Merge pull request #10 from bcgov/new-process-diagram

Added a github enterprise license process map Updates framing and details about GitHub Enterprise
bcgov · Dec 22, 2023 · 47809a1 · 47809a1
2 parents c9118ec + 4559735
commit 47809a1
Show file tree

Hide file tree

Showing 4 changed files with 47 additions and 88 deletions.
diff --git a/docs/images/github-e-process-map.png b/docs/images/github-e-process-map.png
diff --git a/docs/use-github-in-bcgov/bc-government-organizations-in-github.md b/docs/use-github-in-bcgov/bc-government-organizations-in-github.md
@@ -1,23 +1,3 @@
----
-title: BC Government organizations in GitHub
-
-slug: bc-government-organizations-in-github
-
-description: Describes the different BC Government organizations in GitHub.
-
-keywords: github, github org, repo, open source, github enterprise, bcgov, github organization
-
-page_purpose: Describes the different BC Government organizations in GitHub, what they're used for, and who can use them.
-
-audience: developer, technical lead
-
-author: Jonathan Bond
-
-content_owner: Olena Mitovska
-
-sort_order: 1
----
-
 # BC Government organizations in GitHub
 
 Many teams building software for the B.C. government use [GitHub](https://github.com) to host their code. Using GitHub you can:
@@ -46,6 +26,12 @@ The [Digital Principles for the Government of B.C.](https://www2.gov.bc.ca/gov/c
 
 The Province owns several GitHub organizations, which are described below.
 
+| Name | Use for... | User Access Requirements | Cost |
+| ---- | ----------- | ----------- | ----- |
+| [bcgov](#bcgov) | Repositories should be hosted in this open repo unless you have strong rationale from your MISO otherwise. | GitHub ID | Free |
+| [bcgov-c](#bcgov-c) | Code you would like to temporarily host in a closed repo, before moving into the bcgov org. | GitHub ID | Covered by OCIO for up to 12 months |
+| [bcgov-ent](#bcgov-ent) | Code that will remain private forever. | IDIR | Purchased by each team |
+
 ### `bcgov`
 
 The `bcgov` organization contains public repositories that hold open-source code or public documents developed by B.C. government teams. This organization is **public**.
@@ -63,23 +49,16 @@ The `bcgov-c` organization stores temporary (up to 12 months), private repositor
 
 Your product team can only have a **permanent**, private repository in `bcgov-c` if it is a GitOps repository with ArgoCD manifests. We strongly discourage creating permanent, private repositories in this organization.
 
-### `bcgov-platform-services`
+### `bcgov-ent`
 
-* Only the Platform Services team can create repositories in this organization.
-* GitHub application integration (for example, SonarCloud testing) needs to be individually enabled for each repository. The Platform Services team approves all third-party application integration in all B.C. government organizations.
+We have an Enterprise-Managed User (EMU) tier of GitHub Enterprise procured within the BC Government. The Enterprise account acts as administrative umbrella above multiple Ministry IMB-managed GitHub Orgs. It is designed for Ministry-specific **private** organizations linked to the B.C. government's Enterprise account. These organizations permanently store teams' private repositories with closed-sourced code that is intended to remain closed forever. 
 
-## Ministry-specific private organizations in GitHub Enterprise
-
-Ministry-specific **private** organizations must be linked to the B.C. government's Enterprise account (user licenses are required for the members of these organizations).
-
-These organizations permanently store teams' private repositories with closed-sourced code that can't be transitioned to a public repository within 12 months. For more information on creating a private organization linked to the GitHub enterprise account, see [GitHub Enterprise user licences in the B.C. government](../github-enterprise-user-licenses-bc-government/).
+User licenses are required for the members of these organizations. For more information on creating a private organization linked to the GitHub enterprise account, see [GitHub Enterprise user licences in the B.C. government](../github-enterprise-user-licenses-bc-government/).
 
 * Product teams that need a permanent location for their closed-source code should use this repository.
 * Each ministry team must purchase their own [user licenses](../github-enterprise-user-licenses-bc-government/) to use the organization.
 * Only ministry GitHub administrators can create repositories in this organization. Consult with your ministry's Information Management Branch (IMB) to get in touch with the GitHub administrators.
 
-![Diagram of the BC Government GitHub organizations](../images/github-organization-chart.png)
-
 ### Security Insights for GitHub Enterprise-linked organizations
 
 The Security Insight feature is available for all organizations linked to the corporate GitHub Enterprise account, as well as branch protection and code owners for private repositories. Branch protection only allows specific people to push to the protected branch. The code owners feature allows automated reviews. For example, if a specific user is a code owner of certain files they are automatically added as PR reviewers and their approval is required before the code can be merged.

