-
Notifications
You must be signed in to change notification settings - Fork 10
Setup GitHub Repo
Tim Csaky edited this page Apr 2, 2020
·
9 revisions
In order to set up a high quality GitHub repository, ensure that the following guidelines are considered and implemented.
- You will require a GitHub User in the BCGov organization who can create new repos.
- You will need to create a generic collaborator account (i.e.
bcgov-nr-csst). It will be used to manage the repository, as well as act as a handle for CI/CD reporting.- Your CI/CD chain will require an access token to that generic account. On that account, go into Settings, then Developer settings and look for Personal access tokens. You will need to Generate a new token named
nr-csst-jenkinswith the following permissions (and their respective children permissions):- repo
- admin:repo_hook
- user
- Note: You will only be able to see the generated token once. Make sure you save it or you will need to regenerate it if it is lost!
- Your CI/CD chain will require an access token to that generic account. On that account, go into Settings, then Developer settings and look for Personal access tokens. You will need to Generate a new token named
- Create the repo with a descriptive name and select a LICENSE. Choose to auto create readme.
- Add all human collaborators with "write" access
- Add the generic collaborator account with "admin" access (use a generic team github account such as
bcgov-nr-csst - Login to github as your generic team account such as
bcgov-nr-csstand accept the invitation to collaborate
- Prime the repository with the following standard files
| File | Example |
|---|---|
| CONTRIBUTING.md | Sample |
| CODE-OF-CONDUCT.md | Sample |
| LICENSE | Guidelines |
| README.md | Sample |
| .editorconfig | Sample |
| .gitignore | Templates |
| .gitattributes | Sample |
| _config.yml | Sample |
- Create a
pull_request_template.mdin the .github folder (Sample) - Setup the Issue Templates in the .github folder (Sample)
- Enable the GitHub Wiki for documentation that you want to publish but not version
- Turn on GitHub Pages pointing to the main readme
- Setup any needed webhooks under Settings --> Webhooks. You will not need to do anything if you are using BCDevOps/jenkins-pipeline-shared-lib as the webhooks will be created for you automatically.
- Under Settings --> Security Alerts, select users to be given access to the security tab
- In the Security tab, consider enabling the Automated security fixes in the top right dropdown menu
By adding protections to the codebase, this will prevent any direct commits or PR merges into master unless all required CI/CD stages are reporting a pass AND the PR has at least one explicit approval review from the team. This type of gatekeeping helps ensure that code quality is maintained.
This step assumes you have set already set up a PR based pipeline which will report back to Github the pipeline stages.
- Setup branch protection rules under Settings --> Branches and adding a new rule
- Set the branch name pattern to
masteror whatever your main branch will be- Require pull request reviews before merging
- Require status checks to pass before merging
- Select the stages that you will want to require passing. Refer to your pipeline for details.
- Set the branch name pattern to
Return Home
- Home
- Common Services
- Authentication
- Authorization
- Data Persistence
- Developer Resources
- Observability
- Operations
- Research
- Testing
- Acronyms and Terms