Merge branch 'main' into 5765-private-profile

Author: Martin Lopes

.devcontainer/devcontainer.json

@@ -10,11 +10,16 @@
 	},
 
 	// Set *default* container specific settings.json values on container create.
-	"settings": { 
+	"settings": {
 		"terminal.integrated.shell.linux": "/bin/bash",
 		"cSpell.language": ",en"
 	},
 
+	// Install features. Type 'feature' in the VS Code command palette for a full list.
+	"features": {
+		"git-lfs": "latest"
+	 },
+
 	// Visual Studio Code extensions which help authoring for docs.github.com.
 	"extensions": [
 		"dbaeumer.vscode-eslint",
@@ -29,8 +34,8 @@
 	"forwardPorts": [4000],
 
 	// Use 'postCreateCommand' to run commands after the container is created.
-	"postCreateCommand": "npm ci && npm run build",
-		 
+	"postCreateCommand": "git lfs pull && npm ci",
+
 	// Comment out connect as root instead. More info: https://aka.ms/vscode-remote/containers/non-root.
 	"remoteUser": "node"
 

.github/actions-scripts/get-preview-app-info.sh

@@ -13,7 +13,6 @@
 [[ -z $APP_NAME_SEED ]] && { echo "Missing APP_NAME_SEED. Exiting."; exit 1; }
 
 PREVIEW_ENV_LOCATION="eastus"
-echo "PREVIEW_ENV_LOCATION=${PREVIEW_ENV_LOCATION}" >> $GITHUB_ENV
 
 REPO_NAME="${GITHUB_REPOSITORY#*\/}"
 echo "REPO_NAME=${REPO_NAME}" >> $GITHUB_ENV
@@ -22,15 +21,14 @@ DEPLOYMENT_NAME="${REPO_NAME}-pr-${PR_NUMBER}"
 echo "DEPLOYMENT_NAME=${DEPLOYMENT_NAME}" >> $GITHUB_ENV
 
 APP_NAME_BASE="${REPO_NAME}-preview-${PR_NUMBER}"
-echo "APP_NAME_BASE=${APP_NAME_BASE}" >> $GITHUB_ENV
 
 # pseudo random string so guessing a preview env URL is more difficult
 APP_SHA=$(echo -n "${APP_NAME_SEED}-${APP_NAME_BASE}" | sha1sum | cut -c1-6)
 
 APP_NAME="${APP_NAME_BASE}-${APP_SHA}"
 echo "APP_NAME=${APP_NAME}" >> $GITHUB_ENV
 
-APP_URL="https://${APP_NAME}.${PREVIEW_ENV_LOCATION}.azurecontainer.io"
+APP_URL="https://${REPO_NAME}-${PR_NUMBER}-${APP_SHA}.preview.ghdocs.com"
 echo "APP_URL=${APP_URL}" >> $GITHUB_ENV
 
 IMAGE_REPO="${GITHUB_REPOSITORY}/pr-${PR_NUMBER}"

.github/workflows/azure-preview-env-deploy.yml

@@ -203,13 +203,10 @@ jobs:
           template: ./azure-preview-env-template.json
           deploymentName: ${{ env.DEPLOYMENT_NAME }}
           parameters: appName="${{ env.APP_NAME }}"
-            location="${{ env.PREVIEW_ENV_LOCATION }}"
             containerImage="${{ env.DOCKER_IMAGE }}"
             dockerRegistryUrl="${{ secrets.NONPROD_REGISTRY_SERVER }}"
             dockerRegistryUsername="${{ secrets.NONPROD_REGISTRY_USERNAME }}"
             dockerRegistryPassword="${{ secrets.NONPROD_REGISTRY_PASSWORD }}"
-            storageAccountName="${{ secrets.AZURE_STORAGE_ACCOUNT_NAME }}"
-            storageAccountKey="${{ secrets.AZURE_STORAGE_ACCOUNT_KEY }}"
           # this shows warnings in the github actions console, because the flag is passed through a validation run,
           # but it *is* functional during the actual execution
           additionalArguments: --no-wait

.github/workflows/main-preview-docker-cache.yml

@@ -20,6 +20,7 @@ concurrency:
 
 jobs:
   build-and-push-nonprod-cache:
+    if: ${{ github.repository == 'github/docs-internal' || github.repository == 'github/docs' }}
     runs-on: ubuntu-latest
     timeout-minutes: 15
     env:

.github/workflows/needs-sme-stale-check.yaml

@@ -0,0 +1,31 @@
+name: Stale check for issues or PRs with "needs SME" label
+
+# **What it does**: Provides stale checks on issues/PRs that need SME(subject matter expert) review on open source docs repo.
+# **Why we have it**: In the open repo, we want we want frequent checks on issues/PRs that are waiting on SME review.
+# **Who does it impact**: Anyone working in the open repo.
+
+on:
+  schedule:
+    - cron: '40 20 * * *' # Run each day at 20:40 UTC / 12:40 PST
+
+permissions:
+  issues: write
+  pull-requests: write
+
+jobs:
+  stale_needs-sme:
+    if: ${{ github.repository == 'github/docs'' }}
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/stale@7fb802b3079a276cf3c7e6ba9aa003c665b3f838
+        with:
+          only-labels: needs SME
+          remove-stale-when-updated: true
+          days-before-stale: 7 # adds stale label if no activity for 7 days
+          stale-issue-message: 'This is a gentle bump for the docs team that this issue is waiting for technical review.'
+          stale-issue-label: SME stale
+          days-before-issue-close: -1 # never close
+          stale-pr-message: 'This is a gentle bump for the docs team that this PR is waiting for technical review.'
+          stale-pr-label: SME stale
+          days-before-pr-close: -1 # never close

