-
Notifications
You must be signed in to change notification settings - Fork 5
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #163 from guardian/ts/rulesets
docs: add info about applying rulesets for branch protection
- Loading branch information
Showing
3 changed files
with
20 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,18 @@ | ||
# GitHub Rulesets | ||
|
||
Rulesets can be used to apply branch protection and CI status check rules to a repo, in the case where branch protection needs to be bypassed in certain cases. | ||
|
||
An example of this is the [GHA Scala Library Release Workflow](https://github.com/guardian/gha-scala-library-release-workflow), which requires branch protection to be turned off in order for it to be able to run. | ||
|
||
To re-apply branch protection of the default branch via rulesets: | ||
|
||
* Edit the Custom Property `production_status` on your repo to select `production`. This will enable an organisation-level ruleset on your repo which applies branch protection to the default branch . (N.B. This ruleset is configured to allow the 'Gu Scala Library Release' app to bypass the branch protection.) | ||
|
||
To require CI checks to pass before merge: | ||
* Create a second ruleset in your repo with the 'Branch protection' property 'Require status checks to pass' -> 'Require branches to be up to date before merging'. | ||
* Type your repo's workflow name(s) (not to be confused with the filename) into the 'Status checks that are required' box. For example, if your repo has a CI workflow with the name 'CI', then the setting would look like this: | ||
![status_checks.png](images/status_checks.png) | ||
* Add your app (e.g. 'Gu Scala Library Release') to the ruleset bypass list. | ||
|
||
### To enable your repo to access the GitHub App | ||
* Add your repo to the repository access list of your app (e.g. 'Gu Scala Library Release'). A GitHub admin is required for this). |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.