> [!NOTE] > Draft information that needs to be reviewed with our GitHub club team ## What should never go into GitHub - credentials - sensitive data (PII) ## What should not go into a public repo? - avoid publishing account numbers, vpc ids, ??? - detailed permission configurations - sceptre code containing the above - abstract sceptre templates may be very useful to share ## What types of private repo content should be granted access as-needed to CDL users - detailed sceptre templates - detailed log output that could leak sensitive config details - code repos container user names, emails and permission grants ## Which users should have default read access to ALL repos for an org? - Org owners have this by default - Tech leads and DevOps engineers within the org? - IAS (daily account)? - IAS (admin account)? - Managers? ## What types of private repository content should be readonly by default for ALL CDL users within an org? - ?
Note
Draft information that needs to be reviewed with our GitHub club team
What should never go into GitHub
What should not go into a public repo?
What types of private repo content should be granted access as-needed to CDL users
Which users should have default read access to ALL repos for an org?
What types of private repository content should be readonly by default for ALL CDL users within an org?