Merge branch 'main' into patch-3

.github/workflows/local-dev.yml

@@ -0,0 +1,52 @@
+name: Local development
+
+# **What it does**: Can you start the local server like a writer would do?
+# **Why we have it**: Our CI is often heavily geared on testing in "production"
+#                     that historically we've been known to break local
+#                     development sometimes.
+# **Who does it impact**: Engineers, Contributors.
+
+on:
+  merge_group:
+  pull_request:
+
+permissions:
+  contents: read
+
+jobs:
+  local-dev:
+    if: github.repository == 'github/docs-internal' || github.repository == 'github/docs'
+    runs-on: ${{ fromJSON('["ubuntu-latest", "ubuntu-20.04-xl"]')[github.repository == 'github/docs-internal'] }}
+    steps:
+      - name: Check out repo
+        uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8
+
+      - uses: ./.github/actions/node-npm-setup
+
+      # Note that we don't check out docs-early-access, Elasticsearch,
+      # or any remote translations. Nothing fancy here!
+
+      - name: Start server in the background
+        run: npm start > /tmp/stdout.log 2> /tmp/stderr.log &
+
+      - name: View the home page
+        run: |
+          echo "Going to sleep a little to wait for the server to start"
+          sleep 10
+          curl --fail --retry-connrefused --retry 5 http://localhost:4000/
+
+      - name: Edit a page's .md file and expect it to appear
+        run: |
+          # First append anything to the Markdown page
+          echo "Today's date $(date)" >> content/get-started/quickstart/hello-world.md
+
+          # This pipe to grep will fail if it can't find it in the curl output
+          curl -L http://localhost:4000/get-started/quickstart/hello-world | grep "Today's date"
+
+      - if: ${{ failure() }}
+        name: Debug server outputs on errors
+        run: |
+          echo "____STDOUT____"
+          cat /tmp/stdout.log
+          echo "____STDERR____"
+          cat /tmp/stderr.log

