{"meta":{"title":"Supplemental arguments and settings","intro":"GitHub Actions Importer has several supplemental arguments and settings to tailor the migration process to your needs.","product":"GitHub Actions","breadcrumbs":[{"href":"/en/actions","title":"GitHub Actions"},{"href":"/en/actions/reference","title":"Reference"},{"href":"/en/actions/reference/github-actions-importer","title":"GitHub Actions Importer"},{"href":"/en/actions/reference/github-actions-importer/supplemental-arguments-and-settings","title":"Supplemental arguments and settings"}],"documentType":"article"},"body":"# Supplemental arguments and settings\n\nGitHub Actions Importer has several supplemental arguments and settings to tailor the migration process to your needs.\n\nThis article provides general information for configuring GitHub Actions Importer's supplemental arguments and settings, such as optional parameters, path arguments, and network settings.\n\n## Optional parameters\n\nGitHub Actions Importer has several optional parameters that you can use to customize the migration process.\n\n### Limiting allowed actions\n\nThe following options can be used to limit which actions are allowed in converted workflows. When used in combination, these options expand the list of allowed actions. If none of these options are supplied, then all actions are allowed.\n\n* `--allowed-actions` specifies a list of actions to allow in converted workflows. Wildcards are supported. Any other actions other than those provided will be disallowed.\n\n  For example:\n\n  ```shell\n  --allowed-actions actions/checkout@v6 actions/upload-artifact@* my-org/*\n  ```\n\n  You can provide an empty list to disallow all actions. For example, `--allowed-actions=`.\n\n* `--allow-verified-actions` specifies that all actions from verified creators are allowed.\n\n* `--allow-github-created-actions` specifies that actions published from the `github` or `actions` organizations are allowed.\n\n  For example, such actions include `github/super-linter` and `actions/checkout`.\n\n  This option is equivalent to `--allowed-actions actions/* github/*`.\n\n### Using a credentials file for authentication\n\nThe `--credentials-file` parameter specifies the path to a file containing credentials for different servers that GitHub Actions Importer can authenticate to. This is useful when build scripts (such as `.travis.yml` or `jenkinsfile`) are stored in multiple GitHub Enterprise Server instances.\n\nA credentials file must be a YAML file containing a list of server and access token combinations. GitHub Actions Importer uses the credentials for the URL that most closely matches the network request being made.\n\nFor example:\n\n```yaml\n- url: https://github.com\n  access_token: ghp_mygeneraltoken\n- url: https://github.com/specific_org/\n  access_token: ghp_myorgspecifictoken\n- url: https://jenkins.org\n  access_token: abc123\n  username: marty_mcfly\n```\n\nFor the above credentials file, GitHub Actions Importer uses the access token `ghp_mygeneraltoken` to authenticate all network requests to `https://github.com`, _unless_ the network request is for a repository in the `specific_org` organization. In that case, the `ghp_myorgspecifictoken` token is used to authenticate instead.\n\n#### Alternative source code providers\n\nGitHub Actions Importer can automatically fetch source code from non-GitHub repositories. A credentials file can specify the `provider`, the provider URL, and the credentials needed to retrieve the source code.\n\nFor example:\n\n```yaml\n- url: https://gitlab.com\n  access_token: super_secret_token\n  provider: gitlab\n```\n\nFor the above example, GitHub Actions Importer uses the token `super_secret_token` to retrieve any source code that is hosted on `https://gitlab.com`.\n\nSupported values for `provider` are:\n\n* `github` (default)\n* `gitlab`\n* `bitbucket_server`\n* `azure_devops`\n\n### Controlling optional features\n\nYou can use the `--features` option to limit the features used in workflows that GitHub Actions Importer creates. This is useful for excluding newer GitHub Actions syntax from workflows when migrating to an older GitHub Enterprise Server instance. When using the `--features` option, you must specify the version of GitHub Enterprise Server that you are migrating to.\n\nFor example:\n\n```shell\ngh actions-importer dry-run ... --features ghes-3.3\n```\n\nThe supported values for `--features` are:\n\n* `all` (default value)\n* `ghes-latest`\n* `ghes-<number>`, where `<number>` is the version of GitHub Enterprise Server, `3.0` or later. For example, `ghes-3.3`.\n\nYou can view the list of available feature flags by GitHub Actions Importer by running the `list-features` command. For example:\n\n```shell copy\ngh actions-importer list-features\n```\n\nYou should see an output similar to the following.\n\n<!-- markdownlint-disable search-replace -->\n\n```shell\nAvailable feature flags:\n\nactions/cache (disabled):\n        Control usage of actions/cache inside of workflows. Outputs a comment if not enabled.