Closed ALRubinger closed 6 months ago
ALRubinger
commented
11 months ago Not yet started in earnest. Some intro calls and backing thoughts as detailed here. Next: @ALRubinger Talk to GitHub and ask available services or recommended approaches.
Consider:
ALRubinger
commented
11 months ago See internal meeting notes in supply chain doc.
ALRubinger
commented
11 months ago GitHub support notes in https://support.github.com/ticket/personal/0/2468224 (visible to ALR, @alec-brooks, @leordev only) that GitHub Enterprise Server (on-prem) gives us this mirroring option with Backup Utils and HA Replication.
Asked FE in internal channel what's available to us there.
ALRubinger
commented
11 months ago By advice from above - Asked gpap internally in #dev-tools.
ALRubinger
commented
11 months ago Output of convo internally - mirroring to an internal GitHub organization dedicated to mirroring upstream repos may work. We'll start there and see how it works out in a call w/ @alec-brooks and @leordev.
ALRubinger
commented
11 months ago Decided with @alec-brooks and @leordev to hold off on this for now as not necessary for this phase. It's needed for security permissions in secured, self-hosted build runners, which we will put out of scope for this phase of work.
ALRubinger
commented
11 months ago Reopening to use in future Milestone if necessary.
ALRubinger
commented
6 months ago Won't do - GitHub has backups and we have contracts
Backing up the Git repository ensures the preservation of the entire project's history, safeguarding against data loss from unforeseen disasters, human errors, or malicious attacks. Additionally, having backup copies guarantees that development can continue seamlessly even if the primary repository becomes compromised or corrupted. In essence, regular backups provide an essential safety net for the codebase and the collective work of contributors.
We must back up not only the software repository but also metadata associated with the project; this includes GitHub-specific features like Issues, PRs, etc. That informs a choice of GitHub-based backups, stored on servers we control.