This article describes the differences between the on-prem GitHub Enterprise Server service available via github.ncsu.edu, and the new GitHub Enterprise Cloud service on github.com.
- Whereas the on-prem GitHub service uses a direct login form via LDAP with Unity ID / Password, the GitHub Enterprise Cloud service utilizes EntraID for authentication including Duo for MFA.
- User account names in the on-prem GitHub service are the user's Unity ID, while in the GitHub Enterprise Cloud service the account names are suffixed with "_ncstate", e.g. cacard_ncstate
- Users are required to log in before the account is created in the on-prem GitHub service, while in the GitHub Enterprise Cloud service all accounts are available immediately once they are active in HR/SIS, and can be added to organizations, teams, and repositories before the user has logged in.
- In the GitHub Enterprise Cloud service, SSH keys and Personal Access Tokens must be authorized via SSO before they can be used.
- While creation of new organizations is self-service in the on-prem GitHub service, new organizations must be created by request in the GitHub Enterprise Cloud service.
- The base organization member permissions are enforced to "No Permissions" in the GitHub Enterprise Cloud service, which forces explicitly granting repository permissions to members.
- The Public visibility option is not available in GitHub Enterprise Cloud; however, the Internal visibility is functionally the same as Public in the on-prem GitHub service, in that only authenticated members of the Enterprise are permitted to view the repository. Private visibility remains unchanged.
- Users may only create Private repositories on their individual user accounts in GitHub Enterprise Cloud. Explicit permissions must be granted to view these repositories.
- GitHub Pages in GitHub Enterprise Cloud are only visible to users who can view the repository, and can only be created within organizations, not individual user accounts.
- As a convenience in the on-prem GitHub service, we detach private repositories from their forks before they are deleted to preserve the forks. In the GitHub Enterprise Cloud service we do not have the option of detaching repositories, and so forks of private repositories are deleted when the parent repository is deleted.
- Whereas the on-prem GitHub service is hosted on-campus in the OIT VMWare cluster, the Cloud service is a part of the larger github.com service. Some on-campus networks way require additional configuration in order to reach the internet to communicate with GitHub Enterprise Cloud.
- Unlike the on-prem GitHub service, which requires regular maintenance for patching, the GitHub Enterprise Cloud service has no maintenance and is almost always available.
- Service accounts must be enrolled in Duo by Security and Compliance before they are able to log in via the Web interface for GitHub Enterprise Cloud.
- The base API URLs are different between the on-prem GitHub service and the GitHub Enterprise Cloud service.
- Guest accounts are not available in the on-prem GitHub service, but can be provisioned to allow external users access to the GitHub Enterprise Cloud service. Contact the NC State GitHub Service Team to request a guest account.