Add GitHub's Safe-Settings app to manage policy as code #4
Conversation
paddyroddy
added
enhancement
| @@ -0,0 +1,19 @@ | |||
| # https://github.com/github/safe-settings/blob/main-enterprise/docs/sample-settings/suborg.yml | |||
There was a problem hiding this comment.
The downside of the app is things are mutually exclusive. If we are to enable this, it would disable any current rulesets. I've left it here for demonstration purposes.
|
Failing because the app isn't currently installed |
samcunliffe
changed the title
There was a problem hiding this comment.
Blocking temporarily until we've resolved the discussion over in @UCL-ARC...
| --- | ||
| repository: | ||
| allow_auto_merge: true | ||
| allow_update_branch: true |
There was a problem hiding this comment.
Could we switch this to false and block all pushes to all branches?!
There was a problem hiding this comment.
I think this is something to discuss in the meeting I proposed. These are not meant to be the be-all and end-all settings.
Do we have to? This could be used as another positive use-case alongside @UCL-MIRSG. It is very possible the @UCL-ARC one is never merged. |
|
RC teams are still actively using this org, more so than UCL-ARC in some ways! |
Which is exactly what @samcunliffe is trying to prevent... |
This is copying the work across in the @UCL-MIRSG organisation here UCL-MIRSG/.github#141 relating to the deployment of the https://github.com/github/safe-settings app. I recently gave a brief overview of this in the DevOps Hour slides. I have created an app with the appropriate permissions, which will need to be installed organisation wide once this PR is merged.
Safe-Settings has a lot of possible options, so I've gone for as little inoffensive ones as possible. These are currently: