GitHub repository

Every WordPress and Node.js application hosted on WordPress VIP is supplied with its own GitHub repository within the wpcomvip GitHub organization. The URL for the application’s GitHub repository is typically the wpcomvip GitHub URL followed by a slug version of the application’s name. For example, the repository URL for an application named “My New Application” will likely be:
https://github.com/wpcomvip/my-new-application

• For WordPress applications, the GitHub repository is initialized as a fork of the vip-go-skeleton repository. Any code pushed to the WordPress application’s repository in a GitHub pull request is analyzed by the VIP Code Analysis Bot (the Bot) for code quality and security. VIP strongly recommends enabling required status checks to ensure that no pull requests can be merged unless all issues detected by the Bot have been resolved where appropriate. 
• For Node.js applications, the Github repository is initialized as a fork of the vip-go-node-skeleton repository. Any code pushed to the Node.js repository in a GitHub pull request can be analyzed by Harmonia for pre-deploy testing and validation.

Once an application’s repository is created, it is ready to be used for development.

Code in a wpcomvip GitHub repository only deploys to a VIP Platform environment when the Default Deployment method is enabled for the environment. Code developed in a version control system outside of an application’s wpcomvip GitHub repository can be deployed to the environment when the Custom Deployment method is enabled.

A wpcomvip GitHub repository associated with a customer organization can deploy to more than one of their applications. Create a VIP Support request if this configuration is desired.

Limitations

The wpcomvip GitHub repository is owned by the WordPress VIP organization. As a result, there are limitations on how it can be used.

• As a security control, GitHub and OAuth Apps cannot be added to these repositories.
• At this time, GitHub Actions are only available for use by FedRAMP customers.
• By default, this repository is private but can be public if desired.
• A repository slug can only be used once within the wpcomvip organization. As a result, it is possible that the desired slug for an application’s repository is not available to new customers and an alternate will need to be found.

User access

Customers are responsible for managing GitHub user access for their team members.

For increased security, access for VIP team members to an application’s GitHub repository is restricted and managed via GitHub teams. The following VIP GitHub teams will appear in a repository’s “Collaborators and teams” access list and must not be removed:

• VIP
• VIP (Read)
• VIP Temporary – vip-wordpress-com (Admin)
• VIP Temporary – vip-wordpress-com (Read)