A comprehensive guide for NHS Wales users on how to link their on-premise git repositories (hosted on local shared drives, SharePoint, or other internal systems) to GitHub.
- Prerequisites
- NHS Wales Specific Considerations
- Command Line Approach
- GitHub Desktop Application
- On-Premise DevOps Integration
- Troubleshooting
- Best Practices
- Support and Resources
Before you begin, ensure you have:
- Git installed on your local machine
- GitHub account with appropriate permissions
- Access to your on-premise git repository
- Network access to GitHub.com (check with your IT team if behind corporate firewall)
- Appropriate permissions from your line manager and IT security team
- Git (version 2.20 or later recommended)
- Text editor (VS Code, Notepad++, etc.)
- GitHub Desktop (optional, for GUI approach)
- Terminal/Command Prompt access
- Approval from your Information Governance team
- Reviewed data classification of your repository contents
- Ensured no patient data or sensitive information is included
- Followed NHS Wales IT security policies
- Considered using GitHub Enterprise for additional security features
- Never commit patient data, personal information, or sensitive NHS data
- Use
.gitignorefiles to exclude configuration files with sensitive information - Regularly audit your repository contents
- Consider using private repositories for internal NHS Wales projects
NHS Wales networks may have specific firewall rules. Contact your IT support if you experience connectivity issues with:
github.comapi.github.com- Git over HTTPS (port 443) or SSH (port 22)
If you already have a git repository on your local drive or SharePoint that you want to link to GitHub:
# Navigate to your existing git repository
cd /path/to/your/existing/repo
# Verify it's a git repository
git status- Go to GitHub.com
- Click the "+" icon in the top right corner
- Select "New repository"
- Enter repository name (preferably matching your local repo name)
- Choose visibility (Public/Private - recommend Private for NHS Wales projects)
- Do NOT initialize with README, .gitignore, or license if you have existing content
- Click "Create repository"
# Add GitHub repository as remote origin
git remote add origin https://github.com/YOUR_USERNAME/YOUR_REPOSITORY_NAME.git
# Verify remote was added
git remote -vOption A: Personal Access Token (Recommended for HTTPS)
# Configure Git with your credentials
git config --global user.name "Your Name"
git config --global user.email "your.email@wales.nhs.uk"
# When prompted for password, use your Personal Access Token
# Create token at: https://github.com/settings/tokensOption B: SSH Key (More Secure)
# Generate SSH key (if you don't have one)
ssh-keygen -t ed25519 -C "your.email@wales.nhs.uk"
# Add SSH key to ssh-agent
eval "$(ssh-agent -s)"
ssh-add ~/.ssh/id_ed25519
# Copy public key to clipboard (Windows)
clip < ~/.ssh/id_ed25519.pub
# Copy public key to clipboard (Mac)
pbcopy < ~/.ssh/id_ed25519.pub
# Copy public key to clipboard (Linux)
cat ~/.ssh/id_ed25519.pubThen add the public key to your GitHub account:
- Go to GitHub Settings → SSH and GPG keys
- Click "New SSH key"
- Paste your public key
- Click "Add SSH key"
# Update remote to use SSH
git remote set-url origin git@github.com:YOUR_USERNAME/YOUR_REPOSITORY_NAME.git# Push your main branch to GitHub
git branch -M main
git push -u origin main
# Push any other branches
git push --all origin
# Push tags if you have any
git push --tags originIf your code is in a folder that's not yet a git repository:
# Navigate to your project folder
cd /path/to/your/project
# Initialize git repository
git init
# Add all files to tracking
git add .
# Create initial commit
git commit -m "Initial commit"Continue with creating GitHub repository and linking as described above.
For repositories stored on SharePoint:
# If using SharePoint sync client, navigate to synced folder
cd "C:\Users\%USERNAME%\OneDrive - NHS Wales\Your-Project-Folder"
# Or map SharePoint as network drive
# \\your-sharepoint-site.sharepoint.com\sites\your-site\Shared Documents\Your-ProjectOnce you have local access, follow the same steps as Scenario 1 or 2.
