Study Notes: GitHub Foundations Certification Exam

In February of this year I successfully passed the GitHub Foundations Certificate Exam. I have used GitHub for about five years and am a GitHub Star Alumni, so I felt fairly confident going into the study process. However, there were still some gaps in my knowledge and I wanted to be prepared.

This post is a collection of links, resources, and my notes from the study process. Hopefully it is helpful to you for your own certification journey.

Table of Contents

• Study Approach
  • Exam Guide
  • Microsoft GitHub Foundations Course
  • Udemy Practice Exams
• Notes
  • Helpful Docs Links
  • Notes from Microsoft Course
    • Git
    • Git terminology
    • Git and GitHub
    • Command Line commands
    • Introduction to GitHub
    • GitHub Flow
    • GitHub Collaboration
    • GitHub platform management
    • Introduction to GitHub’s products
  • Notes from Practice Test 1
    • General
    • Access
    • Codespaces
    • Projects
    • CodeOwners
  • Notes from Practice Test 2
  • Notes from Practice Test 3
  • Notes from Practice Test 4
• Other Resources

Study Approach

Exam Guide

To start, I reviewed the Exam Guide. This guide has a detailed breakdown of the topics covered on the exam, as well as the percentage weights of the different domains. This was my strategy:

• Review the topics underneath each domain
• Identify areas where I only had limited knowledge (marked in yellow) or little-to-no knowledge (marked in red)
• Assign a comfort level to each domain (red, yellow, or green) based on assumed knowledge of the topics
• Evaluate domain percentages to understand where to prioritize studying

This helped me to create a plan on what areas to focus on in preparation for the exam. If you’re curious, this was my personal breakdown before I began studying:

• Domain 1: Introduction to Git and GitHub (22%) (GREEN)
  • GitHub Entities (RED)
  • GitHub Desktop (YELLOW)
  • GitHub Mobile (YELLOW)
  • Everything else (GREEN)
• Domain 2: Working with GitHub Repositories (8%) (GREEN)
  • CODEOWNERS file (RED)
  • Repo templates (YELLOW)
  • Repo insights (YELLOW)
  • Everything else (GREEN)
• Domain 3: Collaboration Features (30%) (GREEN)
  • Issue forms (RED)
  • CODEOWNERS file (RED)
  • Discussions (YELLOW)
  • Notifications (YELLOW)
  • Everything else (GREEN)
• Domain 4: Modern Development (13%) (YELLOW)
  • GitHub Codespaces (RED)
  • GitHub Copilot (YELLOW)
  • Everything else (GREEN)
• Domain 5: Project Management (7%) (YELLOW)
  • Difference between Projects and Projects classic (RED)
  • Configuration options (YELLOW)
  • Template repos (YELLOW)
  • Project workflows (YELLOW)
  • Project insights (YELLOW)
  • Everything else (GREEN)
• Domain 6: Privacy, Security, and Administration (10%) (RED)
  • GitHub Administration (RED)
  • Authentication and Security (YELLOW)
  • Everything else (GREEN)
• Domain 7: Benefits of the GitHub Community (10%) (GREEN)
  • InnerSource (YELLOW)
  • Everything else (GREEN)

Microsoft GitHub Foundations Course

There is a recommended free(!) Microsoft GitHub Foundations Course. I did start this course, but felt like a lot of the material covered things I already knew and I grew impatient 😅. However, I recommend it if you are starting fresh or more patient than I am!

You can check out my notes from the sections of the course I did complete below.

Udemy Practice Exams

Instead, I decided to get this practice exam bundle on Udemy. Depending on how you prefer to study, this could be helpful for you. I actually passed the first practice exam, but had EXACTLY a 75%, and wanted to be more confident.

The practice tests not only tell you what questions were correct, but had detailed notes explaining the answers with links to relevant documentation. I hand-wrote notes (transcribed below) for the questions I either got wrong or got correct but had guessed/wasn’t confident in my answer.

Hand-writing the notes helped to reinforce the information in my brain. I also read through the linked docs and took extra notes to clarify what I thought would be important concepts. By the time I took the fourth practice exam, I scored a 93%.

I ultimately passed my certification exam with a score of 90%.

Notes

This section has raw notes from my studies. They are based on my individual learning, and should not be considered a comprehensive study guide because things I already knew are not included. However, they may be helpful for you.

⚠️ Disclaimer: I took my exam in February, so some items may have changed since then! Always refer to the GitHub docs for the most up-to-date information.

