🌲 NW-PaGe Policies and Guidelines

Introduction

Editors

Person 1, person 2, etc

Contributors

Frank Aragona
Pauline Trinh
Kathleen Conery
Marcela Torres
Lauren Frisbie
Cory Yun
Philip Crain
Paul Lloyd
Alli Black
Alex Cox

Emily Nebergall
Cameron Ashton
Peter J Gibson
Allison Warren
Laura Beilsmith
Xichi Zhang
Allison Thibodeau
Sarah Jinsiwale
Topias Lemetyinen

This is a static website documenting the proposed policies and standards for public Github use at the Pacific Northwest Genomic Center of Excellence. There are documents on

Security and how to protect credential and private process leaks
Licensing to protect against re-sale or theft of code
Our Github rules, policies, and templates
Github user guides

If there are any questions please reach out to Frank Aragona

Github Policies

Add crossreferences to the GH policies section and a brief intro here.

AWS Policies

Azure Policies

Personal or network credentials, tokens, server names and more are prohibited from being published to our public repos. Protect security and credentials with good coding practices. Using local environment files along with .gitignore can prevent credentials from being accidentally pushed into your repo. Other guardrails like pre-commit hooks can be used to further prevent accidental credential leaks. See more details on our security policies here

local_credentials.yml

# local yaml file that will NOT be pushed to the repo
# add this file to the .gitignore to prevent leaks
my_credentials:
  username: super_secret_user_name
  password: 12345terriblepassword

script_in_repo.R

# this script is in the repo, but credentials are hidden
library(yaml)

# read in the local credentials yaml file
creds <- yaml::read_yaml("path/to/local_credentials.yml")

# pull in the credentials
username <- creds$my_credentials$username
password <- creds$my_credentials$password

Each repo in the organization should have a license. Licenses can help prevent your work from being stolen and/or used inappropriately. Licensing details here

This organization requires each repo to have certain documents, such as a CODE_OF_CONDUCT. The organization uses a special repo called .github to ensure all repos adhere to the policies and have the right documents.

If you’re looking to build a repository, check out the Github user guide tabs for best practices on reproducibility, documentation in the repo, and more.

# Introduction {.unnumbered .unlisted} ### Editors {.unnumbered .unlisted} Person 1, person 2, etc ### Contributors {.unnumbered .unlisted} ::: columns ::: {.column width="30%"} - Frank Aragona - Pauline Trinh - Kathleen Conery - Marcela Torres - Lauren Frisbie - Cory Yun - Philip Crain - Paul Lloyd - Alli Black - Alex Cox ::: ::: {.column width="30%"} - Emily Nebergall - Cameron Ashton - Peter J Gibson - Allison Warren - Laura Beilsmith - Xichi Zhang - Allison Thibodeau - Sarah Jinsiwale - Topias Lemetyinen ::: ::: This is a static website documenting the proposed policies and standards for public Github use at the Pacific Northwest Genomic Center of Excellence. There are documents on 1. Security and how to protect credential and private process leaks {{< fa unlock >}} 2. Licensing to protect against re-sale or theft of code {{< fa file >}} 3. Our Github rules, policies, and templates {{< fa book >}} 4. Github user guides {{< fa file >}} If there are any questions please reach out to Frank Aragona # Github Policies Add crossreferences to the GH policies section and a brief intro here. # AWS Policies # Azure Policies  {{< fa unlock >}} **Personal or network credentials, tokens, server names and more are prohibited from being published to our public repos.** Protect security and credentials with good coding practices. Using local environment files along with `.gitignore` can prevent credentials from being accidentally pushed into your repo. Other guardrails like **pre-commit hooks** can be used to further prevent accidental credential leaks. [**See more details on our security policies here**](std/security.qmd) ```{yaml filename="local_credentials.yml"} # local yaml file that will NOT be pushed to the repo # add this file to the .gitignore to prevent leaks my_credentials: username: super_secret_user_name password: 12345terriblepassword ``` ```{r filename="script_in_repo.R"} # this script is in the repo, but credentials are hidden library(yaml) # read in the local credentials yaml file creds <- yaml::read_yaml("path/to/local_credentials.yml") # pull in the credentials username <- creds$my_credentials$username password <- creds$my_credentials$password ``` {{< fa file >}} Each repo in the organization should have a license. Licenses can help prevent your work from being stolen and/or used inappropriately. [Licensing details here](std/lic.qmd) {{< fa book >}} This organization requires each repo to have [certain documents](std/templates.qmd), such as a CODE_OF_CONDUCT. The organization uses a special repo called **.github** to ensure all repos adhere to the policies and have the right documents. {{< fa file >}} If you're looking to build a repository, [check out the Github user guide tabs](tools/how_to.qmd) for best practices on reproducibility, documentation in the repo, and more.