New translation batch for cn (github#26386)

* Add crowdin translations

* Run script/i18n/homogenize-frontmatter.js

* Run script/i18n/lint-translation-files.js --check rendering

* run script/i18n/reset-files-with-broken-liquid-tags.js --language=cn

* run script/i18n/reset-known-broken-translation-files.js

* Check in cn CSV report

Co-authored-by: Peter Bengtsson <[email protected]>

Author: docubot

translations/log/cn-resets.csv

@@ -138,6 +138,7 @@ translations/zh-CN/content/codespaces/customizing-your-codespace/personalizing-c
 translations/zh-CN/content/codespaces/developing-in-codespaces/developing-in-a-codespace.md,broken liquid tags
 translations/zh-CN/content/codespaces/developing-in-codespaces/forwarding-ports-in-your-codespace.md,broken liquid tags
 translations/zh-CN/content/codespaces/developing-in-codespaces/using-codespaces-in-visual-studio-code.md,broken liquid tags
+translations/zh-CN/content/codespaces/developing-in-codespaces/using-codespaces-with-github-cli.md,broken liquid tags
 translations/zh-CN/content/codespaces/managing-codespaces-for-your-organization/enabling-codespaces-for-your-organization.md,broken liquid tags
 translations/zh-CN/content/codespaces/the-githubdev-web-based-editor.md,broken liquid tags
 translations/zh-CN/content/codespaces/troubleshooting/troubleshooting-your-connection-to-codespaces.md,broken liquid tags

translations/zh-CN/content/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect.md

@@ -1,7 +1,7 @@
 ---
-title: Configuring OpenID Connect in Amazon Web Services
-shortTitle: Configuring OpenID Connect in Amazon Web Services
-intro: Use OpenID Connect within your workflows to authenticate with Amazon Web Services.
+title: 在 Amazon Web Services 中配置 OpenID Connect
+shortTitle: 在 Amazon Web Services 中配置 OpenID Connect
+intro: 在工作流程中使用 OpenID Connect 向 Amazon Web Services 进行身份验证。
 miniTocMaxHeadingLevel: 3
 versions:
   fpt: '*'
@@ -17,28 +17,28 @@ topics:
 
 ## 概览
 
-OpenID Connect (OIDC) allows your {% data variables.product.prodname_actions %} workflows to access resources in Amazon Web Services (AWS), without needing to store the AWS credentials as long-lived {% data variables.product.prodname_dotcom %} secrets.
+OpenID Connect (OIDC) 允许您的 {% data variables.product.prodname_actions %} 工作流程访问 Amazon Web Services (AWS) 中的资源，而无需将任何 AWS 凭据存储为长期 {% data variables.product.prodname_dotcom %} 机密。
 
-This guide explains how to configure AWS to trust {% data variables.product.prodname_dotcom %}'s OIDC as a federated identity, and includes a workflow example for the [`aws-actions/configure-aws-credentials`](https://github.com/aws-actions/configure-aws-credentials) that uses tokens to authenticate to AWS and access resources.
+本指南介绍如何配置 AWS 信任 {% data variables.product.prodname_dotcom %} 的 OIDC 作为联合标识，并包括使用令牌向 AWS 验证并访问资源的 [`aws-actions/configure-aws-credentials`](https://github.com/aws-actions/configure-aws-credentials) 工作流程示例。
 
 ## 基本要求
 
 {% data reusables.actions.oidc-link-to-intro %}
 
 {% data reusables.actions.oidc-security-notice %}
 
-## Adding the identity provider to AWS
+## 将身份提供商添加到 AWS
 
-To add the {% data variables.product.prodname_dotcom %} OIDC provider to IAM, see the [AWS documentation](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_create_oidc.html).
+要将 {% data variables.product.prodname_dotcom %} OIDC 提供商添加到 IAM，请参阅 [AWS 文档](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_create_oidc.html)。
 