\n        GitHub Enterprise Server >= ghes-3.5 required.\n\ncomposite-actions (enabled):\n        Minimizes resulting workflow complexity through the use of composite actions. See https://docs.github.com/en/actions/creating-actions/creating-a-composite-action for more information.\n        GitHub Enterprise Server >= ghes-3.4 required.\n\nreusable-workflows (disabled):\n        Avoid duplication by re-using existing workflows. See https://docs.github.com/en/actions/using-workflows/reusing-workflows for more information.\n        GitHub Enterprise Server >= ghes-3.4 required.\n\nworkflow-concurrency-option-allowed (enabled):\n        Allows the use of the `concurrency` option in workflows. See https://docs.github.com/en/actions/reference/workflow-syntax-for-github-actions#concurrency for more information.\n        GitHub Enterprise Server >= ghes-3.2 required.\n\nEnable features by passing --enable-features feature-1 feature-2\nDisable features by passing --disable-features feature-1 feature-2\n```\n\n<!-- markdownlint-enable search-replace -->\n\nTo toggle feature flags, you can use either of the following methods:\n* Use the `--enable-features` and `--disable-features` options when running a `gh actions-importer` command.\n* Use an environment variable for each feature flag.\n\nYou can use the `--enable-features` and `--disable-features` options to select specific features to enable or disable for the duration of the command.\nFor example, the following command disables use of `actions/cache` and `composite-actions`:\n\n```shell\ngh actions-importer dry-run ... --disable-features=composite-actions actions/cache\n```\n\nYou can use the `configure --features` command to interactively configure feature flags and automatically write them to your environment:\n\n```shell\n$ gh actions-importer configure --features\n\n✔ Which features would you like to configure?: actions/cache, reusable-workflows\n✔ actions/cache (disabled): Enable\n? reusable-workflows (disabled):\n› Enable\n  Disable\n```\n\n### Disabling network response caching\n\nBy default, GitHub Actions Importer caches responses from network requests to reduce network load and reduce run time. You can use the `--no-http-cache` option to disable the network cache. For example:\n\n```shell\ngh actions-importer forecast ... --no-http-cache\n```\n\n## Path arguments\n\nWhen running GitHub Actions Importer, path arguments are relative to the container's disk, so absolute paths relative to the container's host machine are not supported. When GitHub Actions Importer is run, the container's `/data` directory is mounted to the directory where GitHub Actions Importer is run.\n\nFor example, the following command, when used in the `/Users/mona` directory, outputs the GitHub Actions Importer audit summary to the `/Users/mona/out` directory:\n\n```shell\ngh actions-importer audit --output-dir /data/out\n```\n\n## Using a proxy\n\nTo access servers that are configured with a HTTP proxy, you must set the following environment variables with the proxy's URL:\n\n* `OCTOKIT_PROXY`: for any GitHub server.\n* `HTTP_PROXY` (or `HTTPS_PROXY`): for any other servers.\n\nFor example:\n\n```shell\nexport OCTOKIT_PROXY=https://proxy.example.com:8443\nexport HTTPS_PROXY=$OCTOKIT_PROXY\n```\n\nIf the proxy requires authentication, a username and password must be included in the proxy URL. For example, `https://username:password@proxy.url:port`.\n\n## Disabling SSL certificate verification\n\nBy default, GitHub Actions Importer verifies SSL certificates when making network requests. You can disable SSL certificate verification with the `--no-ssl-verify` option. For example:\n\n```shell\ngh actions-importer audit --output-dir ./output --no-ssl-verify\n```\n\n## Legal notice\n\nPortions have been adapted from https://github.com/github/gh-actions-importer/ under the MIT license:\n\n```text\nMIT License\n\nCopyright (c) 2022 GitHub\n\nPermission is hereby granted, free of charge, to any person obtaining a copy\nof this software and associated documentation files (the \"Software\"), to deal\nin the Software without restriction, including without limitation the rights\nto use, copy, modify, merge, publish, distribute, sublicense, and/or sell\ncopies of the Software, and to permit persons to whom the Software is\nfurnished to do so, subject to the following conditions:\n\nThe above copyright notice and this permission notice shall be included in all\ncopies or substantial portions of the Software.\n\nTHE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR\nIMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,\nFITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE\nAUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER\nLIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,\nOUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE\nSOFTWARE.\n```"}