From 6bfdc098bef9161cb2ba8c7e26ad3ea6de65230a Mon Sep 17 00:00:00 2001
From: Philipp Page <pagejep@amazon.com>
Date: Mon, 24 Nov 2025 13:34:12 +0100
Subject: [PATCH] chore(ci): Remove branch protection workflow.

---
 .github/branch_protection_settings/1.x.x.json | 53 --------------
 .github/branch_protection_settings/main.json  | 63 ----------------
 .github/branch_protection_settings/v2.json    | 63 ----------------
 .../workflows/security-branch-protections.yml | 72 -------------------
 4 files changed, 251 deletions(-)
 delete mode 100644 .github/branch_protection_settings/1.x.x.json
 delete mode 100644 .github/branch_protection_settings/main.json
 delete mode 100644 .github/branch_protection_settings/v2.json
 delete mode 100644 .github/workflows/security-branch-protections.yml

diff --git a/.github/branch_protection_settings/1.x.x.json b/.github/branch_protection_settings/1.x.x.json
deleted file mode 100644
index e52aba745..000000000
--- a/.github/branch_protection_settings/1.x.x.json
+++ /dev/null
@@ -1,53 +0,0 @@
-{
-  "url": "https://api.github.com/repos/aws-powertools/powertools-lambda-java/branches/1.x.x/protection",
-  "required_status_checks": {
-    "url": "https://api.github.com/repos/aws-powertools/powertools-lambda-java/branches/1.x.x/protection/required_status_checks",
-    "strict": true,
-    "contexts": [
-      "SonarCloud"
-    ],
-    "contexts_url": "https://api.github.com/repos/aws-powertools/powertools-lambda-java/branches/1.x.x/protection/required_status_checks/contexts",
-    "checks": [
-      {
-        "context": "SonarCloud",
-        "app_id": null
-      }
-    ]
-  },
-  "required_pull_request_reviews": {
-    "url": "https://api.github.com/repos/aws-powertools/powertools-lambda-java/branches/1.x.x/protection/required_pull_request_reviews",
-    "dismiss_stale_reviews": false,
-    "require_code_owner_reviews": false,
-    "require_last_push_approval": false,
-    "required_approving_review_count": 0
-  },
-  "required_signatures": {
-    "url": "https://api.github.com/repos/aws-powertools/powertools-lambda-java/branches/1.x.x/protection/required_signatures",
-    "enabled": false
-  },
-  "enforce_admins": {
-    "url": "https://api.github.com/repos/aws-powertools/powertools-lambda-java/branches/1.x.x/protection/enforce_admins",
-    "enabled": true
-  },
-  "required_linear_history": {
-    "enabled": false
-  },
-  "allow_force_pushes": {
-    "enabled": false
-  },
-  "allow_deletions": {
-    "enabled": false
-  },
-  "block_creations": {
-    "enabled": false
-  },
-  "required_conversation_resolution": {
-    "enabled": false
-  },
-  "lock_branch": {
-    "enabled": false
-  },
-  "allow_fork_syncing": {
-    "enabled": false
-  }
-}
diff --git a/.github/branch_protection_settings/main.json b/.github/branch_protection_settings/main.json
deleted file mode 100644
index 8ca32bb45..000000000
--- a/.github/branch_protection_settings/main.json
+++ /dev/null
@@ -1,63 +0,0 @@
-{
-  "url": "https://api.github.com/repos/aws-powertools/powertools-lambda-java/branches/main/protection",
-  "required_status_checks": {
-    "url": "https://api.github.com/repos/aws-powertools/powertools-lambda-java/branches/main/protection/required_status_checks",
-    "strict": true,
-    "contexts": [],
-    "contexts_url": "https://api.github.com/repos/aws-powertools/powertools-lambda-java/branches/main/protection/required_status_checks/contexts",
-    "checks": []
-  },
-  "restrictions": {
-    "url": "https://api.github.com/repos/aws-powertools/powertools-lambda-java/branches/main/protection/restrictions",
-    "users_url": "https://api.github.com/repos/aws-powertools/powertools-lambda-java/branches/main/protection/restrictions/users",
-    "teams_url": "https://api.github.com/repos/aws-powertools/powertools-lambda-java/branches/main/protection/restrictions/teams",