-- For the provider URL: Use `https://token.actions.githubusercontent.com`
-- For the "Audience": Use `sts.amazonaws.com` if you are using the [official action](https://github.com/aws-actions/configure-aws-credentials).
+- 对于提供商 URL：使用 `https://token.actions.githubusercontent.com`
+- 对于“受众”：如果您使用的是[官方操作](https://github.com/aws-actions/configure-aws-credentials)，请使用 `sts.amazonaws.com`。
 
-### Configuring the role and trust policy
+### 配置角色和信任策略
 
-To configure the role and trust in IAM, see the AWS documentation for ["Assuming a Role"](https://github.com/aws-actions/configure-aws-credentials#assuming-a-role) and ["Creating a role for web identity or OpenID connect federation"](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-idp_oidc.html).
+要在 IAM 中配置角色和信任，请参阅 AWS 文档中的[“假定角色”](https://github.com/aws-actions/configure-aws-credentials#assuming-a-role)和[“为 Web 身份或 OpenID Connect Federation 创建角色”](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-idp_oidc.html)。
 
-Edit the trust relationship to add the `sub` field to the validation conditions. 例如：
+编辑信任关系以将 `sub` 字段添加到验证条件。 例如：
 
 ```json{:copy}
 "Condition": {
@@ -53,19 +53,19 @@ Edit the trust relationship to add the `sub` field to the validation conditions.
 
 要更新 OIDC 的工作流程，您需要对 YAML 进行两项更改：
 1. 为令牌添加权限设置。
-2. Use the [`aws-actions/configure-aws-credentials`](https://github.com/aws-actions/configure-aws-credentials) action to exchange the OIDC token (JWT) for a cloud access token.
+2. 使用 [`aws-actions/configure-aws-credentials`](https://github.com/aws-actions/configure-aws-credentials) 操作将 OIDC 令牌 (JWT) 交换为云访问令牌。
 
 ### 添加权限设置
 
  {% data reusables.actions.oidc-permissions-token %}
 
-### Requesting the access token
+### 请求访问令牌
 
-The `aws-actions/configure-aws-credentials` action receives a JWT from the {% data variables.product.prodname_dotcom %} OIDC provider, and then requests an access token from AWS. For more information, see the AWS [documentation](https://github.com/aws-actions/configure-aws-credentials).
+`aws-actions/configure-aws-credentials` 操作从 {% data variables.product.prodname_dotcom %} OIDC 提供商接收 JWT，然后从 AWS 请求访问令牌。 更多信息请参阅 AWS [文档](https://github.com/aws-actions/configure-aws-credentials)。
 
-- `<example-bucket-name>`: Add the name of your S3 bucket here.
-- `<role-to-assume>`: Replace the example with your AWS role.
-- `<example-aws-region>`: Add the name of your AWS region here.
+- `<example-bucket-name>`：在此处添加 S3 存储桶的名称。
+- `<role-to-assume>`：将示例替换为您的 AWS 角色。
+- `<example-aws-region>`：在此处添加您的 AWS 区域的名称。
 
 ```yaml{:copy}
 # Sample workflow to access AWS resources when workflow is tied to branch

translations/zh-CN/content/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-amazon-web-services.md

@@ -1,7 +1,7 @@
 ---
-title: Configuring OpenID Connect in Azure
-shortTitle: Configuring OpenID Connect in Azure
-intro: Use OpenID Connect within your workflows to authenticate with Azure.
+title: 在 Azure 中配置 OpenID Connect
+shortTitle: 在 Azure 中配置 OpenID Connect
+intro: 在工作流程中使用 OpenID Connect 向 Azure 进行身份验证。
 miniTocMaxHeadingLevel: 3
 versions:
   fpt: '*'
@@ -17,46 +17,46 @@ topics:
 
