Skip to main content
 
2022-11-28 (latest)

 

Enforcing repository management policies in your enterprise

In this article

You can enforce policies for repository management within your enterprise's organizations, or allow policies to be set in each organization.

Who can use this feature

Enterprise owners can enforce policies for repository management in an enterprise.

About policies for repository management in your enterprise

You can enforce policies to control how members of your enterprise on GitHub Enterprise Cloud manage repositories. You can also allow organization owners to manage policies for repository management. For more information, see "Creating and managing repositories and "Organizations and teams."

Enforcing a policy for base repository permissions

Across all organizations owned by your enterprise, you can set a base repository permission level (none, read, write, or admin) for organization members, or allow owners to administer the setting on the organization level.

  1. In the top-right corner of GitHub.com, click your profile photo, then click Your enterprises. "Your enterprises" in drop-down menu for profile photo on GitHub Enterprise Cloud

  2. In the list of enterprises, click the enterprise you want to view. Name of an enterprise in list of your enterprises

  3. In the enterprise sidebar, click Policies. Policies tab in the enterprise account sidebar

  4. Under " Policies", click Repositories. Repositories tab in the enterprise account settings sidebar

  5. Under "Base permissions", review the information about changing the setting. Optionally, to view the current configuration for all organizations in the enterprise account before you change the setting, click View your organizations' current configurations. Link to view the current policy configuration for organizations in the business

  6. Under "Base permissions", use the drop-down menu and choose a policy. Drop-down menu with repository permissions policy options

Enforcing a policy for repository creation

Across all organizations owned by your enterprise, you can allow members to create repositories, restrict repository creation to organization owners, or allow owners to administer the setting on the organization level.

If you allow members to create repositories in your organizations, you can choose which types of repositories (public, private, and internal) that members can create.

If your enterprise uses Enterprise Managed Users, you can also prevent users from creating repositories owned by their user accounts.

Internal repositories are the default setting for all new repositories created in an organization owned by an enterprise account. For more information about internal repositories, see "Creating an internal repository."

Organization owners can always create any type of repository, and outside collaborators can never create any type of repository. For more information, see "About repositories."

  1. In the top-right corner of GitHub.com, click your profile photo, then click Your enterprises. "Your enterprises" in drop-down menu for profile photo on GitHub Enterprise Cloud

  2. In the list of enterprises, click the enterprise you want to view. Name of an enterprise in list of your enterprises

  3. In the enterprise sidebar, click Policies. Policies tab in the enterprise account sidebar

  4. Under " Policies", click Repositories. Repositories tab in the enterprise account settings sidebar

  5. Under "Repository creation", review the information about changing the setting. Optionally, to view the current configuration for all organizations in the enterprise account before you change the setting, click View your organizations' current configurations. Link to view the current policy configuration for organizations in the business

  6. Under "Repository creation", select a policy.

    Drop-down menu with repository creation policy options

  7. If you selected Members can create repositories, select one or more repository types. Checkboxes for repository types

  8. Optionally, if your enterprise uses Enterprise Managed Users and you want to prevent enterprise members from creating repositories owned by their user accounts, select Block the creation of user namespace repositories. Screenshot showing the list of disabled options from forking policy

Enforcing a policy for forking private or internal repositories

Across all organizations owned by your enterprise, you can allow people with access to a private or internal repository to fork the repository, never allow forking of private or internal repositories, or allow owners to administer the setting on the organization level.

People with admin permissions can set a more granular forking policy. For more information, see "Managing the forking policy for your organization."

Note: If your enterprise uses Enterprise Managed Users and your "Repository creation" policy prevents enterprise members from creating repositories owned by their user accounts, members will not be allowed to fork a repository in their user accounts, regardless of your "Repository forking" policy.

  1. In the top-right corner of GitHub.com, click your profile photo, then click Your enterprises. "Your enterprises" in drop-down menu for profile photo on GitHub Enterprise Cloud

  2. In the list of enterprises, click the enterprise you want to view. Name of an enterprise in list of your enterprises

  3. In the enterprise sidebar, click Policies. Policies tab in the enterprise account sidebar

  4. Under " Policies", click Repositories. Repositories tab in the enterprise account settings sidebar

  5. Under "Repository forking", review the information about changing the setting. Optionally, to view the current configuration for all organizations in the enterprise account before you change the setting, click View your organizations' current configurations. Link to view the current policy configuration for organizations in the business

  6. Under "Repository forking", use the dropdown menu and choose a policy.

    Drop-down menu with repository forking policy options

  7. If forking is enabled, you can specify where users are allowed to fork repositories. Review the information about changing the setting and choose a policy.

    Screenshot showing the list of repository forking policy options

Enforcing a policy for inviting outside collaborators to repositories

Across all organizations owned by your enterprise, you can allow members to invite outside collaborators to repositories, restrict outside collaborator invitations to organization owners, restrict outside collaborator invitations to enterprise owners, or allow organization owners to administer the setting on the organization level.

