A dedicated GitHub repository within the wpcomvip GitHub organization is created for every application on VIP. The customer will nominate the initial user(s) to be added to their newly created application repository. A member of VIP will grant those users with Admin access to the GitHub repository.
Thereafter, the GitHub users with Admin access are responsible for adding, removing, and managing all other users. For this reason, it is recommended that a wpcomvip GitHub repository has at least one primary administrator for user management. Having more than one GitHub administrator is recommended, in case one of them is unavailable to handle user management requests.
Primary administrators are empowered to add additional administrators as they see fit while following security best practices.
When adding new users to the repository:
- Review the full description of every permission level in GitHub’s documentation.
- Minimize the number of users added to the repository with Admin permissions. Try to add users with Read or Write permissions as required.
- Users who will be committing code to the repository need Write access.
- There is no limit to the number of GitHub users from an organization, development team, or agency that can be added to an application’s wpcomvip GitHub repository. As a governance best practice, Github users with access to the application repository should be audited regularly by the customer.
Last updated: January 05, 2023