INDUSTRY - LIFE SCIENCES

Pharma leader creates a unified developer environment

Following a multi-billion-dollar acquisition of a biotech firm, Modus Create helped a pharma leader migrate nearly 900 repositories and 300 developers from the acquired firm's GitHub Enterprise Cloud into its own enterprise environment. Navigating user overlaps, stringent security protocols, and complex regulatory requirements, the migration was completed ahead of schedule and within budget. As a result, the pharma company has saved $10K per month in operating costs.

OUR WORK INVOLVED

Migration assessment
GHEC migration
Whiteglove support
Licensing cost management
Security and compliance

IMPACT

900+

repositories migrated

300

developers supported

$10,000

saved per month

A global pharmaceuticals company has partnered with Modus Create for over a decade to evolve into a technology-driven platform company. In 2023, it made a multi-billion-dollar acquisition of a biotechnology firm renowned for cancer research.

The sheer scale of acquisition meant new challenges in creating a unified developer environment, as both the pharma company and biotech firm had their own separate GitHub Enterprise Cloud (GHEC) environments. The existing setup wasn’t ideal for collaboration and needed a strategic and secure consolidation.

Challenge

High-stakes GHEC migration with a tight deadline

Operating separate GHEC enterprises meant the company was paying for two sets of licenses while managing code across fragmented systems. Migrations at this scale are always intricate, but several factors made this one particularly challenging:

Different cloud infrastructures: The biotech firm operated on Google Cloud & Azure, whereas the pharma company relied on AWS, raising concerns about cross-platform migration.
Identity overlaps: Many developers had separate biotech and pharma GitHub accounts, making it difficult to map commits, teams, and permissions.
Security & compliance risks: GitHub Actions and Secrets were critical to the biotech firm's workflows, but some of GitHub’s migration tools do not transfer encrypted secrets automatically, posing a potential operational risk.
Regulatory & timeline pressures: Some teams feared migration could disrupt key project deadlines or impact regulatory commitments.

Moreover, the biotech firm's GitHub license was set to expire in early 2025, creating a strict timeline to complete the migration before renewal. Therefore, the pharma company reached out to Modus Create to plan, implement, and execute migration in less than six months.

A phased migration approach

Solution

A phased migration approach to reduce risks

Phase 1: Migration assessment

Goal: Establish a clear migration strategy and scope.

Modus Create’s architects and DevSecOps experts kicked off the project with an assessment to evaluate migration scope and feasibility. They evaluated existing development environments, internal processes, and frameworks and recommended narrowing the scope of the migration.

The team suggested limiting the migration to GitHub repositories and postponing Terraform and cloud migrations to reduce complexity and risk. This approach would prove vital later as it would help minimize resistance to change and finish the migration on time.

Phase 2: Preparing the team

Goal: Ensure a smooth onboarding process for all new developers.

Next, we invited all remaining team members from the acquired biotech firm who did not yet have accounts in the pharma company’s GitHub enterprise. The team worked closely to map permissions for the corresponding accounts to the pharma’s environment, ensuring consistent permissions and retaining the biotech firm's role structures.

We also resolved duplicate accounts by consolidating contributor accounts with single sign-on and a parallel set of teams. This phase was crucial as it ensured that common challenges associated with user roles and access were resolved before the migration.

Phase 3: Proof of concept and initial migration

Goal: Demonstrate success with a small, low-risk batch.

The project involved moving over 900 repositories. Migrations of such scale always invite concerns from development teams. To mitigate risks and address potential objections, we conducted a pilot migration on a small set of low-risk repositories. This allowed teams to validate processes, test configurations, and ensure workflows would not be disrupted.

This phase provided critical insights that helped refine the bulk migration process, improving efficiency and addressing key concerns from teams that were initially resistant to change.

Phase 4: Bulk and critical repository migration

Goal: Migrate all repositories with minimal disruption.

Once confidence was established through the initial migration, we proceeded with the bulk migration of the remaining repositories. This phase involved:

Leveraging automation: We adapted a previous project’s GitHub migration scripts to significantly reduce manual effort.
Ensuring secrets transfer: Instead of copying repositories via the GitHub Enterprise Importer, which wouldn’t preserve secrets, we performed repository transfers wherever possible to maintain GitHub Actions and Secrets integrity.
White-glove support: We provided real-time troubleshooting and dedicated war-room sessions for high-stakes teams, ensuring they had complete confidence in the process.
Flexible scheduling: Critical teams were given control over migration timing to avoid major project disruptions.

Phase 5: Post-migration support

Goal: Optimize security, governance, and developer experience.

Following the migration, our team focused on finalizing security measures, governance policies, and operational efficiencies. This included:

Automated metadata standardization: We created a custom metadata YAML file for all migrated repositories to align them with enterprise security policies.
Repository cleanup and archiving: Teams were encouraged to retire or archive obsolete repositories to reduce security risks and maintenance burdens.

Security tool integration: We facilitated a transition from a mixture of legacy security tooling to the pharma company’s existing SonarQube and TruffleHog-based secret scanning, aligning all repositories with enterprise security standards.

Impact

A unified, cost-efficient GitHub environment

By completing the migration ahead of schedule and within budget, the pharma company successfully consolidated its development environment, delivering measurable business outcomes:

$10,000 saved per month in redundant GitHub licensing costs.
900+ repositories migrated, ensuring a unified developer experience.
300 developers onboarded seamlessly with minimal disruption.
Lowered security risks by enforcing standardized governance policies.
Reinforced stronger collaboration across acquired teams, with a single GitHub environment improving efficiency and compliance.

With this migration, the pharma company has laid the foundation for faster innovation, reduced complexity, and enhanced security, ensuring that its developer ecosystem remains future-proof.

LIKED WHAT YOU READ?

You can share it with your network