Merge pull request #33629 from github/repo-sync

Repo sync

content/admin/administering-your-instance/administering-your-instance-from-the-web-ui/managing-search-indices-for-your-instance.md

@@ -41,6 +41,23 @@ In normal use, enterprise owners do not need to create new indices or schedule r
 1. If you want the index to be searchable, select the **Make this index searchable** checkbox.
 1. If you want the index to be writable, select the **Make this index writable** checkbox.
 1. Click **Create index**.
+1. If your instance uses a high availability or cluster configuration, you will need to run a script to ensure the number of search indices is correctly configured across the instance.
+
+   Access the administrative shell for your primary appliance via SSH, then run one of the following commands.
+
+   For high availability configurations:
+
+   ```shell copy
+   /usr/local/share/enterprise/ghe-es-auto-expand -v 0-all
+   ```
+
+   For cluster configurations:
+
+   ```shell copy
+   /usr/local/share/enterprise/ghe-es-auto-expand -v 0-1
+   ```
+
+   See "[AUTOTITLE](/admin/administering-your-instance/administering-your-instance-from-the-command-line/accessing-the-administrative-shell-ssh)."
 
 ## Managing search indices
 
@@ -69,7 +86,7 @@ Your instance uses repair jobs to reconcile the data, and schedules a repair job
 * A new search index is created.
 * Missing data needs to be backfilled.
 * Old search data needs to be updated.
-  
+
 In the "Repair" section of the search index, a progress bar shows the current status of a repair job across background workers. You can ignore the value shown in the progress bar after a repair job has completed. The progress bar shows the difference between the repair offset and the highest record ID in the database, and will decrease as more repositories are added to {% data variables.location.product_location %} even though those repositories are actually indexed.
 
 To minimize the effects on I/O performance and reduce the chances of operations timing out, run the repair job during off-peak hours. As the job reconciles the search index with database and Git repository data, one CPU will be used. Monitor your system's load averages and CPU usage with a utility like `top`. If you don't notice any significant increase in resource consumption, it should also be safe to run an index repair job during peak hours.

content/admin/identity-and-access-management/configuring-authentication-for-enterprise-managed-users/about-support-for-your-idps-conditional-access-policy.md

@@ -20,7 +20,10 @@ redirect_from:
 
 {% data reusables.enterprise-accounts.emu-cap-validates %}
 
-{% data variables.product.product_name %} supports CAP for any {% data variables.enterprise.prodname_emu_enterprise %} where OIDC SSO is enabled. {% data variables.product.product_name %} enforces your IdP's IP conditions but cannot enforce your device compliance conditions. Enterprise owners can choose to use this IP allow list configuration instead of {% data variables.product.product_name %}'s IP allow list, and can do so once OIDC SSO is configured. For more information about IP allow lists, see "[AUTOTITLE](/admin/configuration/configuring-your-enterprise/restricting-network-traffic-to-your-enterprise-with-an-ip-allow-list)" and "[AUTOTITLE](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-allowed-ip-addresses-for-your-organization)."
+{% data variables.product.product_name %} supports CAP for any {% data variables.enterprise.prodname_emu_enterprise %} where OIDC SSO is enabled. Enterprise owners can choose to use this IP allow list configuration instead of {% data variables.product.product_name %}'s IP allow list, and can do so once OIDC SSO is configured. For more information about IP allow lists, see "[AUTOTITLE](/admin/configuration/configuring-your-enterprise/restricting-network-traffic-to-your-enterprise-with-an-ip-allow-list#about-your-idps-allow-list)" and "[AUTOTITLE](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-allowed-ip-addresses-for-your-organization)."
+
+* {% data variables.product.product_name %} enforces your IdP's IP conditions but cannot enforce your device compliance conditions.
+* Policies for multi-factor authentication are only enforced at the point of sign-in to the IdP.
 
 For more information about using OIDC with {% data variables.product.prodname_emus %}, see "[AUTOTITLE](/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/configuring-oidc-for-enterprise-managed-users)" and "[AUTOTITLE](/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/migrating-from-saml-to-oidc)."
 

content/admin/identity-and-access-management/using-saml-for-enterprise-iam/configuring-saml-single-sign-on-for-your-enterprise.md

@@ -89,7 +89,10 @@ For more detailed information about how to enable SAML using Okta, see "[AUTOTIT
 1. Under "SAML single sign-on", select **Require SAML authentication**.
 1. In the **Sign on URL** field, type the HTTPS endpoint of your IdP for single sign-on requests. This value is available in your IdP configuration.
 1. Optionally, in the **Issuer** field, type your SAML issuer URL to verify the authenticity of sent messages.
-1. Under **Public Certificate**, paste a certificate to verify SAML responses.
+1. Under **Public Certificate**, paste a certificate to verify SAML responses. This is the public key corresponding to the private key used to sign SAML responses.
+
+   To find the certificate, refer to the documentation for your IdP. Some IdPs call this an X.509 certificate.
+
 {% data reusables.saml.edit-signature-and-digest-methods %}
 1. Before enabling SAML SSO for your enterprise, to ensure that the information you've entered is correct, click **Test SAML configuration** . {% data reusables.saml.test-must-succeed %}
 1. Click **Save**.

content/admin/managing-accounts-and-repositories/managing-users-in-your-enterprise/managing-dormant-users.md

@@ -23,6 +23,8 @@ topics:
 
