Merge branch 'main' into DOCSS-1842-automatic-step-reruns

Author: rosieyohannan

docs/guides/modules/ROOT/images/audit-log-stream-actions.png

@@ -421,6 +421,13 @@ a|  * GitLab: push, merge request
 | image:guides:ROOT:icons/check.svg[check icon, role="no-border"]
 | image:guides:ROOT:icons/cancel.svg[cancel icon, role="no-border"]
 
+| `pipeline.event.github.pull_request.merged`
+| GitHub App
+| Boolean
+| A boolean value indicating whether the pull request is has been merged. Only populated for pipelines triggered xref:guides:orchestrate:github-trigger-event-options.adoc#supported-trigger-options[by pull request events] (`pipeline.event.name = "pull_request"`).
+| image:guides:ROOT:icons/check.svg[check icon, role="no-border"]
+| image:guides:ROOT:icons/cancel.svg[cancel icon, role="no-border"]
+
 | `pipeline.deploy.component_name`
 | GitHub App
 | String

docs/guides/modules/ROOT/images/confirm-prerequisites.png

@@ -209,32 +209,32 @@ Anchors and aliases work for scalar values, but to save maps or sequences, use `
 
 ```yaml
 default: &default
-  school: hogwarts
+  category: Tea
 
-harry:
+hojicha:
   <<: *default
-  house: gryffindor
+  price: 3.95
 
-draco:
+matcha_latte:
   <<: *default
-  house: slytherin
+  price: 5.95
 ```
 
 You can also merge multiple maps.
 
 ```yaml
-name: &harry_name
-  first_name: Harry
-  last_name: Potter
-
-address: &harry_address
-  street: 4, Privet Drive
-  district: Little Whinging
-  county: Surrey
-  country: England
-
-harry_data:
-  <<: [*harry_name, *harry_address]
+name: &big_bird_alter_egos
+  ep_0246: Verybig Bird
+  ep_3161: Big Fish
+
+address: &big_bird_address
+  street: 123½ Sesame Street
+  city: New York
+  state: New York
+  country: United States
+
+big_bird_data:
+  <<: [*big_bird_alter_egos, *big_bird_address]
 ```
 
 **Note**: As mentioned in https://github.com/yaml/yaml/issues/35[a YAML repository issue], it is possible to merge maps, but not sequences (also called arrays or lists). For a more complex example, see https://gist.github.com/bowsersenior/979804[this gist].

docs/guides/modules/ROOT/images/connect-circleci-aws.png

@@ -113,6 +113,7 @@ workflows:
 
 * `pipeline.event.github.pull_request.title`: the title of the pull request.
 * `pipeline.event.github.pull_request.number`: the numeric identifier of the pull request.
+* `pipeline.event.github.pull_request.merged`: a boolean that indicates whether the PR was merged or not. 
 
 These values are extracted directly from the GitHub event payload. The part after prefix `pipeline.event.github.*` matches the corresponding field in the pull request event structure described in link:https://docs.github.com/en/webhooks/webhook-events-and-payloads#pull_request[the GitHub docs].
 

docs/guides/modules/ROOT/images/request-audit-log.png

@@ -32,7 +32,25 @@ Using SSO for authentication can result in improved security and user experience
 * Adding and deleting users.
 * Managing user permissions.
 
-**For a member of an organization using SSO for authentication:** The process of authentication to access applications is simplified. Rather than authenticating separately for each application, SAML SSO enables the user to confirm their identity _once_ with an IdP and that authentication is communicated to the applications (such as CircleCI) that the user has access to. The user may then access these applications for the duration of their session.
+**For a member of an organization using SSO for authentication:** The process of authentication to access applications is simplified. Rather than authenticating separately for each application, SAML SSO enables the user to confirm their identity _once_ with an IdP. This authentication is then communicated to all applications (such as CircleCI) that the user has access to. The user may then access these applications for the duration of their session.
+
+== Personal API tokens with SSO
+
+When your organization uses SSO, Personal API tokens require SSO authentication to access your organization's resources.
+
+To use Personal API tokens with SSO-protected resources:
+
+. Go to the link:https://app.circleci.com/home/[CircleCI web app].
+. Select your profile from the upper right corner, then select menu:User Settings[].
+. Select menu:Personal API Tokens[] from the sidebar.
+. For each token you want to use with your SSO-enabled organization, select the organization from the dropdown in the SSO column.
+. Once you select an organization, the token becomes SSO-authenticated and can access your organization's resources.
+
+**Important notes:**
+
+* The SSO authentication option for tokens is only available when you are actively signed in via SSO.
+* SSO authentication is only required for tokens you intend to use with SSO-enabled organization resources.
+* Tokens without SSO authentication still work with non-SSO protected resources.
 
 [#prerequisites-and-limitations]
 == Limitations
@@ -42,11 +60,6 @@ SSO for CircleCI currently has the following limitations:
 * SSO requires all users to log into CircleCI either with an email and password or using social logins like GitHub, Bitbucket prior to the SSO login. The email used to log in to CircleCI does *not* need to match the email used to authenticate with the IdP.
 * CircleCI supports SSO using one domain per organization.
 * When the user logs in using social logins like GitHub or Bitbucket, then they need to authorize SSO in the VCS org along with SSO setup in CircleCI.
-* Personal API tokens will not work against your organization after SSO is enabled. As a result **the following features are unavailable when using SSO**:
-** The CircleCI VS Code plugin will **not** work against your organization after SSO is enabled.
-** The CircleCI CLI will **not** work against your organization after SSO is enabled.
-** API v2 endpoints will **not** be accessible for your organization after SSO is enabled.
-** Config policies will **not** be usable/enforcable for your organization after SSO is enabled.
 
 
 [#next-steps]