Setup GitHub Repo - bcgov/common-service-showcase GitHub Wiki
GitHub Repo Setup
In order to set up a high quality GitHub repository, ensure that the following guidelines are considered and implemented.
Create
- You will require a GitHub User in the BCGov organization who can create new repos.
- You will need to create a generic collaborator account (i.e.
bcgov-nr-csst
). It will be used to manage the repository, as well as act as a handle for CI/CD reporting.- Your CI/CD chain will require an access token to that generic account. On that account, go into Settings, then Developer settings and look for Personal access tokens. You will need to Generate a new token named
nr-csst-jenkins
with the following permissions (and their respective children permissions):- repo
- admin:repo_hook
- user
- Note: You will only be able to see the generated token once. Make sure you save it or you will need to regenerate it if it is lost!
- Your CI/CD chain will require an access token to that generic account. On that account, go into Settings, then Developer settings and look for Personal access tokens. You will need to Generate a new token named
- Create the repo with a descriptive name and select a LICENSE. Choose to auto create readme.
Grant Access
- Add all human collaborators with "write" access
- Add the generic collaborator account with "admin" access (use a generic team github account such as
bcgov-nr-csst
- Login to github as your generic team account such as
bcgov-nr-csst
and accept the invitation to collaborate
Add Starter Files
- Prime the repository with the following standard files
File | Example |
---|---|
CONTRIBUTING.md | Sample |
CODE-OF-CONDUCT.md | Sample |
LICENSE | Guidelines |
README.md | Sample |
.editorconfig | Sample |
.gitignore | Templates |
.gitattributes | Sample |
_config.yml | Sample |
- Create a
pull_request_template.md
in the .github folder (Sample) - Setup the Issue Templates in the .github folder (Sample)
Make it Transparent
- Enable the GitHub Wiki for documentation that you want to publish but not version
- Turn on GitHub Pages pointing to the main readme
After Development Begins
- Setup any needed webhooks under Settings --> Webhooks. You will not need to do anything if you are using BCDevOps/jenkins-pipeline-shared-lib as the webhooks will be created for you automatically.
- Under Settings --> Security Alerts, select users to be given access to the security tab
- In the Security tab, consider enabling the Automated security fixes in the top right dropdown menu
Protect Your Code
By adding protections to the codebase, this will prevent any direct commits or PR merges into master
unless all required CI/CD stages are reporting a pass AND the PR has at least one explicit approval review from the team. This type of gatekeeping helps ensure that code quality is maintained.
This step assumes you have set already set up a PR based pipeline which will report back to Github the pipeline stages.
- Setup branch protection rules under Settings --> Branches and adding a new rule
- Set the branch name pattern to
master
or whatever your main branch will be- Require pull request reviews before merging
- Require status checks to pass before merging
- Select the stages that you will want to require passing. Refer to your pipeline for details.
- Set the branch name pattern to