How to store source code
At GDS, we follow the principles set out in the Service Manual for managing the code we write by:
You must keep some data and code closed, including keys and credentials, algorithms used to detect fraud, and code or data that makes clear details of unannounced policy.
Place new repositories for GDS services in the alphagov organisation on GitHub.
You can use your personal GitHub account to access alphagov. Ask your tech lead or technical architect to invite you.
To secure your Github repository, make sure you:
- configure two-factor authentication for your account
- ensure Git repositories are backed up to another location (this should be a team responsibility)
- have considered encrypting your repository contents
- consider protecting your master branch to prevent changes being committed without a suitable review
How to to retire applications
If an application is no longer used in production, you should archive its repository.
Update the application’s README to detail why the repository has been archived, and link to a new location if the application has been superseded.