.github/workflows/sync-codeql-cli.yml

@@ -0,0 +1,123 @@
+name: Sync CodeQl CLI
+
+# **What it does**: This workflow is run manually approximately every two weeks.
+#   When run, this workflow syncs the CodeQL CLI automated pipeline with the semmle-code
+#   repository, and creates a pull request if there are updates.
+# **Why we have it**: So we can automate CodeQL CLI documentation.
+# **Who does it impact**: Anyone making CodeQL CLI changes in `github/semmle-code`, and wanting to get them published on the docs site.
+
+on:
+  workflow_dispatch:
+    inputs:
+      SOURCE_BRANCH:
+        description: 'Branch to pull the source files from in the semmle-code repo.'
+        type: string
+        required: true
+        default: 'main'
+
+permissions:
+  contents: write
+  pull-requests: write
+
+# This allows a subsequently queued workflow run to interrupt previous runs
+concurrency:
+  group: '${{ github.workflow }} @ ${{ github.event.pull_request.head.label || github.head_ref || github.ref }}'
+  cancel-in-progress: true
+
+jobs:
+  generate-codeql-files:
+    if: github.repository == 'github/docs-internal'
+    runs-on: ubuntu-latest
+    steps:
+      - if: ${{ env.FREEZE == 'true' }}
+        run: |
+          echo 'The repo is currently frozen! Exiting this workflow.'
+          exit 1 # prevents further steps from running
+
+      - name: Checkout repository code
+        uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8
+
+        # Check out a nested repository inside of previous checkout
+      - name: Checkout semmle-code repo
+        uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8
+        with:
+          # By default, only the most recent commit of the `main` branch
+          # will be checked out
+          token: ${{ secrets.DOCS_BOT_FR }}
+          repository: github/semmle-code
+          path: semmle-code
+          ref: ${{ github.event.inputs.SOURCE_BRANCH }}
+
+      - uses: ./.github/actions/node-npm-setup
+
+      - name: Get the semmle-code SHA being synced
+        id: semmle-code
+        run: |
+          cd semmle-code
+          OPENAPI_COMMIT_SHA=$(git rev-parse HEAD)
+          echo "OPENAPI_COMMIT_SHA=$OPENAPI_COMMIT_SHA" >> $GITHUB_OUTPUT
+          echo "Copied files from github/semmle-code repo. Commit SHA: $OPENAPI_COMMIT_SHA"
+
+      - name: Install pandoc
+        run: |
+          # Remove all previous pandoc versions
+          sudo apt-get purge --auto-remove pandoc
+          # Download pandoc
+          wget https://github.com/jgm/pandoc/releases/download/3.0.1/pandoc-3.0.1-1-amd64.deb
+          # Install pandoc
+          sudo dpkg -i pandoc-3.0.1-1-amd64.deb
+          # Output the pandoc version installed
+          pandoc -v
+          rm pandoc-3.0.1-1-amd64.deb
+
+      - name: Sync the CodeQL CLI data
+        run: |
+          src/codeql-cli/scripts/sync.js
+          git status
+          echo "Deleting the cloned github/semmle-code repo..."
+          rm -rf semmle-code
+
+      - name: Create pull request
+        env:
+          # Needed for gh
+          GITHUB_TOKEN: ${{ secrets.DOCUBOT_REPO_PAT }}
+        run: |
+          # If nothing to commit, exit now. It's fine. No orphans.
+          changes=$(git diff --name-only | wc -l)
+          untracked=$(git status --untracked-files --short | wc -l)
+          if [[ $changes -eq 0 ]] && [[ $untracked -eq 0 ]]; then
+            echo "There are no changes to commit after running src/codeql/scripts/sync.js. Exiting..."
+            exit 0
+          fi
+
+          git config --global user.name "docubot"
+          git config --global user.email "67483024+docubot@users.noreply.github.com"
+
+          branchname=codeql-cli-update-${{ steps.semmle-code.outputs.OPENAPI_COMMIT_SHA }}
+
+          branchCheckout=$(git checkout -b $branchname)
+          if [[! $? -eq 0 ]]; then
+            echo "Branch $branchname already exists in `github/docs-internal`. Exiting..."
+            exit 0
+          fi
+          git add .
+          git commit -m "Update CodeQL CLI data"
+          git push origin $branchname
+
+          echo "Creating pull request..."
+          gh pr create \
+            --title "Update CodeQL CLI manual" \
+            --body '👋 humans. This PR updates the CodeQL CLI manual Markdown pages with the latest changes. (Synced from semmle-code@${{ steps.semmle-code.outputs.OPENAPI_COMMIT_SHA }})
+
+            If CI does not pass or other problems arise, contact #docs-engineering on slack.' \
+            --repo github/docs-internal \
+            --label codeql-cli-pipeline
+
+      - name: Send Slack notification if workflow fails
+        uses: someimportantcompany/github-actions-slack-message@1d367080235edfa53df415bd8e0bbab480f29bad
+        if: ${{ failure() && env.FREEZE != 'true' }}
+        with:
+          channel: ${{ secrets.DOCS_ALERTS_SLACK_CHANNEL_ID }}
+          bot-token: ${{ secrets.SLACK_DOCS_BOT_TOKEN }}
+          color: failure
+          text: The last Sync CodeQL CLI run for ${{github.repository}} failed. See https://github.com/${{github.repository}}/actions/workflows/sync-codeql-cli.yml

.gitignore

@@ -40,5 +40,7 @@ external-link-checker-db.json
 
 # Automated content source
 rest-api-description
+semmle-code
 
 .installed.package-lock.json
+assets/images/help/writing/unordered-list-rendered (1).png

.prettierignore

@@ -1,6 +1,11 @@
-includes/
 data/release-notes/
 script/bookmarklets/
 /.next/
+
+# jest --coverage option
 /.coverage
 /coverage
+
+# Automated content source
+rest-api-description
+semmle-code