Add a Repo Setup Guide to the github docs

[patricksimonian]

As discussed in #34 we should have some documentation that talks about some best practices with repo setup in github. Thiings like protecting master, enforcing code reviews as well as ensuring PR's are up to date with master (by a rebase or other means) prior to pulling

Ideally a repo provisioning service that accomplished most if not all of this would be even better.

[SDToews]

How about automated code review like codefactor (https://github.com/marketplace/codefactor) which requires organizational approval - how do we go about getting that?

[patricksimonian]

This definitely involves utilizing automation for things like codefactor. Our team uses SonarQube which is an app we can standup and run locally as well as apart of a CI pipeline. My initial issues goes beyond just code reviews by going into more 'cultural' aspects of owning and maintaining a repo.

• Like what are the best practices when working in a team?
• Should commits be signed?
• Should master be locked away?
• When using a particular style of git flow, what are the best practices to avoid conflicts. What are ways where we can improve code quality into our work flows (this is where codefactor/sonarqube would come in).

I'd be interested on your thoughts on a few of these points? I don't think there is a one size fits all solution at all here. But promoting a general guidelines I think would be helpful for all repo maintainers. At that point we can be fairly confident there is a comfortable base line all government repos in github are sitting at.

[patricksimonian]

How about automated code review like codefactor (https://github.com/marketplace/codefactor) which requires organizational approval - how do we go about getting that?

I'm not sure who you'd have to go through to get approval since it appears to be a licenced project.. One thing I can suggest is integrating sonarqube locally for your project. It's open source and fairly easy to set up with Docker and some minor configuration