GitHub for Business - page 3


GitHub Enterprise 2.5 is now available

We are excited to announce the release of GitHub Enterprise 2.5. With this release, we’re introducing features and updates that will help development teams build software at scale with a focus on scalability, security, and management of GitHub Enterprise for development teams of any size.

It’s important that your GitHub Enterprise instance can support the way you work without skipping a beat, even if your team is 10,000 strong and growing exponentially. In this release, we’re introducing a better way to add new users to large installations, more ways to collaborate safely, and other tools and updates that will help support your team as it gets bigger.

You’ll also find a round of updates from a clean and simple design refresh to added support for Subversion, and more. Ready to upgrade? Download GitHub Enterprise 2.5.

A better way to grow

As your team grows, so does your GitHub Enterprise installation. For our customers with teams of tens of thousands of developers, the 2.5 release introduces clustering—a framework that helps administrators add more users to large installations.

clustering

Clustering was specifically designed for very large installations but requires some additional administrative resources. Check out the documentation to see how it works or contact your GitHub account manager to discuss scaling options.

A new way to cache intensive operations

For teams working on bigger software projects, large CI farms or similar collections of clients that perfom git fetch for large amounts of data at almost the same time can cause a substantial CPU and RAM load on our fileservers. With GitHub Enterprise 2.5, we have improved our resilience to the degraded performance that can happen with “thundering herds.”

More ways to protect your branches

GitHub Enterprise 2.4 included Protected Branches and Required Statuses to help teams collaborate safely: When you protect a branch, other developers can’t delete or force-push to it. You can also specify status checks that collaborators need to pass before merging a pull request.

With GitHub Enterprise 2.5, we are kicking off a preview period for the Protected Branches API—allowing instance administrators to help maintain a project’s conventions at scale and make sure no one loses any work.

Protected branches and required status checks are configurable per repository. To start using the API, check out the documentation.

Design updates

When you upgrade to GitHub Enterprise 2.5, parts of GitHub will look different. The repository and sign-in screens have updated designs that will make it easier to sign in and use GitHub from your browser.

A new look for repositories

The new repository design improves navigation, simplifies the page layout, and improves code performance under the hood. You can learn more about what’s changed from our recent blog post on the new design. In the meantime, here’s a summary:

  • The collapsing side menu is now a single, always present navigation, which improves accessibility and frees up more space for what matters to you—issues and pull requests.
  • The Code tab now more prominently emphasizes cloning and comes with a redesigned protocol switcher containing explicit menu items with explanatory text for each cloning method.

Simple sign-in and authentication screens

In addition to updating how repositories look, we have simplified the sign-in and authentication screens, so you can access your account more efficiently. The sign-up screen also includes a clearer sign-up link for new developers on your team who do not have a GitHub account, yet.

Enhanced Subversion support

For teams who use SVN commands to interact with their repositories, the latest version of GitHub Enterprise extends support for Subversion to versions 1.8 and 1.9. You can now use newer Subversion clients with GitHub, including features from 1.8 and 1.9.

Upgrade today

Check out the release notes to see what else is new or download GitHub Enterprise 2.5 now. You can also enable update checks to automatically update your instance whenever there is a new release.

GitHub Enterprise 2.4 is now available

GitHub Enterprise is the on-premises version of GitHub, which you can deploy and manage in your own, secure environment. The GitHub Enterprise 2.4 release offers users and administrators greater control over their instance—and their workflows. From protected branches to simplified asset management, our latest release includes features and updates that make GitHub more flexible.

Protected branches and required statuses

With protected branches, administrators now have the ability to disable force pushes to specific branches. Required status checks on protected branches make integrations that use our Status API enforceable, and you can disable the merge button until they pass.

Improved organization permissions

Improved permissions give your organization the flexibility to work the way you want. New customizable member privileges, fine-grained team permissions, managed access, and transparent communication with team mentions make it even easier for your team to work together. Learn more about GitHub’s improved organization permissions.

Easier asset management with Git Large File Storage

With the inclusion of Git LFS you can integrate large binary files into your Git workflow. Large files are stored on your server and the custom API allows you to transfer any number of files with ease. Learn more about Git LFS.

More flexibility with GitHub Pages

Your GitHub Pages sites can be public even if your Enterprise instance is private. With the new jekyll-feed plugin, you can automatically generate an Atom (RSS-like) feed of your most recent posts, making it easier for people to subscribe. Learn more about easier feeds for GitHub Pages.

Keep your instance current

Ensure your GitHub Enterprise instance is up-to-date with new features, security patches, and bug fixes by opting in to automatic downloads of new releases, which you can then apply from the management console.

Render map data within GitHub Enterprise

With GeoJSON support, any GeoJSON file in a GitHub repository will now be automatically rendered as an interactive, browsable map, annotated with your geographic data. You can even customize the way your data is displayed, such as coloring and sizing individual markers, or specifying a more descriptive icon.

