What is our primary use case?
Our customer has hundreds and thousands of applications, and 12 are part of my current project. Three of those applications are using GitHub as a code repository. The rest use Bitbucket. This customer is an Atlassian shop, so only I don't think more than 50 people use it.
Any code they develop will be version-controlled in this GitHub tool, and they use the branching and merging strategy to promote their code. We use it for version control and parallel development.
The code in GitHub will be consumed by CI/CD pipeline for the build and deployment. We're using the latest version, which has a feature called GitHub Actions that enables CI/CD within GitHub, but this organization doesn't use GitHub Actions. They prefer Bamboo.
What is most valuable?
The most valuable aspects of GitHub are version control and parallel development. I also appreciate the forking part, which allows us to release a specific set of features to the environment.
Development teams can integrate this tool with their IDEs. GitHub provides command line instructions that should suffice. But customers wonder how to configure their IDE because you have to clone the repo, register the username with a password, and then switch. All those things need to be performed within the IDE. So I don't know whether those things are already available. That would enable the developer to integrate their IDEs with the GitHub repository.
What needs improvement?
The development team pushes the code into a repository, and the CI/CD pipeline will perform the build. We need open-source libraries to perform the builds. It would be helpful to have the ability to link to open-source libraries like npm libraries. I don't know if GitHub Actions provides this. I would like to see that in GitHub Actions if they don't.
If you know the language for your build, it would be wonderful if GitHub automatically provided the link to those language-specific libraries so we don't need to search for the library.
For example, if I'm using Node.js, I should be in a position to link it to the npm libraries associated with that version so my build using the CI pipeline will work well. Then the results in the library must go into an artifact repository. We'll have to depend on JFrog or Sonatype to provide binary repositories. Git has the repository technology, so why not offer a binary repository feature?
GitHub has a static code repository; now, GitHub Actions provides CI/CD. The resulting packages should stay somewhere. I don't know whether they have added this or not because I have not explored the GitHub Actions. They're all public libraries, and the result of the build or CI pipeline is a deployment-ready package. Where will we keep them? That's where we need a binary repository.
In addition to the binary repository, I think they could also include some vulnerability scans to ensure the code we deliver is clean. SonarQube is a static code analysis we use. There are tools coming from Fortify or Veracode that can ensure there is no security vulnerability in the code. It's a complete CA practice-related tenant. It would be wonderful if they could add this functionality.
For how long have I used the solution?
We've used GitHub since 2013.
Buyer's Guide
GitHub
May 2023
Learn what your peers think about GitHub. Get advice and tips from experienced pros sharing their opinions. Updated: May 2023.
710,326 professionals have used our research since 2012.
What do I think about the stability of the solution?
GitHub performs well with the current load. I haven't had issues with the tool.
What do I think about the scalability of the solution?
We've never had an with the number of projects or developers using this tool. We've consistently had around a thousand developers over the years. The load will increase If a customer adds another 5,000 developers, then we may see some ups and downs in the scalability aspect of this tool, but we are all good with the scalability and stability so far.
How are customer service and support?
I haven't interacted with the support team because things are working well and we've never had issues with the platform.
Which solution did I use previously and why did I switch?
We used open-source Git and later used GitLab, which is a flavor of Git. GitHub, GitLab, Bitbucket, and Azure Repos are all flavors of Git. The underlying version-control functionalities come from Git, but different vendors have their own flavors. I have experience in all four of these, which are Git.
How was the initial setup?
I wasn't involved in the initial installation, but I installed the open-source flavor of Git, which was straightforward. Enabling the AD or LDAP is the most important thing in the enterprise setup. I have not looked into that because the customer enabled it. I never got a chance to integrate LDAP with the access management system within GitHub.
What's my experience with pricing, setup cost, and licensing?
It's a GAT now. We are using the enterprise edition. I don't use open-source any longer. I have no clue because it's all owned by the customer. We are only consultants in the project, right? So we don't have access to those details.
What other advice do I have?
I rate GitHub 10 out of 10. If you are using GitHub, your development team should define the branching strategy. One popular solution is Gitflow. There are different branching strategies available. You can use the main branch loan and a toggling feature development approach where one branch is sufficient.
However, people with parallel releases need a parallel development strategy, where multiple branches will come into play. You should consider which branching strategies apply to your current industry and development strategy. Pick one of them, learn, and adopt it in your project.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.