search

github / safe-settings

ISC License
600 stars 146 forks source link

Branch protection rule is not working as expected #671

Closed nshema-pinc closed 3 weeks ago

nshema-pinc commented 1 month ago

We are using safe-settings for protecting branches for repository in Premier Inc organization.

I was trying to add protection only to develop branch. But protections applied to both main and develop branch. Please assist me in this issue

Example

I use the below script to make develop branch as to be protected but it made both main and develop protected. Please help me with this.

`- name: develop

# https://docs.github.com/en/rest/reference/branches#update-branch-protection
# Branch Protection settings. Set to null to disable
protection:
  # Required. Require at least one approving review on a pull request, before merging. Set to null to disable.
required_pull_request_reviews:
    # The number of approvals required. (1-6)
  required_approving_review_count: 1
    # Dismiss approved reviews automatically when a new commit is pushed.
  dismiss_stale_reviews: false
    # Blocks merge until code owners have reviewed.
  require_code_owner_reviews: true
    # Specify which users and teams can dismiss pull request reviews. Pass an empty dismissal_restrictions object to disable. User and team dismissal_restrictions are only available for organization-owned repositories. Omit this parameter for personal repositories.
  dismissal_restrictions:
    users: []
    teams: []
  bypass_pull_request_allowances:
    apps: []
    users: [JamesGreenway]
    teams: []
  # Required. Require status checks to pass before merging. Set to null to disable
required_status_checks:
    # Required. Require branches to be up to date before merging.
  strict: true
    # Required. The list of status checks to require in order to merge into this branch
  contexts: []
  # Required. Enforce all configured restrictions for administrators. Set to true to enforce required status checks for repository administrators. Set to null to disable.
enforce_admins:
  # Required. Restrict who can push to this branch. Team and user restrictions are only available for organization-owned repositories. Set to null to disable.
restrictions:
  apps: []
  users: []
  teams: [supply_chain_advisor]`
willowchung commented 1 month ago

Hi there, not sure if you pasted the entire config file but it seems to be missing some parameters like branches and indentation:

branches:
  - name: default
    protection:
...

Try checking the sample:

See docs/sample-settings/settings.yml for a sample settings file.

nshema-pinc commented 3 weeks ago

Raised a new issue with detailed explanation