Merge with confidence

The area above the merge button now contains information on automated status checks, making it easier to see if your proposed changes are ready to go or need more work.

Universal 2nd Factor authentication

Earlier this month we announced that we expanded GitHub’s authentication system to support FIDO Universal 2nd Factor (U2F), and this security feature is now available with the GitHub Enterprise 2.4 release. Read more about how U2F keys work or take a look at the documentation to learn how to associate a U2F key with your instance.

For the full list of features and updates, check out the release notes. If you’re currently using GitHub Enterprise, you can download this release now. If you want to give GitHub Enterprise a try, request a 45-day free trial.

GitHub Enterprise security best practices

We want to free up your administrator’s time by providing a tool that requires little maintenance and great out-of-the-box security. By following a few simple steps, GitHub Enterprise can be ready for your developers to test the same day it you install it.

Sometimes in the excitement to get up and running, it is easy to pass over simple solutions for security. This post will guide you through some of the settings GitHub Enterprise provides to ensure your company’s installation is secure without inhibiting collaboration. We will also discuss monitoring and auditing tools that give greater insight into the health and security of your installation.

Initial instance setup

Instance password

The password for the Enterprise Management Console, as shown in step #8 of this guide, is the main gateway to administer GitHub Enterprise. This shared password gives a user unfettered access to the GitHub Enterprise environment, so we recommend that you only share it with a select few individuals and save it in an encrypted vault such as 1Password or a similar password management tool. Using this password, you can establish SSH keys through the /setup page in GitHub Enterprise. After setting up a key, an administrator can SSH into the GitHub Enterprise instance and gain access to all the ghe- command line utilities available.

Private Mode

private-mode

In the /setup page of GitHub Enterprise you will find a setting that enables Private Mode. With this setting enabled, GitHub Enterprise hides all content from users who are not authenticated, including public repositories.

Enabling Private Mode is required for GitHub Enterprise instances that are accessible to users outside of the firewall without a VPN. This helps to ensure a user does not inadvertently make a repository public externally that should remain private within a company.

If your GitHub Enterprise install is only available from a VPN outside of your firewall Private Mode does not need to be turned on. This lets unauthenticated people within the firewall view public repositories and public GitHub Pages.

Subdomain isolation

subdomain

We strongly recommend that everyone turn on subdomain isolation for their GitHub Enterprise instance. Subdomain isolation securely separates user-supplied content from other portions of your GitHub Enterprise appliance, which mitigates cross-site scripting and other related vulnerabilities. You can make these changes by creating a wildcard DNS entry or by whitelisting each subdomain individually. A full list of these subdomains is available in the link above.

Improved monitoring

If you navigate to the /setup/monitor page in GitHub Enterprise you will notice GitHub Enterprise now ships (as of Enterprise version 2.3) with more graphs to monitor activity on the instance. This permits an administrator to spot suspicious activity and maintain stability in the environment.

Another feature that helps you keep GitHub Enterprise secure is the audit log, which is available at the /stafftools/audit_log endpoint. It records actions that are occurring and makes them visible to a site administrator. These audit logs reveal what action occurred (for instance, a user login), who performed the action, and the IP address of the request. This gives you great visibility into what is happening on an instance level.

Authentication

Certain authentication methods provide additional levels of security and control. Two we’ll highlight here are restricted user groups and universal two-factor authentication.

Restricted user groups

Both LDAP Sync and SAML with Okta allow GitHub Enterprise administrators to segment users and fine-tune control of GitHub Enterprise. In addition to securing your instance, these tools let you control the number of licensed seats in use at any given time.

LDAP Sync permits an administrator to set up a Restricted Group (in Active Directory, for example) that limits access to GitHub Enterprise to only users found in that group.

ldap-settings

SAML with Okta lets an administrator control access to GitHub Enterprise by setting it up as an “application” and assigning users to that application to give them access.

With fine tuned controls over who can access the instance, and great reporting from those tools about group membership, an administrator can feel confident in both controlling and monitoring access.

Universal second factor authentication

In partnership with Yubico, GitHub also supports Universal Second Factor Authentication (U2F). If you are not using GitHub’s built in authentication in your instance, however, your identity management provider must provide U2F.

We strongly encourage companies and individuals to reach out to their identity providers and request support for U2F if it is not yet supported.

Organizational security options

GitHub’s revamped organizations and teams are another way to secure your GitHub Enterprise installation. Administrators of GitHub Enterprise will now have the ability to set access levels for a team on a per repository basis. This granularity will reduce the number of teams that administrators must set up and maintain.

Any questions, don’t hesitate to reach out

If you are administering GitHub Enterprise for your team, putting these best practices into play is a great step toward ensuring that your instance stays healthy, secure, and as easy to maintain as it was to install. For a deeper dive into securing your GitHub Enterprise installation, check out this recording from GitHub Universe.

