diff --git a/.github/workflows/workflow.yml b/.github/workflows/workflow.yml new file mode 100644 index 0000000..09f0379 --- /dev/null +++ b/.github/workflows/workflow.yml @@ -0,0 +1,27 @@ +--- +name: Devops repository workflow + +on: + pull_request: + types: + - opened + - closed + - synchronize + +jobs: + markdown-check: + uses: + ai-cfia/github-workflows/.github/workflows/workflow-markdown-check.yml@main + + yaml-check: + uses: + ai-cfia/github-workflows/.github/workflows/workflow-yaml-check.yml@main + + sh-check: + uses: + ai-cfia/github-workflows/.github/workflows/workflow-sh-check.yml@main + + repo-standard: + uses: + ai-cfia/github-workflows/.github/workflows/workflow-repo-standards-validation.yml@main + secrets: inherit diff --git a/README.md b/README.md index 12cd05b..088fb7d 100644 --- a/README.md +++ b/README.md @@ -1,12 +1,19 @@ # DevOps Repository for AI-CFIA -This repository contains scripts, configurations, and documentation related to the DevOps practices at AI-CFIA. It's designed to help team members set up, deploy, and manage applications on various platforms. +This repository contains scripts, configurations, and documentation related to +the DevOps practices at AI-CFIA. It's designed to help team members set up, +deploy, and manage applications on various platforms. ## Contents -- **GCP Setup**: This section houses automation scripts crafted to simplify the GCP setup. It encompasses tasks such as initiating a new project, associating a billing account, orchestrating an artifact repository, and establishing a service account. Comprehensive documentation is included, ensuring you have all the guidance needed to execute the script. +- **GCP Setup**: This section houses automation scripts crafted to simplify the + GCP setup. It encompasses tasks such as initiating a new project, associating + a billing account, orchestrating an artifact repository, and establishing a + service account. Comprehensive documentation is included, ensuring you have + all the guidance needed to execute the script. -- **GitHub Repository Creation Guide**: This guide will show you how to create a new repository to conform to the CFIA's standards. +- **GitHub Repository Creation Guide**: This guide will show you how to create a + new repository to conform to the CFIA's standards. ## Getting Started @@ -16,4 +23,5 @@ This repository contains scripts, configurations, and documentation related to t ## Related Repositories -- [Dev-Rel-Docs](https://github.com/ai-cfia/dev-rel-docs): Contains introduction files and documentation related to developer relations at AI-CFIA. +- [Dev-Rel-Docs](https://github.com/ai-cfia/dev-rel-docs): Contains introduction + files and documentation related to developer relations at AI-CFIA. diff --git a/TESTING.md b/TESTING.md new file mode 100644 index 0000000..e69de29 diff --git a/gcp-setup-script/gcp-project-setup-guide.md b/gcp-setup-script/gcp-project-setup-guide.md index 0d42dc8..98b1112 100644 --- a/gcp-setup-script/gcp-project-setup-guide.md +++ b/gcp-setup-script/gcp-project-setup-guide.md @@ -1,32 +1,47 @@ # GCP Project Setup Guide -This guide provides a step-by-step process to set up a Google Cloud Platform (GCP) project using the provided automation script. The script will help you create a new GCP project, link a billing account, set up an artifact repository, and configure a service account. +This guide provides a step-by-step process to set up a Google Cloud Platform +(GCP) project using the provided automation script. The script will help you +create a new GCP project, link a billing account, set up an artifact repository, +and configure a service account. ## Environment Variables Explanation Before running the script, it's essential to understand the variables used: -- `PROJECT_ID` : The Google Cloud Platform project ID. This ID will be used to uniquely identify your project on GCP. +- `PROJECT_ID` : The Google Cloud Platform project ID. This ID will be used to + uniquely identify your project on GCP. -- `BILLING_ACCOUNT_ID` : Your GCP Billing Account ID. You can find this on the GCP Console under "Billing". +- `BILLING_ACCOUNT_ID` : Your GCP Billing Account ID. You can find this on the + GCP Console under "Billing". - `REPO_NAME` : Choose a name for your Docker repository. -- `REGION` : Specify the Google Cloud region where you want to set up your repository. +- `REGION` : Specify the Google Cloud region where you want to set up your + repository. -- `DESCRIPTION` (Optional) : Provide a description of the Docker repository for reference. +- `DESCRIPTION` (Optional) : Provide a description of the Docker repository for + reference. - `SA_NAME` : Set a name for your service account. - `SA_DISPLAY_NAME` : Set a display name for the service account. -- `FILE_NAME.json` : Choose a name for the JSON key file. This will be used to store the credentials for the service account. +- `FILE_NAME.json` : Choose a name for the JSON key file. This will be used to + store the credentials for the service account. -- `SA_NAME@$PROJECT_ID.iam.gserviceaccount.com` : The email address format of your service account. This is constructed using the `$SA_NAME` and `$PROJECT_ID` variables. +- `SA_NAME@$PROJECT_ID.iam.gserviceaccount.com` : The email address format of + your service account. This is constructed using the `$SA_NAME` and + `$PROJECT_ID` variables. -- `ROLE` : The role you want to assign to the service account. The script will iterate over a predefined set of roles and assign them to the service account. +- `ROLE` : The role you want to assign to the service account. The script will + iterate over a predefined set of roles and assign them to the service account. -**Note** : The roles set by the script are the minimum required to build and deploy the application. These roles have been chosen to ensure the least privilege principle while allowing the necessary operations. If you need additional permissions or roles, you can add them to the service account after running the script. +**Note** : The roles set by the script are the minimum required to build and +deploy the application. These roles have been chosen to ensure the least +privilege principle while allowing the necessary operations. If you need +additional permissions or roles, you can add them to the service account after +running the script. ## Deployment Steps @@ -35,13 +50,15 @@ Before running the script, it's essential to understand the variables used: 3. Make the script executable with the command `chmod +x gcp_project_setup.sh`. 4. Run the script using `./gcp_project_setup.sh`. -**Note** : The script name `gcp_project_setup.sh` is just an example, you can decide to call the script whatever fits you best. +**Note** : The script name `gcp_project_setup.sh` is just an example, you can +decide to call the script whatever fits you best. ## Adding A Role -If you wish to add a role to your service account, you will need to find the exact role of that name which you can find [here](https://cloud.google.com/iam/docs/understanding-roles), +If you wish to add a role to your service account, you will need to find the +exact role of that name which you can find +[here](https://cloud.google.com/iam/docs/understanding-roles), 1. Set the variable as your role ROLE="ROLE_NAME" -2. Run the command -`gcloud projects add-iam-policy-binding $PROJECT_ID \ +2. Run the command `gcloud projects add-iam-policy-binding $PROJECT_ID \ --member="serviceAccount:$SA_NAME@$PROJECT_ID.iam.gserviceaccount.com" \--role=$ROLE` diff --git a/gcp-setup-script/gcp-project-setup.sh b/gcp-setup-script/gcp-project-setup.sh index 5d78759..ec06012 100755 --- a/gcp-setup-script/gcp-project-setup.sh +++ b/gcp-setup-script/gcp-project-setup.sh @@ -7,36 +7,45 @@ prompt_until_input() { local user_input while true; do - echo -n "$prompt_message" - read user_input - if [[ -n "$user_input" ]]; then + echo -n "${prompt_message}" + read -r user_input + if [[ -n "${user_input}" ]]; then break fi done - eval "$return_var='$user_input'" + eval "${return_var}='${user_input}'" } +PROJECT_ID="" +BILLING_ACCOUNT_ID="" + # Prompt the user for required variables prompt_until_input "Enter desired PROJECT_ID (e.g. cfia-ai-lab): " PROJECT_ID