 ## 概览
 
-OpenID Connect (OIDC) allows your {% data variables.product.prodname_actions %} workflows to access resources in Azure, without needing to store the Azure credentials as long-lived {% data variables.product.prodname_dotcom %} secrets.
+OpenID Connect (OIDC) 允许您的 {% data variables.product.prodname_actions %} 工作流程访问 Azure 中的资源，而无需将任何 Azure 凭据存储为长期 {% data variables.product.prodname_dotcom %} 机密。
 
-This guide gives an overview of how to configure Azure to trust {% data variables.product.prodname_dotcom %}'s OIDC as a federated identity, and includes a workflow example for the [`azure/login`](https://github.com/Azure/login) action that uses tokens to authenticate to Azure and access resources.
+本指南概述了如何配置 Azure 信任 {% data variables.product.prodname_dotcom %} 的 OIDC 作为联合标识，并包括 [`azure/login`](https://github.com/Azure/login) 操作的工作流程示例，该操作使用令牌向 Azure 进行身份验证和访问资源。
 
 ## 基本要求
 
 {% data reusables.actions.oidc-link-to-intro %}
 
 {% data reusables.actions.oidc-security-notice %}
 
-## Adding the Federated Credentials to Azure
+## 将联合凭据添加到 Azure
 
-{% data variables.product.prodname_dotcom %}'s OIDC provider works with Azure's workload identity federation. For an overview, see Microsoft's documentation at "[Workload identity federation](https://docs.microsoft.com/en-us/azure/active-directory/develop/workload-identity-federation)."
+{% data variables.product.prodname_dotcom %} 的 OIDC 提供商与 Azure 的工作负载联合身份验证配合使用。 有关概述，请参阅 Microsoft 的文档“[工作负载联合身份验证](https://docs.microsoft.com/en-us/azure/active-directory/develop/workload-identity-federation)”。
 
-To configure the OIDC identity provider in Azure, you will need to perform the following configuration. For instructions on making these changes, refer to [the Azure documentation](https://docs.microsoft.com/en-us/azure/developer/github/connect-from-azure).
+要在 Azure 中配置 OIDC 身份提供商，您需要执行以下配置。 有关进行这些更改的说明，请参阅 [Azure 文档](https://docs.microsoft.com/en-us/azure/developer/github/connect-from-azure)。
 
-1. Create an Azure Active Directory application and a service principal.
-2. Add federated credentials for the Azure Active Directory application.
-3. Create {% data variables.product.prodname_dotcom %} secrets for storing Azure configuration.
+1. 创建 Azure Active Directory 应用程序和服务主体。
+2. 为 Azure Active Directory 应用程序添加联合凭据。
+3. 创建用于存储 Azure 配置的 {% data variables.product.prodname_dotcom %} 机密。
 
-Additional guidance for configuring the identity provider:
+配置身份提供商的附加指导：
 
-- For security hardening, make sure you've reviewed ["Configuring the OIDC trust with the cloud"](/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect#configuring-the-oidc-trust-with-the-cloud). For an example, see ["Configuring the subject in your cloud provider"](/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect#configuring-the-subject-in-your-cloud-provider).
-- For the `audience` setting,  `api://AzureADTokenExchange` is the recommended value, but you can also specify other values here.
+- 为强化安全，请确保您已查看[“使用云配置 OIDC 信任”](/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect#configuring-the-oidc-trust-with-the-cloud)。 有关示例，请参阅[“在云提供商中配置主题”](/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect#configuring-the-subject-in-your-cloud-provider)。
+- 对于`受众`设置，建议的值为 `api://AzureADTokenExchange`，但您也可以在此处指定其他值。
 
 ## 更新 {% data variables.product.prodname_actions %} 工作流程
 
 要更新 OIDC 的工作流程，您需要对 YAML 进行两项更改：
 1. 为令牌添加权限设置。
-2. Use the [`azure/login`](https://github.com/Azure/login) action to exchange the OIDC token (JWT) for a cloud access token.
+2. 使用 [`azure/login`](https://github.com/Azure/login) 操作将 OIDC 令牌 (JWT) 交换为云访问令牌。
 
