Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.


Horizontal Navigation Bar
idGitHub Enterprise


Horizontal Navigation Bar Page
titleAbout


Column


Column
width5



Column

GitHub Enterprise provides next generation DevOps & Agile configuration management capabilities in support of the QualityNet mission. The application aggregates commonly required features for change and configuration management: project collaboration, issue tracking, modern GIT based version control, and documentation via wiki. For more information on these items please refer to the GitHub Enterprise website.


Column
width5




Horizontal Navigation Bar Page
titleGetting Started

Requesting GitHub Enterprise Access



Requesting Access to GitHub

Access to GitHub is controlled via HARP. Therefore a user must have a HARP account before they can request access to GitHub.

Step 1: If you do not have a HARP account or an EIDM or EUA account, register for a HARP ID. For instructions on the HARP registration process, refer to the HARP page.

Step 2: Once the HARP account has been created, log into HARP and request a QualityNet GitHub Enterprise Cloud(GHEC) entitlement via a HARP User Role. 

  • Select User Roles from the top of the page and select Request a Role.
  • Select QualityNet-Github Enterprise Cloud.
  • Select the Organization you would like access to for GitHub Enterprise.
  • Select a QualityNet GitHub user role (choose one)
    • GitHubCloud Admin
    • GitHubCloud Developer
    • GitHubCloud SO
  • Click the Submit button
  • Enter your reason for requesting the selected role in the Request Reason text field.
  • Click the Submit button

Step 3: The organization's Security Official reviews and approves/denies the user role request. You will be notified via email that your request has been submitted, and again when your role has been approved or denied.

Step 4: Log into GitHub Enterprise Cloud https://github.com/enterprises/cms-qnet-emu using your HARP credentials.

Requesting a New GitHub Organization (For onboarding team only)

(Use IT Services Catalog > SecDevOps > ADO Onboarding Request > GitHub Enterprise Onboarding Request Catalog Item)

Required Information:

    • Proposed name for the new GitHub organization

    • Names and IDs (HARP IDs) of the people to be assigned as Organization Owners

      • Org Owners are the super users / administrators of the Organization. Keep the number of Org Owners small.

    • A brief justification for the new GitHub Organization

      • EX: This new Org will be used by the <Your LOB> team. We want to keep our repos separated from other QNET repos and controlled via an Organization as opposed to using GitHub Teams within the overall QNET Organization.

 


Horizontal Navigation Bar Page
titleResources


Panel
borderColor#254b78
titleColorwhite
borderWidth1
titleBGColor#254b78
borderStylesolid
titleUser Resources


Panel
borderColor#254b78
titleColorwhite
borderWidth1
titleBGColor#254b78
borderStylesolid
titleSecurity Guidelines




Horizontal Navigation Bar Page
titleFAQs

FAQs



Anchor
General
General

Panel
borderColor#254b78
titleColorwhite
borderWidth1
titleBGColor#254b78
borderStylesolid
titleGeneral


Expand
titleWho is the typical GitHub User?

Any Application Development Organization (ADO) employee that is part of their enterprise software development team.











Panel
borderColor#254b78
titleColorwhite
borderWidth1
titleBGColor#254b78
borderStylesolid
titleAccess



Expand
titleWhat types of organizations are granted access to GitHub?

GitHub Enterprise is available to all QualityNet Application Development Organizations (ADOs).


Expand
titleWhich GitHub Organization User Role should I choose?

There are four GitHub Organization User Roles. Most users will request the GitHub-Developer User role, but a description of all roles is provided below:

  • GitHub-SO: Designated for Security Officials responsible for approvals of each GitHub Organization. Request this role only if you have been designated as a Security Official.
  • Read Only (I don’t work for this organization): Provides Ready Only access to another ADO’s GitHub Organization.
  • GitHub-Admin: Designated for Admins (Organization Owners) responsible for GitHub Organization administration and assisting GitHub Organization users.
  • GitHub-Developer: Most common GitHub Organization role as GitHub supports the ADO development community.


Expand
titleIf the contract that I am supporting has two GitHub Organizations and I want access to both, do I need to submit two separate requests?

Yes, to obtain access to both ADO GitHub Organizations, you are required to submit HARP GitHub User requests for each.


Expand
titleWhy am I receiving a 403 error when attempting to sign into GitHub with my HARP credentials?

To successfully authenticate in GitHub with your HARP credentials, the Security Official must approve your GitHub Role request. The 403 error occurs when a GitHub user request has not been approved.


Expand
titleCan I request Read Only access to another ADO’s GitHub Organization?

Yes, but you are required to select the contract you are currently supporting, enter a reason for your request to access the ADO GitHub Organization and your request will need to be approved by the ADO Security Official.






Section




Anchor
Working
Working


Panel
borderColor#254b78
titleColor#ffffff
borderWidth1
titleBGColor#254b78
borderStylesolid
titleWorking in GitHub Enterprise


Expand
titleIs there a limit on the per file size that can be uploaded to GitHub?

The maximum size of Git objects that can be pushed to repositories on this appliance is 100MB per file (25MB if adding a file via a web browser). Allowing large objects to be pushed into Git can degrade performance. Consider other options such as using Nexus Repository Manager to store dependencies, artifacts and other large objects.


Expand
titleWhy are my Webhooks are failing to deliver payload

Only members with owner privileges for an organization or admin privileges for a repository can manage webhooks for an organization. For more information, see "Permission levels for an organization."

Chances are the account that you used to create the webhook token does not have Org Owner privileges in GitHub. Ensure that the account with which the token was created has these privileges. Use these credentials in the Jenkins Master Global configuration → GitHub Webhooks section and re-register the webhooks. Now, go to your repository and re-deliver the payload. This should fix the issue.

For help on configuring webhooks see About Webhooks in the GitHub Help documentation.

For help on building a webhook, including a full list of actions you can associate with, see "Webhooks" in the GitHub Developer documentation.


Expand
titleCan I delete a GitHub repository?

Users are not able to delete GitHub repositories. 

If you are absolutely certain that a repository belonging to you or your organization needs to be deleted, please submit a ServiceNow RITM and assign it to ESSII Build-DEVOPS.  After the ticket is created, please send an email to ESS_Devsecops_Team@ventera.com with the ticket number and a confirmation from you to delete the specified repository.

Once a repository is deleted from GitHub, it cannot be restored. 

Repositories containing tags/releases that have been deployed should be archived rather than be deleted.


Expand
titleWhat is the difference between a branch and a tag?

A branch is a separate line of development that is “branched” from the Master branch.

A tag represents a version of a particular branch at a moment in time.

  • While branches can be updated, a tag cannot
  • A tag may not necessarily include all of the changes made in a branch
  • From the GitHub web interface perspective, a tag is the same as a release
  • Tags can also be created from the Git command line and then pushed to GHE








 



Panel
borderColor#254b78
titleColorwhite
borderWidth1
titleBGColor#254b78
borderStylesolid
titleNeed Help ?

Please contact one of the following:

  • Find us on Slack #help-devsecops. Slack is monitored Monday through Friday, 8:00am - 6:00pm.

  • For assistance with HARP, please contact the CCSQ Service Center at: 

    Phone: (866) 288-8914 (TRS:711)

    Slack: #help-service-center-sos

    Email: ServiceCenterSOS@cms.hhs.gov

    Hours of Operation: 24/7



...