Skip to content

Configure

Jump to bottom
Grenston George edited this page Oct 23, 2020 · 19 revisions

  1. Verify if all prerequisites are met before starting to configure.

  2. If need to set branch protection rules for teams or users, verify the roles and access of corresponding teams in the repositories.

    Note: If proper role not set the tool just skips the branch rule and add other branch rules specified.

  3. Clone the repository to your machine.

    git clone https://github.com/CanarysAutomations/automate-branch-rules.git

  4. Open config.py in any text editor.

  5. Replace master with the branch name required. Verify whether the branch exists in the repositories.

    branch-name

  6. Skip the remaining part of this section if you are only planning to Remove the branch protection rule.

  7. Provide value for add_codeowners_file as True if you need to add or update CODEOWNERS file which is required for branch rule Require review from Code Owners else keep it as False

    Note: Also configure the CODEOWNERS file in the tools' root folder for this to be done. To learn how the configure CODEOWNERS click here

    add-code-owners

  8. Provide value for signed_commit as True if you need branch rule Require signed commits else keep it as False.

    signed-commit

  9. Add the branch protection rules which are required to add or modify in the repositories in branch_rules section with the following syntax.

    branch_rules = { "key":int_value,
                 "key2":["string_value1","string_value2","string_value3"],
                 "key3":boolean_value # True/False
                 }

  10. Refer the following table to configure.

Key Value Type Branch Rule Example
strict boolean Require branches to be up to date before merging. Should come along with contexts. branch_rules = { "strict":True, "contexts": ["BUILD_VALIDATE_JOB"] }
contexts string list Enable status checks. Should come along with strict. branch_rules= { "strict":True, "contexts": ["BUILD_VALIDATE_JOB","CODE_SCAN_JOB"] }
enforce_admins boolean Include administrators branch_rules = { "enforce_admins":True }
required_approving_review_count int Require pull request reviews before merging with approver count as value provided branch_rules = { "required_approving_review_count":2 }
dismissal_users string list Restrict users who can dismiss pull request reviews. branch_rules = { "required_approving_review_count":2, "dismissal_users":["User1","User2","User3"] }
dismissal_teams string list Restrict teams who can dismiss pull request reviews. branch_rules = { "required_approving_review_count":2, "dismissal_teams":["Internal_App_Team","OSS_Devs"] }
dismiss_stale_reviews boolean Dismiss stale pull request approvals when new commits are pushed branch_rules = { "required_approving_review_count":1, "dismiss_stale_reviews": True }
require_code_owner_reviews boolean Require review from Code Owners branch_rules = { "required_approving_review_count":1, "require_code_owner_reviews": True }
user_push_restrictions string list Restrict users who can push to matching branches branch_rules = { "user_push_restrictions":["User1","User2","User3"] }
team_push_restrictions sting list Restrict teams who can push to matching branches branch_rules = { "team_push_restrictions":["Internal_App_Team","OSS_Devs"] }

  1. Save and close config.py.

  2. You can run the tool as Docker Container or cli using Python.

Clone this wiki locally