-
Notifications
You must be signed in to change notification settings - Fork 110
Checklist for new repositories
Bret Mogilefsky edited this page Sep 25, 2020
·
1 revision
Before we put a new repository into production:
- The repository should be in the GSA organization
- The repository should have a reasonable name. Historically our repositories start with
datagov-
, but no special prefix is required if the repository holds code useful for other programs and teams. -
Add
LICENSE
,CONTRIBUTING
, andREADME
files (to support open source reuse of our work). - Configure a protected main branch (CM-9).
- Enable "Require pull request reviews before merging"
- Enable "Dismiss stale pull request approvals when new commits are pushed"
- Enable "Require status checks to pass before merging"
- Enable "Require branches to be up to date before merging"
- Enable "Include administrators"
- Configure permissions (CM-3):
-
Admin
for@tts-admins
. -
Admin
for@data-gov-admin
. -
Write
for@data-gov-support
. -
Read
for@data-gov-team
. - Avoid granting permissions to individuals whenever possible so that team changes are reflected across all of our repositories.
-
- Set up CI/CD for changes (CM-3)
- Set up for static code analysis using Snyk if it's a code or configuration repo.