prompt_until_input "Enter your BILLING_ACCOUNT_ID (You can find this on the GCP Console under Billing): " BILLING_ACCOUNT_ID # Create a new project -gcloud projects create $PROJECT_ID +gcloud projects create "${PROJECT_ID}" # Set the project as the active project -gcloud config set project $PROJECT_ID +gcloud config set project "${PROJECT_ID}" # Link the billing account to the project -gcloud beta billing projects link $PROJECT_ID --billing-account=$BILLING_ACCOUNT_ID +gcloud beta billing projects link "${PROJECT_ID}" --billing-account="${BILLING_ACCOUNT_ID}" # Retrieve and display a list of Google Cloud regions echo "Available Google Cloud regions" -gcloud compute regions list --format=value(name) +gcloud compute regions list --format="value(name)" echo +REGION="" +REPO_NAME="" +DESCRIPTION="" +SA_NAME="" +SA_DISPLAY_NAME="" +FILE_NAME="" + # Prompt user for necessary variables prompt_until_input "Enter a Google Cloud region from the above list: " REGION -prompt_until_input "Enter a name for your Google Cloud project: " PROJECT_NAME prompt_until_input "Enter the Docker repository name: " REPO_NAME prompt_until_input "Enter a description for the Docker repository [Optional]: " DESCRIPTION prompt_until_input "Enter a name for your service account: " SA_NAME @@ -46,16 +55,16 @@ prompt_until_input "Choose a name for the JSON key file (without .json): " FILE_ # Execute commands # Create an artifact repository -gcloud artifacts repositories create $REPO_NAME \ +gcloud artifacts repositories create "${REPO_NAME}" \ --repository-format=docker \ - --location=$REGION \ - --description="$DESCRIPTION" + --location="${REGION}" \ + --description="${DESCRIPTION}" # Create a service account (SA) -gcloud iam service-accounts create $SA_NAME --display-name "$SA_DISPLAY_NAME" +gcloud iam service-accounts create "${SA_NAME}" --display-name "${SA_DISPLAY_NAME}" # Create the key for the service account (SA) -gcloud iam service-accounts keys create "$FILE_NAME.json" --iam-account=$SA_NAME@$PROJECT_ID.iam.gserviceaccount.com +gcloud iam service-accounts keys create "${FILE_NAME}.json" --iam-account="${SA_NAME}"@"${PROJECT_ID}".iam.gserviceaccount.com # Automatically apply the roles to the service account ROLES=( @@ -65,9 +74,9 @@ ROLES=( ) for ROLE in "${ROLES[@]}"; do - gcloud projects add-iam-policy-binding $PROJECT_ID \ - --member=serviceAccount:$SA_NAME@$PROJECT_ID.iam.gserviceaccount.com \ - --role=$ROLE + gcloud projects add-iam-policy-binding "${PROJECT_ID}" \ + --member=serviceAccount:"${SA_NAME}"@"${PROJECT_ID}".iam.gserviceaccount.com \ + --role="${ROLE}" done echo "All commands executed successfully!" diff --git a/github-management-script/branch-protection-ruleset.md b/github-management-script/branch-protection-ruleset.md index 614f61c..7934318 100644 --- a/github-management-script/branch-protection-ruleset.md +++ b/github-management-script/branch-protection-ruleset.md @@ -1,18 +1,29 @@ # GitHub Branch Protection Automation Script -This script adds a branch protection requiring lint-test to pass in order to be able to merge the changes to the main branch. + +This script adds a branch protection requiring lint-test to pass in order to be +able to merge the changes to the main branch. ## Description -This script is designed to automate the process of setting up branch protection rules on the main branch of each public repository within a specified GitHub organization. It specifically adds a branch protection rule that requires the lint-test / build status check to pass before changes can be merged into the main branch. + +This script is designed to automate the process of setting up branch protection +rules on the main branch of each public repository within a specified GitHub +organization. It specifically adds a branch protection rule that requires the +lint-test / build status check to pass before changes can be merged into the +main branch. ## Permission required Administration - Access: Read and write ## Usage -Run the script in a Bash-compatible shell. Ensure you have the necessary permissions on the GitHub token for the organization. + +Run the