Helpful Docs Links

This is a list of links to areas of the GitHub docs I found helpful while studying.

• Base Permissions
• CoPilot
• Automating Projects
• Workflow Basics
• Organization News Feed
• Best Practices for Projects
• GitHub Security Features
• Issue and pull request templates
• Project insights
• Projects vs Projects Classic:
  • Projects
  • Projects Classic
• Branch protection rules
• Best Practices for Repositories
• GitHub Sponsors

Notes from Microsoft Course

Git

• VCS - version control system
• SCM - software configuration management system
• VSC can exist for not-software, VSC is one component of a SCM
• Git is distributed, meaning project history is stored locally and remotely
  • This is as opposed to centralized, where all project history in only stored on centralized server

Git terminology

• Working tree - set of nested directories and files that contain the project
• Repository - The top-level directory of a working tree where history and metadata is stored
  • Bare repo - isn’t part of a working tree, used for sharing/backup (project.git)
• Hash - number produced by hash function that represents the contents of a file, used to determine if a file has been changed
• Object - Git repo contains four types of objects, each identified by a SHA-1 hash.
  • Blob - contains ordinary file
  • Tree - represents a directory, contains names, hashes, and permissions
  • Commit - represents specific version of the working tree
  • Tag - a name attached to a commit
• Commit - either an object (commit) or a verb meaning to make a commit object
• Branch - a named series of linked commits
  • Head - Most recent commit on a branch
  • Main/master - default branch of a repo
  • Allow developers to work independently and then merge changes into default branch
• Remote - named reference to another Git repo
  • Origin - the default remote for push and pull operations created when repo is initialized
• Git (command) push (subcommand) —hard (option)

Git and GitHub

• Git is a DVCS (distributed version control system)
• GitHub is a cloud platform that uses Git as its core technology and acts as the remote repository
• Git can also be described as a CLI for managing version history locally
• GitHub can also be described as a place to collaborate on shared repositories with issues and pull requests

Command Line commands

• git config
  • git config —global user.name “USER_NAME”
  • git config —list
• git init
• git status
• git add (staging)
• git commit
• git log
• git help
  • git <command> —help
• git checkout -b branchName is the best way to create and check out a new branch

Introduction to GitHub

• How to create a repository
• How to add a file to your repository
  • Manually in GitHub UI adding file in directory, then typing content, and committing changes directly to a new pull request branch
• Gists
  • simplified way to share code snippets. Every gist is a Git repo so it can be forked and cloned.
• Wiki
  • Documentation section included with every GitHub repo
  • Used to share long-form content beyond the README

GitHub Flow

• Branches
• Commits
  • Every commit has a unique ID and tracks the time and contributor
• States for a file in a repo:
  • Untracked - Git unaware of its existence
  • Tracked - can be one of the following substates:
    • Unmodified
    • Modified
    • Staged
    • Committed
• Pull requests
  • Signals commits from one branch are ready to be merged into another
• GitHub Flow
  • Creating a branch
  • Make changes
    • Deploy changes to feature branch to ensure they work in productIon (recommended)
  • Create a pull request
  • Reviewing and implement feedback
  • Approve and merge PR into main branch
  • Delete branch

GitHub Collaboration

• Issues
  • Track ideas, feedback, tasks, or bugs
  • Can be created from repo, item in task list, note in project, comment in an issue or PR, specific line of code, URL query
  • Only maintainers can assign, add to project board, associate with milestone, or apply a label
• Discussions
  • For conversations accessible to everyone that aren’t related to code
  • Enable Discussions in Settings > Features > Discussions
  • Any authenticated user with view access can create a discussion in that repo
  • There are default categories, and more can be added with an emoji and name pairing

GitHub Platform Management

• Subscriptions and notifications
• GitHub Pages
  • Static site hosting service from files in a repo

Introduction to GitHub’s products

• Personal accounts
  • Every person has a personal account
  • Can be GitHub Free or Pro
• Organization accounts
  • Shared accounts for people to collaborate across many projects at once
  • Permissions have a tiered approach
  • Can’t sign into organization directly
  • Personal accounts can be given roles in an organization
• Enterprise accounts
  • Allow admins to centrally manage policies and billing for multiple organizations and enable inner sourcing between orgs
  • Must have a handle, like an organization
  • Manage and enforce policies for all orgs in enterprise
• GitHub teams
  • group of organization members intended to reflect company structure
• GitHub plans
  • Free for personal and org
  • Pro for personal
  • Team for organizations
  • Enterprise
    • Server (self-hosted)
    • Cloud
• GitHub Mobile
  • first-party client app
  • Can’t approve or merge PRs
• GitHub Desktop
• GitHub billing is account based, includes subscription and usage-based billing

Notes from Practice Test 1

My notes for each subsequent practice test become less detailed, as I learned more with each exam.