diff --git a/docs/use-github-in-bcgov/github-enterprise-user-licenses-bc-government.md b/docs/use-github-in-bcgov/github-enterprise-user-licenses-bc-government.md
@@ -1,83 +1,63 @@
----
-title: GitHub Enterprise user licences in the BC government
-
-slug: github-enterprise-user-licenses-bc-government
-
-description: Describes the benefits of GitHub Enterprise user licences and how to access them.
-
-keywords: GitHub, GitHub Enterprise, closed source, private repository, private organization, licence, license, user licence, user license
-
-page_purpose: Discusses why you might want to use a GitHub Enterprise user licence and how to request, access, and pay for the users.
-
-audience: technical lead, product owner
-
-author: Jonathan Bond
-
-content_owner: Olena Mitovska
-
-sort_order: 4
----
-
-# GitHub Enterprise user licences in the BC government
-
-All code by B.C. government teams should be open source by default. If you have closed-source code and still want to use GitHub, you can work temporarily in a private repository under the GitHub Enterprise licence.
-
-For more information on our GitHub organizations and their uses, see [B.C. government organizations in GitHub](../bc-government-organizations-in-github/).
+# B.C. government GitHub Enterprise 
 
-## On this page
+>Note: This page is under review as of December 2023 and will be updated for clarity and accuracy early in 2024. 
 
-- [Benefits of a GitHub Enterprise user licence](#benefits-of-a-github-enterprise-user-licence)
-- [Enterprise account ownership](#enterprise-account-ownership)
-- [Request GitHub Enterprise user licences](#request-github-enterprise-user-licences)
-- [Access the GitHub Enterprise account](#access-the-github-enterprise-account)
-- [Pay for the GitHub Enterprise user licences](#pay-for-the-github-enterprise-user-licences)
+All code built for B.C. government for staff or contracted developers should be open source by default and stored in the public [`bcgov` organization on GitHub.com](https://github.com/bcgoc). If you have closed source code and still want to use GitHub's functionality, you can store your code in a private repository within the B.C. government's [GitHub Enterprise environment](https://github.com/enterprises/bcgov-ent/). This page contains details related to that environment and its use.
 
-## Benefits of a GitHub Enterprise user licence
+For more information about B.C. government GitHub organizations outside of GitHub Enterprise, see [B.C. government organizations in GitHub](../bc-government-organizations-in-github/).
 
-The enterprise user licence offers various features over the Free and Teams version. To find out more on the differences in features and pricing, see [Pricing](https://github.com/pricing).
+## B.C. government GitHub Enterprise Overview
 
-## Enterprise account ownership
+GitHub Enterprise offers various features beyond those of the Free and Teams tiers. To find out more about the features of GitHub Enterprise, you may wish to review [GitHub's product page](https://github.com/enterprise).
 
-The GitHub Enterprise account is owned by OCIO and managed by the Platform Services team. Ministries own GitHub organizations linked to the B.C. government’s GitHub Enterprise accounts and the private repositories within their organizations.  
+There are certain notable differences between the [public facing `bcgov` GitHub organization](https://github.com/bcgov) and B.C. government's GitHub Enterprise environment. For example, the ability to create public repositories is disabled within GitHb Enterprise since with B.C. government public open source code should be in the [public `bcgov` organization](https://github.com/bcgov). 
 
-User licenses for accessing the private repositories come from a central pool under the GitHub Enterprise account and must be purchased for each user that needs access to the private repositories in the ministry’s private organizations.  Management of this pool of seats is done in partnership with each sector or ministry purchasing their own allocated seat count.
+Other details of GitHub Enterprise include the following:
 
-When your private organization is linked to the GitHub Enterprise account certain settings are automatically enabled or disabled. For example, the ability to create public repositories within this private organization is removed to fall in line with all Provincial open-source code remaining in `bcgov`. Other features include the following:
+* Single sign-on is provided via Azure AD (aka Entra ID)
+* Login uses government-issued IDIR identities
+* Users will be automatically assigned new GitHub IDs, which will change the login experience for users working in both GitHub.com repositories and B.C. government GitHub Enterprise 
+* GitHub Actions is enabled
+* Code Dependency Insights is enabled
 
-* Two-factor authentication is mandatory
-* GitHub Actions is enabled for all
-* Code Dependency Insights is enabled for all organizations linked to the GitHub Enterprise account
+## GitHub Enterprise account ownership
 
-## Request GitHub Enterprise user licences
+The B.C. government's GitHub Enterprise account is managed centrally by the Digital Office's [Developer Experience Team](mailto:[email protected]). Ministries or sectors are provided with GitHub "organizations" within the central GitHub Enterprise account. Teams' private repositories are created within these organizations.  Management of ministry or sector organizations within GitHub Enterprise is delegated to staff within the corresponding IMB/ISB. 
 
-Contact Software Central Management at [email protected] and cc Dean Picton ([email protected]). Use the subject line "GitHub Enterprise Request" and send the following information:  
+Paid licenses are required to use GitHub Enterprise. Licenses must be purchased for each user that will use or administer to the B.C. government GitHub Enterprise organizations or repositories. Each ministry or sector is responsible for acquiring and paying for its own licenses. The process for acquiring licences is described [below](#background-bc-government-github-enterprise-process-map).
 
-* Private GitHub organization name and whether you need a new organization created or are linking an existing private organization  
+## Acquiring GitHub Enterprise user licences
 
-* GitHub IDs of the organization administrators
+> Note: the process outlined below may be slightly different for some sectors or ministries, but it will be generally similar for all. For example, in some areas, the responsibility for interacting with CSAM may be done by the ministry or sector IMB/ISB staff rather than end users in a business area.
 
