Skip to content

Latest commit

 

History

History
243 lines (165 loc) · 12 KB

github-gitlab.md

File metadata and controls

243 lines (165 loc) · 12 KB
title description layout category subcategory cspell redirect_from
GitHub & GitLab
Team code repos, permissions, notification strategies
article
Development
Code
ignore omniauth
/articles/github.html

Repositories

View a list of all repositories tagged for Login.gov.

Some repositories in GitHub are mirrored from our self-hosted GitLab.

Applications

Libraries

  • 18f/identity-hostdata Gem that provides functionality for our Ruby applications on our EC2 infrastructure to download secrets and read configs.

  • 18f/identity-logging Gem that sets up common log formatting and configuration for Rails applications

  • 18F/omniauth_login_dot_gov Provides an Omniauth strategy for Login.gov that helps other projects integrate with Login.gov more easily. Some use cases include the identity-dashboard as well as Touchpoints, USMC and search.gov

  • 18f/identity-validations Gem that provides shared validations for the ServiceProvider model across the IdP and dashboard

  • 18f/identity-telephony{: .deprecated-link} (Archived) Gem that provides a common interface for voice and SMS features across multiple vendor backends. This code has been moved into the IdP codebase.

  • 18f/identity-doc-auth{: .deprecated-link} (Archived) Provides a library for performing document authentication. This code has been moved into the IdP codebase.

  • 18f/identity-proofer-gem{: .deprecated-link} (Archived) Provides a generic interface around identity proofing (IDV, identity verification) that is implemented by other proofers. This code has been moved into the IdP codebase.

  • 18f/identity-lexisnexis-api-client-gem{: .deprecated-link} (Archived) Implementation of the identity-proofer interface for LexisNexis. This code has been moved into the IdP codebase.

  • 18f/identity-aamva-api-client-gem{: .deprecated-link} (Archived) Implementation of the identity-proofer interface for AAMVA for drivers licenses. This code has been moved into the IdP codebase.

Example Applications

Platform and Infrastructure

Design

  • 18f/identity-design-assets A place for the Login.gov design team to version and store design assets (illustrations, sketch files, etc.)

Static Sites

Permissions

Requesting Access

To request access to GitHub:

  1. Set up GitHub account per TTS GitHub guidelines
  2. Join the #admins-github Slack channel
  3. Tag @github-admins-login and request to add your GitHub username to the following teams/orgs:
    1. 18f/identity-core
    2. GSA-TTS/identity-core

Repository Permissions

All Login.gov repos should have the following permissions. They can be changed by a current admin under "Settings" > "Manage Access" in GitHub.

Group Name Role Applicable Orgs
identity-admins Admin 18f, GSA-TTS
identity-core Write 18f, GSA-TTS
identity-partners Read 18f
identity-ro Read 18f

We should not have any individual access, only team access.

Repository Permissions Screenshot

Workflows

Signed Commits

Repositories hosted in the GSA-TTS org on GitHub (the mostly static sites) require signed commits. See GitHub's documentation on configuring git to sign commits.

We strongly recommend that you configure git to automatically sign commits (so you don't have to add -S to every commit)

  • The default settings for GPG only prompt for a password once every 10 minutes

  • You can set this up globally or per-repo (locally)

  • To verify that the signing has been enabled, in either your ~/.gitconfig (global) or the .git/config in each repository (local), check for these values:

    [commit]
            gpgsign = true
    [user]
            signingkey = <<YOUR ID HERE>>
    

Email Notifications and Filters

Default settings for GitHub can generate a lot of email that can be tough to sift through. Here are some strategies for helping manage these notifications:

  1. Create Gmail filters to help highlight mentions:

    • A filter to get emails out of the Inbox

      list:18F.github.com OR list:gsa-tts.github.com
      Skip Inbox, Apply label: github

    • A mentions/me filter to highlight Pull Requests you're participating in (such as being tagged as a reviewer)

      from:notifications@github.com to:me
      Apply label: github-me

    Example:

    Gmail GitHub filters

  2. In GitHub, only have notifications on for repositories you care about (unwatch all others). The 18F org has many repos that do not affect Login.gov. For example, set up "All Activity" for identity- repos, and "Participating" for all others.

    Key Repositories Other Repositories
    All Activity Participating

Running CI Outside of a Pull Request

Engineers may want to run CI before submitting their code for review. For example, this can be a helpful way to check that all tests pass. To run CI on a branch without creating a pull request:

  1. Push the up to date branch to GitHub
  2. Navigate to https://gitlab.login.gov/lg/identity-idp/-/pipelines/new
  3. In the drop-down below Run for branch name or tag, select the branch for which you'd like to run CI

Sharing Work With Other Engineers

Engineers might want to share work with other engineers, such as before starting a pairing session. To share work without creating a PR, consider using GitHub's "compare" feature.

  1. Push the up to date branch to GitHub
  2. From the repo's home page, select the branch
  3. Click "Contribute" and select the left button, "Compare" Screenshot highlighting "Compare Branch" button
  4. Share the resulting url, eg https://github.com/18F/identity-idp/compare/branch-name-goes-here, with your fellow engineer.

Additionally, you can use a script like git-cmp that allows you to generate github compare urls from local branches.

Code Reviews

See [Pull Request Review]({% link _articles/pull-request-review.md %})