We currently have a branch protection rule in place that protects "release-*" branches in our repositories.
This has drawbacks:
- it will cause release scripts to fail because the newly created release branches cannot be pushed to by the script
- prs on these branches cannot use the merge queue (not possible with wildcards in the branch name)
It might be worth switching to individual protection rules for every release, but that would make them hard to change/administer.
The github api allows managing these rules: https://docs.github.com/en/rest/branches/branch-protection?apiVersion=2022-11-28
We should look into writing a simple python script that takes a list of repos and release names and updates these protection rules.
We currently have a branch protection rule in place that protects "release-*" branches in our repositories.
This has drawbacks:
It might be worth switching to individual protection rules for every release, but that would make them hard to change/administer.
The github api allows managing these rules: https://docs.github.com/en/rest/branches/branch-protection?apiVersion=2022-11-28
We should look into writing a simple python script that takes a list of repos and release names and updates these protection rules.