What if GitHub shut down today? What would you do?
Git comes with tools that enable you to set configuration variables that define and control how Git looks and operates. So it is possible to configure almost everything exactly we want. Instead, most users use ready-made hosting services like GitHub or Bitbucket to work with Git. Those services are considered proven, safer, more available and stable so we can entrust our repos with. But can we fully rely on them?
Risks related with GitHub and Bitbucket
Do you know that on average, every six months, one of the hosting services has been attacked by cybercriminals? Even if it's not a huge-scale attack, some repositories might get wiped out or people may lose access to their repos. There were also situations when users could not synchronize their work with an external repo for hours because, for instance, Bitbucket had a failure or GitHub was down. And not forget about human error errors like branch deletion, head overwrite and any other intentional (or not) developers mistakes.
Repository protection
Source code, like every type of data, should be reliably protected against any possible failure, attack or human error. The most basic solution is a Bitbucket and GitHub repository backup. Unfortunately, some people consider Git or hosting services as a backup itself. Wong! Even GitHub or Atlassian recommend having an additional, third-party git backup software.
So what is the reliable way to backup repositories and metadata? Well, there isn't one correct answer here, but we should follow GitHub and Atlassian recommendations and consider third-party GitHub and Bitbucket backup software. Let's consider GitHub backup tools. There is such a thing as GitHub Enterprise Server Backup Utilities. It is a system that we need to install on a separate host, and then it performs recurring copies. But there is one big disadvantage of this approach - we are tied to one platform both as a repository and backup. And diversification here is a key so it is better to...have a “backup plan” for backup.
Why third-party GitHub repository backup?
To not rely entirely on one same platform. What options do we have? We can write our own internal backup script. Once in the beginning it seems like a budget option, in a long run it requires a lot of administrative time and work. So in the long-term perspective, it becomes a time-consuming, expensive process. And just like with Git and GitHub - if there are proven and reliable ready-made third-party solutions, why spend hours of work writing your own script that needs to be constantly updated and maintenance instead of entrusting the source code to professionals?
Professional and manageable Git backup solutions like GitProtect.io, provide us with automation, central management, long-term retention (and even GitHub archive possibilities), military-level AES encryption, and the best quality security measures. The software keeps you updated with advanced audit logs, email and Slack notifications, and tasks. So once you define your backup policy, the copies of all or chosen repositories will perform according to schedule. And you can define that every new repo will be automatically protected. Finally, if you need to recover repository and metadata or repo and only chosen metadata - you can restore it to the new organization or even cross-over from GitHub to Bitbucket and conversely. Migration made it easy!
You can check for backup solutions dedicated to GitHub, like GitProtect.io, on GitHub Marketplace or even benefit from the free offer.