoin %} If a user rejoins the organization within three months, the user's access privileges and settings will be restored. For more information, see "[Reinstating a former member of your organization](/articles/reinstating-a-former-member-of-your-organization)."
 
 Bots and service accounts that do not have external identities set up in your organization's IdP will also be removed when you enforce SAML SSO. For more information about bots and service accounts, see "[Managing bots and service accounts with SAML single sign-on](/articles/managing-bots-and-service-accounts-with-saml-single-sign-on)."
diff --git a/content/organizations/managing-saml-single-sign-on-for-your-organization/index.md b/content/organizations/managing-saml-single-sign-on-for-your-organization/index.md
@@ -25,3 +25,4 @@ children:
 shortTitle: Manage SAML single sign-on
 ---
 
+{% data reusables.saml.ghec-only %}
diff --git a/content/organizations/managing-saml-single-sign-on-for-your-organization/managing-team-synchronization-for-your-organization.md b/content/organizations/managing-saml-single-sign-on-for-your-organization/managing-team-synchronization-for-your-organization.md
@@ -24,6 +24,8 @@ You can enable team synchronization between your IdP and {% data variables.produ
 
 {% data reusables.identity-and-permissions.about-team-sync %}
 
+{% data reusables.saml.ghec-only %}
+
 {% data reusables.identity-and-permissions.supported-idps-team-sync %}
 
 {% data reusables.identity-and-permissions.sync-team-with-idp-group %}
diff --git a/content/organizations/managing-saml-single-sign-on-for-your-organization/preparing-to-enforce-saml-single-sign-on-in-your-organization.md b/content/organizations/managing-saml-single-sign-on-for-your-organization/preparing-to-enforce-saml-single-sign-on-in-your-organization.md
@@ -12,6 +12,8 @@ topics:
 shortTitle: Prepare to enforce SAML SSO
 ---
 
+{% data reusables.saml.ghec-only %}
+
 {% data reusables.saml.when-you-enforce %} Before enforcing SAML SSO in your organization, you should review organization membership, enable SAML SSO, and review organization members' SAML access. For more information, see the following.
 
 | Task | More information |
diff --git a/content/pages/getting-started-with-github-pages/changing-the-visibility-of-your-github-pages-site.md b/content/pages/getting-started-with-github-pages/changing-the-visibility-of-your-github-pages-site.md
@@ -5,7 +5,7 @@ product: '{% data reusables.gated-features.private-pages %}'
 versions:
   fpt: '*'
   ghec: '*'
-permissions: 'People with admin permissions for a repository can change the visibility of a {% data variables.product.prodname_pages %} site.'
+permissions: 'People with admin access to a repository can change the visibility of a {% data variables.product.prodname_pages %} site.'
 redirect_from:
   - /github/working-with-github-pages/changing-the-visibility-of-your-github-pages-site
 shortTitle: Change visibility of site
@@ -15,6 +15,12 @@ shortTitle: Change visibility of site
 
 With access control for {% data variables.product.prodname_pages %}, you can restrict access to your {% data variables.product.prodname_pages %} site by publishing the site privately. A privately published site can only be accessed by people with read access to the repository the site is published from. You can use privately published sites to share your internal documentation or knowledge base with members of your enterprise. 
 
+{% note %}
+
+**Note:** To publish a {% data variables.product.prodname_pages %} site privately, your organization must use {% data variables.product.prodname_ghe_cloud %}. {% data reusables.enterprise.link-to-ghec-trial %}
+
+{% endnote %}
+
 If your enterprise uses {% data variables.product.prodname_emus %}, all {% data variables.product.prodname_pages %} sites are privately published. For more information about {% data variables.product.prodname_emus %}, see "[About  {% data variables.product.prodname_emus %}](/enterprise-cloud@latest/admin/authentication/managing-your-enterprise-users-with-your-identity-provider/about-enterprise-managed-users)."
 
 If your organization uses {% data variables.product.prodname_ghe_cloud %} without {% data variables.product.prodname_emus %}, you can choose to publish your sites privately or publicly to anyone on the internet. Access control is available for project sites that are published from a private or internal repository that are owned by the organization. You cannot manage access control for an organization site. For more information about the types of {% data variables.product.prodname_pages %} sites, see "[About {% data variables.product.prodname_pages %}](/pages/getting-started-with-github-pages/about-github-pages#types-of-github-pages-sites)."
diff --git a/data/reusables/organizations/ssh-ca-ghec-only.md b/data/reusables/organizations/ssh-ca-ghec-only.md
@@ -0,0 +1,8 @@
+{% ifversion fpt or ghec %}
+{% note %}
+
+**Note:** To use SSH certificate authorities, your organization must use {% data variables.product.prodname_ghe_cloud %}. {% data reusables.enterprise.link-to-ghec-trial %}
+
+
+{% endnote %}
+{% endif %}
diff --git a/data/reusables/saml/ghec-only.md b/data/reusables/saml/ghec-only.md
@@ -0,0 +1,7 @@
+{% ifversion ghec %}
+{% note %}
+
+**Note:** To use SAML single sign-on, your organization must use {% data variables.product.prodname_ghe_cloud %}. {% data reusables.enterprise.link-to-ghec-trial %}
+
+{% endnote %}
+{% endif %}
diff --git a/tests/rendering/static-assets.js b/tests/rendering/static-assets.js
@@ -1,7 +1,7 @@
 import fs from 'fs'
 import path from 'path'
 
-import { expect } from '@jest/globals'
+import { jest, expect } from '@jest/globals'
 
 import { get } from '../helpers/e2etest.js'
 import { checkCachingHeaders } from '../helpers/caching-headers.js'
@@ -14,6 +14,8 @@ function getNextStaticAsset(directory) {
 }
 
 describe('static assets', () => {
+  jest.setTimeout(60 * 1000)
+
   it('should serve /assets/cb-* with optimal headers', async () => {
     const res = await get('/assets/cb-1234/images/site/logo.png')
     expect(res.statusCode).toBe(200)

Original file line number	Diff line number	Diff line change
`@@ -20,3 +20,4 @@ children:`
`20`	`20`	`shortTitle: Manage Git access`
`21`	`21`	`---`
`22`	`22`
	`23`	`+{% data reusables.organizations.ssh-ca-ghec-only %}`