github · heiskr · Jan 28, 2022 · Jan 19, 2022 · Jan 19, 2022 · Jan 25, 2022
diff --git a/.dockerignore b/.dockerignore
@@ -0,0 +1,6 @@
+.git/
+node_modules/
+.github/
+.vscode/
+docs/
+script/
diff --git a/.github/workflows/automerge-dependencies.yml b/.github/workflows/automerge-dependencies.yml
@@ -68,7 +68,7 @@ jobs:
 
       # Because we get far too much spam ;_;
       - name: Lock conversations
-        uses: actions/github-script@e3cbab99d3a9b271e1b79fc96d103a4a5534998c
+        uses: actions/github-script@2b34a689ec86a68d8ab9478298f91d5401337b7d
         env:
           PR_NUMBER: ${{ github.event.pull_request.number }}
         with:

diff --git a/.github/workflows/check-for-spammy-issues.yml b/.github/workflows/check-for-spammy-issues.yml
@@ -17,7 +17,7 @@ jobs:
     if: github.repository == 'github/docs'
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/github-script@e3cbab99d3a9b271e1b79fc96d103a4a5534998c
+      - uses: actions/github-script@2b34a689ec86a68d8ab9478298f91d5401337b7d
         with:
           github-token: ${{ secrets.DOCUBOT_READORG_REPO_WORKFLOW_SCOPES }}
           script: |

diff --git a/.github/workflows/confirm-internal-staff-work-in-docs.yml b/.github/workflows/confirm-internal-staff-work-in-docs.yml
@@ -23,7 +23,7 @@ jobs:
     if: github.repository == 'github/docs' && github.actor != 'docs-bot'
     steps:
       - id: membership_check
-        uses: actions/github-script@e3cbab99d3a9b271e1b79fc96d103a4a5534998c
+        uses: actions/github-script@2b34a689ec86a68d8ab9478298f91d5401337b7d
         env:
           TEAM_CONTENT_REPO: ${{ secrets.TEAM_CONTENT_REPO }}
         with:

diff --git a/.github/workflows/copy-api-issue-to-internal.yml b/.github/workflows/copy-api-issue-to-internal.yml
@@ -19,7 +19,7 @@ jobs:
     if: (github.event.label.name == 'rest-description' || github.event.label.name == 'graphql-description') && github.repository == 'github/docs'
     steps:
       - name: Check if this run was triggered by a member of the docs team
-        uses: actions/github-script@e3cbab99d3a9b271e1b79fc96d103a4a5534998c
+        uses: actions/github-script@2b34a689ec86a68d8ab9478298f91d5401337b7d
         id: triggered-by-member
         with:
           github-token: ${{secrets.DOCUBOT_READORG_REPO_WORKFLOW_SCOPES}}

diff --git a/.github/workflows/first-responder-docs-content.yml b/.github/workflows/first-responder-docs-content.yml
@@ -24,7 +24,7 @@ jobs:
 
     steps:
       - name: Check if the event originated from a team member
-        uses: actions/github-script@e3cbab99d3a9b271e1b79fc96d103a4a5534998c
+        uses: actions/github-script@2b34a689ec86a68d8ab9478298f91d5401337b7d
         id: set-result
         with:
           github-token: ${{secrets.DOCUBOT_READORG_REPO_WORKFLOW_SCOPES}}
@@ -71,7 +71,7 @@ jobs:
 
     steps:
       - name: Remove card from project
-        uses: actions/github-script@e3cbab99d3a9b271e1b79fc96d103a4a5534998c
+        uses: actions/github-script@2b34a689ec86a68d8ab9478298f91d5401337b7d
         with:
           github-token: ${{secrets.DOCUBOT_READORG_REPO_WORKFLOW_SCOPES}}
           result-encoding: string

diff --git a/.github/workflows/hubber-contribution-help.yml b/.github/workflows/hubber-contribution-help.yml
@@ -21,7 +21,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - id: membership_check
-        uses: actions/github-script@e3cbab99d3a9b271e1b79fc96d103a4a5534998c
+        uses: actions/github-script@2b34a689ec86a68d8ab9478298f91d5401337b7d
         with:
           github-token: ${{ secrets.DOCUBOT_READORG_REPO_WORKFLOW_SCOPES }}
           script: |

