Skip to content

U of MN Github Docs#

University of Minnesota has an Enterprise on GitHub.com for use by IT Administrators. Membership is provisioned by CESI/ITAC units as Organizations in the Enterprise.

Repositories created in in the University of Minnesota Enterprise are hosted on github.com. This means that repositories created as public are public on the Internet. This is a major difference from github.umn.edu; appropriate actions should be taken to keep University of Minnesota intellectual property inside Enterprise-owned repositories.

"Outside Collaborators" can be added to any repository and will allow access specific to the repository that they are added to. These members will consume a GitHub user license and their access should be regularly attested; if a user is a member of the University they can be onboarded to the team to provide regular access to repositories. Member access depends on the visibility of the repositories, outlined here.

New Units/Organization#

  • Request to onboard your team using our UMN Github.com Org Intake form

    • Note: you may not be able to use your UMN Internet ID for github.com depending on worldwide availability of the username
  • If you already have an organization in the UMN Github.com Enterprise, you can request to add new users by emailing devex@umn.edu

Policy on multiple Organization for a Unit#

Github Orgs offer Roles and Teams to manage multiple different team members with different access needs. If a unit has a business case for an additional Organization and can demonstrate that the Roles/Teams does not provide sufficient separation an additional Organization can be provisioned. This will be evaluated on a case by case basis.

Login#

Login is a two step process.

  1. Sign in to your github.com account. This account must be tied to your internetid@umn.edu email account. If you don't have a github.com account that uses your UMN email, you will need to create one or add your email to an existing account you own under profile settings.
  2. Once you're signed in to github.com, you will sign in with UMN's Azure EntraID to access any Organizations you're a member or owner of in the University of Minnesota enterprise

Note: GitHub.com requires that users who publish content on github.com have one or more Two-factor authentication strategies enabled. This means to get into a UMN org you will have to do 2-factor auth for the github.com login AND a DUO push for access to UMN Enterprise Orgs and Repositories.

Data Security Policy#

Because GitHub stores code that is used to transport and manipulate protected University data, data in GHEC is considered Private - Restricted and proper considerations should be made to protect this data.

Repositories#

Do not push private data of any kind (e.g. social security numbers, student ID numbers, private keys, session tokens) to GitHub Enterprise Cloud. If you 'test' data is just a copy of production data and contains highly-private data, it is not allowed.

If your code touches systems that interact with University of MN IP (Intellectual Property), do not publish it to a Public repository of any kind as it will be easily located on the consumer Internet. This includes code that represent a webapp/site, especially one that is in production and has the ability to access highly-private data.

Actions#

Github Actions can not be used if it touches private-highly restricted data.

For more information about using GitHub Actions see Actions Runners.