# Check repository status
git status
# Pull latest changes from GitHub
git pull origin main
# Add and commit changes
git add .
git commit -m "Descriptive commit message"
# Push changes to GitHub
git push origin main
# Create and switch to new branch
git checkout -b feature-branch-name
# Switch between branches
git checkout main
git checkout feature-branch-name
# Merge branch into main
git checkout main
git merge feature-branch-name
# Delete local branch
git branch -d feature-branch-name
# Delete remote branch
git push origin --delete feature-branch-nameGitHub Desktop provides a user-friendly graphical interface for managing git repositories. This section covers how to use it for linking on-premise repositories to GitHub.
- Download from desktop.github.com
- Install following your organization's software installation procedures
- Launch GitHub Desktop
- Click "Sign in to GitHub.com"
- Enter your GitHub credentials
- Authorize GitHub Desktop
- File → Add Local Repository
- Browse to your on-premise repository folder
- Click Add Repository
If Git is not initialized:
- Click Create a repository instead
- Choose Local path pointing to your project folder
- Fill in repository details
- Click Create Repository
- File → Clone Repository
- Select GitHub.com tab
- Choose your repository from the list
- Select local path (e.g., your SharePoint synced folder)
- Click Clone
If you added a local repository that doesn't exist on GitHub yet:
- Click Publish repository in the top toolbar
- Choose repository name
- Add description (optional)
- Select Keep this code private for NHS Wales projects
- Choose organization (if applicable)
- Click Publish repository
- Edit your files in your preferred editor
- Return to GitHub Desktop
- Review changes in the Changes tab
- Enter commit message in the summary field
- Add description if needed
- Click Commit to main
- Click Push origin to upload your commits
- Click Fetch origin to check for remote changes
- Click Pull origin if there are remote changes to download
Creating a New Branch:
- Click Current branch dropdown
- Click New branch
- Enter branch name
- Click Create branch
Switching Branches:
- Click Current branch dropdown
- Select desired branch from list
Merging Branches:
- Switch to main branch
- Click Current branch dropdown
- Click Choose a branch to merge into main
- Select branch to merge
- Click Merge
- Ensure SharePoint folder is synced to local drive
- Use Add Local Repository to add the synced folder
- GitHub Desktop will manage the repository in the synced location
- Changes sync automatically to SharePoint and can be pushed to GitHub
- Keep your main working copy in a regular local folder
- Use GitHub Desktop for version control and GitHub synchronization
- Manually copy finalized versions to SharePoint as needed
- Click History tab
- Browse commits and see changes
- Right-click commits for options like revert
When merge conflicts occur:
- GitHub Desktop will highlight conflicted files
- Click Open in External Editor
- Resolve conflicts in your preferred editor
- Save files
- Return to GitHub Desktop and commit resolved changes
Access via File → Options (Windows) or GitHub Desktop → Preferences (Mac):
- Git tab: Configure name and email
- Appearance: Choose theme
- Advanced: Configure external editor and shell
This section covers integrating your on-premise DevOps processes with GitHub while maintaining NHS Wales compliance and security standards.