diff --git a/.github/workflows/link-check-dotcom.yml b/.github/workflows/link-check-dotcom.yml
diff --git a/.github/workflows/link-check-ghae.yml b/.github/workflows/link-check-ghae.yml
diff --git a/.github/workflows/link-check-ghec.yml b/.github/workflows/link-check-ghec.yml
diff --git a/.github/workflows/link-check-ghes.yml b/.github/workflows/link-check-ghes.yml
diff --git a/.github/workflows/main-docker-cache.yml b/.github/workflows/main-docker-cache.yml
@@ -0,0 +1,71 @@
+name: Build and Push Main Docker Cache
+
+# **What it does**: Builds and pushes the `main` Docker cache image
+# **Why we have it**: It allows PRs using the registry cache to pull a pre-built image, which should speed up the build
+# **Who does it impact**: All contributors.
+
+on:
+  push:
+    branches:
+      - main
+
+permissions:
+  contents: read
+
+# This allows a subsequently queued workflow run to take priority over
+# previously queued runs and interrupt currently executing runs
+concurrency:
+  group: '${{ github.workflow }}'
+  cancel-in-progress: true
+
+jobs:
+  build-and-push-nonprod-cache:
+    runs-on: ubuntu-latest
+    timeout-minutes: 15
+    env:
+      NONPROD_REGISTRY_USERNAME: ghdocs
+      NONPROD_REGISTRY_NAME: ghdocs
+      DOCKER_IMAGE_MAIN_REF: ${{ secrets.NONPROD_REGISTRY_SERVER }}/${{ github.repository }}:main
+
+    steps:
+      - name: 'Az CLI login'
+        uses: azure/login@66d2e78565ab7af265d2b627085bc34c73ce6abb
+        with:
+          creds: ${{ secrets.NONPROD_AZURE_CREDENTIALS }}
+
+      - name: 'Docker login'
+        uses: azure/docker-login@81744f9799e7eaa418697cb168452a2882ae844a
+        with:
+          login-server: ${{ secrets.NONPROD_REGISTRY_SERVER }}
+          username: ${{ env.NONPROD_REGISTRY_USERNAME }}
+          password: ${{ secrets.NONPROD_REGISTRY_PASSWORD }}
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@94ab11c41e45d028884a99163086648e898eed25
+
+      - name: Check out repo
+        uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579
+        with:
+          # To prevent issues with cloning early access content later
+          persist-credentials: 'false'
+          lfs: 'true'
+
+      - name: Check out LFS objects
+        run: git lfs checkout
+
+      - if: ${{ github.repository == 'github/docs-internal' }}
+        name: Clone early access
+        env:
+          DOCUBOT_REPO_PAT: ${{ secrets.DOCUBOT_REPO_PAT }}
+          GIT_BRANCH: main
+        run: npm install dotenv && node script/early-access/clone-for-build.js
+
+      - name: 'Build and push image'
+        uses: docker/build-push-action@a66e35b9cbcf4ad0ea91ffcaf7bbad63ad9e0229
+        with:
+          context: .
+          push: true
+          target: ${{ fromJSON('["production", "production_early_access"]')[github.repository == 'github/docs-internal'] }}
+          tags: ${{ env.DOCKER_IMAGE_MAIN_REF }}
+          cache-from: type=registry,ref=${{ env.DOCKER_IMAGE_MAIN_REF }}
+          cache-to: type=registry,mode=max,ref=${{ env.DOCKER_IMAGE_MAIN_REF }}
diff --git a/.github/workflows/merged-notification.yml b/.github/workflows/merged-notification.yml
@@ -18,7 +18,7 @@ jobs:
     if: github.repository == 'github/docs' && github.event.pull_request.merged && github.event.pull_request.base.ref == github.event.repository.default_branch && github.event.pull_request.user.login != 'Octomerger'
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/github-script@e3cbab99d3a9b271e1b79fc96d103a4a5534998c
+      - uses: actions/github-script@2b34a689ec86a68d8ab9478298f91d5401337b7d
         with:
           script: |
             github.issues.createComment({

diff --git a/.github/workflows/move-existing-issues-to-the-correct-repo.yml b/.github/workflows/move-existing-issues-to-the-correct-repo.yml
@@ -15,7 +15,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - id: move_to_correct_repo
-        uses: actions/github-script@e3cbab99d3a9b271e1b79fc96d103a4a5534998c
+        uses: actions/github-script@2b34a689ec86a68d8ab9478298f91d5401337b7d
         env:
           TEAM_ENGINEERING_REPO: ${{ secrets.TEAM_ENGINEERING_REPO }}
           TEAM_CONTENT_REPO: ${{ secrets.TEAM_CONTENT_REPO }}

diff --git a/.github/workflows/move-new-issues-to-correct-docs-repo.yml b/.github/workflows/move-new-issues-to-correct-docs-repo.yml
@@ -21,7 +21,7 @@ jobs:
     if: github.repository == 'github/docs-internal'
     steps:
       - id: move_to_correct_repo
-        uses: actions/github-script@e3cbab99d3a9b271e1b79fc96d103a4a5534998c
+        uses: actions/github-script@2b34a689ec86a68d8ab9478298f91d5401337b7d
         env:
           TEAM_ENGINEERING_REPO: ${{ secrets.TEAM_ENGINEERING_REPO }}
           TEAM_CONTENT_REPO: ${{ secrets.TEAM_CONTENT_REPO }}

diff --git a/.github/workflows/move-reopened-issues-to-triage.yaml b/.github/workflows/move-reopened-issues-to-triage.yaml
@@ -17,7 +17,7 @@ jobs:
     if: github.repository == 'github/docs'
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/github-script@e3cbab99d3a9b271e1b79fc96d103a4a5534998c
+      - uses: actions/github-script@2b34a689ec86a68d8ab9478298f91d5401337b7d
         with:
           script: |
             const issueNumber = context.issue.number;

diff --git a/.github/workflows/notify-when-maintainers-cannot-edit.yaml b/.github/workflows/notify-when-maintainers-cannot-edit.yaml
@@ -17,7 +17,7 @@ jobs:
     if: github.repository == 'github/docs'
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/github-script@e3cbab99d3a9b271e1b79fc96d103a4a5534998c
+      - uses: actions/github-script@2b34a689ec86a68d8ab9478298f91d5401337b7d
         with:
           script: |
             const query = `

diff --git a/.github/workflows/os-ready-for-review.yml b/.github/workflows/os-ready-for-review.yml
@@ -19,7 +19,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Check if this run was triggered by a member of the docs team
-        uses: actions/github-script@e3cbab99d3a9b271e1b79fc96d103a4a5534998c
+        uses: actions/github-script@2b34a689ec86a68d8ab9478298f91d5401337b7d
         id: triggered-by-member
         with:
           github-token: ${{secrets.DOCUBOT_READORG_REPO_WORKFLOW_SCOPES}}