From c855d37cbdfb08f2c3d314d45f5afd76b3d1a332 Mon Sep 17 00:00:00 2001 From: nlf Date: Wed, 3 May 2023 11:28:46 -0700 Subject: [PATCH 1/2] fix: make settings file actually work --- .github/settings.yml | 28 ++++--- lib/content/settings.yml | 14 ++-- .../test/apply/source-snapshots.js.test.cjs | 84 +++++++++++-------- 3 files changed, 72 insertions(+), 54 deletions(-) diff --git a/.github/settings.yml b/.github/settings.yml index 50a51aff..a057d747 100644 --- a/.github/settings.yml +++ b/.github/settings.yml @@ -13,23 +13,27 @@ repository: branches: - name: main protection: + required_status_checks: null + enforce_admins: true required_pull_request_reviews: - required_pull_request_review_count: 1 - dismiss_stale_reviews: true + required_approving_review_count: 1 require_code_owner_reviews: true + require_last_push_approval: true + dismiss_stale_reviews: true restrictions: - teams: - - "npm/cli-team" - enforce_admins: true - required_status_checks: null + apps: [] + users: [] + teams: [ "cli-team" ] - name: latest protection: + required_status_checks: null + enforce_admins: true required_pull_request_reviews: - required_pull_request_review_count: 1 - dismiss_stale_reviews: true + required_approving_review_count: 1 require_code_owner_reviews: true + require_last_push_approval: true + dismiss_stale_reviews: true restrictions: - teams: - - "npm/cli-team" - enforce_admins: true - required_status_checks: null + apps: [] + users: [] + teams: [ "cli-team" ] diff --git a/lib/content/settings.yml b/lib/content/settings.yml index c61f1edf..70841282 100644 --- a/lib/content/settings.yml +++ b/lib/content/settings.yml @@ -12,13 +12,15 @@ branches: {{#each branches}} - name: {{ . }} protection: + required_status_checks: null + enforce_admins: true required_pull_request_reviews: - required_pull_request_review_count: 1 - dismiss_stale_reviews: true + required_approving_review_count: 1 require_code_owner_reviews: true + require_last_push_approval: true + dismiss_stale_reviews: true restrictions: - teams: - - "npm/cli-team" - enforce_admins: true - required_status_checks: null + apps: [] + users: [] + teams: ["cli-team"] {{/each}} diff --git a/tap-snapshots/test/apply/source-snapshots.js.test.cjs b/tap-snapshots/test/apply/source-snapshots.js.test.cjs index efb62ed0..252651b0 100644 --- a/tap-snapshots/test/apply/source-snapshots.js.test.cjs +++ b/tap-snapshots/test/apply/source-snapshots.js.test.cjs @@ -180,26 +180,30 @@ repository: branches: - name: main protection: + required_status_checks: null + enforce_admins: true required_pull_request_reviews: - required_pull_request_review_count: 1 - dismiss_stale_reviews: true + required_approving_review_count: 1 require_code_owner_reviews: true + require_last_push_approval: true + dismiss_stale_reviews: true restrictions: - teams: - - "npm/cli-team" - enforce_admins: true - required_status_checks: null + apps: [] + users: [] + teams: [ "cli-team" ] - name: latest protection: + required_status_checks: null + enforce_admins: true required_pull_request_reviews: - required_pull_request_review_count: 1 - dismiss_stale_reviews: true + required_approving_review_count: 1 require_code_owner_reviews: true + require_last_push_approval: true + dismiss_stale_reviews: true restrictions: - teams: - - "npm/cli-team" - enforce_admins: true - required_status_checks: null + apps: [] + users: [] + teams: [ "cli-team" ] .github/workflows/audit.yml ======================================== @@ -1625,26 +1629,30 @@ repository: branches: - name: main protection: + required_status_checks: null + enforce_admins: true required_pull_request_reviews: - required_pull_request_review_count: 1 - dismiss_stale_reviews: true + required_approving_review_count: 1 require_code_owner_reviews: true + require_last_push_approval: true + dismiss_stale_reviews: true restrictions: - teams: - - "npm/cli-team" - enforce_admins: true - required_status_checks: null + apps: [] + users: [] + teams: [ "cli-team" ] - name: latest protection: + required_status_checks: null + enforce_admins: true required_pull_request_reviews: - required_pull_request_review_count: 1 - dismiss_stale_reviews: true + required_approving_review_count: 1 require_code_owner_reviews: true + require_last_push_approval: true + dismiss_stale_reviews: