Skip to content

Configure

Jump to bottom
Srivatsa Marichi edited this page Jan 29, 2021 · 19 revisions

How to Configure

  1. Verify if all prerequisites are met before starting to configure.

  2. If need to set branch protection rules for teams or users, verify the roles and access of corresponding teams in the repositories.

    Note: If proper role not set the tool just skips the branch rule and add other branch rules specified.

  3. Clone the repository to your machine.

    git clone https://github.com/CanarysAutomations/automate-branch-rules.git

  4. Open config.py in any text editor.

  5. Provide the branch names you need inside the parenthesis as shown below. Verify whether the branch exists in the repositories.

    branches

    Note: Add a comma at the end if giving single branch name.
    eg: branches = ("main",)

  6. Skip the remaining part of this section if you are only planning to Remove the branch protection rule.

  7. Provide value for add_codeowners_file as True if you need to add or update CODEOWNERS file which is required for branch rule Require review from Code Owners else keep it as False

    Note: Also configure the CODEOWNERS file in the tools' root folder for this to be done. To learn how the configure CODEOWNERS click here

    add-code-owners

  8. Provide value for signed_commit as True if you need branch rule Require signed commits else keep it as False.

    signed-commit

  9. Add the branch protection rules which are required to add or modify in the repositories in branch_rules section with the following syntax.

    branch_rules = { "key":int_value,
                 "key2":["string_value1","string_value2","string_value3"],
                 "key3":boolean_value # True/False
                 }

  10. Refer the following table to configure.

    Key Value Type Branch Rule Example
    strict boolean Require branches to be up to date before merging. Should come along with contexts. branch_rules = { "strict":True, "contexts": ["BUILD_VALIDATE_JOB"] }
    contexts string list Enable status checks. Should come along with strict. branch_rules= { "strict":True, "contexts": ["BUILD_VALIDATE_JOB","CODE_SCAN_JOB"] }
    enforce_admins boolean Include administrators branch_rules = { "enforce_admins":True }
    required_approving_review_count int Require pull request reviews before merging with approver count as value provided branch_rules = { "required_approving_review_count":2 }
    dismissal_users string list Restrict users who can dismiss pull request reviews. branch_rules = { "required_approving_review_count":2, "dismissal_users":["User1","User2","User3"] }
    dismissal_teams string list Restrict teams who can dismiss pull request reviews. branch_rules = { "required_approving_review_count":2, "dismissal_teams":["Internal_App_Team","OSS_Devs"] }
    dismiss_stale_reviews boolean Dismiss stale pull request approvals when new commits are pushed branch_rules = { "required_approving_review_count":1, "dismiss_stale_reviews": True }
    require_code_owner_reviews boolean Require review from Code Owners branch_rules = { "required_approving_review_count":1, "require_code_owner_reviews": True }
    user_push_restrictions string list Restrict users who can push to matching branches branch_rules = { "user_push_restrictions":["User1","User2","User3"] }
    team_push_restrictions sting list Restrict teams who can push to matching branches branch_rules = { "team_push_restrictions":["Internal_App_Team","OSS_Devs"] }

  11. Save and close config.py.

  12. You can run the tool as Docker Container or cli using Python.

Clone this wiki locally