ci(otterdog): configure puris required_status_checks

[tom-rm-meyer-ISST]

Description

In PURIS repository I reworked our helm workflow so that we fail the job in the end, if the chart version has not been increased. That way, we as committers are aware of that and can steer, whether it's needed or not (depending if the feature is fully developed or not yet). This change now should remove strict blocking for that particular job.

Following the status check reference, for the quality gate check I also need to reference the to the reusable workflow.

Pre-review checks

Please ensure to do as many of the following checks as possible, before asking for committer review:

• [x] DEPENDENCIES are up-to-date. Dash license tool. Committers can open IP issues for restricted libs.
• [x] Copyright and license header are present on all affected files

[eclipse-otterdog[bot]]

This is your friendly self-service bot.

Thank you for raising a pull request to update the configuration of your GitHub organization. You can manually add reviewers to this PR to eventually enable auto-merging.

The following conditions need to fulfilled for auto-merging to be available:

• valid configuration
• approved by a project lead
• does not require any secrets
• does not update settings only accessible via the GitHub Web UI
• does not remove any resource

Otterdog commands and options

You can trigger otterdog actions by commenting on this PR: - `/otterdog team-info` checks the team / org membership for the PR author - `/otterdog validate` validates the configuration change - `/otterdog validate info` validates the configuration change, printing also validation infos - `/otterdog check-sync` checks if the base ref is in sync with live settings - `/otterdog merge` merges and applies the changes if the PR is eligible for auto-merging (only accessible for the author) - `/otterdog done` notifies the self-service bot that a required manual apply operation has been performed (only accessible for members of the admin team) - `/otterdog apply` re-apply a previously failed attempt (only accessible for members of the admin team)

[eclipse-otterdog[bot]]

This is your friendly self-service bot.

The author (tom-rm-meyer-ISST) of this PR is associated with this organization in the role of MEMBER.

Additionally, tom-rm-meyer-ISST is a member of the following teams:

• automotive-tractusx-contributors

• automotive-tractusx-committers

[eclipse-otterdog[bot]]

This is your friendly self-service bot. Please find below the validation of the requested configuration changes:

Diff for d935a22ec0ac57d5ff4b920fbebbc6fbcb403b55

```diff Organization automotive.tractusx[id=eclipse-tractusx] there have been 41 validation infos, enable verbose output with '-v' to to display them. - remove org_secret[name="HELM_PASSWORD"] { - name = "HELM_PASSWORD" - selected_repositories = [] - value = "pass:bots/automotive.tractusx/repo3.eclipse.org/token-password" - visibility = "public" - } - remove org_secret[name="HELM_USER"] { - name = "HELM_USER" - selected_repositories = [] - value = "pass:bots/automotive.tractusx/repo3.eclipse.org/token-username" - visibility = "public" - } ! org_secret[name="ORG_OSSRH_PASSWORD"] { ! value = "pass:bots/automotive.tractusx/oss.sonatype.org/gh-token-password" -> "pass:bots/automotive.tractusx/oss.sonatype.org/password" ! } ! org_secret[name="ORG_OSSRH_USERNAME"] { ! value = "pass:bots/automotive.tractusx/oss.sonatype.org/gh-token-username" -> "pass:bots/automotive.tractusx/oss.sonatype.org/username" ! } - remove org_variable[name="HELM_REPO"] { - name = "HELM_REPO" - selected_repositories = [] - value = "https://repo3.eclipse.org/repository/tractusx-helm-releases/" - visibility = "public" - } - remove org_variable[name="HELM_REPO_STAGING"] { - name = "HELM_REPO_STAGING" - selected_repositories = [] - value = "https://repo3.eclipse.org/repository/tractusx-helm-staging/" - visibility = "public" - } ! repository[name=".eclipsefdn"] { ! private_vulnerability_reporting_enabled = true -> false ! } ! repository[name=".github"] { ! private_vulnerability_reporting_enabled = true -> false ! } ! repository[name="SSI-agent-lib"] { ! private_vulnerability_reporting_enabled = true -> false ! } - remove repository[name="api-hub"] { - allow_auto_merge = false - allow_forking = true - allow_merge_commit = true - allow_rebase_merge = true - allow_squash_merge = true - allow_update_branch = false - archived = false - code_scanning_default_setup_enabled = false - default_branch = "main" - delete_branch_on_merge = false - dependabot_alerts_enabled = true - dependabot_security_updates_enabled = false - description = null - gh_pages_build_type = "legacy" - gh_pages_source_branch = "gh-pages" - gh_pages_source_path = "/" - has_discussions = false - has_issues = true - has_projects = true - has_wiki = true - homepage = "https://eclipse-tractusx.github.io/api-hub" - is_template = false - merge_commit_message = "PR_TITLE" - merge_commit_title = "MERGE_MESSAGE" - name = "api-hub" - private = false - private_vulnerability_reporting_enabled = true - secret_scanning = "enabled" - secret_scanning_push_protection = "enabled" - squash_merge_commit_message = "COMMIT_MESSAGES" - squash_merge_commit_title = "COMMIT_OR_PR_TITLE" - template_repository = null - topics = [] - web_commit_signoff_required = false - } ! repository[name="app-dashboard"] { ! private_vulnerability_reporting_enabled = true -> false ! } ! repository[name="bpdm"] { ! private_vulnerability_reporting_enabled = true -> false ! } ! repository[name="bpdm-certificate-management"] { ! private_vulnerability_reporting_enabled = true -> false ! } - remove repository[name="bpdm-upload-tool"] { - allow_auto_merge = false - allow_forking = true - allow_merge_commit = true - allow_rebase_merge = true - allow_squash_merge = true - allow_update_branch = false - archived = false - code_scanning_default_setup_enabled = false - default_branch = "main" - delete_branch_on_merge = false - dependabot_alerts_enabled = true - dependabot_security_updates_enabled = false - description = null - gh_pages_build_type = "legacy" - gh_pages_source_branch = "gh-pages" - gh_pages_source_path = "/" - has_discussions = true - has_issues = true - has_projects = true - has_wiki = true - homepage = null - is_template = false - merge_commit_message = "PR_TITLE" - merge_commit_title = "MERGE_MESSAGE" - name = "bpdm-upload-tool" - private = false - private_vulnerability_reporting_enabled = true - secret_scanning = "enabled" - secret_scanning_push_protection = "enabled" - squash_merge_commit_message = "COMMIT_MESSAGES" - squash_merge_commit_title = "COMMIT_OR_PR_TITLE" - template_repository = null - topics = [] - web_commit_signoff_required = false - } - remove repository[name="bpn-did-resolution-service"] { - allow_auto_merge = false - allow_forking = true - allow_merge_commit = true - allow_rebase_merge = true - allow_squash_merge = true - allow_update_branch = true - archived = false - code_scanning_default_setup_enabled = false - default_branch = "main" - delete_branch_on_merge = false - dependabot_alerts_enabled = true - dependabot_security_updates_enabled = false - description = "Tractus-X Resolver Service for BPN <> DID resolution" - gh_pages_build_type = "legacy" - gh_pages_source_branch = "gh-pages" - gh_pages_source_path = "/" - has_discussions = false - has_issues = true - has_projects = true - has_wiki = true - homepage = null - is_template = false - merge_commit_message = "PR_TITLE" - merge_commit_title = "MERGE_MESSAGE" - name = "bpn-did-resolution-service" - private = false - private_vulnerability_reporting_enabled = true - secret_scanning = "enabled" - secret_scanning_push_protection = "enabled" - squash_merge_commit_message = "COMMIT_MESSAGES" - squash_merge_commit_title = "COMMIT_OR_PR_TITLE" - template_repository = null - topics = [] - web_commit_signoff_required = true - } ! repository[name="charts"] { ! private_vulnerability_reporting_enabled = true -> false ! } ! repository[name="daps-helm-chart"] { ! allow_merge_commit = false -> true ! allow_update_branch = true -> false ! archived = true -> false ! delete_branch_on_merge = true -> false ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="daps-registration-service"] { ! allow_merge_commit = false -> true ! allow_update_branch = true -> false ! archived = true -> false ! delete_branch_on_merge = true -> false ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="data-exchange-test-service"] { ! private_vulnerability_reporting_enabled = true -> false ! } ! repository[name="demand-capacity-mgmt"] { ! private_vulnerability_reporting_enabled = true -> false ! } ! repository[name="digital-product-pass"] { ! private_vulnerability_reporting_enabled = true -> false ! } ! repository[name="eclipse-tractusx.github.io"] { ! private_vulnerability_reporting_enabled = true -> false ! } ! repository[name="eclipse-tractusx.github.io.largefiles"] { ! private_vulnerability_reporting_enabled = true -> false ! } - remove repository[name="emergingtechnologies"] { - allow_auto_merge = false - allow_forking = true - allow_merge_commit = false - allow_rebase_merge = true - allow_squash_merge = true - allow_update_branch = true - archived = false - code_scanning_default_setup_enabled = false - default_branch = "main" - delete_branch_on_merge = true - dependabot_alerts_enabled = true - dependabot_security_updates_enabled = false - description = null - gh_pages_build_type = "disabled" - has_discussions = false - has_issues = true - has_projects = true - has_wiki = true - homepage = null - is_template = false - merge_commit_message = "PR_TITLE" - merge_commit_title = "MERGE_MESSAGE" - name = "emergingtechnologies" - private = false - private_vulnerability_reporting_enabled = true - secret_scanning = "enabled" - secret_scanning_push_protection = "enabled" - squash_merge_commit_message = "COMMIT_MESSAGES" - squash_merge_commit_title = "COMMIT_OR_PR_TITLE" - template_repository = null - topics = [] - web_commit_signoff_required = true - } ! repository[name="identity-trust"] { ! private_vulnerability_reporting_enabled = true -> false ! } ! repository[name="item-relationship-service"] { ! private_vulnerability_reporting_enabled = true -> false ! } - remove repo_secret[name="DEV_ADMIN_USER_API_KEY", repository="item-relationship-service"] { - name = "DEV_ADMIN_USER_API_KEY" - } - remove repo_secret[name="DEV_REGULAR_USER_API_KEY", repository="item-relationship-service"] { - name = "DEV_REGULAR_USER_API_KEY" - } - remove repo_secret[name="INT_ADMIN_USER_API_KEY", repository="item-relationship-service"] { - name = "INT_ADMIN_USER_API_KEY" - } - remove repo_secret[name="INT_REGULAR_USER_API_KEY", repository="item-relationship-service"] { - name = "INT_REGULAR_USER_API_KEY" - } - remove repo_secret[name="IRS_CUCUMBER_PUBLISH_TOKEN", repository="item-relationship-service"] { - name = "IRS_CUCUMBER_PUBLISH_TOKEN" - } ! repository[name="knowledge-agents"] { ! private_vulnerability_reporting_enabled = true -> false ! } ! repository[name="knowledge-agents-aas-bridge"] { ! private_vulnerability_reporting_enabled = true -> false ! } ! repository[name="knowledge-agents-edc"] { ! private_vulnerability_reporting_enabled = true -> false ! } - remove repository[name="knowledge-agents-ontology"] { - allow_auto_merge = false - allow_forking = true - allow_merge_commit = true - allow_rebase_merge = true - allow_squash_merge = true - allow_update_branch = false - archived = false - code_scanning_default_setup_enabled = false - default_branch = "main" - delete_branch_on_merge = false - dependabot_alerts_enabled = true - dependabot_security_updates_enabled = false - description = null - gh_pages_build_type = "legacy" - gh_pages_source_branch = "gh-pages" - gh_pages_source_path = "/" - has_discussions = false - has_issues = true - has_projects = true - has_wiki = true - homepage = null - is_template = false - merge_commit_message = "PR_TITLE" - merge_commit_title = "MERGE_MESSAGE" - name = "knowledge-agents-ontology" - private = false - private_vulnerability_reporting_enabled = true - secret_scanning = "enabled" - secret_scanning_push_protection = "enabled" - squash_merge_commit_message = "COMMIT_MESSAGES" - squash_merge_commit_title = "COMMIT_OR_PR_TITLE" - template_repository = null - topics = [] - web_commit_signoff_required = false - } ! repository[name="managed-identity-wallet"] { ! private_vulnerability_reporting_enabled = true -> false ! } ! repository[name="managed-identity-wallets-archived"] { ! allow_merge_commit = false -> true ! allow_update_branch = true -> false ! archived = true -> false ! delete_branch_on_merge = true -> false ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="managed-service-orchestrator"] { ! private_vulnerability_reporting_enabled = true -> false ! } ! repository[name="managed-simple-data-exchanger"] { ! private_vulnerability_reporting_enabled = true -> false ! } ! repository[name="managed-simple-data-exchanger-backend"] { ! private_vulnerability_reporting_enabled = true -> false ! } ! repository[name="managed-simple-data-exchanger-frontend"] { ! private_vulnerability_reporting_enabled = true -> false ! } ! repository[name="policy-hub"] { ! delete_branch_on_merge = true -> false ! description = "Policy Hub" -> "Policy hub" ! private_vulnerability_reporting_enabled = true -> false ! secret_scanning_push_protection = "enabled" -> "disabled" ! } ! repo_workflow_settings[repository="policy-hub"] { ! default_workflow_permissions = "read" -> "write" ! } - remove branch_protection_rule[pattern="dev", repository="policy-hub"] { - allows_deletions = false - allows_force_pushes = false - blocks_creations = false - bypass_force_push_allowances = [] - bypass_pull_request_allowances = [] - dismisses_stale_reviews = true - is_admin_enforced = false - lock_allows_fetch_and_merge = false - lock_branch = false - pattern = "dev" - require_last_push_approval = false - required_approving_review_count = "1" - requires_code_owner_reviews = false - requires_commit_signatures = false - requires_conversation_resolution = false - requires_deployments = false - requires_linear_history = false - requires_pull_request = true - requires_status_checks = false - restricts_pushes = false - restricts_review_dismissals = false - } - remove branch_protection_rule[pattern="main", repository="policy-hub"] { - allows_deletions = false - allows_force_pushes = false - blocks_creations = false - bypass_force_push_allowances = [] - bypass_pull_request_allowances = [] - dismisses_stale_reviews = true - is_admin_enforced = false - lock_allows_fetch_and_merge = false - lock_branch = false - pattern = "main" - require_last_push_approval = false - required_approving_review_count = "1" - requires_code_owner_reviews = false - requires_commit_signatures = false - requires_conversation_resolution = false - requires_deployments = false - requires_linear_history = false - requires_pull_request = true - requires_status_checks = false - restricts_pushes = false - restricts_review_dismissals = false - } - remove repository[name="portal"] { - allow_auto_merge = false - allow_forking = true - allow_merge_commit = true - allow_rebase_merge = true - allow_squash_merge = true - allow_update_branch = false - archived = false - code_scanning_default_setup_enabled = false - default_branch = "main" - delete_branch_on_merge = true - dependabot_alerts_enabled = true - dependabot_security_updates_enabled = false - description = "Portal- Helm charts" - gh_pages_build_type = "disabled" - has_discussions = false - has_issues = true - has_projects = true - has_wiki = true - homepage = null - is_template = false - merge_commit_message = "PR_TITLE" - merge_commit_title = "MERGE_MESSAGE" - name = "portal" - private = false - private_vulnerability_reporting_enabled = true - secret_scanning = "enabled" - secret_scanning_push_protection = "enabled" - squash_merge_commit_message = "COMMIT_MESSAGES" - squash_merge_commit_title = "COMMIT_OR_PR_TITLE" - template_repository = null - topics = [] - web_commit_signoff_required = false - } ! repository[name="portal-assets"] { ! private_vulnerability_reporting_enabled = true -> false ! } ! repository[name="portal-backend"] { ! private_vulnerability_reporting_enabled = true -> false ! } ! repository[name="portal-frontend"] { ! private_vulnerability_reporting_enabled = true -> false ! } ! repository[name="portal-frontend-registration"] { ! private_vulnerability_reporting_enabled = true -> false ! } ! repository[name="portal-iam"] { ! private_vulnerability_reporting_enabled = true -> false ! } ! repository[name="portal-shared-components"] { ! private_vulnerability_reporting_enabled = true -> false ! } ! repository[name="puris"] { ! gh_pages_build_type = "legacy" -> "disabled" ! private_vulnerability_reporting_enabled = true -> false ! } ! branch_protection_rule[pattern="main", repository="puris"] { ! required_status_checks = "['eclipse-eca-validation:eclipsefdn/eca']" -> "['eclipse-eca-validation:eclipsefdn/eca', 'docker-frontend', 'docker-backend', 'Analyze CodeQl', 'check-dependencies-frontend', 'check-dependencies-backend', 'Check quality guidelines / Check quality guidelines']" ! requires_strict_status_checks = true -> false ! } ! repository[name="quality-dashboard"] { ! private_vulnerability_reporting_enabled = true -> false ! } ! repository[name="sd-factory"] { ! private_vulnerability_reporting_enabled = true -> false ! } ! repository[name="sig-infra"] { ! private_vulnerability_reporting_enabled = true -> false ! } ! repository[name="sig-release"] { ! private_vulnerability_reporting_enabled = true -> false ! } ! repository[name="sig-security"] { ! private_vulnerability_reporting_enabled = true -> false ! } ! repository[name="sig-testing"] { ! private_vulnerability_reporting_enabled = true -> false ! } ! repository[name="sldt-bpn-discovery"] { ! private_vulnerability_reporting_enabled = true -> false ! } ! repository[name="sldt-digital-twin-registry"] { ! private_vulnerability_reporting_enabled = true -> false ! } - remove repo_secret[name="SONAR_TOKEN", repository="sldt-digital-twin-registry"] { - name = "SONAR_TOKEN" - value = "pass:bots/automotive.tractusx/sonarcloud.io/token-tractusx_sldt-digital-twin-registry" - } - remove repo_variable[name="SONAR_ORGANIZATION", repository="sldt-digital-twin-registry"] { - name = "SONAR_ORGANIZATION" - value = "eclipse-tractusx" - } - remove repo_variable[name="SONAR_PROJECT_KEY", repository="sldt-digital-twin-registry"] { - name = "SONAR_PROJECT_KEY" - value = "eclipse-tractusx_sldt-digital-twin-registry" - } ! repository[name="sldt-discovery-finder"] { ! private_vulnerability_reporting_enabled = true -> false ! } ! repository[name="sldt-semantic-hub"] { ! private_vulnerability_reporting_enabled = true -> false ! } ! repository[name="sldt-semantic-models"] { ! private_vulnerability_reporting_enabled = true -> false ! } ! repository[name="ssi-authority-schema-registry"] { ! allow_merge_commit = true -> false ! allow_update_branch = false -> true ! description = "SSI Authority & Schema Registry" -> null ! private_vulnerability_reporting_enabled = true -> false ! web_commit_signoff_required = false -> true ! } - remove repo_secret[name="SONAR_TOKEN", repository="ssi-authority-schema-registry"] { - name = "SONAR_TOKEN" - value = "pass:bots/automotive.tractusx/sonarcloud.io/token-ssi-authority-schema-registry" - } - remove repo_variable[name="SONAR_ORGANIZATION", repository="ssi-authority-schema-registry"] { - name = "SONAR_ORGANIZATION" - value = "eclipse-tractusx" - } - remove repo_variable[name="SONAR_PROJECT_KEY", repository="ssi-authority-schema-registry"] { - name = "SONAR_PROJECT_KEY" - value = "eclipse-tractusx_ssi-authority-schema-registry" - } - remove branch_protection_rule[pattern="dev", repository="ssi-authority-schema-registry"] { - allows_deletions = false - allows_force_pushes = false - blocks_creations = false - bypass_force_push_allowances = [] - bypass_pull_request_allowances = [] - dismisses_stale_reviews = true - is_admin_enforced = false - lock_allows_fetch_and_merge = false - lock_branch = false - pattern = "dev" - require_last_push_approval = false - required_approving_review_count = "1" - requires_code_owner_reviews = false - requires_commit_signatures = false - requires_conversation_resolution = false - requires_deployments = false - requires_linear_history = false - requires_pull_request = true - requires_status_checks = false - restricts_pushes = false - restricts_review_dismissals = false - } - remove branch_protection_rule[pattern="main", repository="ssi-authority-schema-registry"] { - allows_deletions = false - allows_force_pushes = false - blocks_creations = false - bypass_force_push_allowances = [] - bypass_pull_request_allowances = [] - dismisses_stale_reviews = true - is_admin_enforced = false - lock_allows_fetch_and_merge = false - lock_branch = false - pattern = "main" - require_last_push_approval = false - required_approving_review_count = "1" - requires_code_owner_reviews = false - requires_commit_signatures = false - requires_conversation_resolution = false - requires_deployments = false - requires_linear_history = false - requires_pull_request = true - requires_status_checks = false - restricts_pushes = false - restricts_review_dismissals = false - } ! repository[name="ssi-credential-issuer"] { ! allow_merge_commit = true -> false ! allow_update_branch = false -> true ! description = "SSI Credential Issuer" -> null ! private_vulnerability_reporting_enabled = true -> false ! web_commit_signoff_required = false -> true ! } - remove repo_secret[name="SONAR_TOKEN", repository="ssi-credential-issuer"] { - name = "SONAR_TOKEN" - value = "pass:bots/automotive.tractusx/sonarcloud.io/token-ssi-credential-issuer" - } - remove repo_variable[name="SONAR_ORGANIZATION", repository="ssi-credential-issuer"] { - name = "SONAR_ORGANIZATION" - value = "eclipse-tractusx" - } - remove repo_variable[name="SONAR_PROJECT_KEY", repository="ssi-credential-issuer"] { - name = "SONAR_PROJECT_KEY" - value = "eclipse-tractusx_ssi-credential-issuer" - } - remove branch_protection_rule[pattern="dev", repository="ssi-credential-issuer"] { - allows_deletions = false - allows_force_pushes = false - blocks_creations = false - bypass_force_push_allowances = [] - bypass_pull_request_allowances = [] - dismisses_stale_reviews = true - is_admin_enforced = false - lock_allows_fetch_and_merge = false - lock_branch = false - pattern = "dev" - require_last_push_approval = false - required_approving_review_count = "1" - requires_code_owner_reviews = false - requires_commit_signatures = false - requires_conversation_resolution = false - requires_deployments = false - requires_linear_history = false - requires_pull_request = true - requires_status_checks = false - restricts_pushes = false - restricts_review_dismissals = false - } - remove branch_protection_rule[pattern="main", repository="ssi-credential-issuer"] { - allows_deletions = false - allows_force_pushes = false - blocks_creations = false - bypass_force_push_allowances = [] - bypass_pull_request_allowances = [] - dismisses_stale_reviews = true - is_admin_enforced = false - lock_allows_fetch_and_merge = false - lock_branch = false - pattern = "main" - require_last_push_approval = false - required_approving_review_count = "1" - requires_code_owner_reviews = false - requires_commit_signatures = false - requires_conversation_resolution = false - requires_deployments = false - requires_linear_history = false - requires_pull_request = true - requires_status_checks = false - restricts_pushes = false - restricts_review_dismissals = false - } ! repository[name="ssi-docu"] { ! allow_merge_commit = false -> true ! allow_update_branch = true -> false ! archived = true -> false ! delete_branch_on_merge = true -> false ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="testdata-provider"] { ! private_vulnerability_reporting_enabled = true -> false ! } ! repository[name="traceability-foss"] { ! private_vulnerability_reporting_enabled = true -> false ! } - remove repo_secret[name="E2E_TXA_HOST", repository="traceability-foss"] { - name = "E2E_TXA_HOST" - } - remove repo_secret[name="E2E_TXB_HOST", repository="traceability-foss"] { - name = "E2E_TXB_HOST" - } - remove repo_secret[name="KEYCLOAK_HOST", repository="traceability-foss"] { - name = "KEYCLOAK_HOST" - } - remove repo_secret[name="ORG_IRS_JIRA_PASSWORD", repository="traceability-foss"] { - name = "ORG_IRS_JIRA_PASSWORD" - } - remove repo_secret[name="ORG_IRS_JIRA_USERNAME", repository="traceability-foss"] { - name = "ORG_IRS_JIRA_USERNAME" - } - remove repo_secret[name="SUPERVISOR_CLIENT_ID", repository="traceability-foss"] { - name = "SUPERVISOR_CLIENT_ID" - } - remove repo_secret[name="SUPERVISOR_PASSWORD", repository="traceability-foss"] { - name = "SUPERVISOR_PASSWORD" - } - remove repo_secret[name="TRACE_X_ADMIN_LOGIN", repository="traceability-foss"] { - name = "TRACE_X_ADMIN_LOGIN" - } - remove repo_secret[name="TRACE_X_ADMIN_PW", repository="traceability-foss"] { - name = "TRACE_X_ADMIN_PW" - } - remove repo_secret[name="TRACE_X_API_KEY_DEV", repository="traceability-foss"] { - name = "TRACE_X_API_KEY_DEV" - } - remove repo_secret[name="TRACE_X_API_KEY_INT_A", repository="traceability-foss"] { - name = "TRACE_X_API_KEY_INT_A" - } - remove repo_secret[name="TRACE_X_API_KEY_INT_B", repository="traceability-foss"] { - name = "TRACE_X_API_KEY_INT_B" - } - remove repo_secret[name="TRACE_X_SUPERVISOR_LOGIN", repository="traceability-foss"] { - name = "TRACE_X_SUPERVISOR_LOGIN" - } - remove repo_secret[name="TRACE_X_SUPERVISOR_PW", repository="traceability-foss"] { - name = "TRACE_X_SUPERVISOR_PW" - } - remove repo_secret[name="TRACE_X_USER_LOGIN", repository="traceability-foss"] { - name = "TRACE_X_USER_LOGIN" - } - remove repo_secret[name="TRACE_X_USER_PW", repository="traceability-foss"] { - name = "TRACE_X_USER_PW" - } ! repository[name="tractus-x-release"] { ! private_vulnerability_reporting_enabled = true -> false ! } - remove repository[name="tractus-x-umbrella"] { - allow_auto_merge = false - allow_forking = true - allow_merge_commit = true - allow_rebase_merge = true - allow_squash_merge = true - allow_update_branch = false - archived = false - code_scanning_default_setup_enabled = false - default_branch = "main" - delete_branch_on_merge = false - dependabot_alerts_enabled = true - dependabot_security_updates_enabled = false - description = null - gh_pages_build_type = "legacy" - gh_pages_source_branch = "main" - gh_pages_source_path = "/" - has_discussions = true - has_issues = true - has_projects = true - has_wiki = true - homepage = null - is_template = false - merge_commit_message = "PR_TITLE" - merge_commit_title = "MERGE_MESSAGE" - name = "tractus-x-umbrella" - private = false - private_vulnerability_reporting_enabled = true - secret_scanning = "enabled" - secret_scanning_push_protection = "enabled" - squash_merge_commit_message = "COMMIT_MESSAGES" - squash_merge_commit_title = "COMMIT_OR_PR_TITLE" - template_repository = null - topics = [] - web_commit_signoff_required = false - } ! repository[name="tractusx-edc"] { ! private_vulnerability_reporting_enabled = true -> false ! } - remove repository[name="tractusx-edc-template"] { - allow_auto_merge = false - allow_forking = true - allow_merge_commit = false - allow_rebase_merge = true - allow_squash_merge = true - allow_update_branch = true - archived = false - code_scanning_default_setup_enabled = false - default_branch = "main" - delete_branch_on_merge = false - dependabot_alerts_enabled = true - dependabot_security_updates_enabled = false - description = null - gh_pages_build_type = "disabled" - has_discussions = false - has_issues = true - has_projects = true - has_wiki = true - homepage = null - is_template = true - merge_commit_message = "PR_TITLE" - merge_commit_title = "MERGE_MESSAGE" - name = "tractusx-edc-template" - private = false - private_vulnerability_reporting_enabled = true - secret_scanning = "enabled" - secret_scanning_push_protection = "enabled" - squash_merge_commit_message = "COMMIT_MESSAGES" - squash_merge_commit_title = "COMMIT_OR_PR_TITLE" - template_repository = null - topics = [] - web_commit_signoff_required = true - } ! repository[name="tractusx-profiles"] { ! private_vulnerability_reporting_enabled = true -> false ! } ! repository[name="tractusx-quality-checks"] { ! allow_merge_commit = false -> true ! allow_update_branch = true -> false ! archived = true -> false ! delete_branch_on_merge = true -> false ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="tutorial-resources"] { ! private_vulnerability_reporting_enabled = true -> false ! } ! repository[name="vas-country-risk"] { ! private_vulnerability_reporting_enabled = true -> false ! } ! repository[name="vas-country-risk-backend"] { ! private_vulnerability_reporting_enabled = true -> false ! } + add repository[name="asset-tracking-platform"] { + allow_auto_merge = false + allow_forking = true + allow_merge_commit = true + allow_rebase_merge = true + allow_squash_merge = true + allow_update_branch = false + archived = false + code_scanning_default_setup_enabled = false + default_branch = "main" + delete_branch_on_merge = false + dependabot_alerts_enabled = true + dependabot_security_updates_enabled = false + description = null + gh_pages_build_type = "disabled" + has_discussions = false + has_issues = true + has_projects = true + has_wiki = true + homepage = null + is_template = false + merge_commit_message = "PR_TITLE" + merge_commit_title = "MERGE_MESSAGE" + name = "asset-tracking-platform" + private = false + private_vulnerability_reporting_enabled = false + secret_scanning = "enabled" + secret_scanning_push_protection = "enabled" + squash_merge_commit_message = "COMMIT_MESSAGES" + squash_merge_commit_title = "COMMIT_OR_PR_TITLE" + template_repository = null + topics = [] + web_commit_signoff_required = false + } + add repo_workflow_settings[repository="asset-tracking-platform"] { + actions_can_approve_pull_request_reviews = true + default_workflow_permissions = "write" + enabled = true + } + add repository[name="e2e-testing"] { + allow_auto_merge = false + allow_forking = true + allow_merge_commit = true + allow_rebase_merge = true + allow_squash_merge = true + allow_update_branch = false + archived = false + code_scanning_default_setup_enabled = false + default_branch = "main" + delete_branch_on_merge = false + dependabot_alerts_enabled = true + dependabot_security_updates_enabled = false + description = null + gh_pages_build_type = "legacy" + gh_pages_source_branch = "main" + gh_pages_source_path = "/" + has_discussions = true + has_issues = true + has_projects = true + has_wiki = true + homepage = null + is_template = false + merge_commit_message = "PR_TITLE" + merge_commit_title = "MERGE_MESSAGE" + name = "e2e-testing" + private = false + private_vulnerability_reporting_enabled = false + secret_scanning = "enabled" + secret_scanning_push_protection = "enabled" + squash_merge_commit_message = "COMMIT_MESSAGES" + squash_merge_commit_title = "COMMIT_OR_PR_TITLE" + template_repository = null + topics = [] + web_commit_signoff_required = false + } + add repo_workflow_settings[repository="e2e-testing"] { + actions_can_approve_pull_request_reviews = true + default_workflow_permissions = "write" + enabled = true + } + add environment[name="github-pages", repository="e2e-testing"] { + branch_policies = [ + "main" + ], + deployment_branch_policy = "selected" + name = "github-pages" + reviewers = [] + wait_timer = "0" + } + add repository[name="esc-backbone"] { + allow_auto_merge = false + allow_forking = true + allow_merge_commit = true + allow_rebase_merge = true + allow_squash_merge = true + allow_update_branch = false + archived = false + code_scanning_default_setup_enabled = false + default_branch = "main" + delete_branch_on_merge = false + dependabot_alerts_enabled = true + dependabot_security_updates_enabled = false + description = null + gh_pages_build_type = "legacy" + gh_pages_source_branch = "gh-pages" + gh_pages_source_path = "/" + has_discussions = false + has_issues = true + has_projects = true + has_wiki = true + homepage = null + is_template = false + merge_commit_message = "PR_TITLE" + merge_commit_title = "MERGE_MESSAGE" + name = "esc-backbone" + private = false + private_vulnerability_reporting_enabled = false + secret_scanning = "enabled" + secret_scanning_push_protection = "enabled" + squash_merge_commit_message = "COMMIT_MESSAGES" + squash_merge_commit_title = "COMMIT_OR_PR_TITLE" + template_repository = null + topics = [] + web_commit_signoff_required = false + } + add repo_workflow_settings[repository="esc-backbone"] { + actions_can_approve_pull_request_reviews = true + default_workflow_permissions = "write" + enabled = true + } + add environment[name="github-pages", repository="esc-backbone"] { + branch_policies = [ + "gh-pages" + ], + deployment_branch_policy = "selected" + name = "github-pages" + reviewers = [] + wait_timer = "0" + } + add repository[name="portal-cd"] { + allow_auto_merge = false + allow_forking = true + allow_merge_commit = true + allow_rebase_merge = true + allow_squash_merge = true + allow_update_branch = false + archived = false + code_scanning_default_setup_enabled = false + default_branch = "main" + delete_branch_on_merge = true + dependabot_alerts_enabled = true + dependabot_security_updates_enabled = false + description = "Portal- Continuous Deployment" + gh_pages_build_type = "disabled" + has_discussions = false + has_issues = true + has_projects = true + has_wiki = true + homepage = null + is_template = false + merge_commit_message = "PR_TITLE" + merge_commit_title = "MERGE_MESSAGE" + name = "portal-cd" + private = false + private_vulnerability_reporting_enabled = false + secret_scanning = "enabled" + secret_scanning_push_protection = "enabled" + squash_merge_commit_message = "COMMIT_MESSAGES" + squash_merge_commit_title = "COMMIT_OR_PR_TITLE" + template_repository = null + topics = [] + web_commit_signoff_required = false + } + add repo_workflow_settings[repository="portal-cd"] { + actions_can_approve_pull_request_reviews = true + default_workflow_permissions = "write" + enabled = true + } + add branch_protection_rule[pattern="dev", repository="portal-cd"] { + allows_deletions = false + allows_force_pushes = false + blocks_creations = false + bypass_force_push_allowances = [] + is_admin_enforced = false + lock_allows_fetch_and_merge = false + lock_branch = false + pattern = "dev" + requires_commit_signatures = false + requires_conversation_resolution = false + requires_deployments = false + requires_linear_history = false + requires_pull_request = false + requires_status_checks = false + restricts_pushes = false + } + add branch_protection_rule[pattern="main", repository="portal-cd"] { + allows_deletions = false + allows_force_pushes = false + blocks_creations = false + bypass_force_push_allowances = [] + bypass_pull_request_allowances = [] + dismisses_stale_reviews = true + is_admin_enforced = false + lock_allows_fetch_and_merge = false + lock_branch = false + pattern = "main" + require_last_push_approval = false + required_approving_review_count = "1" + requires_code_owner_reviews = false + requires_commit_signatures = false + requires_conversation_resolution = false + requires_deployments = false + requires_linear_history = false + requires_pull_request = true + requires_status_checks = false + restricts_pushes = false + restricts_review_dismissals = false + } Plan: 12 to add, 93 to change, 48 to delete. ```

Warnings

• some of requested changes require secrets, need to apply these changes manually

cc @eclipse-tractusx/eclipsefdn-security

cc @eclipse-tractusx/eclipsefdn-releng

[eclipse-otterdog[bot]]

This is your friendly self-service bot. The current configuration is in-sync with the live settings. :rocket:

[eclipse-otterdog[bot]]

This is your friendly self-service bot. Please find below the validation of the requested configuration changes:

Diff for 0268d5863252a7efd8be250f4bb4c274c5e3fd8a