Many NHS Wales organizations use Azure DevOps. Here's how to integrate with GitHub:
# .github/workflows/azure-devops-integration.yml
name: Azure DevOps Integration
on:
push:
branches: [ main, develop ]
pull_request:
branches: [ main ]
jobs:
trigger-azure-pipeline:
runs-on: ubuntu-latest
steps:
- name: Trigger Azure DevOps Pipeline
uses: Azure/pipelines@v1
with:
azure-devops-project-url: 'https://dev.azure.com/yourorg/yourproject'
azure-pipeline-name: 'YourPipelineName'
azure-devops-token: ${{ secrets.AZURE_DEVOPS_TOKEN }}Set up automatic mirroring from GitHub to Azure DevOps:
# Add Azure DevOps as additional remote
git remote add azure-devops https://yourorg@dev.azure.com/yourorg/yourproject/_git/yourrepo
# Push to both remotes
git push origin main
git push azure-devops main
# Create script for automatic dual push
# save as push-both.sh
#!/bin/bash
git push origin "$1"
git push azure-devops "$1"For organizations using Jenkins for CI/CD:
-
In GitHub Repository:
- Go to Settings → Webhooks
- Add webhook URL:
http://your-jenkins-server/github-webhook/ - Select events: Push, Pull requests
- Add webhook
-
In Jenkins:
- Install GitHub Plugin
- Configure job to trigger on GitHub webhooks
- Set up GitHub credentials in Jenkins
// Jenkinsfile for NHS Wales projects
pipeline {
agent any
environment {
NHS_COMPLIANCE_CHECK = 'true'
SECURITY_SCAN = 'enabled'
}
stages {
stage('Checkout') {
steps {
checkout scm
}
}
stage('NHS Compliance Check') {
steps {
script {
// Custom compliance checks for NHS Wales
sh 'python scripts/nhs-compliance-check.py'
}
}
}
stage('Security Scan') {
steps {
// Security scanning for sensitive data
sh 'python scripts/security-scan.py'
}
}
stage('Build') {
steps {
// Your build steps
sh 'npm install'
sh 'npm run build'
}
}
stage('Test') {
steps {
sh 'npm test'
}
}
stage('Deploy to Internal') {
when {
branch 'main'
}
steps {
// Deploy to internal NHS Wales infrastructure
sh 'scripts/deploy-internal.sh'
}
}
}
post {
always {
// Clean up sensitive files
sh 'scripts/cleanup-sensitive-data.sh'
}
failure {
// Notify NHS Wales team
emailext(
subject: "NHS Wales Build Failed: ${env.JOB_NAME} - ${env.BUILD_NUMBER}",
body: "Build failed. Please check Jenkins for details.",
to: "your-team@wales.nhs.uk"
)
}
}
}# .github/workflows/nhs-wales-ci.yml
name: NHS Wales CI/CD Pipeline
on:
push:
branches: [ main, develop ]
pull_request:
branches: [ main ]
env:
NHS_ENVIRONMENT: production
SECURITY_LEVEL: high
jobs:
compliance-check:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: NHS Compliance Check
run: |
echo "Running NHS Wales compliance checks..."
# Check for patient data patterns
if grep -r "NHS\s\+number\|Patient\s\+ID" --include="*.py" --include="*.js" --include="*.json" .; then
echo "❌ Potential patient data found!"
exit 1
fi
echo "✅ No sensitive NHS data detected"
- name: Security Scan
uses: securecodewarrior/github-action-add-sarif@v1
with:
sarif-file: 'security-scan-results.sarif'
build-and-test:
needs: compliance-check
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Setup Node.js
uses: actions/setup-node@v3
with:
node-version: '18'
cache: 'npm'
- name: Install dependencies
run: npm ci
- name: Run tests
run: npm test
- name: Build application
run: npm run build
- name: Archive production artifacts
uses: actions/upload-artifact@v3
with:
name: build-files
path: dist/
deploy-internal:
if: github.ref == 'refs/heads/main'
needs: [compliance-check, build-and-test]
runs-on: ubuntu-latest
environment: nhs-wales-internal
steps:
- name: Deploy to NHS Wales Infrastructure
run: |
echo "Deploying to NHS Wales internal infrastructure..."
# Your deployment commands here# Script to sync documentation to SharePoint
#!/bin/bash
# sync-to-sharepoint.sh
# Configuration
SHAREPOINT_SITE="https://yourorg.sharepoint.com/sites/your-site"
LOCAL_DOCS="./docs"
SHAREPOINT_DOCS="Shared Documents/Technical Documentation"
# Sync documentation
echo "Syncing documentation to SharePoint..."
rsync -av "$LOCAL_DOCS/" "/path/to/synced/sharepoint/$SHAREPOINT_DOCS/"
echo "Documentation synced successfully"# Script to backup code to network drives
#!/bin/bash
# backup-to-network.sh
NETWORK_DRIVE="/mnt/nhs-shared-drive"
PROJECT_NAME="your-project"
BACKUP_DIR="$NETWORK_DRIVE/code-backups/$PROJECT_NAME"
# Create backup directory
mkdir -p "$BACKUP_DIR/$(date +%Y-%m-%d)"
# Create compressed backup
tar -czf "$BACKUP_DIR/$(date +%Y-%m-%d)/backup-$(date +%H%M%S).tar.gz" \
--exclude='.git' \
--exclude='node_modules' \
--exclude='dist' \
.