  1. In the top-right corner of GitHub.com, click your profile photo, then click Your enterprises. "Your enterprises" in drop-down menu for profile photo on GitHub Enterprise Cloud

  2. In the list of enterprises, click the enterprise you want to view. Name of an enterprise in list of your enterprises

  3. In the enterprise sidebar, click Policies. Policies tab in the enterprise account sidebar

  4. Under " Policies", click Repositories. Repositories tab in the enterprise account settings sidebar

  5. Under "Repository outside collaborators", review the information about changing the setting. Optionally, to view the current configuration for all organizations in the enterprise account before you change the setting, click View your organizations' current configurations. Link to view the current policy configuration for organizations in the business

  6. Under "Repository outside collaborators", use the drop-down menu and choose a policy.

    Drop-down menu with outside collaborator invitation policy options

Enforcing a policy for the default branch name

Across all organizations owned by your enterprise, you can set the default branch name for any new repositories that members create. You can choose to enforce that default branch name across all organizations or allow individual organizations to set a different one.

  1. In the top-right corner of GitHub.com, click your profile photo, then click Your enterprises. "Your enterprises" in drop-down menu for profile photo on GitHub Enterprise Cloud

  2. In the list of enterprises, click the enterprise you want to view. Name of an enterprise in list of your enterprises

  3. In the enterprise sidebar, click Policies. Policies tab in the enterprise account sidebar

  4. On the Repository policies tab, under "Default branch name", enter the default branch name that new repositories should use. Text box for entering default branch name

  5. Optionally, to enforce the default branch name for all organizations in the enterprise, select Enforce across this enterprise. Enforcement checkbox

  6. Click Update. Update button

Enforcing a policy for changes to repository visibility

Across all organizations owned by your enterprise, you can allow members with admin access to change a repository's visibility, restrict repository visibility changes to organization owners, or allow owners to administer the setting on the organization level. When you prevent members from changing repository visibility, only enterprise owners can change the visibility of a repository.

If an enterprise owner has restricted repository creation to organization owners only, then members will not be able to change repository visibility. If an enterprise owner has restricted member repository creation to private repositories only, then members will only be able to change the visibility of a repository to private. For more information, see "Setting a policy for repository creation."

  1. In the top-right corner of GitHub.com, click your profile photo, then click Your enterprises. "Your enterprises" in drop-down menu for profile photo on GitHub Enterprise Cloud

  2. In the list of enterprises, click the enterprise you want to view. Name of an enterprise in list of your enterprises

  3. In the enterprise sidebar, click Policies. Policies tab in the enterprise account sidebar

  4. Under " Policies", click Repositories. Repositories tab in the enterprise account settings sidebar

  5. Under "Repository visibility change", review the information about changing the setting. Optionally, to view the current configuration for all organizations in the enterprise account before you change the setting, click View your organizations' current configurations. Link to view the current policy configuration for organizations in the business

  6. Under "Repository visibility change", use the drop-down menu and choose a policy. Drop-down menu with repository visibility policy options

Enforcing a policy for repository deletion and transfer

Across all organizations owned by your enterprise, you can allow members with admin permissions to delete or transfer a repository, restrict repository deletion and transfers to organization owners, or allow owners to administer the setting on the organization level.

  1. In the top-right corner of GitHub.com, click your profile photo, then click Your enterprises. "Your enterprises" in drop-down menu for profile photo on GitHub Enterprise Cloud

  2. In the list of enterprises, click the enterprise you want to view. Name of an enterprise in list of your enterprises

  3. In the enterprise sidebar, click Policies. Policies tab in the enterprise account sidebar

  4. Under " Policies", click Repositories. Repositories tab in the enterprise account settings sidebar

  5. Under "Repository deletion and transfer", review the information about changing the setting. Optionally, to view the current configuration for all organizations in the enterprise account before you change the setting, click View your organizations' current configurations. Link to view the current policy configuration for organizations in the business

  6. Under "Repository deletion and transfer", use the drop-down menu and choose a policy. Drop-down menu with repository deletion policy options

Enforcing a policy for deleting issues

Across all organizations owned by your enterprise, you can allow members with admin access to delete issues in a repository, restrict issue deletion to organization owners, or allow owners to administer the setting on the organization level.

  1. In the top-right corner of GitHub.com, click your profile photo, then click Your enterprises. "Your enterprises" in drop-down menu for profile photo on GitHub Enterprise Cloud

  2. In the list of enterprises, click the enterprise you want to view. Name of an enterprise in list of your enterprises

  3. In the enterprise sidebar, click Policies. Policies tab in the enterprise account sidebar

  4. On the Repository policies tab, under "Repository issue deletion", review the information about changing the setting. Optionally, to view the current configuration for all organizations in the enterprise account before you change the setting, click View your organizations' current configurations. Link to view the current policy configuration for organizations in the business

  5. Under "Repository issue deletion", use the drop-down menu and choose a policy.

    Drop-down menu with issue deletion policy options