```diff Organization automotive.tractusx[id=eclipse-tractusx] there have been 70 validation infos, enable verbose output with '-v' to to display them. ! branch_protection_rule[pattern="main", repository="puris"] { ! required_status_checks = "['eclipse-eca-validation:eclipsefdn/eca']" -> "['eclipse-eca-validation:eclipsefdn/eca', 'docker-frontend', 'docker-backend', 'Analyze CodeQl', 'check-dependencies-frontend', 'check-dependencies-backend', 'Check quality guidelines / Check quality guidelines']" ! requires_strict_status_checks = true -> false ! } Plan: 0 to add, 2 to change, 0 to delete. ```

[eclipse-otterdog[bot]]

This is your friendly self-service bot. The current configuration is in-sync with the live settings. :rocket:

[eclipse-otterdog[bot]]

This is your friendly self-service bot. Please find below the validation of the requested configuration changes:

Diff for 815d99d54aba0f5f498cd6fe24c3f015f4b695d4

```diff Organization automotive.tractusx[id=eclipse-tractusx] there have been 70 validation infos, enable verbose output with '-v' to to display them. ! branch_protection_rule[pattern="main", repository="puris"] { ! required_status_checks = "['eclipse-eca-validation:eclipsefdn/eca']" -> "['eclipse-eca-validation:eclipsefdn/eca', 'docker-frontend', 'docker-backend', 'Analyze CodeQl', 'Analyze KICS', 'check-dependencies-frontend', 'check-dependencies-backend', 'Check quality guidelines / Check quality guidelines']" ! requires_strict_status_checks = true -> false ! } Plan: 0 to add, 2 to change, 0 to delete. ```

[eclipse-otterdog[bot]]

This is your friendly self-service bot. The current configuration is in-sync with the live settings. :rocket:

[eclipse-otterdog[bot]]

This is your friendly self-service bot.

The following changes have been successfully applied:

Organization automotive.tractusx[id=eclipse-tractusx]
  there have been 70 validation infos, enable verbose output with '-v' to to display them.

!   branch_protection_rule[pattern="main", repository="puris"] {
!     required_status_checks            = "['eclipse-eca-validation:eclipsefdn/eca']" -> "['eclipse-eca-validation:eclipsefdn/eca', 'docker-frontend', 'docker-backend', 'Analyze CodeQl', 'Analyze KICS', 'check-dependencies-frontend', 'check-dependencies-backend', 'Check quality guidelines / Check quality guidelines']"
!     requires_strict_status_checks     = true -> false
!   }

  Applying changes:

  Done.

  Executed plan: 0 added, 2 changed, 0 deleted.