true restrictions: - teams: - - "npm/cli-team" - enforce_admins: true - required_status_checks: null + apps: [] + users: [] + teams: [ "cli-team" ] .github/workflows/audit.yml ======================================== @@ -3346,26 +3354,30 @@ repository: branches: - name: main protection: + required_status_checks: null + enforce_admins: true required_pull_request_reviews: - required_pull_request_review_count: 1 - dismiss_stale_reviews: true + required_approving_review_count: 1 require_code_owner_reviews: true + require_last_push_approval: true + dismiss_stale_reviews: true restrictions: - teams: - - "npm/cli-team" - enforce_admins: true - required_status_checks: null + apps: [] + users: [] + teams: [ "cli-team" ] - name: latest protection: + required_status_checks: null + enforce_admins: true required_pull_request_reviews: - required_pull_request_review_count: 1 - dismiss_stale_reviews: true + required_approving_review_count: 1 require_code_owner_reviews: true + require_last_push_approval: true + dismiss_stale_reviews: true restrictions: - teams: - - "npm/cli-team" - enforce_admins: true - required_status_checks: null + apps: [] + users: [] + teams: [ "cli-team" ] .github/workflows/ci-a.yml ======================================== From 47fe61212a2d8eb7b3536a633e86bb7d142a9098 Mon Sep 17 00:00:00 2001 From: nlf Date: Wed, 3 May 2023 11:33:02 -0700 Subject: [PATCH 2/2] fix: also only set branch protections for the default branch --- .github/settings.yml | 13 ------- lib/content/settings.yml | 4 +- .../test/apply/source-snapshots.js.test.cjs | 39 ------------------- 3 files changed, 1 insertion(+), 55 deletions(-) diff --git a/.github/settings.yml b/.github/settings.yml index a057d747..107aa0ad 100644 --- a/.github/settings.yml +++ b/.github/settings.yml @@ -24,16 +24,3 @@ branches: apps: [] users: [] teams: [ "cli-team" ] - - name: latest - protection: - required_status_checks: null - enforce_admins: true - required_pull_request_reviews: - required_approving_review_count: 1 - require_code_owner_reviews: true - require_last_push_approval: true - dismiss_stale_reviews: true - restrictions: - apps: [] - users: [] - teams: [ "cli-team" ] diff --git a/lib/content/settings.yml b/lib/content/settings.yml index 70841282..0f90cec6 100644 --- a/lib/content/settings.yml +++ b/lib/content/settings.yml @@ -9,8 +9,7 @@ repository: enable_vulnerability_alerts: true branches: - {{#each branches}} - - name: {{ . }} + - name: {{ defaultBranch }} protection: required_status_checks: null enforce_admins: true @@ -23,4 +22,3 @@ branches: apps: [] users: [] teams: ["cli-team"] - {{/each}} diff --git a/tap-snapshots/test/apply/source-snapshots.js.test.cjs b/tap-snapshots/test/apply/source-snapshots.js.test.cjs index 252651b0..4a101dfa 100644 --- a/tap-snapshots/test/apply/source-snapshots.js.test.cjs +++ b/tap-snapshots/test/apply/source-snapshots.js.test.cjs @@ -191,19 +191,6 @@ branches: apps: [] users: [] teams: [ "cli-team" ] - - name: latest - protection: - required_status_checks: null - enforce_admins: true - required_pull_request_reviews: - required_approving_review_count: 1 - require_code_owner_reviews: true - require_last_push_approval: true - dismiss_stale_reviews: true - restrictions: - apps: [] - users: [] - teams: [ "cli-team" ] .github/workflows/audit.yml ======================================== @@ -1640,19 +1627,6 @@ branches: apps: [] users: [] teams: [ "cli-team" ] - - name: latest - protection: - required_status_checks: null - enforce_admins: true - required_pull_request_reviews: - required_approving_review_count: 1 - require_code_owner_reviews: true - require_last_push_approval: true - dismiss_stale_reviews: true - restrictions: - apps: [] - users: [] - teams: [ "cli-team" ] .github/workflows/audit.yml ======================================== @@ -3365,19 +3339,6 @@ branches: apps: [] users: [] teams: [ "cli-team" ] - - name: latest - protection: - required_status_checks: null - enforce_admins: true - required_pull_request_reviews: - required_approving_review_count: 1 - require_code_owner_reviews: true - require_last_push_approval: true - dismiss_stale_reviews: true - restrictions: - apps: [] - users: [] - teams: [ "cli-team" ] .github/workflows/ci-a.yml ========================================