-* Number of user licenses needed. If you're transferring a GitHub organization to Enterprise, request as many user licenses as you have organization members.
+This section outlines what is involved in acquiring the licenses required to use B.C. government GitHub Enterprise.
 
-## Access the GitHub Enterprise account
+### Pre-requisites:
 
-Each ministry has GitHub administrators that manage user licences purchased by the ministry and assign individual users to the licences. All license management and licence-to-user assignment must go through ministry account administrators.   
+- Confirm that your intended use of GitHub Enterprise aligns with its purpose, which is exclusively for storing code that can't be, or isn't currently, open source.
+- Confirm whether your ministry or sector is using GitHub Enterprise and know who in your IMB/ISB is responsible for managing access. If you aren't sure who to contact within your IMB/ISB, please contact the [Developer Experience Team]([email protected]) for assistance.
+- Identify who is responsible within your business area for submitting iStore orders.
 
-1. Your ministry’s GitHub administrator creates a private organization for your ministry, if it doesn’t exist already, and links it to the GitHub Enterprise account.
+### Steps
 
-2. Submit a request to Software Central Management to purchase the desired number of user licences.
+Once you've completed the pre-requisites, follow the steps below to acquire GitHub Enterprise licenses.
 
-3. Once the order is processed and the user licenses have been added to the Province’s GitHub Enterprise account, your ministry’s GitHub administrator adds your users to the GitHub Enterprise account and to the ministry’s private organization.
+- Request a quote via email to  [[email protected]](mailto:[email protected]). Use the subject line "Request for Quotation for GitHub Enterprise"  and indicate in the body the number of users who need GitHub Enterprise licenses. For example, "Could I please get a quote for 10 GitHub Enterprises licenses (Standalone)?".
+- Wait for a response by email from CSAM, which will include a quote number and the associated cost for your licenses. This should take 2-3 business days. 
+- Work with the person reponsisble for iStore orders in your business area to create and submit an iStore order referencing the quote number to initiate the purchase. This will triggerthe e-approval process.
+- Wait for a notification from CSAM indicating that they have made the purchase of GitHub licenses on your behalf. This should take less than 5 business days. Billing back to your expense authority will commence at this point. Billing occurs monthly until you notify CSAM to cancel the user licenses.
+- Work with the appropriate individual or team within your ministry or sector IMB/ISB to request access to the corresponding organization within B.C. government's GitHub Enterprise environment. 
 
-These users have access to all features available in GitHub Enterprise within their private organization.
+Once the above steps are complete, you'll be able to log in (using your IDIR) to the B.C. government GitHub Enterprise at [https://github.com/enterprises/bcgov-ent/](https://github.com/enterprises/bcgov-ent/) and begin working in private repositories within your ministry or sector's organization. 
 
-## Pay for the GitHub Enterprise user licences
+## Background: BC government GitHub Enterprise process map
 
-Software Central Management handles your purchase order, with billing back to your expense authority. The ministry is billed monthly for the GitHub Enterprise user licenses until Software Central gets a request asking to cancel the user licenses.
+Our team has created the artifact below which captures the steps and teams involved in acquiring and mananaging GitHub Enterprise licenses. This version is intended for reference only, but we intend to create simplified, more focused versions for both end users and administrators.  
 
+![A detailed diagram illustrating the process of acquiring and administering GitHub Enterprise licenses within the B.C. government. ](../images/github-e-process-map.png)
 ---
 Related links:
 
 * [BC Government Organizations in GitHub](../bc-government-organizations-in-github/)
-* [Pricing](https://github.com/pricing)
 
 ---
diff --git a/mkdocs.yml b/mkdocs.yml
@@ -2,7 +2,8 @@ site_name: "BC Developer Guide"
 site_description: "A guide to application development for the B.C. government."
 repo_url: https://github.com/bcgov/bcdg
 edit_uri: edit/main/docs/
-
+plugins:
+    - techdocs-core
 
 nav:
   - Introduction: index.md
@@ -12,7 +13,7 @@ nav:
   - GitHub in the B.C. government:
     - BC Government organizations in GitHub: use-github-in-bcgov/bc-government-organizations-in-github.md
     - Remove a user's BCGov GitHub access: use-github-in-bcgov/remove-user-bcgov-github-access.md
-    - GitHub Enterprise user licences in the BC government: use-github-in-bcgov/github-enterprise-user-licenses-bc-government.md
+    - B.C. government GitHub Enterprise: use-github-in-bcgov/github-enterprise-user-licenses-bc-government.md
     - Evaluate open-source content: use-github-in-bcgov/evaluate-open-source-content.md
     - Required pages for a GitHub repository: use-github-in-bcgov/required-pages-for-github-repository.md
     - Start working in the BCGov GitHub organization: use-github-in-bcgov/start-working-in-bcgov-github-organization.md
@@ -43,5 +44,4 @@ nav:
   # - Compliance: compliance.md
   # - Data and APIs: data_and_apis.md
 
-plugins:
-  - techdocs-core
+