-    "apps_url": "https://api.github.com/repos/aws-powertools/powertools-lambda-java/branches/main/protection/restrictions/apps",
-    "users": [],
-    "teams": [],
-    "apps": []
-  },
-  "required_pull_request_reviews": {
-    "url": "https://api.github.com/repos/aws-powertools/powertools-lambda-java/branches/main/protection/required_pull_request_reviews",
-    "dismiss_stale_reviews": true,
-    "require_code_owner_reviews": true,
-    "require_last_push_approval": true,
-    "required_approving_review_count": 1,
-    "dismissal_restrictions": {
-      "url": "https://api.github.com/repos/aws-powertools/powertools-lambda-java/branches/main/protection/dismissal_restrictions",
-      "users_url": "https://api.github.com/repos/aws-powertools/powertools-lambda-java/branches/main/protection/dismissal_restrictions/users",
-      "teams_url": "https://api.github.com/repos/aws-powertools/powertools-lambda-java/branches/main/protection/dismissal_restrictions/teams",
-      "users": [],
-      "teams": [],
-      "apps": []
-    }
-  },
-  "required_signatures": {
-    "url": "https://api.github.com/repos/aws-powertools/powertools-lambda-java/branches/main/protection/required_signatures",
-    "enabled": false
-  },
-  "enforce_admins": {
-    "url": "https://api.github.com/repos/aws-powertools/powertools-lambda-java/branches/main/protection/enforce_admins",
-    "enabled": true
-  },
-  "required_linear_history": {
-    "enabled": true
-  },
-  "allow_force_pushes": {
-    "enabled": false
-  },
-  "allow_deletions": {
-    "enabled": false
-  },
-  "block_creations": {
-    "enabled": true
-  },
-  "required_conversation_resolution": {
-    "enabled": true
-  },
-  "lock_branch": {
-    "enabled": false
-  },
-  "allow_fork_syncing": {
-    "enabled": false
-  }
-}
diff --git a/.github/branch_protection_settings/v2.json b/.github/branch_protection_settings/v2.json
deleted file mode 100644
index fb9fdebcd..000000000
--- a/.github/branch_protection_settings/v2.json
+++ /dev/null
@@ -1,63 +0,0 @@
-{
-  "url": "https://api.github.com/repos/aws-powertools/powertools-lambda-java/branches/v2/protection",
-  "required_status_checks": {
-    "url": "https://api.github.com/repos/aws-powertools/powertools-lambda-java/branches/v2/protection/required_status_checks",
-    "strict": true,
-    "contexts": [],
-    "contexts_url": "https://api.github.com/repos/aws-powertools/powertools-lambda-java/branches/v2/protection/required_status_checks/contexts",
-    "checks": []
-  },
-  "restrictions": {
-    "url": "https://api.github.com/repos/aws-powertools/powertools-lambda-java/branches/v2/protection/restrictions",
-    "users_url": "https://api.github.com/repos/aws-powertools/powertools-lambda-java/branches/v2/protection/restrictions/users",
-    "teams_url": "https://api.github.com/repos/aws-powertools/powertools-lambda-java/branches/v2/protection/restrictions/teams",
-    "apps_url": "https://api.github.com/repos/aws-powertools/powertools-lambda-java/branches/v2/protection/restrictions/apps",
-    "users": [],
-    "teams": [],
-    "apps": []
-  },
-  "required_pull_request_reviews": {
-    "url": "https://api.github.com/repos/aws-powertools/powertools-lambda-java/branches/v2/protection/required_pull_request_reviews",
-    "dismiss_stale_reviews": true,
-    "require_code_owner_reviews": false,
-    "require_last_push_approval": true,
-    "required_approving_review_count": 1,
-    "dismissal_restrictions": {
-      "url": "https://api.github.com/repos/aws-powertools/powertools-lambda-java/branches/v2/protection/dismissal_restrictions",
-      "users_url": "https://api.github.com/repos/aws-powertools/powertools-lambda-java/branches/v2/protection/dismissal_restrictions/users",