echo "Backup created in $BACKUP_DIR"# scripts/nhs-compliance-check.py
import os
import re
import json
from datetime import datetime
def check_sensitive_data():
"""Check for NHS sensitive data patterns"""
patterns = [
r'\b\d{10}\b', # NHS numbers
r'patient[_\s]+id', # Patient IDs
r'medical[_\s]+record', # Medical records
# Add more patterns as needed
]
violations = []
for root, dirs, files in os.walk('.'):
# Skip .git and node_modules
dirs[:] = [d for d in dirs if d not in ['.git', 'node_modules', 'dist']]
for file in files:
if file.endswith(('.py', '.js', '.json', '.md', '.txt')):
filepath = os.path.join(root, file)
try:
with open(filepath, 'r', encoding='utf-8') as f:
content = f.read()
for pattern in patterns:
if re.search(pattern, content, re.IGNORECASE):
violations.append({
'file': filepath,
'pattern': pattern,
'line': content.count('\n', 0, content.find(re.search(pattern, content, re.IGNORECASE).group())) + 1
})
except:
continue
return violations
if __name__ == "__main__":
violations = check_sensitive_data()
if violations:
print("❌ NHS Compliance violations found:")
for violation in violations:
print(f" File: {violation['file']}, Line: {violation['line']}")
exit(1)
else:
print("✅ NHS Compliance check passed")
# Generate compliance report
report = {
'timestamp': datetime.now().isoformat(),
'status': 'PASS' if not violations else 'FAIL',
'violations': violations
}
with open('compliance-report.json', 'w') as f:
json.dump(report, f, indent=2)Issue: remote: Repository not found or Permission denied
Solutions:
# Check if remote URL is correct
git remote -v
# Update remote URL if incorrect
git remote set-url origin https://github.com/USERNAME/REPOSITORY.git
# For SSH issues, test connection
ssh -T git@github.com
# Regenerate SSH key if needed
ssh-keygen -t ed25519 -C "your.email@wales.nhs.uk"Issue: file too large error when pushing
Solutions:
# Remove large files from history
git filter-branch --force --index-filter \
'git rm --cached --ignore-unmatch path/to/large/file' \
--prune-empty --tag-name-filter cat -- --all
# Or use BFG Repo-Cleaner (faster)
java -jar bfg.jar --strip-blobs-bigger-than 100M
# Push cleaned repository
git push --force-with-lease origin mainIssue: Cannot connect to GitHub
Solutions:
- Contact NHS Wales IT support to allow GitHub domains
- Use HTTPS instead of SSH if port 22 is blocked
- Configure proxy if required:
# Configure Git to use proxy
git config --global http.proxy http://proxy.server:port
git config --global https.proxy https://proxy.server:port
# For authenticated proxy
git config --global http.proxy http://username:password@proxy.server:portIssue: Git repository in SharePoint sync folder not working properly
Solutions:
- Ensure SharePoint sync is not interfering with
.gitfolder - Add
.gitto SharePoint sync exclusions if possible - Consider using separate local repository and manual SharePoint updates
Issue: Conflicts when merging or pulling
Solutions:
# Check status
git status
# Open conflicted files and resolve manually
# Look for conflict markers: <<<<<<<, =======, >>>>>>>
# After resolving conflicts
git add .