 ### 添加权限设置
 
  {% data reusables.actions.oidc-permissions-token %}
 
-### Requesting the access token
+### 请求访问令牌
 
-The [`azure/login`](https://github.com/Azure/login) action receives a JWT from the {% data variables.product.prodname_dotcom %} OIDC provider, and then requests an access token from Azure. For more information, see the [`azure/login`](https://github.com/Azure/login) documentation.
+[`azure/login`](https://github.com/Azure/login) 操作从 {% data variables.product.prodname_dotcom %} OIDC 提供商接收 JWT，然后从 Azure 请求访问令牌。 更多信息请参阅 [`azure/login`](https://github.com/Azure/login) 文档。
 
-The following example exchanges an OIDC ID token with Azure to receive an access token, which can then be used to access cloud resources.
+以下示例将 OIDC ID 令牌与 Azure 交换以接收访问令牌，然后可以使用该令牌访问云资源。
 
 {% raw %}
 ```yaml{:copy}

translations/zh-CN/content/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-azure.md

@@ -1,7 +1,7 @@
 ---
-title: Configuring OpenID Connect in Google Cloud Platform
-shortTitle: Configuring OpenID Connect in Google Cloud Platform
-intro: Use OpenID Connect within your workflows to authenticate with Google Cloud Platform.
+title: 在 Google Cloud Platform 中配置 OpenID Connect
+shortTitle: 在 Google Cloud Platform 中配置 OpenID Connect
+intro: 在工作流程中使用 OpenID Connect 向 Google Cloud 平台进行身份验证。
 miniTocMaxHeadingLevel: 3
 versions:
   fpt: '*'
@@ -17,51 +17,51 @@ topics:
 
 ## 概览
 
-OpenID Connect (OIDC) allows your {% data variables.product.prodname_actions %} workflows to access resources in Google Cloud Platform (GCP), without needing to store the GCP credentials as long-lived {% data variables.product.prodname_dotcom %} secrets.
+OpenID Connect (OIDC) 允许您的 {% data variables.product.prodname_actions %} 工作流程访问 Google Cloud 平台中的资源，而无需将任何 GCP 凭据存储为长期 {% data variables.product.prodname_dotcom %} 机密。
 
-This guide gives an overview of how to configure GCP to trust {% data variables.product.prodname_dotcom %}'s OIDC as a federated identity, and includes a workflow example for the [`google-github-actions/auth`](https://github.com/google-github-actions/auth) action that uses tokens to authenticate to GCP and access resources.
+本指南概述了如何配置 GCP 信任 {% data variables.product.prodname_dotcom %} 的 OIDC 作为联合标识，并包括 [`google-github-actions/auth`](https://github.com/google-github-actions/auth) 操作的工作流程示例，该操作使用令牌向 GCP 进行身份验证和访问资源。
 
 ## 基本要求
 
 {% data reusables.actions.oidc-link-to-intro %}
 
 {% data reusables.actions.oidc-security-notice %}
 
-## Adding a Google Cloud Workload Identity Provider
+## 添加 Google Cloud 工作负载身份提供商
 
-To configure the OIDC identity provider in GCP, you will need to perform the following configuration. For instructions on making these changes, refer to [the GCP documentation](https://github.com/google-github-actions/auth).
+要在 GCP 中配置 OIDC 身份提供商，您需要执行以下配置。 有关进行这些更改的说明，请参阅 [GCP 文档](https://github.com/google-github-actions/auth)。
 
-1. Create a new identity pool.
-2. Configure the mapping and add conditions.
-3. Connect the new pool to a service account.
+1. 创建新的身份池。
+2. 配置映射并添加条件。
+3. 将新池连接到服务帐户。
 
-Additional guidance for configuring the identity provider:
+配置身份提供商的附加指导：
 