 {% data reusables.enterprise-accounts.dormant-user-activity %}
 
+> [!NOTE] You cannot mark a dormant user as active. To become active, a user must perform one of the activities listed above.
+
 {% ifversion ghec %}
 When assessing user dormancy, we only consider organizations, repositories, or sign-on events that are associated with the enterprise. For example, a user who has recently commented on an issue in a public repository outside of the enterprise may be considered dormant, while a user who has commented on an issue in a public repository within the enterprise will not be considered dormant.
 {% endif %}

content/admin/monitoring-activity-in-your-enterprise/analyzing-how-your-team-works-with-server-statistics/exporting-server-statistics.md

@@ -24,7 +24,7 @@ To learn more about {% data variables.product.prodname_github_connect %}, see "[
 
 {% data reusables.enterprise-accounts.access-enterprise %}
 
-1. In the enterprise account sidebar, click **GitHub Connect**.
+1. On the left side of the page, in the enterprise account sidebar, click **GitHub Connect**.
 
 {% data reusables.server-statistics.csv-download %}
 

content/admin/monitoring-activity-in-your-enterprise/exploring-user-activity-in-your-enterprise/activity-dashboard.md

@@ -13,7 +13,9 @@ versions:
 topics:
   - Enterprise
 ---
+
 The Activity dashboard provides weekly, monthly, and yearly graphs of the number of:
+
 * New pull requests
 * Merged pull requests
 * New issues
@@ -26,6 +28,16 @@ The Activity dashboard provides weekly, monthly, and yearly graphs of the number
 
 ## Accessing the Activity dashboard
 
+{% ifversion global-nav-update %}
+1. In the top-left corner of any page, select {% octicon "three-bars" aria-label="Open global navigation menu" %}, then click {% octicon "telescope" aria-hidden="true" %} **Explore**.
+
+   ![Screenshot of the navigation bar on {% data variables.product.product_name %}. The "Open global navigation menu" icon is outlined in dark orange.](/assets/images/help/navigation/global-navigation-menu-icon.png)
+{% else %}
 1. At the top of any page, click **Explore**.
-![Screenshot of the navigation bar at the top of the web UI for GitHub Enterprise Server. The word "Explore" is highlighted with an orange outline.](/assets/images/enterprise/settings/ent-new-explore.png)
+
+   ![Screenshot of the navigation bar at the top of the web UI for GitHub Enterprise Server. The word "Explore" is highlighted with an orange outline.](/assets/images/enterprise/settings/ent-new-explore.png)
+{% endif %}
 1. In the upper-right corner of the page, click {% octicon "pulse" aria-hidden="true" %} **Activity**.
+1. To view activity over different periods, click **This week**, **This month**, or **This year**.
+
+   ![Screenshot of the activity dashboard. A line graph compares the number of pull requests merged over this week and the previous week.](/assets/images/help/enterprises/activity-dashboard.png)

data/reusables/billing/enterprise-billing-menu.md

@@ -1 +1 @@
-1. In the enterprise account sidebar, click {% octicon "credit-card" aria-hidden="true" %} **Billing & Licensing**.
+1. On the left side of the page, in the enterprise account sidebar, click {% octicon "credit-card" aria-hidden="true" %} **Billing & Licensing**.

data/reusables/code-scanning/click-code-security-enterprise.md

@@ -1 +1 @@
-1. In the left sidebar, click **{% octicon "shield" aria-hidden="true" %} Code Security**.
+1. On the left side of the page, in the enterprise account sidebar, click **{% octicon "shield" aria-hidden="true" %} Code Security**.

data/reusables/enterprise-accounts/dormant-user-activity.md

@@ -2,8 +2,8 @@ A user is considered active if the user has performed any of the following activ
 
 * {% ifversion ghec%}Authenticating to access your enterprise's resources via SAML SSO{% else %}Signing into {% data variables.location.product_location %} {% endif %}
 * Creating a repository
-* Pushing to a repository via HTTPS
-{% ifversion ghes %}- Pushing to a repository via SSH{% endif %}
+* Pushing to a repository via HTTPS{% ifversion ghes %}
+* Pushing to a repository via SSH{% endif %}
 * Being added to a repository
 * Changing the visibility of a repository
 * Creating an issue or pull request

data/reusables/enterprise-accounts/enterprise-accounts-compliance-tab.md

@@ -1 +1 @@
-1. In the enterprise account sidebar, click {% octicon "checklist" aria-hidden="true" %} **Compliance**.
+1. On the left side of the page, in the enterprise account sidebar, click {% octicon "checklist" aria-hidden="true" %} **Compliance**.

data/reusables/enterprise-accounts/people-tab.md

@@ -1 +1 @@
-1. In the enterprise account sidebar, click {% octicon "person" aria-hidden="true" %} **People**.
+1. On the left side of the page, in the enterprise account sidebar, click {% octicon "person" aria-hidden="true" %} **People**.

data/reusables/enterprise-accounts/policies-tab.md

@@ -1 +1 @@
-1. In the enterprise account sidebar, click {% octicon "law" aria-hidden="true" %} **Policies**.
+1. On the left side of the page, in the enterprise account sidebar, click {% octicon "law" aria-hidden="true" %} **Policies**.

data/reusables/enterprise-accounts/settings-tab.md

@@ -1 +1 @@
-1. In the enterprise account sidebar, click {% octicon "gear" aria-hidden="true" %} **Settings**.
+1. On the left side of the page, in the enterprise account sidebar, click {% octicon "gear" aria-hidden="true" %} **Settings**.