Chore: enable branch protection eclipse-tractusx.github.io main branch

[FaGru3n]

Description

• enable branch protection for eclipse-tractusx.github.io main branch
• approval 2 committers needed

fixes https://github.com/eclipse-tractusx/eclipse-tractusx.github.io/issues/515

FYI: @stephanbcbauer @mhellmeier @Siegfriedk @danielmiehle

Pre-review checks

Please ensure to do as many of the following checks as possible, before asking for committer review:

• [x] DEPENDENCIES are up-to-date. Dash license tool. Committers can open IP issues for restricted libs.
• [x] Copyright and license header are present on all affected files

[github-actions[bot]]

Diff for b500debc5a8e7d9d3a8c795dc74397b0c4e8c060:

```diff Printing local diff for configuration at '/home/runner/work/.eclipsefdn/.eclipsefdn/otterdog-configs/otterdog.json' Actions are indicated with the following symbols: + create ! modify ! forced update - delete Organization eclipse-tractusx[id=eclipse-tractusx] there have been 41 validation infos, enable verbose output with '-v' to to display them. + add branch_protection_rule[pattern="main", repository="eclipse-tractusx.github.io"] { + allows_deletions = false + allows_force_pushes = false + blocks_creations = false + bypass_force_push_allowances = [] + bypass_pull_request_allowances = [] + dismisses_stale_reviews = true + is_admin_enforced = false + lock_allows_fetch_and_merge = false + lock_branch = false + pattern = "main" + require_last_push_approval = false + required_approving_review_count = "2" + required_status_checks = [ + "eclipse-eca-validation:eclipsefdn/eca" + ], + requires_code_owner_reviews = false + requires_commit_signatures = false + requires_conversation_resolution = false + requires_deployments = false + requires_linear_history = false + requires_pull_request = true + requires_status_checks = true + requires_strict_status_checks = false + restricts_pushes = false + restricts_review_dismissals = false + } Plan: 1 to add, 0 to change, 0 to delete. ``` ```diff Showing diff to a canonical version of the configuration at '/home/runner/work/.eclipsefdn/.eclipsefdn/otterdog-configs/otterdog.json' Organization eclipse-tractusx[id=eclipse-tractusx] --- original +++ canonical @@ -163,6 +163,7 @@ branch_protection_rules: [ orgs.newBranchProtectionRule('main') { dismisses_stale_reviews: true + required_approving_review_count: 2 } ] environments: [ ```

[FaGru3n]

@eclipse-tractusx/eclipsefdn-security will this modified for the hole org?

just want to enable this for eclipse-tractusx.github.io

Organization eclipse-tractusx[id=eclipse-tractusx] --- original +++ canonical @@ -163,6 +163,7 @@ branch_protection_rules: [ orgs.newBranchProtectionRule('main') { dismisses_stale_reviews: true

• required_approving_review_count: 2 }

[netomi]

@eclipse-tractusx/eclipsefdn-security will this modified for the hole org?

no, the setting will only be used for the repo you defined it for, see also the summary:

btw. a required_approving_review_count of 2 is the default, so you dont have to specify it, unless you want to set it to a different value.

btw. other projects defined some custom branch protection rules that can then be easily applied for a repo like that:

https://github.com/eclipse-set/.eclipsefdn/blob/main/otterdog/eclipse-set.jsonnet#L3

Maybe of interest for tractus-x as well.

[FaGru3n]

I think 2 reviews should be fine. Our Code Reviews sections proposes a two step approach anyways. A "business" review and another one from a committer, that is anyway needed.

that was my intention 1 vote from "business" and 1 from a committer

after reading the discussion with @carslen and @mhellmeier @SebastianBezold

we have:

• 3 committer (included vote from myside ) for 2 reviewer
• 2 committer for 1 reviewer (@mhellmeier and @paullatzelsperger )
• 1 committer for non review (@borisrizov-zf)

and with the hint from @netomi i would clear this section that we can use the default setting for branch protection.

Think will wait for a project lead vote, because of the idea with "business" votes.. 😃

@ participants, thanks for your feedback.

[Siegfriedk]

@FaGru3n lets do it. it will also be very good for proper coop

[stephanbcbauer]

@FaGru3n sounds good. Thumbs up

[github-actions[bot]]

Diff for b500debc5a8e7d9d3a8c795dc74397b0c4e8c060:

```diff Printing local diff for configuration at '/home/runner/work/.eclipsefdn/.eclipsefdn/otterdog-configs/otterdog.json' Actions are indicated with the following symbols: + create ! modify ! forced update - delete Organization eclipse-tractusx[id=eclipse-tractusx] there have been 41 validation infos, enable verbose output with '-v' to to display them. + add branch_protection_rule[pattern="main", repository="eclipse-tractusx.github.io"] { + allows_deletions = false + allows_force_pushes = false + blocks_creations = false + bypass_force_push_allowances = [] + bypass_pull_request_allowances = [] + dismisses_stale_reviews = true + is_admin_enforced = false + lock_allows_fetch_and_merge = false + lock_branch = false + pattern = "main" + require_last_push_approval = false + required_approving_review_count = "2" + required_status_checks = [ + "eclipse-eca-validation:eclipsefdn/eca" + ], + requires_code_owner_reviews = false + requires_commit_signatures = false + requires_conversation_resolution = false + requires_deployments = false + requires_linear_history = false + requires_pull_request = true + requires_status_checks = true + requires_strict_status_checks = false + restricts_pushes = false + restricts_review_dismissals = false + } Plan: 1 to add, 0 to change, 0 to delete. ``` ```diff Showing diff to a canonical version of the configuration at '/home/runner/work/.eclipsefdn/.eclipsefdn/otterdog-configs/otterdog.json' Organization eclipse-tractusx[id=eclipse-tractusx] ```

[FaGru3n]

FYI:

• required_approving_review_count = "2"

[FaGru3n]

we have:

• 7 committer ( @Siegfriedk @stephanbcbauer @carslen @SebastianBezold @Phil91 @evegufy included vote from myside ) for 2 reviewer
  • 2 committer for 1 reviewer (@mhellmeier and @paullatzelsperger )
• 1 committer for non review (@borisrizov-zf)

[netomi]

let me know when you have agreed on a number of approvals. Most projects use 1, which I find reasonable to assure that reviews are made, but progress is not blocked by having to chase reviewers to approve.

[Phil91]

@FaGru3n we might set it to 1 for other repos, but for this repo i think 2 reviewers are fine 👍

[netomi]

Looks like this has been stabilized, lets get this merged, you can easily change if needed ofc.

[netomi]

change is live.