additional notes will be added as comments to this issue
1-17-2025
Tokens
Tokens are at a personal level, not an organization level (Enterprise might offer an org level token)
Classic Token; fine-grained still in preview - set it to never expire
limit what it can do, only do pulls, not pushes, have to go fine-grained.
Walked through the process of creating a token for the UC3 organization
As a regular user (not administrative user; i.e. owner in Github speak)
For repositories, did content and for oreganization did a list of members
Terry then shared his screen to see what it looks like in UC3 organization
cfthompson - isn't an owner in UC3 org so
git credentials file - don't have to type in credentials used over HTTPS (classic tokens are ghp)
can use a token as a password which is a feature in git
recommend people use fine-grained tokens (referred to as *_PAT)
Classic ones are still being used for pushing/pulling/creating tokens since fine-grained aren't understood. Fine grained are used for automation
Colin has a page in confluence with token information that he has created IAS Github Tokens
ssh keys are discouraged due to lack of expiration;; no rotation
https://github.blog/security/application-security/improving-git-protocol-security-github/
Authentication:
autheticate to github and then use Github to authenticate/access areas of Github
could use better understanding/explanation of this
12-20-24 Meeting Notes
Terry suggested we all talk thought how we all use Github
We took a step back to get Chad caught up and shared more context about what we are trying to accomplish with this group.
Terry had a nice framing of what we can do in Github even though we don't have an Enterprise account.
Chad will be onboarding a new developer so can work on the onboarding piece.
Github Accounts
- Administrative accounts; we need a shared account to allow for more than one person to have administrative access to manage the Github organization
Lam
Sharing - add collaborators (read access) to a repository
- Charlie suggested using a jist
additional notes will be added as comments to this issue
1-17-2025
Tokens
Tokens are at a personal level, not an organization level (Enterprise might offer an org level token)
Classic Token; fine-grained still in preview - set it to never expire
limit what it can do, only do pulls, not pushes, have to go fine-grained.
Walked through the process of creating a token for the UC3 organization
As a regular user (not administrative user; i.e. owner in Github speak)
For repositories, did content and for oreganization did a list of members
Terry then shared his screen to see what it looks like in UC3 organization
cfthompson - isn't an owner in UC3 org so
git credentials file - don't have to type in credentials used over HTTPS (classic tokens are ghp)
can use a token as a password which is a feature in git
recommend people use fine-grained tokens (referred to as *_PAT)
Classic ones are still being used for pushing/pulling/creating tokens since fine-grained aren't understood. Fine grained are used for automation
Colin has a page in confluence with token information that he has created IAS Github Tokens
ssh keys are discouraged due to lack of expiration;; no rotation
https://github.blog/security/application-security/improving-git-protocol-security-github/
Authentication:
autheticate to github and then use Github to authenticate/access areas of Github
could use better understanding/explanation of this
12-20-24 Meeting Notes
Terry suggested we all talk thought how we all use Github
We took a step back to get Chad caught up and shared more context about what we are trying to accomplish with this group.
Terry had a nice framing of what we can do in Github even though we don't have an Enterprise account.
Chad will be onboarding a new developer so can work on the onboarding piece.
Github Accounts
Lam
Sharing - add collaborators (read access) to a repository