Require pull request before merging

[nweldev]

What?

Add a branch protection rule on all Github repositories to forbid anyone except two "repository managers" to make any update in the main branch without describing/discussing it first.

Why?

Pushing changes directly to the main branch makes it difficult to track and discuss them, with is a clear infringement of our openness framework, and can discourage contributions.

Example: https://github.com/blindnet-io/clients-management/issues/11#issuecomment-1111016494

How?

GitHub branch protection rules are only available for public repositories and only to Pro, Team, and Enterprise users on private repositories. However, this isn't a big issue as most of our repositories (especially code ones) will soon be public. Restricted management repositories don't require such restrictions, as their code is pretty simple and not subject to a lot of changes.

see GitHub documentation: Managing a branch protection rule

[filipblnt]

Note: the same rule should apply to develop branch as well.

[nweldev]

I believe this should be linked to a Definition of Done for development (i.e. requirements to meet before merging a PR and closing the related issue), including links/explanations explaining why/how an issue was closed, peer-review, and PR description (see #5).

[nweldev]

Branch protection rules were added for the main and develop branches to :

• require pull request
• require at least one approval
• Dismiss stale pull request approvals when new commits are pushed
• require conversation resolution

before merging on:

• https://github.com/blindnet-io/blindnet.dev
• https://github.com/blindnet-io/sdk-dotnet-framework-server
• https://github.com/blindnet-io/sdk-dotnet-core-server
• https://github.com/blindnet-io/sdk-javascript-client
• https://github.com/blindnet-io/sdk-java-server
• https://github.com/blindnet-io/sdk-java-client
• https://github.com/blindnet-io/sdk-node
• https://github.com/blindnet-io/sdk-php

This would be useless on private repositories as the "protected branch rules won't be enforced on this private repository until you upgrade your organisation account to a GitHub Team or Enterprise account".

[nweldev]

Added a less restrictive rule for docs to just require a pull request (without absolute review requirement) before merging to main on:

• https://github.com/blindnet-io/product-management
• https://github.com/blindnet-io/devrel-management

Also added the more restrive rules from the above comment, but only of the main branch of https://github.com/blindnet-io/openness-framework

[nweldev]

@blindnet-io/engineering Please remember to add same rules to all new DevKit source code repositories between v0.4 and v0.6

[nweldev]

Added the same rules as #20 (comment) on:

• https://github.com/blindnet-io/privacy-components-web
• https://github.com/blindnet-io/privacy-computation-engine
• https://github.com/blindnet-io/data-access-component/
• https://github.com/blindnet-io/storage-connector-java/

[nweldev]

All actively maintained repositories should now have the required branch protections.

If you find a repository for which these protections haven't been configured, please directly add them and add a comment below if you have the required rights, or reopen this issue and tell us which repository should be configured.