General

• cloning = copying ENTIRE repo
• forking = create private copy for personal use
• template repos can have any files or content
• reason: is a way to filter notification (such as searing for only at-mentions)
• Tabs on a PR: Conversation, Commits, Checks, Files changed
• Can create branch directly from an issue
• Repo insights show traffic, projects, and contributor engagement
• GitHub topics examples: repo purpose, subject area, affinity groups, community, language, etc.
  • labels that create subject-based connections between repos
  • Discover similar projects based on topic
• Code scanning available on public repos, private requires GitHub Enterprise Cloud with Advanced Security
• Copilot analyzes current and related files for context
• GitHub limits sizes of files allowed in repos. Enable Git Large File Storage to track large files
• GitHub organizations have a news feed that shows:
  • Open/closed/merged issues and PRs
  • creation/deletion of branches
  • Created tag or release
  • Comments
  • New commits pushed

Access

• members of an org = create repos and project boards by default
• personal repo permission levels = owners & collaborators
• org owners can require members, collaborators, and billing managers to enable 2FA
  • If 2FA not enabled, they will be removed from org with no grace period
• GitHub Enterprise repo visibility options: private, public, internal
• Organization repo roles:
  • Read: Recommended for non-code contributors who want to view or discuss your project
  • Triage: Recommended for contributors who need to proactively manage issues, discussions, and pull requests without write access
  • Write: Recommended for contributors who actively push to your project
  • Maintain: Recommended for project managers who need to manage the repository without access to sensitive or destructive actions
  • Admin: Recommended for people who need full access to the project, including sensitive and destructive actions like managing security or deleting a repository
• Organization roles:
  • Owners: Organization owners have complete administrative access to your organization. Should be limited but have at least two.
  • Members: The default, non-administrative role for people in an organization is the organization member.
  • Moderators: Moderators are organization members who, in addition to their permissions as members, are allowed to block and unblock non-member contributors, set interaction limits, and hide comments in public repositories owned by the organization.
  • Billing managers: Billing managers are users who can manage the billing settings for your organization, such as payment information.
  • Security managers: Security manager is an organization-level role that organization owners can assign to any team in an organization.
    • In public beta
  • GitHub App managers: By default, only organization owners can manage the settings of GitHub App registrations owned by an organization. To allow additional users to manage, an owner can grant them GitHub App manager permissions.
  • Outside collaborator: To keep your organization's data secure while allowing access to repositories, you can add outside collaborators. An outside collaborator is a person who has access to one or more organization repositories but is not explicitly a member of the organization, such as a consultant or temporary employee.

Codespaces

• can have deep link to create a codespace with pre-configured options
• can change display name, shell, machine type, and region
• only supports Linux
• run in GitHub-owned Azure account (but can be billed to your Azure)
• A codespace is a Docker container configured for development run on a GH-managed VM

Projects

• Github CLI and GraphQL API
• Project insights available for all with write and admin access

CodeOwners

• automatically requested for review on PRs
• Can also be use for requiring approval from code owner before merge
• hover over shield icon on file in GitHub to see code owner
• people with write permission to repo can create or edit CODEOWNERS file
  • Code owners must also have write permission
• requires GitHub Pro, Team, or Enterprise to have code owners on a private repo
• defined in a CODEOWNERS file (no extension) in the .github/ , root, or docs/ directory (GH will search in this order for file)
• Branch-specific based on branch where file is
• syntax is similar to gitignore:

*.js @js-owner // all files ending in .js have user js-owner as code owner
*.txt @octo-org/octoteam // team octoteam within octo-org owns all .txt files
/docs/ @docsowner // all files in docs directory are owend by user docsowner