script in a Bash-compatible shell. Ensure you have the necessary +permissions on the GitHub token for the organization. ## Breakdown + The script performs three actions : + - Prompt user for token. - Get all public repositories from the organisation. - Apply the branch protection rule to the repository. diff --git a/github-management-script/branch-protection-ruleset.sh b/github-management-script/branch-protection-ruleset.sh index f07d2d5..4a9d635 100644 --- a/github-management-script/branch-protection-ruleset.sh +++ b/github-management-script/branch-protection-ruleset.sh @@ -2,16 +2,18 @@ # prompt for GitHub token echo "Please enter your GitHub token:" -read GITHUB_TOKEN +read -r GITHUB_TOKEN ORG_NAME="ai-cfia" API_URL="https://api.github.com/orgs/${ORG_NAME}/repos?type=public" # get list of all public repos -REPOS=$(curl -s -H "Accept: application/vnd.github.v3+json" \ +RESPONSE=$(curl -s -H "Accept: application/vnd.github.v3+json" \ -H "Authorization: Bearer ${GITHUB_TOKEN}" \ - "${API_URL}" | jq -r '.[].full_name') + "${API_URL}") + +REPOS=$(echo "${RESPONSE}" | jq -r '.[].full_name') set_branch_protection() { REPO_NAME=$1 @@ -27,6 +29,7 @@ set_branch_protection() { "enforce_admins": true, "required_pull_request_reviews": { "required_approving_review_count": 1 + "require_code_owner_reviews": true }, "restrictions": null }' @@ -47,8 +50,8 @@ for REPO in ${REPOS}; do "${WORKFLOWS_URL}") # if the http response code is 200, the directory exists - if [ "${RESPONSE}" -eq 200 ]; then + if [[ "${RESPONSE}" -eq 200 ]]; then echo "Setting branch protection rules for ${REPO}" - set_branch_protection ${REPO} + set_branch_protection "${REPO}" fi done diff --git a/github-management-script/codeowners-file-creation.md b/github-management-script/codeowners-file-creation.md new file mode 100644 index 0000000..492abcc --- /dev/null +++ b/github-management-script/codeowners-file-creation.md @@ -0,0 +1,28 @@ +# CODEOWNERS Automation Script + +This script automates the creation of CODEOWNERS files within repositories of +the CFIA organization and applies tag rules based on repository names. + +## Functionality + +* **Creates CODEOWNERS Files:** The script generates CODEOWNERS files in target + repositories, defining code ownership rules to streamline the review process. +* **Customizable Team Tagging:** It tags relevant teams (`backend`, `frontend`, + `data`, `devops`) based on the repository name. +* **DevOps Ownership:** The script assigns specific ownership to the DevOps team + for files within the `.github` directory, Dockerfile, and docker-compose + configurations. + +## Requirements + +* **GitHub Personal Access Token (PAT):** A PAT with the `repo` scope. + +## Usage + +1. **Set Environment Variables:** + 1. `GITHUB_TOKEN`: Store your GitHub PAT in this environment variable. + 2. `ORG_NAME`: Set this to the name of your target GitHub organization. +2. **Execute the Script:** Run the script. It will: + 1. Prompt for your GitHub token (if not set). + 2. Retrieve a list of repositories within the organization. + 3. Process each repository, generating and adding the CODEOWNERS file. diff --git a/github-management-script/codeowners-file-creation.sh b/github-management-script/codeowners-file-creation.sh new file mode 100644 index 0000000..233d787 --- /dev/null +++ b/github-management-script/codeowners-file-creation.sh @@ -0,0 +1,55 @@ +#!/bin/bash +generate_codeowners() { + repo_name=$1 + + echo "# This CODEOWNERS file is auto-generated. See the script for modification details." > .github/CODEOWNERS + + # Default rules for AI-CFIA ownership for repositories which name ends with "backend", "frontend" or "db" + if [[ ${repo_name} == *"backend" ]]; then + echo "* @ai-cfia/backend" >> .github/CODEOWNERS + elif [[ ${repo_name} == *"frontend" ]]; then + echo "* @ai-cfia/frontend" >> .github/CODEOWNERS + elif [[ ${repo_name} == *"db" ]]; then + echo "* @ai-cfia/data" >> .github/CODEOWNERS + fi + + { + echo "/.github/ @ai-cfia/devops" + echo "Dockerfile @ai-cfia/devops" + echo "docker-compose.yml @ai-cfia/devops" + echo "docker-compose.