GitHub.com Repository Branches without Protection
What it does
This Policy Template gets the top-level / parent Teams for a GitHub.com Org and creates an incident if any do not match the whitelisted values.
- GitHub.com Organizations to check - Example:
- Branches that should be protected - Example:
- Repositories that are whitelisted from the policy - Example:
- Email address to send escalation emails to - Example:
The following policy actions are taken on any resources found to be out of compliance.
- Send an email report
This policy requires permissions to access GitHub.com API as the Owner of the Organization(s). Before applying this policy, create a GitHub.com Personal Access Token under the user with Owner role -- adding the
repo scopes at minimum, and save the token in the project on Cloud Management as credential named
GITHUB_ORG_ADMIN_ACCESS_TOKEN. If you are using other Governance Policies for GitHub.com, you may need to include additional roles to sate the need of all policies which use the same credential. Optionally, you can generate a token with full permission and avoid any issues.
This policy requires permissions to access RightScale resources (credentials). Before applying this policy add the following roles to the user applying the policy. For more information on modifying roles visit the Governance Docs
- Cloud Management - credential_viewer or admin
- Cloud Management - observer
This Policy Template does not launch any instances, and so does not incur any cloud costs.