You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: org/readme.md
+6Lines changed: 6 additions & 0 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -63,6 +63,12 @@ branch-protection:
63
63
include: [ "^<default branch>$", "^v[0-9]*$"] # note the surrounding ^...$ to avoid matching branches containing 'main' or 'v'
64
64
```
65
65
66
+
Best Practices:
67
+
- Replace github deploy keys by working group bot users. Branch protection rules enforce PRs for commits with deploy keys (enforce_admins=true).
68
+
- Ensure that all bot users are members of the working group bots team or working group area bots team.
69
+
- Remove all direct repository users in 'Settings > Collaborators and teams'. Repository access shall be governed by the generated teams only.
70
+
- You may exclude repos w/o source code (e.g. bbl config and state, semver). See [branchprotection.yml](https://github.com/cloudfoundry/community/blob/main/org/branchprotection.yml) for examples.
71
+
66
72
Limitations:
67
73
- The branchprotector doesn't support wildcards for branch rules. I.e. every version branch gets its own rule.
68
74
- The branchprotector doesn't delete unneeded branch protection rules e.g. when a version branch got deleted.
0 commit comments