*.yml @ai-cfia/devops" + } >> .github/CODEOWNERS +} + +create_codeowners() { + org_name=$1 + repo_name=$2 + codeowners_content=$(generate_codeowners "${repo_name}") + + encoded_content=$(echo "${codeowners_content}" | base64 -w 0) + + API_URL="https://api.github.com/repos/${org_name}/${repo_name}/contents/.github/CODEOWNERS" + + curl -s -X PUT \ + -H "Accept: application/vnd.github.v3+json" \ + -H "Authorization: Bearer ${GITHUB_TOKEN}" \ + -d "{\"message\": \"Add CODEOWNERS file\", \"content\": \"${encoded_content}\"}" \ + "${API_URL}" +} + +echo "Please enter your GitHub token:" +read -r GITHUB_TOKEN + +ORG_NAME="ai-cfia" +API_URL="https://api.github.com/orgs/${ORG_NAME}/repos?type=public" +RESPONSE=$(curl -s -H "Accept: application/vnd.github.v3+json" \ + -H "Authorization: Bearer ${GITHUB_TOKEN}" \ + "${API_URL}") +REPOS=$(echo "${RESPONSE}" | jq -r '.[].full_name') + +for REPO in ${REPOS}; do + echo "Processing repository: ${REPO}" + + create_codeowners "$(dirname "${REPO}") $(basename "${REPO}")" + +done diff --git a/github-management-script/github-label-creation-script.md b/github-management-script/github-label-creation-script.md index f2e405f..e272883 100644 --- a/github-management-script/github-label-creation-script.md +++ b/github-management-script/github-label-creation-script.md @@ -1,18 +1,25 @@ # GitHub Label Creation Automation Script ## Description -The script is designed to automate the creation of GitHub labels in each public repository of the organization. Doing it through GitHub dashboard doesn't add the new label to the existing repositories so this script was created to do that. + +The script is designed to automate the creation of GitHub labels in each public +repository of the organization. Doing it through GitHub dashboard doesn't add +the new label to the existing repositories so this script was created to do +that. ## Permission required Issues - Access: Read and write ## Usage -Run the script `bach github-label-creation-script.sh`. You will need need to provid the GitHub token, label name, label description and label colour. You can pick a color [here](https://colors-picker.com/hex-color-picker/) -Breakdown -The script performs the following actions: +Run the script `bach github-label-creation-script.sh`. You will need need to +provid the GitHub token, label name, label description and label colour. You can +pick a color [here](https://colors-picker.com/hex-color-picker/) + +Breakdown The script performs the following actions: -- Prompts the user for their GitHub token and label details (name, description, color). +- Prompts the user for their GitHub token and label details (name, description, + color). - Fetches all public repositories from the organization. - Creates the label in each repository. diff --git a/github-management-script/github-label-creation-script.sh b/github-management-script/github-label-creation-script.sh index f2f4baf..46977c4 100644 --- a/github-management-script/github-label-creation-script.sh +++ b/github-management-script/github-label-creation-script.sh @@ -6,51 +6,51 @@ create_data(){ local label_color=$3 data_content="{" - data_content+="\"name\": \"$label_name\"," - data_content+="\"description\": \"$label_description\"," - data_content+="\"color\": \"$label_color\"" + data_content+="\"name\": \"${label_name}\"," + data_content+="\"description\": \"${label_description}\"," + data_content+="\"color\": \"${label_color}\"" data_content+="}" - echo "$data_content" + echo "${data_content}" } create_label(){ ORG_NAME="ai-cfia" REPO_NAME=$1 - DATA=$(create_data "$LABEL_NAME" "$LABEL_DESCRIPTION" "$LABEL_COLOR") - API_URL="https://api.github.com/repos/$ORG_NAME/$REPO_NAME/labels" + DATA=$(create_data "${LABEL_NAME}" "${LABEL_DESCRIPTION}" "${LABEL_COLOR}") + API_URL="https://api.github.com/repos/${ORG_NAME}/${REPO_NAME}/labels" HTTP_RESPONSE=$(curl -s -w "%{http_code}" -o response.txt -X POST \ -H "Accept: application/vnd.github.v3+json" \ - -H "Authorization: Bearer $GITHUB_TOKEN" \ - "$API_URL" \ - -d "$DATA") + -H "Authorization: Bearer ${GITHUB_TOKEN}" \ + "${API_URL}" \ + -d "${DATA}") - if [ "$HTTP_RESPONSE" -eq 