GitHub user access

Every application in the VIP Platform has a dedicated GitHub repository for code development and deploy. The customer will nominate the initial user(s) to be added to their newly created GitHub repository, and a member of VIP will add those users to the GitHub repository with Admin permissions.

Thereafter, the GitHub users with Admin access are responsible for adding, removing, and managing all other users. For this reason, it is recommended that a wpcomvip GitHub repository has at least one primary administrator for user management. Having more than one GitHub administrator is recommended, in case one of them is unavailable to handle user management requests.

If an error is encountered (e.g. no remaining seats or other errors) when attempting to add new users, reach out to VIP Support for assistance.

Security best practices for user access

Primary administrators are empowered to add additional administrators as they see fit while following security best practices.

When adding new users to the repository:

• Review the full description of every permission level in GitHub’s documentation.
• Minimize the number of users added to the repository with Admin permissions. Try to add users with Read or Write permissions as required.
• Users who will be committing code to the repository need Write access.
• There is no limit to the number of GitHub users from an organization, development team, or agency that can be added to an application’s wpcomvip GitHub repository. As a governance best practice, Github users with access to the application repository should be audited regularly by the customer.