-      "teams_url": "https://api.github.com/repos/aws-powertools/powertools-lambda-java/branches/v2/protection/dismissal_restrictions/teams",
-      "users": [],
-      "teams": [],
-      "apps": []
-    }
-  },
-  "required_signatures": {
-    "url": "https://api.github.com/repos/aws-powertools/powertools-lambda-java/branches/v2/protection/required_signatures",
-    "enabled": false
-  },
-  "enforce_admins": {
-    "url": "https://api.github.com/repos/aws-powertools/powertools-lambda-java/branches/v2/protection/enforce_admins",
-    "enabled": false
-  },
-  "required_linear_history": {
-    "enabled": true
-  },
-  "allow_force_pushes": {
-    "enabled": false
-  },
-  "allow_deletions": {
-    "enabled": false
-  },
-  "block_creations": {
-    "enabled": true
-  },
-  "required_conversation_resolution": {
-    "enabled": true
-  },
-  "lock_branch": {
-    "enabled": false
-  },
-  "allow_fork_syncing": {
-    "enabled": false
-  }
-}
diff --git a/.github/workflows/security-branch-protections.yml b/.github/workflows/security-branch-protections.yml
deleted file mode 100644
index af6477802..000000000
--- a/.github/workflows/security-branch-protections.yml
+++ /dev/null
@@ -1,72 +0,0 @@
-# Branch Protections
-#
-# Description:
-#   This workflow compares current security branch protections against those stored, 
-#   if there's any changes, it'll fail the job and alert using a Slack webhook
-#
-# Triggers:
-#   - pull_request
-#   - branch_protection_rule
-#   - cron: daily at 16:40
-#
-# Secrets:
-#   - SECURITY.BRANCH_PROTECTION_TOKEN
-#   - SECURITY.SLACK_WEBHOOK_URL
-#
-# Notes:
-#   Modified copy of: https://github.com/github/docs/blob/main/.github/workflows/alert-changed-branch-protections.yml
-
-on:
-  branch_protection_rule:
-  schedule:
-    - cron: '20 16 * * *' # Run daily at 16:20 UTC
-  pull_request:
-    paths:
-      - .github/workflows/security-branch-protections.yml
-      - .github/branch_protection_settings/*.json
-
-name: Alert Changed Branch Protections
-run-name: Alert Changed Branch Protections
-
-permissions:
-  contents: read
-
-jobs:
-  check-branch-protections:
-    runs-on: ubuntu-latest
-    permissions:
-      contents: write
-    environment: Security
-    if: ${{ github.repository == 'aws-powertools/powertools-lambda-java' }}
-    strategy:
-      matrix:
-        # List of branches we want to monitor for protection changes
-        branch:
-          - main
-          - v1
-    steps:
-      - name: Checkout repository
-        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
-      - name: Fetch branch protections
-        id: fetch
-        env:
-          GH_TOKEN: ${{ secrets.BRANCH_PROTECTION_TOKEN }}
-        run: |
-          # Fetch branch protections and store them in a file
-          gh api /repos/${{ github.repository }}/branches/${{ matrix.branch }}/protection | jq \
-            > .github/branch_protection_settings/${{ matrix.branch }}.json
-      - name: Compare branch protections
-        id: compare
-        run: |
-          git diff --quiet .github/branch_protection_settings/${{ matrix.branch }}.json \
-            || echo "diff_failed=true" >> $GITHUB_ENV
-      - name: Send webhook
-        if: ${{ env.diff_failed == 'true' }}
-        run: |
-          curl -X POST -d '{"message": "Branch protections have changed for ${{ github.repository }} on ${{ matrix.branch }}. Please review the changes or revert the changes in GitHub. https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}"}' \
-            ${{ secrets.SLACK_WEBHOOK_URL }}
-      - name: Fail workflow
-        if: ${{ env.diff_failed == 'true' }}
-        run: |
-          git diff .github/branch_protection_settings/${{ matrix.branch }}.json
-          echo "::error::Branch protections have been changed"
\ No newline at end of file