201 ]; then - echo "Label '$LABEL_NAME' created successfully in repository $REPO_NAME." + if [[ "${HTTP_RESPONSE}" -eq 201 ]]; then + echo "Label '${LABEL_NAME}' created successfully in repository ${REPO_NAME}." else - echo "Failed to create label in repository $REPO_NAME." + echo "Failed to create label in repository ${REPO_NAME}." cat response.txt fi rm -f response.txt } -read -p "Enter your GitHub token: " GITHUB_TOKEN -read -p "What is the name of the label you want to create? " LABEL_NAME -read -p "Give your label a description: " LABEL_DESCRIPTION -read -p "Enter your label color (without #): " LABEL_COLOR +read -rp "Enter your GitHub token: " GITHUB_TOKEN +read -rp "What is the name of the label you want to create? " LABEL_NAME +read -rp "Give your label a description: " LABEL_DESCRIPTION +read -rp "Enter your label color (without #): " LABEL_COLOR ORG_NAME="ai-cfia" -API_URL="https://api.github.com/orgs/$ORG_NAME/repos?type=public" +API_URL="https://api.github.com/orgs/${ORG_NAME}/repos?type=public" REPOS_JSON=$(curl -s -H "Accept: application/vnd.github.v3+json" \ - -H "Authorization: Bearer $GITHUB_TOKEN" \ - "$API_URL") + -H "Authorization: Bearer ${GITHUB_TOKEN}" \ + "${API_URL}") -REPOS=$(echo "$REPOS_JSON" | jq -r '.[] | .name') +REPOS=$(echo "${REPOS_JSON}" | jq -r '.[] | .name') -for REPO in $REPOS; do - echo "Creating label for $REPO" - create_label "$REPO" +for REPO in ${REPOS}; do + echo "Creating label for ${REPO}" + create_label "${REPO}" done diff --git a/github-management-script/github-token-creation-guid.md b/github-management-script/github-token-creation-guid.md index 547df7d..2bb813a 100644 --- a/github-management-script/github-token-creation-guid.md +++ b/github-management-script/github-token-creation-guid.md @@ -1,6 +1,8 @@ # Creating a GitHub Token with Fine-Grained Permissions -Creating a fine-grained personal access token in GitHub allows you to perform specific actions within a repository, an organization, or other GitHub resources. This guide walks you through the steps to create such a token. +Creating a fine-grained personal access token in GitHub allows you to perform +specific actions within a repository, an organization, or other GitHub +resources. This guide walks you through the steps to create such a token. ## Steps to Create the Token @@ -10,18 +12,27 @@ Creating a fine-grained personal access token in GitHub allows you to perform sp - Scroll down to the bottom and select `Developer settings`. 2. **Select Fine-Grained Token Option**: - - Under the `Personal access tokens` section, choose the `Fine-grained token` option. + - Under the `Personal access tokens` section, choose the `Fine-grained token` + option. 3. **Set Resource Owner**: - - Change the `Resource owner` to the organization for which you want the token to have access. + - Change the `Resource owner` to the organization for which you want the + token to have access. 4. **Define Permissions**: - - Under the `Permissions` section, define the specific permissions your token requires. - - Refer to the GitHub documentation on [permissions required for fine-grained personal access tokens](https://docs.github.com/en/rest/overview/permissions-required-for-fine-grained-personal-access-tokens?apiVersion=2022-11-28) to understand which permissions are necessary for the endpoints you wish to access. + - Under the `Permissions` section, define the specific permissions your token + requires. + - Refer to the GitHub documentation on [permissions required for fine-grained + personal access + tokens](https://docs.github.com/en/rest/overview/permissions-required-for-fine-grained-personal-access-tokens?apiVersion=2022-11-28) + to understand which permissions are necessary for the endpoints you wish to + access. ## Important Notes -- Ensure that you only grant the minimum necessary permissions to perform your intended tasks. +- Ensure that you only grant the minimum necessary permissions to perform your + intended tasks. - Keep your tokens secure and do not share them publicly. -You can find out the required permission of each script under