If you have any questions about securing your GitHub Enterprise installation you can reach out to enterprise@github.com to get clarifications or help.

The GitHub Services team is happy to help get you up and running with GitHub Enterprise. We can help you get GitHub Enterprise deployed quickly while following the best practices for security, availability and redundancy. If you would like to learn more about how we can help, don’t hesitate to reach out to services@github.com.

GitHub Enterprise 2.3 is now available

GitHub Enterprise 2.3 offers users and administrators greater control over their instance—and their workflows. From expanded monitoring to a hi-fidelity migration tool, our latest release includes features, APIs, and ongoing security updates that make GitHub more flexible and secure.

New Administrator APIs

New enterprise-only APIs give administrators more flexibility when setting up and provisioning new accounts, as well as when listing details about their users and organizations. You can check out the full list of APIs included in GitHub Enterprise 2.3 the release notes.

Simpler migrations

Whether you’re consolidating GitHub Enterprise instances or moving your organization from GitHub.com, the ability to easily migrate data is important. To simplify this process, you can now use ghe-migrator—a hi-fidelity tool for migrating repositories and all of their supporting data from one GitHub instance to another.

Advanced monitoring

With more ways to monitor your instance, your team can react to small issues before they get bigger. Administators can now see the current state of queues for background jobs and emails, along with more extensive request metrics and additional dashboard information for MySQL, Redis, and ElasticSearch.

Filter pull requests by status

You can sort pull requests by the status of commits with the status: filter—giving you greater control over an important part of the development process. This works especially well if you’re using The Status API or an integration service that does.

And more

  • Outbound HTTP proxies for third party tools and services
  • Previewing for comments
  • Better RSA key validations that prevent weak SSH keys
  • Read-only deploy keys
  • Referrer sanitization

For the full list of features and updates, check out the release notes. If you’re currently using GitHub Enterprise, you can download this release now. If you want to give GitHub Enterprise a try, request a 45-day free trial.

Announcing GitHub Enterprise 2.1.0

hero-2-1-release

It’s a new year and we couldn’t think of a better way to start it off than with a new release of GitHub Enterprise. We’ve included a number of highly-requested features, along with some of the best stuff recently shipped on GitHub.com - all to give developers and admins the best tools to build and ship software at work.

Let’s talk about some of the features you’ll find in this release.

Automate user and team management with LDAP Sync

Many of you have told us that you want it to be easier to use GitHub Enterprise with LDAP, especially for organizations managing lots of users. With this release, GitHub Enterprise integrates with your LDAP directory more deeply than ever before, automating identity and access management for your organization. This means you can provision and deprovision user accounts in GitHub Enterprise directly from LDAP with user sync, and automatically grant users access to repositories with team sync. While we were at it, we also improved LDAP performance across the board, increasing reliability and throughput.

Deploy GitHub Enterprise on OpenStack KVM

One of our goals with last year’s rebuild of GitHub Enterprise was to make it available in more of the environments where you want to run it, whether you’re managing your infrastructure on servers you own or on an internal cloud-based platform. That’s why we’re excited to announce that with this release, GitHub Enterprise is available on OpenStack KVM, in addition to Amazon Web Services and VMware. If your tech stack is built on KVM, you can now easily set up GitHub Enterprise and integrate with other parts of your internal system.

Audit all user actions across your instance

The Organization Audit Log that shipped with the November release of GitHub Enterprise has now been expanded to the instance level, giving administrators a skimmable and searchable record of every action performed across GitHub Enterprise in the past 90 days. Events like repository creation, team deletion, the addition of webhooks, and more are surfaced in a running log, along with information about who performed the action and when it occurred. These events can be filtered for deeper analysis, and you can create a wide range of custom search queries to make sure you’re always aware of what’s taking place on your instance.

audit-log

Monitor the performance of GitHub Enterprise

If you’re administering GitHub Enterprise, you should be able to identify whether your instance is performing correctly and quickly locate what’s wrong when it isn’t. With the new Instance Monitoring Dashboard, you now can. With data displayed for things like data disk usage, memory, CPUs, and more, you’ll be able to answer questions like:

  • Are my users experiencing errors?
  • Are things fast or slow for my users?
  • What is a typical traffic pattern? What is abnormal?
  • Should I upgrade CPU, memory, or IO to improve the performance of my instance?
  • When should I plan to increase my disk space given my current growth rate?

monitoring-dashboard

Even more betterness

GitHub Enterprise 2.1.0 also includes:

To see the full list of features and bug fixes, check out the release notes for GitHub Enterprise 2.1.0.

Take 2.1.0 for a spin

If you’re an existing GitHub Enterprise customer, you can download the latest release from the GitHub Enterprise website. If you want to give GitHub Enterprise a try, start a 45-day free trial on OpenStack KVM, AWS, or VMware.

Changelog

Subscribe

Discover new ways to build better

Try Marketplace apps free for 14 days

Learn more