git commit -m "Resolve merge conflicts"
# Or abort merge if needed
git merge --abortIssue: Branches out of sync or complex history
Solutions:
# Reset branch to match remote
git fetch origin
git reset --hard origin/main
# Clean up local branches
git branch -d branch-name
# Prune remote-tracking branches
git remote prune origin-
Never commit sensitive information:
# Create .gitignore file echo "*.env" >> .gitignore echo "config/secrets.json" >> .gitignore echo "*.key" >> .gitignore echo "*.pem" >> .gitignore
-
Use private repositories for NHS Wales projects
-
Enable two-factor authentication on GitHub account
-
Regular security audits:
# Check for secrets in repository git log --all --full-history -- "*.env" git log --all --full-history -- "*secret*"
-
Use branch protection rules on GitHub
-
Use descriptive commit messages:
# Good commit message format git commit -m "Add patient data validation to admission form - Implement NHS number validation - Add postcode format checking - Update unit tests for new validation rules Fixes #123"
-
Regular commits and pushes:
# Commit frequently with small, logical changes git add specific-file.py git commit -m "Fix validation bug in patient form"
-
Use feature branches:
# Create feature branch git checkout -b feature/patient-validation # Work on feature, commit changes git add . git commit -m "Add patient validation logic" # Push feature branch git push origin feature/patient-validation # Create pull request on GitHub for review
-
Keep repositories clean:
# Regular cleanup git gc --prune=now git remote prune origin
-
Information Governance Compliance:
- Get approval before creating public repositories
- Regular review of repository contents
- Document data classification levels
-
Documentation Standards:
- Include README.md with project description
- Document NHS Wales specific configurations
- Maintain CHANGELOG.md for version tracking
-
Code Review Process:
- Require pull request reviews
- Include security team in sensitive changes
- Use GitHub's code scanning features
-
Backup and Recovery:
- Regular backups to NHS Wales infrastructure
- Document recovery procedures
- Test backup restoration process
your-nhs-project/
├── .gitignore # Exclude sensitive files
├── README.md # Project documentation
├── CHANGELOG.md # Version history
├── .github/
│ ├── workflows/ # GitHub Actions
│ └── ISSUE_TEMPLATE.md # Issue templates
├── docs/ # Documentation
│ ├── nhs-compliance.md # NHS specific docs
│ └── deployment.md # Deployment guide
├── src/ # Source code
├── tests/ # Test files
├── scripts/ # Utility scripts
│ ├── compliance-check.py # NHS compliance checker
│ └── backup.sh # Backup script
└── config/ # Configuration (non-sensitive)
└── .env.example # Environment template
- IT Support: Contact your local NHS Wales IT support team
- Information Governance: Reach out to your IG team for data classification questions
- Security Team: For security-related questions about GitHub usage
- GitHub Docs: docs.github.com
- GitHub Desktop Help: docs.github.com/en/desktop
- Git Documentation: git-scm.com/doc
- GitHub Skills: skills.github.com - Interactive tutorials
-
Git Basics Course:
- Git Handbook
- Pro Git Book (Free online)
-
GitHub-specific Training:
-
NHS Wales Specific:
- Internal training sessions (contact your training coordinator)
- Lunch and learn sessions on version control
If you accidentally commit sensitive NHS data:
-
Immediate Actions:
# Remove file from latest commit git rm --cached sensitive-file.txt git commit --amend -m "Remove sensitive file" git push --force-with-lease origin main
-
For Historical Commits:
- Contact your IT security team immediately
- Consider repository deletion and recreation if data is highly sensitive
- Use BFG Repo-Cleaner or git filter-branch to remove from history
-
Reporting:
- Report incident to Information Governance team
- Document actions taken
- Follow NHS Wales incident reporting procedures
-
Internal Help:
- Your team's senior developer
- NHS Wales technical forums
- Local IT support
-
External Resources:
- Stack Overflow (for technical Git questions)
- GitHub Community Forum
- Git official support channels
# Setup
git config --global user.name "Your Name"
git config --global user.email "your.email@wales.nhs.uk"
# Daily workflow
git status # Check status
git add . # Stage changes
git commit -m "message" # Commit changes
git push origin main # Push to GitHub
git pull origin main # Pull from GitHub
# Branch management
git checkout -b new-branch # Create and switch to branch
git checkout main # Switch to main branch
git merge feature-branch # Merge branch into current
# Emergency
git stash # Temporarily save changes
git reset --hard HEAD~1 # Undo last commit (destructive)
git revert HEAD # Undo last commit (safe)- Ctrl+Shift+A: Add repository
- Ctrl+T: Create new branch
- Ctrl+Enter: Commit changes
- Ctrl+P: Push to GitHub
- Ctrl+Shift+P: Pull from GitHub
This guide is maintained by the NHS Wales Technical Team. For updates or corrections, please submit an issue or pull request to this repository.
Version: 1.0
Last Updated: October 2024
Next Review: January 2025