Skip to content

Repo sync #39304

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 2 commits into from
Jul 14, 2025
Merged

Repo sync #39304

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
ba78412
Clarify backup block device storage requirements (#56553)
ThatStoney Jul 14, 2025
6467e89
[Improvement]: Add a Note to Mention that IdP Connectivity (OIDC/SAML…
jusuchin85 Jul 14, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion ...e/backup-service-for-github-enterprise-server/configuring-the-backup-service.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ Before configuring the backup service, ensure you have:

To ensure reliable and performant backups, your storage must meet the following requirements:

* **Capacity:** Allocate at least five times the amount of storage used by your primary {% data variables.product.github %} appliance disk. This accounts for historical snapshots and future growth.
* **Capacity:** Allocate at least five times the amount of storage used by your primary {% data variables.product.github %} appliance data disk. This accounts for historical snapshots and future growth.
* **Filesystem support:** The backup service uses hard links for efficient storage, and your {% data variables.product.github %} instance uses symbolic links. The backup target must support both symbolic and hard links, and it must use a case-sensitive filesystem to prevent conflicts.

You can test whether your filesystem supports hardlinking symbolic links by running:
Expand Down
9 changes: 6 additions & 3 deletions ...erprise/restricting-network-traffic-to-your-enterprise-with-an-ip-allow-list.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,9 @@ redirect_from:

By default, authorized users can access your enterprise's resources from any IP address. You can restrict access to your enterprise's private resources by configuring a list that allows or denies access from specific IP addresses. {% data reusables.identity-and-permissions.ip-allow-lists-example-and-restrictions %}

> [!NOTE]
> If your enterprise uses {% data variables.product.prodname_emus %}, enabling the IP allow list does not restrict user provisioning actions performed through SAML/SCIM, OpenID Connect (OIDC) with Entra ID, or via REST API endpoints. For more information, see [AUTOTITLE](/admin/managing-iam/provisioning-user-accounts-with-scim).

If your enterprise uses {% data variables.product.prodname_emus %} with Microsoft Entra ID (previously known as Azure AD) and OIDC, you can choose whether to use {% data variables.product.company_short %}'s IP allow list feature or to use the allow list restrictions for your identity provider (IdP). If your enterprise does not use {% data variables.product.prodname_emus %} with Azure and OIDC, you can use {% data variables.product.company_short %}'s allow list feature.

{% data reusables.identity-and-permissions.ip-allow-lists-which-resources-are-protected %}
Expand Down Expand Up @@ -56,8 +59,8 @@ To ensure seamless use of the OIDC CAP while still applying the policy to OAuth
{% data reusables.enterprise-accounts.access-enterprise %}
{% data reusables.profile.org_settings %}
{% data reusables.organizations.security %}
1. If you're using {% data variables.product.prodname_emus %} with OIDC, under "IP allow list", select the **IP allow list configuration** dropdown menu and click **GitHub**.
1. Under "IP allow list", select **Enable IP allow list**.
1. If you're using {% data variables.product.prodname_emus %} with OIDC, under "IP allow list," select the **IP allow list configuration** dropdown menu and click **GitHub**.
1. Under "IP allow list," select **Enable IP allow list**.
1. Click **Save**.

### Adding an allowed IP address
Expand Down Expand Up @@ -119,7 +122,7 @@ To ensure seamless use of the OIDC CAP while still applying the policy to OAuth
{% data reusables.enterprise-accounts.access-enterprise %}
{% data reusables.profile.org_settings %}
{% data reusables.organizations.security %}
1. Under "IP allow list", select the **IP allow list configuration** dropdown menu and click **Identity Provider**.
1. Under "IP allow list," select the **IP allow list configuration** dropdown menu and click **Identity Provider**.
1. Optionally, to allow installed {% data variables.product.company_short %} and {% data variables.product.prodname_oauth_apps %} to access your enterprise from any IP address, select **Skip IdP check for applications**.
1. Click **Save**.

Expand Down
Loading