Notes from Practice Test 2

• Add issue forms with YAML form definition file in /.github/ISSUE_TEMPLATE
• Form responses converted to markdown and added to body of issue
• Project can be organization or user project
• Branch protection rules prevent accidental or unauthorized changes to a branch
• Two types of project charts: current & historical
• 2FA methods: TOTP app on mobile/desktop or text message
  • Security keys can be added as an alternate 2FA method, NOT primary
• Can do web-based code editing in GitHub mobile
  • Cannot do automated testing or CI
• Innersource: build proprietary software using OSS methodologies
• Internal repos let orgs practice innersource
  • Requires GH Enterprise Cloud
• All enterprise members have read permission to internal repos
• Internal repos are not visible to outside collaborators of other org repos
• Internal is the default setting for all new repos created in an enterprise org
• Up to 10 people can be assigned to an issue or PR
  • limited to 1 for private free repos
• Templates created from existing repositories have same directory structure, branches, and files
• Template can select only default or all branches to copy from original
• Security tab includes:
  • Security policies
  • Advisories
  • Dependabot alerts
  • Code scanning results
  • Secret scanning results
• Projects provide more robust integrations vs Projects Classic
• Projects (vs. Projects Classic) designed to integrate with existing tools, such as GraphQL API and GitHub Actions
• Codespaces can use account secrets as environment variables
• Project Layouts: Board, Roadmap, and Table
• Docs for name options for pull request templates
• PR and issue templates MUST be in the default branch
• Projects, issues, and GitHub Actions can be disabled on a repo
• Milestones provide visual roadmap to track progress on issues & PRs
• Discussions can be pinned
• The automatic retention period of up to 30 days for Codespaces can be reduced to save costs
• Following an organization lets you see activity like new discussions, sponsorships, and repositories

Notes from Practice Test 3

• Going from public to private:
  • removes a repo from GitHub Archive Program
  • unpublishes any published GitHub Pages
• Triage role is for proactively managing issues, discussions, and PRs WITHOUT write access
• Org repo roles:
  • read
  • triage
  • write
  • maintain
  • admin
  • Security manager role for org in public beta. Give read access to all repos, write for security alerts, can configure code security settings at org and repo level (Docs reference)
• Permanent link can be created for a line or range of lines in a version of a file or PR
• On public repos, dependency graph and secret scanning alerts for PARTNERS are always enabled
• Codespaces specific secrets are setup in Settings > Code, planning and automation > Codespaces > New secret. Set name, value, and repos with access.
• GitHub sponsorship requires a GH-sponsor enabled dev or org profile
  • Must contribute to OSS project and live in a supported region
  • Up to 10 one-time and 10 monthly tiers
• Can mark an issue as duplicate by typing “Duplicate of” and the issue/PR number in body of new comment
  • Must have write access
  • Can be undone if needed
• Max GitHub Project items = 1200
  • Max 10,000 archived

Notes from Practice Test 4

• Commit vs hash:
  • A commit is a specific and immutable snapshot capturing changes made to files, creating a chronological record in version history
  • A hash is a number representing the contents of a file or another object
• GitHub sponsorships can be paid via Patreon
• Bitcoin is not supported for GH sponsors
• Owners or admins can be allowed to limit repo visibility changes
• Default categories for discussions:
  • Announcements
  • General
  • Ideas
  • Polls
  • Q&A
  • Show & Tell
• Workflow triggers:
  • Events in repo
  • Events outside GH that trigger a repository-dispatch event
  • scheduled time
  • manual
• Organizations can have more than one owner
• Owners cannot change their own role, but can change the role of another owner
• Enable Feature preview to gain access to Alpha and Beta features
• Admin permission is required to enable/disable GH discussions
• Security markdown file is for security related communication, such as reporting vulnerabilities
• Project Insights not available on Project Classics
• Saved replies can contain any text, markdown, and emoji reactions
• Maintain role recommended for project managers

Other Resources

If you're looking for more comprehensive exam prep, check out the following resources from FreeCodeCamp:

• Video: GitHub Foundations Certification Course – Pass the exam in 10 hours!
• GitHub Foundations Certification – Exam Prep Guide

Happy studying, and good luck!!

Comments

[Domenico Tenace]

Hi @ceceliacreates :)
Thank you for sharing this little guide.
It will be useful to me!

[Cecelia Martinez]

Great! Glad you found it helpful 😄

[antoniolucas4]

The resource you shared looks great. When I was preparing, I used a GitHub-Foundations practice test designed by P2PExams and it helped me understand the exam format and identify areas where I needed more focus. It played a big role in helping me pass the exam. Many GitHub-Foundations Questions in the final test came from this practice material. I recommend every exam candidate must utilize this practice test before going to take the final test.

[Jordan]

The resources you shared are pretty good. But for practice questions I'd recommend study4exam because of their comprehensive coverage of core concepts. Really worth practicing to assess the knowledge.

[Yogindra Raghav]

Awesome stuff! Thanks so much.

[Vinay Sandela]

Thanks so much for sharing. Very helpful!