-- For security hardening, make sure you've reviewed ["Configuring the OIDC trust with the cloud"](/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect#configuring-the-oidc-trust-with-the-cloud). For an example, see ["Configuring the subject in your cloud provider"](/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect#configuring-the-subject-in-your-cloud-provider).
-- For the service account to be available for configuration, it needs to be assigned to the `roles/iam.workloadIdentityUser` role. For more information, see [the GCP documentation](https://cloud.google.com/iam/docs/workload-identity-federation?_ga=2.114275588.-285296507.1634918453#conditions).
-- The Issuer URL to use: `https://token.actions.githubusercontent.com`
+- 为强化安全，请确保您已查看[“使用云配置 OIDC 信任”](/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect#configuring-the-oidc-trust-with-the-cloud)。 有关示例，请参阅[“在云提供商中配置主题”](/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect#configuring-the-subject-in-your-cloud-provider)。
+- 要使服务帐户可用于配置，需要将其分配给 `roles/iam.workloadIdentityUser` 角色。 更多信息请参阅 [GCP 文档](https://cloud.google.com/iam/docs/workload-identity-federation?_ga=2.114275588.-285296507.1634918453#conditions)。
+- 要使用的颁发者 URL：`https://token.actions.githubusercontent.com`
 
 ## 更新 {% data variables.product.prodname_actions %} 工作流程
 
 要更新 OIDC 的工作流程，您需要对 YAML 进行两项更改：
 1. 为令牌添加权限设置。
-2. Use the [`google-github-actions/auth`](https://github.com/google-github-actions/auth) action to exchange the OIDC token (JWT) for a cloud access token.
+2. 使用 [`google-github-actions/auth`](https://github.com/google-github-actions/auth) 操作将 OIDC 令牌 (JWT) 交换为云访问令牌。
 
 ### 添加权限设置
 
  {% data reusables.actions.oidc-permissions-token %}
 
-### Requesting the access token
+### 请求访问令牌
 
-The `google-github-actions/auth` action receives a JWT from the {% data variables.product.prodname_dotcom %} OIDC provider, and then requests an access token from GCP. For more information, see the GCP [documentation](https://github.com/google-github-actions/auth).
+`google-github-actions/auth` 操作从 {% data variables.product.prodname_dotcom %} OIDC 提供商接收 JWT，然后从 GCP 请求访问令牌。 更多信息请参阅 GCP [文档](https://github.com/google-github-actions/auth)。
 
-This example has a job called `Get_OIDC_ID_token` that uses actions to request a list of services from GCP.
+此示例有一个名为 `Get_OIDC_ID_token` 的作业，该作业使用操作从 GCP 请求服务列表。
 
-- `<example-workload-identity-provider>`: Replace this with the path to your identity provider in GCP. For example, `projects/<example-project-id>/locations/global/workloadIdentityPools/<name-of-pool/providers/<name-of-provider>`
-- `<example-service-account>`: Replace this with the name of your service account in GCP.
-- `<project-id>`: Replace this with the ID of your GCP project.
+- `<example-workload-identity-provider>`：将此值替换为指向 GCP 中身份提供商的路径。 例如 `projects/<example-project-id>/locations/global/workloadIdentityPools/<name-of-pool/providers/<name-of-provider>`
+- `<example-service-account>`：将此值替换为您在 GCP 中的服务帐户的名称。
+- `<project-id>`：将此值替换为 GCP 项目的 ID。
 
-This action exchanges a {% data variables.product.prodname_dotcom %} OIDC token for a Google Cloud access token, using [Workload Identity Federation](https://cloud.google.com/iam/docs/workload-identity-federation).
+此操作使用[工作负载联合身份验证](https://cloud.google.com/iam/docs/workload-identity-federation)将 {% data variables.product.prodname_dotcom %} OIDC 令牌交换为 Google Cloud 访问令牌。
 
 {% raw %}
 ```yaml{:copy}