.github/workflows/needs-sme-workflow.yml

@@ -0,0 +1,31 @@
+name: Comment on adding "needs SME" label
+
+# **What it does**: Comment on issues and pull requests when a "needs SME" label is added. SME = subject matter expert.
+# **Why we have it**: We want to manage our queue of issues and pull requests that need sme review.
+# **Who does it impact**: Everyone that works on docs or docs-internal.
+
+on:
+  issues:
+    types: [labeled]
+  pull_request_target:
+    types: [labeled]
+
+permissions:
+  issues: write
+  pull-requests: write
+
+jobs:
+  add-comment:
+    if: ${{ github.repository == 'github/docs' && (github.event.label.name == 'needs SME' && github.event_name == 'issues' || github.event_name == 'pull_request_target') }}
+    runs-on: ubuntu-latest
+    steps:
+      - uses: peter-evans/create-or-update-comment@a35cf36e5301d70b76f316e867e7788a55a31dae
+        with:
+          issue-number: ${{ github.event.issue.number }}
+          body: |
+            Thanks for opening an issue! We've triaged this issue for technical review by a subject matter expert :eyes:
+      - uses: peter-evans/create-or-update-comment@a35cf36e5301d70b76f316e867e7788a55a31dae
+        with:
+          issue-number: ${{ github.event.pull_request_target.number }}
+          body: |
+            Thanks for opening a pull request! We've triaged this issue for technical review by a subject matter expert :eyes:

.github/workflows/orphaned-assets-check.yml

@@ -5,20 +5,24 @@ name: 'Orphaned assets check'
 # **Who does it impact**: Docs content.
 
 on:
-  pull_request:
-  push:
-    branches:
-      - gh-readonly-queue/main/**
+  workflow_dispatch:
+  schedule:
+    - cron: '13 10 * * *' # Once a day at 10:13 UTC
 
 permissions:
   contents: read
 
 jobs:
   orphaned-assets-check:
+    if: ${{ github.repository == 'github/docs-internal' }}
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
         uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579
+        with:
+          # Using a PAT is necessary so that the new commit will trigger the
+          # CI in the PR. (Events from GITHUB_TOKEN don't trigger new workflows.)
+          token: ${{ secrets.DOCUBOT_REPO_PAT }}
 
       - name: Setup node
         uses: actions/setup-node@1f8c6b94b26d0feae1e387ca63ccbdc44d27b561
@@ -30,4 +34,30 @@ jobs:
         run: npm ci
 
       - name: Check for orphaned assets
-        run: ./script/find-orphaned-assets.mjs --verbose --exit
+        env:
+          # Needed for gh
+          GITHUB_TOKEN: ${{ secrets.DOCUBOT_REPO_PAT }}
+        run: |
+          set -e
+
+          ./script/find-orphaned-assets.mjs | xargs git rm
+
+          # If nothing to commit, exit now. It's fine. No orphans.
+          git status | grep 'nothing to commit' && exit 0
+
+          # Replicated from the translation pipeline PR-maker Action
+          git config --global user.name "docubot"
+          git config --global user.email "[email protected]"
+
+          date=$(date '+%Y-%m-%d-%H-%M')
+          branchname=orphaned-assets-$date-$GITHUB_RUN_ID
+
+          git checkout -b $branchname
+          git commit -m "Delete orphaned assets $date"
+          git push origin $branchname
+
+          gh pr create \
+            --title "Delete orphaned assets ($date)" \
+            --body "Found with the find-orphaned-assets.mjs script" \
+            --repo github/docs-internal \
+            --label docs-content-fr

.github/workflows/sync-search-indices.yml

@@ -77,6 +77,18 @@ jobs:
         env:
           VERSION: ${{ github.event.inputs.version }}
           LANGUAGE: ${{ github.event.inputs.language }}
+          # We don't want or need the changelog entries in this context.
+          # Pages that display the content from these isn't included
+          # in search index bodies anyway.
+          CHANGELOG_DISABLED: true
+          # If a reusable, or anything in the `data/*` directory is deleted
+          # you might get a
+          #
+          #   RenderError: Can't find the key 'site.data.reusables...' in the scope
+          #
+          # But that'll get fixed in the next translation pipeline. For now,
+          # let's just accept an empty string instead.
+          THROW_ON_EMPTY: false
         run: npm run sync-search
 
       - name: Update private docs repository search indexes

.github/workflows/test.yml

@@ -48,7 +48,10 @@ jobs:
       - name: Check out repo
         uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579
         with:
-          lfs: true
+          # Not all test suites need the LFS files. So instead, we opt to
+          # NOT clone them initially and instead, include them manually
+          # only for the test groups that we know need the files.
+          lfs: ${{ matrix.test-group == 'content' }}
           # Enables cloning the Early Access repo later with the relevant PAT
           persist-credentials: 'false'
 
@@ -99,6 +102,8 @@ jobs:
           mv docs-early-access/data data/early-access
           rm -r docs-early-access
 
+      # This is necessary when LFS files where cloned but does nothing
+      # if actions/checkout was run with `lfs:false`.
       - name: Checkout LFS objects
         run: git lfs checkout
 

.github/workflows/triage-stale-check.yml

@@ -24,7 +24,7 @@ jobs:
           stale-issue-message: 'A stale label has been added to this issue becuase it has been open for 60 days with no activity. To keep this issue open, add a comment within 3 days.'
           days-before-issue-stale: 60
           days-before-issue-close: 3
-          exempt-issue-labels: 'help wanted,waiting for review'
+          exempt-issue-labels: 'help wanted,never-stale,waiting for review'
           stale-pr-message: 'A stale label has been added to this pull request because it has been open 7 days with no activity. To keep this PR open, add a comment or push a commit within 3 days.'
           days-before-pr-stale: 7
           days-before-pr-close: 3