This tool supports exports from and imports to GitHub Enterprise Server (GHES).
Every time code is pushed, end-to-end tests run in GitHub Actions against GitHub.com and supported versions of GitHub Enterprise Server.
From time to time, we need to update the access token used for end-to-end tests against GitHub.com.
We also regularly need to add or remove supported GitHub Enterprise Server versions, or re-provision existing GitHub Enterprise Server versions with a new instance and/or new access token. For details, see the "GitHub Enterprise Server support" section below.
Our end-to-end tests require a GitHub.com access token with relevant permissions to access the gh-migrate-project-sandbox
organization.
To refresh the token:
- Ensure you have admin access to the
gh-migrate-project-sandbox
organization on GitHub.com. - Navigate to GitHub's "New fine-grained personal access token" UI.
- Give the token a unique name, and set as long as an expiration as you can.
- Set the resource owner for the token to
gh-migrate-project-sandbox
, so the token can access its resources. - Set "Repository access" to "All repositories".
- In "Repository permissions", add the following permissions:
- Contents: Read and write
- Issues: Read-only
- Metadata: Read-only
- Pull requests: Read-only
- In "Organization permissions", add the following permissions:
- Projects: Read and write
- Create your token, and copy the value to the clipboard.
- Navigate to the repository's Actions secrets and update
GH_MIGRATE_PROJECT_SANDBOX_TOKEN
to the new value. - Navigate to the repository's Dependabot secrets and update
GH_MIGRATE_PROJECT_SANDBOX_TOKEN
to the new value.
Running end-to-end tests creates projects on GitHub.com, and there is a maximum limit on how many projects can exist at one time attached to an organization.
When you hit this limit, projects have to be cleaned up, or end-to-end tests will start to fail.
To clean up old projects, set GITHUB_TOKEN
to a token with access to the gh-migrate-project-sandbox
organization on GitHub.com (see "Updating the access token used for GitHub.com" above for instructions on creating such a token), and then run npm run clean-up-organization-projects
.
This tool supports exports from and imports to GitHub Enterprise Server (GHES).
We only commit to supporting GitHub Enterprise Server releases supported by GitHub. Releases are deprecated roughly a year after release, and once a release is deprecated, we will drop support in this tool.
From time to time, we need to add or remove supported GitHub Enterprise Server versions. We may also need to re-provision existing GitHub Enterprise Server versions with a new instance and/or new access token.
- Deploy a GitHub Enterprise Server (GHES) instance of the required version
- Create a personal access token (PAT) with the
repo
,admin:org
,site_admin
andproject
scopes - Seed the GHES instance with data and configure the Actions and Dependabot secrets. You can do this by running
npm run configure-github-enterprise-server-instance -- --ghes-access-token TOKEN --ghes-base-url https://ghes.acme.com/api/v3 --dotcom-access-token FOO
. - Open
.github/workflows/ci.yml
and make a copy of an existing job used to test a GHES version (e.g.end_to_end_tests_linux_ghes_311
) - Rename the job to an appropriate name for the new version, e.g.
end_to_end_tests_linux_ghes_312
- Update the GHES version in the job's
name
- In the "Import project to GHES" step, update the two secrets references to refer to your new secrets
- In the "Upload outputs as artifacts", update the name with the new GHES version (e.g.
linux-outputs-ghes-312
) - Update the
needs
configuration for thecheck_release_tag_matches_version
job to include the name of your new job
- Update the
MINIMUM_SUPPORTED_GITHUB_ENTERPRISE_SERVER_VERSION_FOR_EXPORTS
andMINIMUM_SUPPORTED_GITHUB_ENTERPRISE_SERVER_VERSION_FOR_IMPORTS
variables insrc/github-products.ts
as appropriate to drop support for the version. - Open
.github/workflows/ci.yml
and remove the job used to test the GHES version (e.g.end_to_end_tests_linux_ghes_311
) - Update the
needs
configuration for thecheck_release_tag_matches_version
job to remove the job you just removed - Remove the
GHES_XXX_ACCESS_TOKEN
andGHES_XXX_BASE_URL
Actions secrets and Dependabot secrets for the version (e.g.GHES_312_BASE_URL
for GitHub Enterprise Server 3.12)
Our end-to-end tests cover exports from and imports to a number of GitHub Enterprise Server versions.
From time to time, you may need to update this token due to expiry or having reprovisioned the GitHub Enterprise Server instance.
To refresh the token and ensure an instance is ready:
- Create a new personal access token (PAT) with the
repo
,admin:org
,project
andsite_admin
scopes - Update the Actions and Dependabot secrets by running
npm run seed-github-enterprise-server-instance -- --ghes-access-token TOKEN --ghes-base-url https://ghes.acme.com/api/v3 --dotcom-access-token FOO
.