the "Permission required" section of the each script's documentation. +You can find out the required permission of each script under the "Permission +required" section of the each script's documentation. diff --git a/github-repository-creation-guide.md b/github-repository-creation-guide.md index 051c844..4ada111 100644 --- a/github-repository-creation-guide.md +++ b/github-repository-creation-guide.md @@ -1,8 +1,12 @@ -**GitHub repository creation guide** +# GitHub repository creation guide -When creating a GitHub repository you need to follow a few organizational standardization rules : -- When naming your repository use lowercase. This makes it easier for command line use. -- Use a dash ( - ) and not an underscore ( _ ) to separate words in the repository name. +When creating a GitHub repository you need to follow a few organizational +standardization rules : + +- When naming your repository use lowercase. This makes it easier for command + line use. +- Use a dash ( - ) and not an underscore ( _ ) to separate words in the + repository name. - Make the repository public. - Add a description. - Create a LICENSE.md file. @@ -10,33 +14,38 @@ When creating a GitHub repository you need to follow a few organizational standa ## How to Create a LICENSE.md File -1. Create a new file and name it `LICENSE.md`. - -![Create LICENSE.md](https://github.com/ai-cfia/devops/assets/9827730/540c2ee8-fc49-4c76-88c7-115ac8ffcae2) +1. Create a new file and name it `LICENSE.md` : + - ![Create +LICENSE.md](https://github.com/ai-cfia/devops/assets/9827730/540c2ee8-fc49-4c76-88c7-115ac8ffcae2) 2. Click on "Choose a license template." - -3. Choose "MIT License," and all the needed information will be filled in for you. - -![Choose MIT License](https://github.com/ai-cfia/devops/assets/9827730/f7d4576f-1a3e-4a95-98e8-7c67dbd32705) +3. Choose "MIT License," and all the needed information will be filled in for + you. + - ![Choose MIT +License](https://github.com/ai-cfia/devops/assets/9827730/f7d4576f-1a3e-4a95-98e8-7c67dbd32705) 4. Click on "Review and submit" to create your file. -**Why you need to protect your branches** +## Why you need to protect your branches -Protecting branches in GitHub is essential for maintaining code integrity, ensuring a consistent commit history, and safeguarding against disruptive changes. By mandating code reviews, preventing force pushes, and requiring scrutiny of contributions, branch protection provides a foundational layer of security and quality control in collaborative projects. +Protecting branches in GitHub is essential for maintaining code integrity, +ensuring a consistent commit history, and safeguarding against disruptive +changes. By mandating code reviews, preventing force pushes, and requiring +scrutiny of contributions, branch protection provides a foundational layer of +security and quality control in collaborative projects. ## How to Protect Your Branch 1. Go to your repository's main page. 2. Click on the "Settings" option on the top right. - -![Settings](https://github.com/ai-cfia/devops/assets/9827730/5be87238-af3d-4c2c-b17b-8d765f5fbbee) + - ![Settings](https://github.com/ai-cfia/devops/assets/9827730/5be87238-af3d-4c2c-b17b-8d765f5fbbee) 3. Click on the "Branches" tab on the right menu. - -![Branches Tab](https://github.com/ai-cfia/devops/assets/9827730/5b5d85ef-5713-4c60-a519-6602f86e008a) - -4. Make sure to check "Require a pull request before merging," and also ensure that "Require approvals" is checked. You can leave the default option for the number of required approvals. - -![Branch Protection Settings](https://github.com/ai-cfia/devops/assets/9827730/fe2a4a22-19af-4f3b-96e1-03095c26ddeb) + - ![Branches +Tab](https://github.com/ai-cfia/devops/assets/9827730/5b5d85ef-5713-4c60-a519-6602f86e008a) + +4. Make sure to check "Require a pull request before merging," and also ensure + that "Require approvals" is checked. You can leave the default option for the + number of required approvals. + - ![Branch Protection +Settings](https://github.com/ai-cfia/devops/assets/9827730/fe2a4a22-19af-4f3b-96e1-03095c26ddeb)